data-modeling - add middleware (#176)

Author: a-s-g93

servers/mcp-neo4j-data-modeling/CHANGELOG.md

@@ -9,6 +9,9 @@
 * Change default transport to `stdio` in Dockerfile
 
 ### Added
+* Add security middleware (CORS and TrustedHost) for HTTP and SSE transports
+* Add CLI  support for `--allow-origins` and `--allowed-hosts` configuration
+* Add environment variable for `NEO4J_MCP_SERVER_ALLOW_ORIGINS` and `NEO4J_MCP_SERVER_ALLOWED_HOSTS` configuration
 
 ## v0.4.0
 

servers/mcp-neo4j-data-modeling/Makefile

@@ -1,5 +1,3 @@
-# Makefile for cypher-guard Python bindings
-
 .PHONY: format test clean inspector build_local_docker_image install-dev test-unit test-integration test-http test-all all
 
 format:

servers/mcp-neo4j-data-modeling/README.md

@@ -225,19 +225,93 @@ The server supports three transport modes:
 
 ### 🐳 Using with Docker
 
+Here we use the Docker Hub hosted Data Modeling MCP server image with stdio transport for use with Claude Desktop.
+
+**Config details:**
+* `-i`: Interactive mode - keeps STDIN open for stdio transport communication
+* `--rm`: Automatically remove container when it exits (cleanup)
+* `-p 8000:8000`: Port mapping - maps host port 8000 to container port 8000
+* `NEO4J_TRANSPORT=stdio`: Uses stdio transport for Claude Desktop compatibility
+
 ```json
-"mcpServers": {
-  "neo4j-data-modeling": {
-    "command": "docker",
-    "args": [
-      "run",
-      "--rm",
-      "mcp/neo4j-data-modeling:latest"
-    ]
+{
+  "mcpServers": {
+    "neo4j-data-modeling": {
+      "command": "docker",
+      "args": [
+        "run",
+        "-i",
+        "--rm",
+        "-p",
+        "8000:8000",
+        "-e", "NEO4J_TRANSPORT=stdio",
+        "mcp/neo4j-data-modeling:latest"
+      ]
+    }
   }
 }
 ```
 
+
+## 🐳 Docker Deployment
+
+The Neo4j Data Modeling MCP server can be deployed using Docker for remote deployments. Docker deployment should use HTTP transport for web accessibility. In order to integrate this deployment with applications like Claude Desktop, you will have to use a proxy in your MCP configuration such as `mcp-remote`.
+
+### 📦 Using Your Built Image
+
+After building locally with `docker build -t mcp-neo4j-data-modeling:latest .`:
+
+```bash
+# Run with http transport (default for Docker)
+docker run --rm -p 8000:8000 \
+  -e NEO4J_TRANSPORT="http" \
+  -e NEO4J_MCP_SERVER_HOST="0.0.0.0" \
+  -e NEO4J_MCP_SERVER_PORT="8000" \
+  -e NEO4J_MCP_SERVER_PATH="/mcp/" \
+  mcp/neo4j-data-modeling:latest
+
+# Run with security middleware for production
+docker run --rm -p 8000:8000 \
+  -e NEO4J_TRANSPORT="http" \
+  -e NEO4J_MCP_SERVER_HOST="0.0.0.0" \
+  -e NEO4J_MCP_SERVER_PORT="8000" \
+  -e NEO4J_MCP_SERVER_PATH="/mcp/" \
+  -e NEO4J_MCP_SERVER_ALLOWED_HOSTS="example.com,www.example.com" \
+  -e NEO4J_MCP_SERVER_ALLOW_ORIGINS="https://example.com" \
+  mcp/neo4j-data-modeling:latest
+```
+
+### 🔧 Environment Variables
+
+| Variable                           | Default                                 | Description                                        |
+| ---------------------------------- | --------------------------------------- | -------------------------------------------------- |
+| `NEO4J_TRANSPORT`                  | `stdio` (local), `http` (remote)        | Transport protocol (`stdio`, `http`, or `sse`)     |
+| `NEO4J_MCP_SERVER_HOST`            | `127.0.0.1` (local)                     | Host to bind to                                    |
+| `NEO4J_MCP_SERVER_PORT`            | `8000`                                  | Port for HTTP/SSE transport                        |
+| `NEO4J_MCP_SERVER_PATH`            | `/mcp/`                                 | Path for accessing MCP server                      |
+| `NEO4J_MCP_SERVER_ALLOW_ORIGINS`   | _(empty - secure by default)_           | Comma-separated list of allowed CORS origins       |
+| `NEO4J_MCP_SERVER_ALLOWED_HOSTS`   | `localhost,127.0.0.1`                   | Comma-separated list of allowed hosts (DNS rebinding protection) |
+
+### 🌐 SSE Transport for Legacy Web Access
+
+When using SSE transport (for legacy web clients), the server exposes an HTTP endpoint:
+
+```bash
+# Start the server with SSE transport
+docker run -d -p 8000:8000 \
+  -e NEO4J_TRANSPORT="sse" \
+  -e NEO4J_MCP_SERVER_HOST="0.0.0.0" \
+  -e NEO4J_MCP_SERVER_PORT="8000" \
+  --name neo4j-data-modeling-mcp-server \
+  mcp-neo4j-data-modeling:latest
+
+# Test the SSE endpoint
+curl http://localhost:8000/sse
+
+# Use with MCP Inspector
+npx @modelcontextprotocol/inspector http://localhost:8000/sse
+```
+
 ## 🚀 Development
 
 ### 📦 Prerequisites

servers/mcp-neo4j-data-modeling/pyproject.toml

@@ -7,6 +7,7 @@ requires-python = ">=3.10,<4.0"
 dependencies = [
     "fastmcp>=2.0.0",
     "pydantic>=2.10.1",
+    "starlette>=0.47.0",
 ]
 
 

servers/mcp-neo4j-data-modeling/src/mcp_neo4j_data_modeling/__init__.py

@@ -16,14 +16,38 @@ def main():
         "--server-port", type=int, default=None, help="HTTP port (default: 8000)"
     )
     parser.add_argument("--server-path", default=None, help="HTTP path (default: /mcp/)")
+    parser.add_argument(
+        "--allow-origins",
+        default=None,
+        help="Allow origins for remote servers (comma-separated list)",
+    )
+    parser.add_argument(
+        "--allowed-hosts",
+        default=None,
+        help="Allowed hosts for DNS rebinding protection on remote servers (comma-separated list)",
+    )
 
     args = parser.parse_args()
+
+    # Parse comma-separated lists for middleware configuration
+    allow_origins = []
+    if args.allow_origins or os.getenv("NEO4J_MCP_SERVER_ALLOW_ORIGINS"):
+        origins_str = args.allow_origins or os.getenv("NEO4J_MCP_SERVER_ALLOW_ORIGINS", "")
+        allow_origins = [origin.strip() for origin in origins_str.split(",") if origin.strip()]
+
+    allowed_hosts = ["localhost", "127.0.0.1"]  # Default secure hosts
+    if args.allowed_hosts or os.getenv("NEO4J_MCP_SERVER_ALLOWED_HOSTS"):
+        hosts_str = args.allowed_hosts or os.getenv("NEO4J_MCP_SERVER_ALLOWED_HOSTS", "")
+        allowed_hosts = [host.strip() for host in hosts_str.split(",") if host.strip()]
+
     asyncio.run(
         server.main(
             args.transport or os.getenv("NEO4J_TRANSPORT", "stdio"),
             args.server_host or os.getenv("NEO4J_MCP_SERVER_HOST", "127.0.0.1"),
             args.server_port or int(os.getenv("NEO4J_MCP_SERVER_PORT", "8000")),
             args.server_path or os.getenv("NEO4J_MCP_SERVER_PATH", "/mcp/"),
+            allow_origins,
+            allowed_hosts,
         )
     )
 

servers/mcp-neo4j-data-modeling/src/mcp_neo4j_data_modeling/server.py

@@ -4,6 +4,9 @@
 
 from fastmcp.server import FastMCP
 from pydantic import Field, ValidationError
+from starlette.middleware import Middleware
+from starlette.middleware.cors import CORSMiddleware
+from starlette.middleware.trustedhost import TrustedHostMiddleware
 
 from .data_model import (
     DataModel,
@@ -395,18 +398,38 @@ async def main(
     host: str = "127.0.0.1",
     port: int = 8000,
     path: str = "/mcp/",
+    allow_origins: list[str] = [],
+    allowed_hosts: list[str] = [],
 ) -> None:
     logger.info("Starting MCP Neo4j Data Modeling Server")
 
+    custom_middleware = [
+        Middleware(
+            CORSMiddleware,
+            allow_origins=allow_origins,
+            allow_methods=["GET", "POST"],
+            allow_headers=["*"],
+        ),
+        Middleware(TrustedHostMiddleware,
+                   allowed_hosts=allowed_hosts)
+    ]
+
     mcp = create_mcp_server()
 
     match transport:
         case "http":
-            await mcp.run_http_async(host=host, port=port, path=path)
+            logger.info(
+                f"Running Neo4j Data Modeling MCP Server with HTTP transport on {host}:{port}..."
+            )
+            await mcp.run_http_async(host=host, port=port, path=path, middleware=custom_middleware)
         case "stdio":
+            logger.info("Running Neo4j Data Modeling MCP Server with stdio transport...")
             await mcp.run_stdio_async()
         case "sse":
-            await mcp.run_sse_async(host=host, port=port, path=path)
+            logger.info(
+                f"Running Neo4j Data Modeling MCP Server with SSE transport on {host}:{port}..."
+            )
+            await mcp.run_http_async(host=host, port=port, path=path, middleware=custom_middleware, transport="sse")
 
 
 if __name__ == "__main__":

servers/mcp-neo4j-data-modeling/tests/integration/test_http_transport_IT.py

@@ -486,3 +486,88 @@ async def test_full_workflow(self):
         finally:
             process.terminate()
             await process.wait()
+
+
+class TestMiddleware:
+    """Test middleware functionality in HTTP transport."""
+
+    @pytest_asyncio.fixture
+    async def http_server_with_middleware(self):
+        """Start the server in HTTP mode with middleware configuration."""
+        import os
+
+        server_dir = os.getcwd()
+
+        process = await asyncio.create_subprocess_exec(
+            "uv",
+            "run",
+            "mcp-neo4j-data-modeling",
+            "--transport",
+            "http",
+            "--server-host",
+            "127.0.0.1",
+            "--server-port",
+            "8010",
+            "--allow-origins",
+            "https://example.com,https://test.com",
+            "--allowed-hosts",
+            "localhost,127.0.0.1,example.com",
+            stdout=subprocess.PIPE,
+            stderr=subprocess.PIPE,
+            cwd=server_dir,
+        )
+
+        await asyncio.sleep(3)
+        yield process
+        process.terminate()
+        await process.wait()
+
+    @pytest.mark.asyncio
+    async def test_cors_headers(self, http_server_with_middleware):
+        """Test CORS middleware is working."""
+        async with aiohttp.ClientSession() as session:
+            async with session.options(
+                "http://127.0.0.1:8010/mcp/",
+                headers={
+                    "Origin": "https://example.com",
+                    "Access-Control-Request-Method": "POST",
+                    "Access-Control-Request-Headers": "Content-Type",
+                },
+            ) as response:
+                # CORS preflight should return 200 with appropriate headers
+                assert response.status == 200
+                assert "access-control-allow-origin" in response.headers
+                assert "access-control-allow-methods" in response.headers
+
+    @pytest.mark.asyncio
+    async def test_trusted_host_security(self, http_server_with_middleware):
+        """Test TrustedHost middleware blocks invalid hosts."""
+        async with aiohttp.ClientSession() as session:
+            # This should work with valid host
+            async with session.post(
+                "http://127.0.0.1:8010/mcp/",
+                json={"jsonrpc": "2.0", "id": 1, "method": "tools/list"},
+                headers={
+                    "Accept": "application/json, text/event-stream",
+                    "Content-Type": "application/json",
+                    "Host": "127.0.0.1:8010",
+                },
+            ) as response:
+                assert response.status == 200
+
+            # This should be blocked by TrustedHost middleware
+            try:
+                async with session.post(
+                    "http://127.0.0.1:8010/mcp/",
+                    json={"jsonrpc": "2.0", "id": 1, "method": "tools/list"},
+                    headers={
+                        "Accept": "application/json, text/event-stream",
+                        "Content-Type": "application/json",
+                        "Host": "malicious.com",
+                    },
+                ) as response:
+                    # Should return 400 status for invalid host
+                    assert response.status == 400
+            except aiohttp.ClientConnectorError:
+                # Connection might be dropped entirely, which is also valid
+                pass