feat: Add MCP service client for RFC-006/RFC-007 operations #21
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Add MCP service client methods to _rpc/client.py - Add mcp_pb2 imports to gen/__init__.py - Update protobuf generated files for MCP service - Add docs/guides/mcp.md guide - Add integration tests for MCP service - Update API reference and mkdocs nav
- Add Generator return type annotation to start_badge_keeper in badge.py - Add Generator return type annotation to start_keeper in client.py - Fix Google-style docstring format for Yields section - Configure mkdocstrings options for better compatibility
These files were ignored by .gitignore but are required for MCP service support.
The test_mcp_service.py tests require capiscio-core gRPC server running on localhost:50051, which is not set up in the Docker Compose integration test environment. These tests are better suited for E2E testing with full infrastructure.
The previous mcp.md documented a high-level capiscio_sdk.mcp API that doesn't exist. The SDK only provides the low-level gRPC MCPClient via _rpc.client. Changes: - Rewrite mcp.md to document the actual MCPClient gRPC methods - Add note directing users to capiscio-mcp-python for high-level API - Update mkdocs nav title from 'MCP Security' to 'MCP Service (gRPC)' Addresses PR review feedback about documentation/API mismatch.
Signed-off-by: Beon de Nood <77057717+beonde@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This PR adds the MCPClient to the Python SDK for MCP security operations via capiscio-core gRPC, implementing RFC-006 (Tool Authority) and RFC-007 (Server Identity) operations.
Changes:
- Adds new
MCPClientclass with methods for tool access evaluation, server identity verification, and identity parsing from HTTP/JSON-RPC transports - Includes comprehensive integration tests (377 lines) covering all MCP operations and edge cases
- Adds detailed documentation guide and API reference updates for the new MCP service client
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
capiscio_sdk/_rpc/client.py |
Implements MCPClient with 5 methods for RFC-006/RFC-007 operations, integrates with CapiscioRPCClient |
capiscio_sdk/_rpc/gen/capiscio/v1/mcp_pb2.py |
Generated protobuf Python bindings for MCP service messages |
capiscio_sdk/_rpc/gen/capiscio/v1/mcp_pb2_grpc.py |
Generated gRPC stub for MCPService with 4 RPC methods |
capiscio_sdk/_rpc/gen/capiscio/v1/__init__.py |
Adds MCP protobuf imports to module exports |
capiscio_sdk/_rpc/gen/capiscio/v1/*_pb2.py |
Updates protobuf version from 6.33.2 to 6.33.4 across existing files |
capiscio_sdk/badge.py |
Adds Generator type hint to start_badge_keeper return type |
tests/integration/test_mcp_service.py |
Comprehensive integration tests for all MCP operations with 6 test classes |
docs/guides/mcp.md |
New 283-line guide documenting MCPClient low-level gRPC API usage |
docs/api-reference.md |
Adds API documentation sections for MCPClient and other RPC clients |
mkdocs.yml |
Adds MCP guide to navigation and updates mkdocstrings configuration |
.github/workflows/integration-tests.yml |
Excludes MCP integration tests from CI (requires running gRPC server) |
|
✅ Documentation validation passed!
|
|
✅ All checks passed! Ready for review. |
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Adds
MCPClientto the Python SDK for MCP security operations via capiscio-core gRPC.Changes
New Features
MCPClientincapiscio_sdk._rpc.clientwith methods:evaluate_tool_access()- RFC-006 §6.2-6.4: Evaluate tool access and emit evidenceverify_server_identity()- RFC-007 §7.2: Verify server identity from DID + badgeparse_server_identity_http()- RFC-007 §5.2: Extract identity from HTTP headersparse_server_identity_jsonrpc()- RFC-007 §5.3: Extract identity from JSON-RPC _metahealth()- Service health and version checkGenerated protobuf stubs for MCP service (
mcp_pb2.py,mcp_pb2_grpc.py)Documentation
docs/guides/mcp.mddocumenting the low-level gRPC MCPClient APIapi-reference.mdwith MCPClient API documentationcapiscio-mcp-pythonfor high-level decoratorsTests
tests/integration/test_mcp_service.py)RFC References
Related PRs
Testing