[TT-17123] REST API to MCP proxy-driven flow#8232
Conversation
Adds the OAS `server.mcp` marker (`Enabled`, `Expose []string` allow-list, default = expose all) and its classic-APIDef projection `apidef.MCPExposureConfig`. Includes: - apidef/oas/mcp.go and the `MCP` field on `Server`. - apidef/oas/mcp_proxy_derive.go: pure, gateway-free `DeriveSourceTools` that walks the source OAS into `[]DerivedTool` and skips operations marked `middleware.operations[<id>].internal.enabled: true`. Hosts the `__mcp-server` adapter-APIID suffix helpers. - apidef/api_definitions.go: `MCPExposureConfig`, `IsMCPExposed`, `IsPairedMCPAdapterProxy`, `IsMCPManaged`. - apidef/schema.json and apidef/oas/schema/x-tyk-api-gateway[.strict].json for Dashboard-side validation. No runtime behaviour change — the gateway wiring lands in parts 2 and 3.
…descriptor Pure, gateway-free scaffolding that the gateway wiring in part 3 plugs into. Adds: - internal/mcp/pairing: `Index` (mutex-guarded REST→proxy and REST→adapter maps) with a `Lookup` interface and a `Static` impl for unit-test injection. - internal/mcp/adapter: protocol envelopes (`InitializeResult`, `ToolsListResult`, `JSONRPCResult`, `JSONRPCError`), `BuildUpstreamRequest` (expands MCP tool arguments into path/query/header/body per the source OAS), a buffering `Recorder` (1 MiB cap), and `ToolResultEnvelope`. - internal/httpctx/mcp_loop.go + ctx/ctx.go: the `MCPLoopTrust` descriptor the adapter middleware will stamp on looped requests so the REST-side bypass middleware can pair-check it. All packages have their own tests and no runtime side-effects.
Plumbs the marker from part 1 and the scaffolding from part 2 into a running gateway: - gateway/mcp_synthesise_adapter.go: on every `loadApps`, walks REST specs marked `mcp.enabled` and emits a paired Internal adapter APISpec (`<rest-apiid>__mcp-server`, listenPath stem `/__tyk-mcp-server/`, MarkedAsMCP, keyless). Rebuilds `gw.mcpPairing` atomically from the in-flight spec register. - gateway/mw_mcp_adapter.go: `handleAdapterInline` answers initialize / ping / tools/list inline on the adapter spec; `handleAdapterToolsCall` translates tools/call into an HTTP request, stamps the loop trust descriptor, and dispatches via `findInternalHttpHandlerByNameOrID` with a buffering recorder. - gateway/mw_mcp_loop_auth_bypass.go: top-of-auth-band middleware on `IsMCPExposed` REST APIs. Reads the trust descriptor, cross-checks against `pairing.Lookup`, installs a stub session or returns 403 on mismatch. Falls through for normal REST traffic. - gateway/mw_jsonrpc.go: short-circuits adapter-spec methods before normal JSON-RPC routing. - gateway/mcp_api.go: `validateMCP` recognises paired-proxy upstreams (`tyk://<X>__mcp-server`), enforces existence + mcp.enabled + 1:1 + OrgID, and skips `MarkAsMCP()` so the proxy stays a plain reverse-proxy. - gateway/model_apispec.go: `IsSyntheticMCPAdapter`, `SourceRESTAPIID`, `DerivedTools` fields on `APISpec`. - gateway/api_loader.go, api_helpers.go, util.go, server.go: pairing index on the Gateway struct, synthesis call site, MCPLoopAuthBypass insertion. - gateway/mcp_rest_as_mcp_test.go: end-to-end coverage.
|
This pull request introduces a significant architectural change, refactoring the REST-as-MCP (Model Context Protocol) feature to a proxy-driven flow. Instead of marking a REST API for MCP exposure, an MCP proxy now specifies a special A key part of this change is a new trust model based on a "pairing index" built at reload time, which maps REST APIs to their allowed MCP proxies. A new middleware, Files Changed AnalysisThis is a substantial feature implementation, adding over 6,000 lines of code across 30 files. The changes are well-documented with new RFC, technical spec, and Jira-like markdown files.
Architecture & Impact Assessment
graph TD |
Architecture Issues (1)
Architecture Issues (1)
Quality Issues (4)
Powered by Visor from Probelabs Last updated: 2026-05-21T13:05:10.161Z | Triggered by: pr_updated | Commit: 60a359f 💡 TIP: You can chat with Visor using |
Summary
tyk://<rest-api-id>__mcp-server) instead of source REST API markers.operationId, respect source allow/block/internal visibility, and forward query params throughtools/call.server.mcpormcp_exposuresource-side public surface is included.Validation
GOCACHE=/private/tmp/tyk-go-cache go test -count=1 ./apidef/oas ./internal/mcp/adapter ./internal/mcp/pairing ./internal/mcpCI=true GOCACHE=/private/tmp/tyk-go-cache go test -count=1 ./gateway -run 'MCP|JSONRPC|Loop|Pairing|RESTAsMCP'mcp-remote:tools/listexposed the derived tool andtools/callforwarded query params to the REST upstream.