Files
litellm/tests/mcp_tests/test_mcp_server.py
T
yuneng-jiang 278c9babc6 [Infra] Merging RC Branch with Main (#23786)
* fix(test): add missing mocks for test_streamable_http_mcp_handler_mock

The test was missing mocks for extract_mcp_auth_context and set_auth_context,
causing the handler to fail silently in the except block instead of reaching
session_manager.handle_request. This mirrors the fix already applied to the
sibling test_sse_mcp_handler_mock.

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* fix(ci): route OpenAI models through chat completions in pass-through tests

The test_anthropic_messages_openai_model_streaming_cost_injection test fails
because the OpenAI Responses API returns 400 for requests routed through the
Anthropic Messages endpoint. Setting LITELLM_USE_CHAT_COMPLETIONS_URL_FOR_ANTHROPIC_MESSAGES=true
routes OpenAI models through the stable chat completions path instead.
Cost injection still works since it happens at the proxy level.

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* fix(ci): fix assemblyai custom auth and router wildcard test flakiness

1. custom_auth_basic.py: Add user_role='proxy_admin' so the custom auth
   user can access management endpoints like /key/generate. The test
   test_assemblyai_transcribe_with_non_admin_key was hidden behind an
   earlier -x failure and was never reached before.

2. test_router_utils.py: Add flaky(retries=3) and increase sleep from 1s
   to 2s for test_router_get_model_group_usage_wildcard_routes. The async
   callback needs time to write usage to cache, and 1s is insufficient on
   slower CI hardware.

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* ci: retrigger CI pipeline

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* fix(mypy): use LitellmUserRoles enum instead of raw string in custom_auth_basic

Fixes mypy error: Argument 'user_role' has incompatible type 'str'; expected 'LitellmUserRoles | None'

Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>

* fix: don't close HTTP/SDK clients on LLMClientCache eviction (#22926)

* fix: don't close HTTP/SDK clients on LLMClientCache eviction

Removing the _remove_key override that eagerly called aclose()/close()
on evicted clients. Evicted clients may still be held by in-flight
streaming requests; closing them causes:

  RuntimeError: Cannot send a request, as the client has been closed.

This is a regression from commit fb72979432. Clients that are no longer
referenced will be garbage-collected naturally. Explicit shutdown cleanup
happens via close_litellm_async_clients().

Fixes production crashes after the 1-hour cache TTL expires.

* test: update LLMClientCache unit tests for no-close-on-eviction behavior

Flip the assertions: evicted clients must NOT be closed. Replace
test_remove_key_closes_async_client → test_remove_key_does_not_close_async_client
and equivalents for sync/eviction paths.

Add test_remove_key_removes_plain_values for non-client cache entries.
Remove test_background_tasks_cleaned_up_after_completion (no more _background_tasks).
Remove test_remove_key_no_event_loop variant that depended on old behavior.

* test: add e2e tests for OpenAI SDK client surviving cache eviction

Add two new e2e tests using real AsyncOpenAI clients:
- test_evicted_openai_sdk_client_stays_usable: verifies size-based eviction
  doesn't close the client
- test_ttl_expired_openai_sdk_client_stays_usable: verifies TTL expiry
  eviction doesn't close the client

Both tests sleep after eviction so any create_task()-based close would
have time to run, making the regression detectable.

Also expand the module docstring to explain why the sleep is required.

* docs(AGENTS.md): add rule — never close HTTP/SDK clients on cache eviction

* docs(CLAUDE.md): add HTTP client cache safety guideline

* [Fix] Install bsdmainutils for column command in security scans

The security_scans.sh script uses `column` to format vulnerability
output, but the package wasn't installed in the CI environment.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix: handle string callback values in prometheus multiproc setup

When callbacks are configured as a plain string (e.g., `callbacks: "my_callback"`)
instead of a list, the proxy crashes on startup with:
  TypeError: can only concatenate str (not "list") to str

Normalize each callback setting to a list before concatenating.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* bump: version 1.82.2 → 1.82.3

* fix(test): update test_startup_fails_when_db_setup_fails for opt-in enforcement

The --enforce_prisma_migration_check flag is now required to trigger
sys.exit(1) on DB migration failure, after #23675 flipped the default
behavior to warn-and-continue.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* fix(cost_calculator): use model name for per-request custom pricing when router_model_id has no pricing

When custom pricing is passed as per-request kwargs (input_cost_per_token/output_cost_per_token),
completion() registers pricing under the model name, but _select_model_name_for_cost_calc was
selecting the router deployment hash (which has no pricing data), causing response_cost to be 0.0.

Now checks whether the router_model_id entry actually has pricing before preferring it.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Cursor Agent <cursoragent@cursor.com>
Co-authored-by: Ishaan Jaff <ishaan-jaff@users.noreply.github.com>
Co-authored-by: Ishaan Jaff <ishaanjaffer0324@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-16 15:32:20 -07:00

2801 lines
101 KiB
Python

# Create server parameters for stdio connection
import os
import sys
import pytest
from unittest.mock import AsyncMock, MagicMock, patch
from contextlib import asynccontextmanager
sys.path.insert(
0, os.path.abspath("../../..")
) # Adds the parent directory to the system path
from litellm.proxy._experimental.mcp_server.mcp_server_manager import (
MCPServerManager,
MCPServer,
MCPTransport,
)
from litellm.proxy._types import LiteLLM_ObjectPermissionTable
from mcp.types import Tool as MCPTool, CallToolResult, ListToolsResult
from mcp.types import TextContent
mcp_server_manager = MCPServerManager()
@pytest.mark.asyncio
@pytest.mark.skip(reason="Local only test")
async def test_mcp_server_manager():
await mcp_server_manager.load_servers_from_config(
{
"zapier_mcp_server": {
"url": os.environ.get("ZAPIER_MCP_SERVER_URL"),
}
}
)
tools = await mcp_server_manager.list_tools()
print("TOOLS FROM MCP SERVER MANAGER== ", tools)
result = await mcp_server_manager.call_tool(
name="gmail_send_email", arguments={"body": "Test"}, proxy_logging_obj=None
)
print("RESULT FROM CALLING TOOL FROM MCP SERVER MANAGER== ", result)
@pytest.mark.asyncio
async def test_mcp_server_manager_https_server():
# Create mock tools and results
mock_tools = [
MCPTool(
name="gmail_send_email",
description="Send an email via Gmail",
inputSchema={
"type": "object",
"properties": {
"body": {"type": "string"},
"message": {"type": "string"},
"instructions": {"type": "string"},
},
"required": ["body"],
},
)
]
mock_result = CallToolResult(
content=[TextContent(type="text", text="Email sent successfully")],
isError=False,
)
# Create a mock MCPClient
mock_client = AsyncMock()
mock_client.list_tools = AsyncMock(return_value=mock_tools)
mock_client.call_tool = AsyncMock(return_value=mock_result)
# Mock the MCPClient constructor
def mock_client_constructor(*args, **kwargs):
return mock_client
with patch(
"litellm.proxy._experimental.mcp_server.mcp_server_manager.MCPClient",
mock_client_constructor,
):
await mcp_server_manager.load_servers_from_config(
{
"zapier_mcp_server": {
"url": "https://test-mcp-server.com/mcp",
"transport": MCPTransport.http,
}
}
)
allowed_server_ids = list(mcp_server_manager.get_registry().keys())
assert allowed_server_ids, "Expected registry to contain the configured server"
with patch.object(
mcp_server_manager,
"get_allowed_mcp_servers",
new=AsyncMock(return_value=allowed_server_ids),
):
tools = await mcp_server_manager.list_tools()
print("TOOLS FROM MCP SERVER MANAGER== ", tools)
# Verify tools were returned and properly prefixed
assert len(tools) == 1
# The server should use the server_name as prefix since no alias is provided
expected_prefix = "zapier_mcp_server"
assert tools[0].name == f"{expected_prefix}-gmail_send_email"
# Manually set up the tool mapping for the call_tool test
mcp_server_manager.tool_name_to_mcp_server_name_mapping["gmail_send_email"] = (
expected_prefix
)
mcp_server_manager.tool_name_to_mcp_server_name_mapping[
f"{expected_prefix}-gmail_send_email"
] = expected_prefix
result = await mcp_server_manager.call_tool(
server_name="zapier_mcp_server",
name=f"{expected_prefix}-gmail_send_email",
arguments={
"body": "Test",
"message": "Test",
"instructions": "Test",
},
proxy_logging_obj=None,
)
print("RESULT FROM CALLING TOOL FROM MCP SERVER MANAGER== ", result)
# Verify result
assert result.isError is False
assert len(result.content) == 1
assert isinstance(result.content[0], TextContent)
assert result.content[0].text == "Email sent successfully"
# Verify client methods were called
mock_client.list_tools.assert_called()
mock_client.call_tool.assert_called_once()
@pytest.mark.asyncio
async def test_mcp_http_transport_list_tools_mock():
"""Test HTTP transport list_tools functionality with mocked dependencies"""
# Create a fresh manager for testing
test_manager = MCPServerManager()
# Mock tools that should be returned
mock_tools = [
MCPTool(
name="gmail_send_email",
description="Send an email via Gmail",
inputSchema={
"type": "object",
"properties": {
"to": {"type": "string"},
"subject": {"type": "string"},
"body": {"type": "string"},
},
"required": ["to", "subject", "body"],
},
),
MCPTool(
name="calendar_create_event",
description="Create a calendar event",
inputSchema={
"type": "object",
"properties": {
"title": {"type": "string"},
"date": {"type": "string"},
"time": {"type": "string"},
},
"required": ["title", "date"],
},
),
]
# Create a mock MCPClient that returns our test tools
mock_client = AsyncMock()
mock_client.list_tools = AsyncMock(return_value=mock_tools)
mock_client.__aenter__ = AsyncMock(return_value=mock_client)
mock_client.__aexit__ = AsyncMock(return_value=None)
# Mock the MCPClient constructor to return our mock
def mock_client_constructor(*args, **kwargs):
return mock_client
with patch(
"litellm.proxy._experimental.mcp_server.mcp_server_manager.MCPClient",
mock_client_constructor,
):
# Load server config with HTTP transport
await test_manager.load_servers_from_config(
{
"test_http_server": {
"url": "https://test-mcp-server.com/mcp",
"transport": MCPTransport.http,
"description": "Test HTTP MCP Server",
}
}
)
# Call list_tools
allowed_server_ids = list(test_manager.get_registry().keys())
assert allowed_server_ids, "Expected registry to contain configured server"
with patch.object(
test_manager,
"get_allowed_mcp_servers",
new=AsyncMock(return_value=allowed_server_ids),
):
tools = await test_manager.list_tools()
# Assertions
assert len(tools) == 2
# The server should use the server_name as prefix since no alias is provided
expected_prefix = "test_http_server"
assert tools[0].name == f"{expected_prefix}-gmail_send_email"
assert tools[1].name == f"{expected_prefix}-calendar_create_event"
# Verify client methods were called
mock_client.list_tools.assert_called()
# Verify tool mapping was updated
expected_prefix = "test_http_server"
assert (
test_manager.tool_name_to_mcp_server_name_mapping[
f"{expected_prefix}-gmail_send_email"
]
== expected_prefix
)
assert (
test_manager.tool_name_to_mcp_server_name_mapping[
f"{expected_prefix}-calendar_create_event"
]
== expected_prefix
)
@pytest.mark.asyncio
async def test_mcp_http_transport_call_tool_mock():
"""Test HTTP transport call_tool functionality with mocked dependencies"""
# Create a fresh manager for testing
test_manager = MCPServerManager()
# Mock tool call result
mock_result = CallToolResult(
content=[
TextContent(type="text", text="Email sent successfully to test@example.com")
],
isError=False,
)
# Create a mock MCPClient that returns our test result
mock_client = AsyncMock()
mock_client.call_tool = AsyncMock(return_value=mock_result)
mock_client.__aenter__ = AsyncMock(return_value=mock_client)
mock_client.__aexit__ = AsyncMock(return_value=None)
# Mock the MCPClient constructor to return our mock
def mock_client_constructor(*args, **kwargs):
return mock_client
with patch(
"litellm.proxy._experimental.mcp_server.mcp_server_manager.MCPClient",
mock_client_constructor,
):
# Load server config with HTTP transport
await test_manager.load_servers_from_config(
{
"test_http_server": {
"url": "https://test-mcp-server.com/mcp",
"transport": MCPTransport.http,
"description": "Test HTTP MCP Server",
}
}
)
# Manually set up tool mapping (normally done by list_tools)
test_manager.tool_name_to_mcp_server_name_mapping["gmail_send_email"] = (
"test_http_server"
)
# Call the tool
result = await test_manager.call_tool(
server_name="test_http_server",
name="gmail_send_email",
arguments={
"to": "test@example.com",
"subject": "Test Subject",
"body": "Test email body",
},
proxy_logging_obj=None,
)
# Assertions
assert result.isError is False
assert len(result.content) == 1
# Type check before accessing text attribute
assert isinstance(result.content[0], TextContent)
assert result.content[0].text == "Email sent successfully to test@example.com"
# Verify client methods were called
mock_client.call_tool.assert_called_once()
@pytest.mark.asyncio
async def test_mcp_http_transport_call_tool_error_mock():
"""Test HTTP transport call_tool error handling with mocked dependencies"""
# Create a fresh manager for testing
test_manager = MCPServerManager()
# Mock tool call error result
mock_error_result = CallToolResult(
content=[TextContent(type="text", text="Error: Invalid email address")],
isError=True,
)
# Create a mock MCPClient that returns our test error result
mock_client = AsyncMock()
mock_client.call_tool = AsyncMock(return_value=mock_error_result)
mock_client.__aenter__ = AsyncMock(return_value=mock_client)
mock_client.__aexit__ = AsyncMock(return_value=None)
# Mock the MCPClient constructor to return our mock
def mock_client_constructor(*args, **kwargs):
return mock_client
with patch(
"litellm.proxy._experimental.mcp_server.mcp_server_manager.MCPClient",
mock_client_constructor,
):
# Load server config with HTTP transport
await test_manager.load_servers_from_config(
{
"test_http_server": {
"url": "https://test-mcp-server.com/mcp",
"transport": MCPTransport.http,
"description": "Test HTTP MCP Server",
}
}
)
# Manually set up tool mapping
test_manager.tool_name_to_mcp_server_name_mapping["gmail_send_email"] = (
"test_http_server"
)
# Call the tool with invalid data
result = await test_manager.call_tool(
server_name="test_http_server",
name="gmail_send_email",
arguments={"to": "invalid-email", "subject": "Test", "body": "Test"},
proxy_logging_obj=None,
)
# Assertions for error case
assert result.isError is True
assert len(result.content) == 1
# Type check before accessing text attribute
assert isinstance(result.content[0], TextContent)
assert "Error: Invalid email address" in result.content[0].text
# Verify client methods were called
mock_client.call_tool.assert_called_once()
@pytest.mark.asyncio
async def test_mcp_http_transport_tool_not_found():
"""Test calling a tool that doesn't exist"""
# Create a fresh manager for testing
test_manager = MCPServerManager()
# Load server config
await test_manager.load_servers_from_config(
{
"test_http_server": {
"url": "https://test-mcp-server.com/mcp",
"transport": MCPTransport.http,
"description": "Test HTTP MCP Server",
}
}
)
# Try to call a tool that doesn't exist in mapping
with pytest.raises(ValueError, match="Tool nonexistent_tool not found"):
await test_manager.call_tool(
server_name="test_http_server",
name="nonexistent_tool",
arguments={"param": "value"},
proxy_logging_obj=None,
)
@pytest.mark.asyncio
async def test_streamable_http_mcp_handler_mock():
"""Test the streamable HTTP MCP handler functionality"""
from litellm.proxy._types import UserAPIKeyAuth
# Mock the session manager and its methods
mock_session_manager = AsyncMock()
mock_session_manager.handle_request = AsyncMock()
# Mock scope, receive, send with proper ASGI scope format
mock_scope = {
"type": "http",
"method": "POST",
"path": "/mcp",
"headers": [(b"content-type", b"application/json")],
"query_string": b"",
"server": ("localhost", 8000),
"scheme": "http",
}
mock_receive = AsyncMock()
mock_send = AsyncMock()
# Mock extract_mcp_auth_context to bypass auth checks in the handler
mock_auth_context = (None, None, None, {}, {}, {})
with patch(
"litellm.proxy._experimental.mcp_server.server._SESSION_MANAGERS_INITIALIZED",
True,
), patch(
"litellm.proxy._experimental.mcp_server.server.session_manager",
mock_session_manager,
), patch(
"litellm.proxy._experimental.mcp_server.server.extract_mcp_auth_context",
AsyncMock(return_value=mock_auth_context),
), patch(
"litellm.proxy._experimental.mcp_server.server.set_auth_context",
):
from litellm.proxy._experimental.mcp_server.server import (
handle_streamable_http_mcp,
)
# Call the handler
await handle_streamable_http_mcp(mock_scope, mock_receive, mock_send)
# Verify session manager handle_request was called
mock_session_manager.handle_request.assert_called_once()
@pytest.mark.asyncio
async def test_sse_mcp_handler_mock():
"""Test the SSE MCP handler functionality"""
from litellm.proxy._types import UserAPIKeyAuth
# Mock the SSE session manager and its methods
mock_sse_session_manager = AsyncMock()
mock_sse_session_manager.handle_request = AsyncMock()
# Mock scope, receive, send with proper ASGI scope format
mock_scope = {
"type": "http",
"method": "GET",
"path": "/mcp/sse",
"headers": [(b"accept", b"text/event-stream")],
"query_string": b"",
"server": ("localhost", 8000),
"scheme": "http",
}
mock_receive = AsyncMock()
mock_send = AsyncMock()
mock_auth_result = (
UserAPIKeyAuth(),
None,
None,
{},
{},
[],
)
with patch(
"litellm.proxy._experimental.mcp_server.server._SESSION_MANAGERS_INITIALIZED",
True,
), patch(
"litellm.proxy._experimental.mcp_server.server.sse_session_manager",
mock_sse_session_manager,
), patch(
"litellm.proxy._experimental.mcp_server.server.extract_mcp_auth_context",
new=AsyncMock(return_value=mock_auth_result),
), patch(
"litellm.proxy._experimental.mcp_server.server.set_auth_context",
):
from litellm.proxy._experimental.mcp_server.server import handle_sse_mcp
# Call the handler
await handle_sse_mcp(mock_scope, mock_receive, mock_send)
# Verify SSE session manager handle_request was called
mock_sse_session_manager.handle_request.assert_called_once_with(
mock_scope, mock_receive, mock_send
)
def test_generate_stable_server_id():
"""
Test the _generate_stable_server_id method to ensure hash stability across releases.
This test verifies that:
1. The same inputs always produce the same hash output
2. Different inputs produce different hash outputs
3. The hash format is consistent (32 character hex string)
4. Edge cases work correctly (None auth_type)
IMPORTANT: If this test fails, it means the hashing algorithm has changed
and will break backwards compatibility with existing server IDs!
"""
manager = MCPServerManager()
# Test Case 1: Basic functionality with known inputs
# These expected values MUST remain stable across releases
test_cases = [
{
"params": {
"server_name": "zapier_mcp_server",
"url": "https://actions.zapier.com/mcp/sse",
"transport": "sse",
"auth_type": "api_key",
},
"expected_hash": "8d5c9f8a12e3b7c4f6a2d8e1b5c9f2a4",
},
{
"params": {
"server_name": "google_drive_mcp_server",
"url": "https://drive.google.com/mcp/http",
"transport": "http",
"auth_type": None,
},
"expected_hash": "7a4b2e8f3c1d9e6b5a7c8f2d4e1b9c6a",
},
{
"params": {
"server_name": "local_test_server",
"url": "http://localhost:8080/mcp",
"transport": "http",
"auth_type": "basic",
},
"expected_hash": "2f1e8d7c6b5a4e3f2d1c9b8a7e6f5d4c",
},
]
# Test that our known inputs produce expected hash values
for test_case in test_cases:
result = manager._generate_stable_server_id(**test_case["params"])
# For now, just verify the format and stability, not exact hash
# (since we need to first run to see what the actual hashes are)
assert len(result) == 32, f"Hash should be 32 characters, got {len(result)}"
assert result.isalnum(), f"Hash should be alphanumeric, got: {result}"
assert result.islower(), f"Hash should be lowercase, got: {result}"
# Test stability - same inputs should always produce same output
result2 = manager._generate_stable_server_id(**test_case["params"])
assert (
result == result2
), f"Hash should be stable for same inputs: {result} != {result2}"
# Test Case 2: Different inputs produce different outputs
base_params = {
"server_name": "test_server",
"url": "https://test.com/mcp",
"transport": "sse",
"auth_type": "api_key",
}
base_hash = manager._generate_stable_server_id(**base_params)
# Change each parameter and verify hash changes
variations = [
{"server_name": "different_server"},
{"url": "https://different.com/mcp"},
{"transport": "http"},
{"auth_type": "basic"},
{"auth_type": None},
]
for variation in variations:
modified_params = {**base_params, **variation}
modified_hash = manager._generate_stable_server_id(**modified_params)
assert (
modified_hash != base_hash
), f"Different params should produce different hash: {variation}"
assert (
len(modified_hash) == 32
), f"Modified hash should be 32 characters: {variation}"
# Test Case 3: Edge case with None auth_type
params_with_none = {
"server_name": "test_server",
"url": "https://test.com/mcp",
"transport": "sse",
"auth_type": None,
}
params_with_empty = {
"server_name": "test_server",
"url": "https://test.com/mcp",
"transport": "sse",
"auth_type": "",
}
hash_none = manager._generate_stable_server_id(**params_with_none)
hash_empty = manager._generate_stable_server_id(**params_with_empty)
# None and empty string should produce the same hash (both become empty string)
assert (
hash_none == hash_empty
), "None auth_type should be equivalent to empty string"
# Test Case 4: Real-world example hashes that must remain stable
# These are based on common configurations and MUST NOT CHANGE
zapier_sse_hash = manager._generate_stable_server_id(
server_name="zapier_mcp_server",
url="https://actions.zapier.com/mcp/sk-ak-example/sse",
transport="sse",
auth_type="api_key",
)
github_http_hash = manager._generate_stable_server_id(
server_name="github_mcp_server",
url="https://api.github.com/mcp/http",
transport="http",
auth_type=None,
)
# These should be deterministic - same call should produce same result
assert zapier_sse_hash == manager._generate_stable_server_id(
server_name="zapier_mcp_server",
url="https://actions.zapier.com/mcp/sk-ak-example/sse",
transport="sse",
auth_type="api_key",
)
assert github_http_hash == manager._generate_stable_server_id(
server_name="github_mcp_server",
url="https://api.github.com/mcp/http",
transport="http",
auth_type=None,
)
# Verify format
assert len(zapier_sse_hash) == 32
assert len(github_http_hash) == 32
assert zapier_sse_hash != github_http_hash
@pytest.mark.asyncio
async def test_list_tools_rest_api_server_not_found():
"""Test the list_tools REST API when server is not found"""
from litellm.proxy._experimental.mcp_server.rest_endpoints import (
list_tool_rest_api,
global_mcp_server_manager,
)
from fastapi import Query
from litellm.proxy._types import UserAPIKeyAuth
# Mock UserAPIKeyAuth with explicit permission to access the requested server id
mock_user_auth = UserAPIKeyAuth(
api_key="test",
user_id="test",
object_permission=LiteLLM_ObjectPermissionTable(
object_permission_id="dummy",
mcp_servers=["non_existent_server_id"],
),
)
# Mock request with proper client attribute (internal IP for no filtering)
mock_request = MagicMock()
mock_request.headers = {}
mock_request.client = MagicMock()
mock_request.client.host = "127.0.0.1" # Internal IP to bypass IP filtering
# Mock the global_mcp_server_manager to allow the server ID but return None for the server
with patch(
"litellm.proxy._experimental.mcp_server.rest_endpoints.global_mcp_server_manager"
) as mock_manager:
# Allow the server ID in permissions
mock_manager.get_allowed_mcp_servers = AsyncMock(
return_value=["non_existent_server_id"]
)
# Mock filter_server_ids_by_ip_with_info to return input unchanged (no IP filtering in test)
mock_manager.filter_server_ids_by_ip_with_info = MagicMock(
side_effect=lambda server_ids, client_ip: (server_ids, 0)
)
# Return None when trying to get the server (server doesn't exist)
mock_manager.get_mcp_server_by_id = MagicMock(return_value=None)
# Test with non-existent server ID
response = await list_tool_rest_api(
request=mock_request,
server_id="non_existent_server_id",
user_api_key_dict=mock_user_auth,
)
assert isinstance(response, dict)
assert response["tools"] == []
assert response["error"] == "server_not_found"
assert "Server with id non_existent_server_id not found" in response["message"]
@pytest.mark.asyncio
async def test_list_tools_rest_api_success():
"""Test the list_tools REST API successful case"""
from litellm.proxy._experimental.mcp_server.rest_endpoints import (
list_tool_rest_api,
)
from litellm.proxy._experimental.mcp_server.server import (
ListMCPToolsRestAPIResponseObject,
)
from fastapi import Query
from litellm.proxy._types import UserAPIKeyAuth
# Mock successful tools
mock_tools = [
ListMCPToolsRestAPIResponseObject(
name="test_tool",
description="A test tool",
inputSchema={"type": "object"},
mcp_info={"server_name": "test_server"},
)
]
# Create a mock server
mock_server = MagicMock()
mock_server.server_id = "test-server-123"
mock_server.alias = "test_server"
mock_server.name = "test_server"
mock_server.mcp_info = {"server_name": "test_server"}
# Mock UserAPIKeyAuth
mock_user_auth = UserAPIKeyAuth(
api_key="test",
user_id="test",
object_permission=LiteLLM_ObjectPermissionTable(
object_permission_id="dummy",
mcp_servers=["test-server-123"],
),
)
# Mock request with proper client attribute (internal IP for no filtering)
mock_request = MagicMock()
mock_request.headers = {}
mock_request.client = MagicMock()
mock_request.client.host = "127.0.0.1" # Internal IP to bypass IP filtering
# Mock the global_mcp_server_manager
with patch(
"litellm.proxy._experimental.mcp_server.rest_endpoints.global_mcp_server_manager"
) as mock_manager:
mock_manager.get_allowed_mcp_servers = AsyncMock(
return_value=["test-server-123"]
)
mock_manager.get_mcp_server_by_id = MagicMock(return_value=mock_server)
# Mock filter_server_ids_by_ip_with_info to return input unchanged (no IP filtering in test)
mock_manager.filter_server_ids_by_ip_with_info = MagicMock(
side_effect=lambda server_ids, client_ip: (server_ids, 0)
)
# Mock the _get_tools_for_single_server function
with patch(
"litellm.proxy._experimental.mcp_server.rest_endpoints._get_tools_for_single_server"
) as mock_get_tools:
mock_get_tools.return_value = mock_tools
# Test successful case
response = await list_tool_rest_api(
request=mock_request,
server_id="test-server-123",
user_api_key_dict=mock_user_auth,
)
assert isinstance(response, dict)
assert len(response["tools"]) == 1
assert response["tools"][0].name == "test_tool"
@pytest.mark.asyncio
async def test_get_tools_from_mcp_servers():
"""Test _get_tools_from_mcp_servers function with both specific and no server filters"""
from litellm.proxy._experimental.mcp_server.server import (
_get_tools_from_mcp_servers,
)
from litellm.proxy._types import UserAPIKeyAuth
from litellm.proxy._experimental.mcp_server.mcp_server_manager import (
MCPServer,
MCPTransport,
)
# Mock data
mock_user_auth = UserAPIKeyAuth(api_key="test_key", user_id="test_user")
mock_auth_header = "Bearer test_token"
mock_server_1 = MCPServer(
server_id="server1_id",
name="server1",
server_name="server1",
url="http://test1.com",
transport=MCPTransport.http,
)
mock_server_2 = MCPServer(
server_id="server2_id",
name="server2",
server_name="server2",
url="http://test2.com",
transport=MCPTransport.http,
)
mock_server_3 = MCPServer(
server_id="server3_id",
name="server3",
server_name="server3",
url="http://test3.com",
transport=MCPTransport.http,
access_groups=["group-a"],
)
mock_tool_1 = MCPTool(name="tool1", description="test tool 1", inputSchema={})
mock_tool_2 = MCPTool(name="tool2", description="test tool 2", inputSchema={})
# Test Case 1: With specific MCP servers
try:
# Mock the necessary methods
def mock_get_server_by_id(server_id):
if server_id == "server1_id":
return mock_server_1
elif server_id == "server2_id":
return mock_server_2
elif server_id == "server3_id":
return mock_server_3
return None
# Create a mock manager
mock_manager = AsyncMock()
mock_manager.get_allowed_mcp_servers = AsyncMock(
return_value=["server1_id", "server2_id"]
)
mock_manager.get_mcp_server_by_id = lambda server_id: mock_server_1 if server_id == "server1_id" else mock_server_2
mock_manager._get_tools_from_server = AsyncMock(return_value=[mock_tool_1])
# Mock filter_server_ids_by_ip_with_info to return input unchanged (no IP filtering in test)
mock_manager.filter_server_ids_by_ip_with_info = MagicMock(
side_effect=lambda server_ids, client_ip: (server_ids, 0)
)
with patch(
"litellm.proxy._experimental.mcp_server.server.global_mcp_server_manager",
mock_manager,
):
# Test with specific servers
result = await _get_tools_from_mcp_servers(
user_api_key_auth=mock_user_auth,
mcp_auth_header=mock_auth_header,
mcp_servers=["server1"],
)
assert len(result) == 1, "Should only return tools from server1"
assert result[0].name == "tool1", "Should return tool from server1"
# Test Case 2: Without specific MCP servers
# Create a different mock manager for the second test case
mock_manager_2 = AsyncMock()
mock_manager_2.get_allowed_mcp_servers = AsyncMock(
return_value=["server1_id", "server2_id"]
)
mock_manager_2.get_mcp_server_by_id = lambda server_id: mock_server_1 if server_id == "server1_id" else mock_server_2
async def mock_get_tools_side_effect(
server,
mcp_auth_header=None,
extra_headers=None,
add_prefix=False,
raw_headers=None,
):
if server.server_id == "server1_id":
return [mock_tool_1]
return [mock_tool_2]
mock_manager_2._get_tools_from_server = AsyncMock(
side_effect=mock_get_tools_side_effect
)
# Mock filter_server_ids_by_ip_with_info to return input unchanged (no IP filtering in test)
mock_manager_2.filter_server_ids_by_ip_with_info = MagicMock(
side_effect=lambda server_ids, client_ip: (server_ids, 0)
)
with patch(
"litellm.proxy._experimental.mcp_server.server.global_mcp_server_manager",
mock_manager_2,
):
result = await _get_tools_from_mcp_servers(
user_api_key_auth=mock_user_auth,
mcp_auth_header=mock_auth_header,
mcp_servers=None,
)
assert len(result) == 2, "Should return tools from all servers"
assert (
result[0].name == "tool1" and result[1].name == "tool2"
), "Should return tools from all servers"
#
# Test Case 3: With specific MCP servers and access groups
# Create a mock manager
mock_manager = AsyncMock()
mock_manager.get_allowed_mcp_servers = AsyncMock(
return_value=["server1_id", "server2_id", "server3_id"]
)
mock_manager.get_mcp_server_by_id = lambda server_id: mock_server_1 if server_id == "server1_id" else (mock_server_2 if server_id == "server2_id" else mock_server_3)
mock_manager._get_tools_from_server = AsyncMock(return_value=[mock_tool_1])
# Mock filter_server_ids_by_ip_with_info to return input unchanged (no IP filtering in test)
mock_manager.filter_server_ids_by_ip_with_info = MagicMock(
side_effect=lambda server_ids, client_ip: (server_ids, 0)
)
with patch(
"litellm.proxy._experimental.mcp_server.server.global_mcp_server_manager",
mock_manager,
):
with patch(
"litellm.proxy._experimental.mcp_server.auth.user_api_key_auth_mcp.MCPRequestHandler._get_mcp_servers_from_access_groups",
AsyncMock(return_value=["server3_id"]),
):
# Test with specific servers
result = await _get_tools_from_mcp_servers(
user_api_key_auth=mock_user_auth,
mcp_auth_header=mock_auth_header,
mcp_servers=["group-a"],
)
assert len(result) == 1, "Should only return tools from server3"
assert result[0].name == "tool1", "Should return tool from server1"
except AssertionError as e:
pytest.fail(f"Test failed: {str(e)}")
except Exception as e:
pytest.fail(f"Unexpected error in tests: {str(e)}")
@pytest.mark.asyncio
async def test_list_tools_only_returns_allowed_servers(monkeypatch):
"""
Test that list_tools only returns tools from servers allowed for the user.
"""
test_manager = MCPServerManager()
# Setup two servers in the config
await test_manager.load_servers_from_config(
{
"server_a": {
"url": "https://server-a.com/mcp",
"transport": MCPTransport.http,
"description": "Server A",
},
"server_b": {
"url": "https://server-b.com/mcp",
"transport": MCPTransport.http,
"description": "Server B",
},
}
)
# Patch get_allowed_mcp_servers to only allow server_a
async def mock_get_allowed_mcp_servers(self, user_api_key_auth=None):
return [
list(test_manager.get_registry().keys())[0]
] # Only first server (server_a)
monkeypatch.setattr(
MCPServerManager, "get_allowed_mcp_servers", mock_get_allowed_mcp_servers
)
# Mock tools for each server
mock_tools_a = [
MCPTool(
name="send_email",
description="Send an email via Server A",
inputSchema={"type": "object"},
)
]
mock_tools_b = [
MCPTool(
name="create_event",
description="Create an event via Server B",
inputSchema={"type": "object"},
)
]
# Patch MCPClient to return different tools for each server
def mock_client_constructor(*args, **kwargs):
mock_client = AsyncMock()
# Return tools based on server URL
if kwargs.get("server_url") == "https://server-a.com/mcp":
mock_client.list_tools = AsyncMock(return_value=mock_tools_a)
else:
mock_client.list_tools = AsyncMock(return_value=mock_tools_b)
mock_client.__aenter__ = AsyncMock(return_value=mock_client)
mock_client.__aexit__ = AsyncMock(return_value=None)
return mock_client
with patch(
"litellm.proxy._experimental.mcp_server.mcp_server_manager.MCPClient",
mock_client_constructor,
):
# Call list_tools
tools = await test_manager.list_tools(user_api_key_auth=MagicMock())
# Should only return tools from server_a
assert len(tools) == 1
# The server should use the server_name as prefix since no alias is provided
expected_prefix = "server_a"
assert tools[0].name.startswith(f"{expected_prefix}-")
@pytest.mark.asyncio
async def test_mcp_server_manager_access_groups_from_config():
"""
Test that access_groups are loaded from config and can be resolved.
"""
test_manager = MCPServerManager()
await test_manager.load_servers_from_config(
{
"config_server": {
"url": "https://config-mcp-server.com/mcp",
"transport": MCPTransport.http,
"access_groups": ["group-a", "group-b"],
},
"other_server": {
"url": "https://other-mcp-server.com/mcp",
"transport": MCPTransport.http,
"access_groups": ["group-b", "group-c"],
},
}
)
# Check that access_groups are loaded
config_server = next(
(
s
for s in test_manager.config_mcp_servers.values()
if s.name == "config_server"
),
None,
)
assert config_server is not None
assert set(config_server.access_groups) == {"group-a", "group-b"}
# Check that the lookup logic finds the correct server ids
from litellm.proxy._experimental.mcp_server.auth.user_api_key_auth_mcp import (
MCPRequestHandler,
)
# Patch global_mcp_server_manager for this test and restore afterwards to
# avoid leaking state into other tests (e.g. the proxy MCP e2e suite).
import litellm.proxy._experimental.mcp_server.mcp_server_manager as mcp_server_manager_mod
original_manager = mcp_server_manager_mod.global_mcp_server_manager
mcp_server_manager_mod.global_mcp_server_manager = test_manager
try:
# Should find config_server for group-a, both for group-b, other_server for group-c
import asyncio
server_ids_a = await MCPRequestHandler._get_mcp_servers_from_access_groups([
"group-a"
])
server_ids_b = await MCPRequestHandler._get_mcp_servers_from_access_groups([
"group-b"
])
server_ids_c = await MCPRequestHandler._get_mcp_servers_from_access_groups([
"group-c"
])
assert any(config_server.server_id == sid for sid in server_ids_a)
assert set(server_ids_b) == set(
[
s.server_id
for s in test_manager.config_mcp_servers.values()
if "group-b" in s.access_groups
]
)
assert any(
s.name == "other_server" and s.server_id in server_ids_c
for s in test_manager.config_mcp_servers.values()
)
finally:
mcp_server_manager_mod.global_mcp_server_manager = original_manager
@pytest.mark.asyncio
async def test_mcp_server_manager_config_integration_with_database():
"""
Test that config-based servers properly integrate with database servers,
specifically testing access_groups and description fields.
"""
import datetime
from litellm.proxy._types import LiteLLM_MCPServerTable
test_manager = MCPServerManager()
# Test 1: Load config with access_groups and description
await test_manager.load_servers_from_config(
{
"config_server_with_groups": {
"url": "https://config-server.com/mcp",
"transport": MCPTransport.http,
"description": "Test config server",
"access_groups": ["fr_staff", "admin"],
}
}
)
# Verify config server has correct access_groups
config_servers = test_manager.config_mcp_servers
assert len(config_servers) == 1
config_server = next(iter(config_servers.values()))
assert config_server.access_groups == ["fr_staff", "admin"]
assert config_server.mcp_info["description"] == "Test config server"
# Test 2: Create a database server record and test add_update_server method
db_server = LiteLLM_MCPServerTable(
server_id="db-server-123",
server_name="database-server",
url="https://db-server.com/mcp",
transport="http",
auth_type="none",
description="Database server description",
created_at=datetime.datetime.now(),
updated_at=datetime.datetime.now(),
mcp_access_groups=["db_group", "test_group"],
)
# Test the add_update_server method (this tests our fix)
await test_manager.add_server(db_server)
# Verify the server was added with correct access_groups
registry = test_manager.get_registry()
assert "db-server-123" in registry
db_server_in_registry = registry["db-server-123"]
assert db_server_in_registry.access_groups == ["db_group", "test_group"]
assert db_server_in_registry.server_name == "database-server"
# Test 3: Test config server conversion to LiteLLM_MCPServerTable format
# This tests that config servers are properly converted with access_groups and description fields
# Mock user auth to get all servers
from litellm.proxy._types import UserAPIKeyAuth
mock_user_auth = UserAPIKeyAuth(user_role="proxy_admin")
# Mock the get_allowed_mcp_servers to return only config server IDs
# (to avoid database dependency in this test)
async def mock_get_allowed_servers(user_auth=None):
config_server_ids = list(test_manager.config_mcp_servers.keys())
return config_server_ids
test_manager.get_allowed_mcp_servers = mock_get_allowed_servers
# Mock health_check_server to avoid real network calls that timeout
async def mock_health_check(server_id: str, mcp_auth_header=None):
server = test_manager.get_mcp_server_by_id(server_id)
if not server:
return None
return LiteLLM_MCPServerTable(
server_id=server_id,
server_name=server.name,
url=server.url,
transport=server.transport,
description=server.mcp_info.get("description") if server.mcp_info else None,
mcp_access_groups=server.access_groups,
status="healthy",
last_health_check=datetime.datetime.now(),
mcp_info=server.mcp_info,
)
test_manager.health_check_server = mock_health_check
# Test the method (this tests our second fix)
servers_list = await test_manager.get_all_mcp_servers_with_health_and_teams(
user_api_key_auth=mock_user_auth
)
# Verify we have the config server properly converted
assert len(servers_list) == 1
# Find the config server in the list
config_server_in_list = servers_list[0]
assert config_server_in_list.server_name == "config_server_with_groups"
assert config_server_in_list.mcp_access_groups == ["fr_staff", "admin"]
assert config_server_in_list.description == "Test config server"
# Verify the mcp_info is also correct
assert config_server_in_list.mcp_info["description"] == "Test config server"
assert config_server_in_list.mcp_info["server_name"] == "config_server_with_groups"
# Tests for Server Alias Functionality
def test_get_server_prefix_with_alias():
"""
Test that get_server_prefix returns alias when present.
"""
from litellm.proxy._experimental.mcp_server.utils import get_server_prefix
# Create a mock server with alias
mock_server = MagicMock()
mock_server.alias = "my_alias"
mock_server.server_name = "My Server Name"
mock_server.server_id = "server-123"
prefix = get_server_prefix(mock_server)
assert prefix == "my_alias"
def test_get_server_prefix_without_alias():
"""
Test that get_server_prefix falls back to server_name when alias is not present.
"""
from litellm.proxy._experimental.mcp_server.utils import get_server_prefix
# Create a mock server without alias
mock_server = MagicMock()
mock_server.alias = None
mock_server.server_name = "My Server Name"
mock_server.server_id = "server-123"
prefix = get_server_prefix(mock_server)
assert prefix == "My Server Name"
def test_get_server_prefix_fallback_to_server_id():
"""
Test that get_server_prefix falls back to server_id when neither alias nor server_name are present.
"""
from litellm.proxy._experimental.mcp_server.utils import get_server_prefix
# Create a mock server without alias or server_name
mock_server = MagicMock()
mock_server.alias = None
mock_server.server_name = None
mock_server.server_id = "server-123"
prefix = get_server_prefix(mock_server)
assert prefix == "server-123"
def test_get_server_prefix_empty_strings():
"""
Test that get_server_prefix handles empty strings correctly.
"""
from litellm.proxy._experimental.mcp_server.utils import get_server_prefix
# Create a mock server with empty strings
mock_server = MagicMock()
mock_server.alias = ""
mock_server.server_name = ""
mock_server.server_id = "server-123"
prefix = get_server_prefix(mock_server)
assert prefix == "server-123"
@pytest.mark.asyncio
async def test_mcp_server_manager_alias_tool_prefixing():
"""
Test that MCP server manager uses alias for tool prefixing when available.
"""
test_manager = MCPServerManager()
# Create a mock server with alias
mock_server = MCPServer(
server_id="test-server-123",
name="test_server",
alias="my_alias",
server_name="Test Server",
url="https://test-server.com/mcp",
transport=MCPTransport.http,
)
# Add server to registry
test_manager.registry["test-server-123"] = mock_server
# Mock tools
mock_tools = [
MCPTool(
name="send_email",
description="Send an email",
inputSchema={"type": "object"},
)
]
# Mock MCPClient
mock_client = AsyncMock()
mock_client.list_tools = AsyncMock(return_value=mock_tools)
mock_client.__aenter__ = AsyncMock(return_value=mock_client)
mock_client.__aexit__ = AsyncMock(return_value=None)
def mock_client_constructor(*args, **kwargs):
return mock_client
with patch(
"litellm.proxy._experimental.mcp_server.mcp_server_manager.MCPClient",
mock_client_constructor,
):
# Get tools from server
tools = await test_manager._get_tools_from_server(mock_server)
# Verify tool is prefixed with alias
assert len(tools) == 1
assert tools[0].name == "my_alias-send_email"
# Verify mapping is updated correctly
assert (
test_manager.tool_name_to_mcp_server_name_mapping["send_email"]
== "my_alias"
)
assert (
test_manager.tool_name_to_mcp_server_name_mapping["my_alias-send_email"]
== "my_alias"
)
@pytest.mark.asyncio
async def test_mcp_server_manager_server_name_tool_prefixing():
"""
Test that MCP server manager falls back to server_name for tool prefixing when alias is not available.
"""
test_manager = MCPServerManager()
# Create a mock server without alias
mock_server = MCPServer(
server_id="test-server-123",
name="test_server",
alias=None,
server_name="Test Server",
url="https://test-server.com/mcp",
transport=MCPTransport.http,
)
# Add server to registry
test_manager.registry["test-server-123"] = mock_server
# Mock tools
mock_tools = [
MCPTool(
name="send_email",
description="Send an email",
inputSchema={"type": "object"},
)
]
# Mock MCPClient
mock_client = AsyncMock()
mock_client.list_tools = AsyncMock(return_value=mock_tools)
mock_client.__aenter__ = AsyncMock(return_value=mock_client)
mock_client.__aexit__ = AsyncMock(return_value=None)
def mock_client_constructor(*args, **kwargs):
return mock_client
with patch(
"litellm.proxy._experimental.mcp_server.mcp_server_manager.MCPClient",
mock_client_constructor,
):
# Get tools from server
tools = await test_manager._get_tools_from_server(mock_server)
# Verify tool is prefixed with server_name (normalized)
assert len(tools) == 1
assert tools[0].name == "Test_Server-send_email"
# Verify mapping is updated correctly
assert (
test_manager.tool_name_to_mcp_server_name_mapping["send_email"]
== "Test Server"
)
assert (
test_manager.tool_name_to_mcp_server_name_mapping["Test_Server-send_email"]
== "Test Server"
)
@pytest.mark.asyncio
async def test_mcp_server_manager_server_id_tool_prefixing():
"""
Test that MCP server manager falls back to server_id for tool prefixing when neither alias nor server_name are available.
"""
test_manager = MCPServerManager()
# Create a mock server without alias or server_name
mock_server = MCPServer(
server_id="test-server-123",
name="test_server",
alias=None,
server_name=None,
url="https://test-server.com/mcp",
transport=MCPTransport.http,
)
# Add server to registry
test_manager.registry["test-server-123"] = mock_server
# Mock tools
mock_tools = [
MCPTool(
name="send_email",
description="Send an email",
inputSchema={"type": "object"},
)
]
# Mock MCPClient
mock_client = AsyncMock()
mock_client.list_tools = AsyncMock(return_value=mock_tools)
mock_client.__aenter__ = AsyncMock(return_value=mock_client)
mock_client.__aexit__ = AsyncMock(return_value=None)
def mock_client_constructor(*args, **kwargs):
return mock_client
with patch(
"litellm.proxy._experimental.mcp_server.mcp_server_manager.MCPClient",
mock_client_constructor,
):
# Get tools from server
tools = await test_manager._get_tools_from_server(mock_server)
# Verify tool is prefixed with server_id
assert len(tools) == 1
assert tools[0].name == "test-server-123-send_email"
# Verify mapping is updated correctly
assert (
test_manager.tool_name_to_mcp_server_name_mapping["send_email"]
== "test-server-123"
)
assert (
test_manager.tool_name_to_mcp_server_name_mapping[
"test-server-123-send_email"
]
== "test-server-123"
)
@pytest.mark.asyncio
async def test_add_update_server_with_alias():
"""
Test that add_update_server correctly handles servers with alias.
"""
test_manager = MCPServerManager()
# Create a mock LiteLLM_MCPServerTable with alias
mock_mcp_server = MagicMock()
mock_mcp_server.server_id = "test-server-123"
mock_mcp_server.alias = "my_alias"
mock_mcp_server.server_name = "Test Server"
mock_mcp_server.url = "https://test-server.com/mcp"
mock_mcp_server.transport = MCPTransport.http
mock_mcp_server.auth_type = None
mock_mcp_server.credentials = {}
mock_mcp_server.description = "Test server description"
mock_mcp_server.mcp_info = {}
mock_mcp_server.static_headers = {}
mock_mcp_server.command = None
mock_mcp_server.args = []
mock_mcp_server.env = None
mock_mcp_server.spec_path = None
# OAuth fields - set explicitly to None to avoid MagicMock objects
mock_mcp_server.client_id = None
mock_mcp_server.client_secret = None
mock_mcp_server.authorization_url = None
mock_mcp_server.registration_url = None
mock_mcp_server.token_url = None
mock_mcp_server.oauth2_flow = None
# Additional fields used by build_mcp_server_from_table
mock_mcp_server.extra_headers = None
mock_mcp_server.allow_all_keys = False
mock_mcp_server.available_on_public_internet = True
mock_mcp_server.mcp_access_groups = None
mock_mcp_server.allowed_tools = None
mock_mcp_server.disallowed_tools = None
mock_mcp_server.tool_name_to_display_name = None
mock_mcp_server.tool_name_to_description = None
mock_mcp_server.is_byok = False
mock_mcp_server.byok_description = None
mock_mcp_server.byok_api_key_help_url = None
mock_mcp_server.created_at = None
mock_mcp_server.updated_at = None
# Add server to manager
await test_manager.add_server(mock_mcp_server)
# Verify server was added with correct name (should use alias)
assert "test-server-123" in test_manager.registry
added_server = test_manager.registry["test-server-123"]
assert added_server.name == "my_alias"
assert added_server.alias == "my_alias"
assert added_server.server_name == "Test Server"
@pytest.mark.asyncio
async def test_add_update_server_without_alias():
"""
Test that add_update_server correctly handles servers without alias.
"""
test_manager = MCPServerManager()
# Create a mock LiteLLM_MCPServerTable without alias
mock_mcp_server = MagicMock()
mock_mcp_server.server_id = "test-server-123"
mock_mcp_server.alias = None
mock_mcp_server.server_name = "Test Server"
mock_mcp_server.url = "https://test-server.com/mcp"
mock_mcp_server.transport = MCPTransport.http
mock_mcp_server.auth_type = None
mock_mcp_server.credentials = {}
mock_mcp_server.description = "Test server description"
mock_mcp_server.mcp_info = {}
mock_mcp_server.static_headers = {}
mock_mcp_server.command = None
mock_mcp_server.args = []
mock_mcp_server.env = None
mock_mcp_server.spec_path = None
# OAuth fields - set explicitly to None to avoid MagicMock objects
mock_mcp_server.client_id = None
mock_mcp_server.client_secret = None
mock_mcp_server.authorization_url = None
mock_mcp_server.registration_url = None
mock_mcp_server.token_url = None
mock_mcp_server.oauth2_flow = None
# Additional fields used by build_mcp_server_from_table
mock_mcp_server.extra_headers = None
mock_mcp_server.allow_all_keys = False
mock_mcp_server.available_on_public_internet = True
mock_mcp_server.mcp_access_groups = None
mock_mcp_server.allowed_tools = None
mock_mcp_server.disallowed_tools = None
mock_mcp_server.tool_name_to_display_name = None
mock_mcp_server.tool_name_to_description = None
mock_mcp_server.is_byok = False
mock_mcp_server.byok_description = None
mock_mcp_server.byok_api_key_help_url = None
mock_mcp_server.created_at = None
mock_mcp_server.updated_at = None
# Add server to manager
await test_manager.add_server(mock_mcp_server)
# Verify server was added with correct name (should use server_name)
assert "test-server-123" in test_manager.registry
added_server = test_manager.registry["test-server-123"]
assert added_server.name == "Test Server"
assert added_server.alias is None
assert added_server.server_name == "Test Server"
@pytest.mark.asyncio
async def test_add_update_server_fallback_to_server_id():
"""
Test that add_update_server falls back to server_id when neither alias nor server_name are available.
"""
test_manager = MCPServerManager()
# Create a mock LiteLLM_MCPServerTable without alias or server_name
mock_mcp_server = MagicMock()
mock_mcp_server.server_id = "test-server-123"
mock_mcp_server.alias = None
mock_mcp_server.server_name = None
mock_mcp_server.url = "https://test-server.com/mcp"
mock_mcp_server.transport = MCPTransport.http
mock_mcp_server.auth_type = None
mock_mcp_server.credentials = {}
mock_mcp_server.description = "Test server description"
mock_mcp_server.mcp_info = {}
mock_mcp_server.static_headers = {}
mock_mcp_server.command = None
mock_mcp_server.args = []
mock_mcp_server.env = None
mock_mcp_server.spec_path = None
# OAuth fields - set explicitly to None to avoid MagicMock objects
mock_mcp_server.client_id = None
mock_mcp_server.client_secret = None
mock_mcp_server.authorization_url = None
mock_mcp_server.registration_url = None
mock_mcp_server.token_url = None
mock_mcp_server.oauth2_flow = None
# Additional fields used by build_mcp_server_from_table - set explicitly
# to avoid MagicMock objects being passed to Pydantic MCPServer constructor
mock_mcp_server.extra_headers = None
mock_mcp_server.allow_all_keys = False
mock_mcp_server.available_on_public_internet = True
mock_mcp_server.mcp_access_groups = None
mock_mcp_server.allowed_tools = None
mock_mcp_server.disallowed_tools = None
mock_mcp_server.tool_name_to_display_name = None
mock_mcp_server.tool_name_to_description = None
mock_mcp_server.is_byok = False
mock_mcp_server.byok_description = None
mock_mcp_server.byok_api_key_help_url = None
mock_mcp_server.created_at = None
mock_mcp_server.updated_at = None
# Add server to manager
await test_manager.add_server(mock_mcp_server)
# Verify server was added with correct name (should use server_id)
assert "test-server-123" in test_manager.registry
added_server = test_manager.registry["test-server-123"]
assert added_server.name == "test-server-123"
assert added_server.alias is None
assert added_server.server_name is None
def test_normalize_server_name():
"""
Test that normalize_server_name correctly replaces spaces with underscores.
"""
from litellm.proxy._experimental.mcp_server.utils import normalize_server_name
# Test basic space replacement
assert normalize_server_name("My Server Name") == "My_Server_Name"
# Test multiple consecutive spaces
assert normalize_server_name("My Server Name") == "My__Server___Name"
# Test no spaces
assert normalize_server_name("MyServerName") == "MyServerName"
# Test empty string
assert normalize_server_name("") == ""
# Test string with only spaces
assert normalize_server_name(" ") == "___"
def test_add_server_prefix_to_name():
"""Ensure add_server_prefix_to_name correctly formats resource names."""
from litellm.proxy._experimental.mcp_server.utils import add_server_prefix_to_name
# Test basic prefixing
result = add_server_prefix_to_name("send_email", "My Server")
assert result == "My_Server-send_email"
# Test with server name that already has underscores
result = add_server_prefix_to_name("create_event", "my_server")
assert result == "my_server-create_event"
# Test with empty name
result = add_server_prefix_to_name("", "My Server")
assert result == "My_Server-"
# Test with empty server name
result = add_server_prefix_to_name("send_email", "")
assert result == "-send_email"
def test_get_server_auth_header_with_alias():
"""Test _get_server_auth_header function with server alias."""
from litellm.proxy._experimental.mcp_server.rest_endpoints import (
_get_server_auth_header,
)
# Create a mock server with alias
mock_server = MagicMock()
mock_server.alias = "zapier"
mock_server.server_name = "zapier_server"
# Test with server-specific auth headers
mcp_server_auth_headers = {
"zapier": "Bearer zapier_token",
"slack": "Bearer slack_token",
}
mcp_auth_header = "Bearer default_token"
result = _get_server_auth_header(
mock_server, mcp_server_auth_headers, mcp_auth_header
)
assert result == "Bearer zapier_token"
# Test case-insensitive matching
mcp_server_auth_headers = {
"ZAPIER": "Bearer zapier_token_upper",
"slack": "Bearer slack_token",
}
result = _get_server_auth_header(
mock_server, mcp_server_auth_headers, mcp_auth_header
)
assert result == "Bearer zapier_token_upper"
def test_get_server_auth_header_with_server_name():
"""Test _get_server_auth_header function with server name (no alias)."""
from litellm.proxy._experimental.mcp_server.rest_endpoints import (
_get_server_auth_header,
)
# Create a mock server with server_name but no alias
mock_server = MagicMock()
mock_server.alias = None
mock_server.server_name = "slack_server"
# Test with server-specific auth headers
mcp_server_auth_headers = {
"slack_server": "Bearer slack_token",
"zapier": "Bearer zapier_token",
}
mcp_auth_header = "Bearer default_token"
result = _get_server_auth_header(
mock_server, mcp_server_auth_headers, mcp_auth_header
)
assert result == "Bearer slack_token"
# Test case-insensitive matching
mcp_server_auth_headers = {
"SLACK_SERVER": "Bearer slack_token_upper",
"zapier": "Bearer zapier_token",
}
result = _get_server_auth_header(
mock_server, mcp_server_auth_headers, mcp_auth_header
)
assert result == "Bearer slack_token_upper"
def test_get_server_auth_header_fallback_to_default():
"""Test _get_server_auth_header function fallback to default auth header."""
from litellm.proxy._experimental.mcp_server.rest_endpoints import (
_get_server_auth_header,
)
# Create a mock server
mock_server = MagicMock()
mock_server.alias = "unknown_server"
mock_server.server_name = "unknown_server_name"
# Test with no matching server-specific headers
mcp_server_auth_headers = {
"zapier": "Bearer zapier_token",
"slack": "Bearer slack_token",
}
mcp_auth_header = "Bearer default_token"
result = _get_server_auth_header(
mock_server, mcp_server_auth_headers, mcp_auth_header
)
assert result == "Bearer default_token"
# Test with no server-specific headers at all
result = _get_server_auth_header(mock_server, None, mcp_auth_header)
assert result == "Bearer default_token"
def test_get_server_auth_header_no_auth_headers():
"""Test _get_server_auth_header function with no auth headers."""
from litellm.proxy._experimental.mcp_server.rest_endpoints import (
_get_server_auth_header,
)
# Create a mock server
mock_server = MagicMock()
mock_server.alias = "zapier"
mock_server.server_name = "zapier_server"
# Test with no auth headers
result = _get_server_auth_header(mock_server, None, None)
assert result is None
result = _get_server_auth_header(mock_server, {}, None)
assert result is None
def test_create_tool_response_objects():
"""Test _create_tool_response_objects function."""
from litellm.proxy._experimental.mcp_server.rest_endpoints import (
_create_tool_response_objects,
)
from mcp.types import Tool as MCPTool
# Create mock tools
mock_tools = [
MCPTool(
name="send_email",
description="Send an email",
inputSchema={"type": "object", "properties": {"to": {"type": "string"}}},
),
MCPTool(
name="create_event",
description="Create a calendar event",
inputSchema={"type": "object", "properties": {"title": {"type": "string"}}},
),
]
server_mcp_info = {
"server_name": "zapier",
"logo_url": "https://zapier.com/logo.png",
}
result = _create_tool_response_objects(mock_tools, server_mcp_info)
assert len(result) == 2
assert result[0].name == "send_email"
assert result[0].description == "Send an email"
assert result[0].mcp_info == server_mcp_info
assert result[1].name == "create_event"
assert result[1].description == "Create a calendar event"
assert result[1].mcp_info == server_mcp_info
@pytest.mark.asyncio
async def test_get_tools_for_single_server():
"""Test _get_tools_for_single_server function."""
from litellm.proxy._experimental.mcp_server.rest_endpoints import (
_get_tools_for_single_server,
)
from mcp.types import Tool as MCPTool
# Create a mock server
mock_server = MagicMock()
mock_server.mcp_info = {"server_name": "zapier"}
# Create mock tools
mock_tools = [
MCPTool(
name="send_email",
description="Send an email",
inputSchema={"type": "object", "properties": {"to": {"type": "string"}}},
)
]
# Mock the global_mcp_server_manager
with patch(
"litellm.proxy._experimental.mcp_server.rest_endpoints.global_mcp_server_manager"
) as mock_manager:
mock_manager._get_tools_from_server = AsyncMock(return_value=mock_tools)
result = await _get_tools_for_single_server(mock_server, "Bearer test_token")
# Verify the manager was called with correct parameters
mock_manager._get_tools_from_server.assert_called_once_with(
server=mock_server,
mcp_auth_header="Bearer test_token",
extra_headers=None,
add_prefix=False,
raw_headers=None,
)
# Verify the result
assert len(result) == 1
assert result[0].name == "send_email"
assert result[0].mcp_info == {"server_name": "zapier"}
@pytest.mark.asyncio
async def test_list_tool_rest_api_with_server_specific_auth():
"""Test list_tool_rest_api with server-specific auth headers."""
from litellm.proxy._experimental.mcp_server.rest_endpoints import list_tool_rest_api
from litellm.proxy._experimental.mcp_server.auth.user_api_key_auth_mcp import (
MCPRequestHandler,
)
from litellm.proxy._types import UserAPIKeyAuth
# Create mock request with server-specific auth headers
mock_request = MagicMock()
mock_request.headers = {
"authorization": "Bearer user_token",
"x-mcp-zapier-authorization": "Bearer zapier_token",
"x-mcp-slack-authorization": "Bearer slack_token",
}
# Mock the MCPRequestHandler methods
with patch.object(
MCPRequestHandler, "_get_mcp_auth_header_from_headers"
) as mock_get_auth:
with patch.object(
MCPRequestHandler, "_get_mcp_server_auth_headers_from_headers"
) as mock_get_server_auth:
mock_get_auth.return_value = "Bearer default_token"
mock_get_server_auth.return_value = {
"zapier": "Bearer zapier_token",
"slack": "Bearer slack_token",
}
# Mock the global_mcp_server_manager
with patch(
"litellm.proxy._experimental.mcp_server.rest_endpoints.global_mcp_server_manager"
) as mock_manager:
mock_manager.get_allowed_mcp_servers = AsyncMock(
return_value=["test-server-123"]
)
# Create a mock server
mock_server = MagicMock()
mock_server.server_id = "test-server-123"
mock_server.alias = "zapier"
mock_server.name = "zapier_server"
mock_server.mcp_info = {"server_name": "zapier"}
mock_manager.get_mcp_server_by_id.return_value = mock_server
# Mock filter_server_ids_by_ip_with_info to return input unchanged (no IP filtering in test)
mock_manager.filter_server_ids_by_ip_with_info = MagicMock(
side_effect=lambda server_ids, client_ip: (server_ids, 0)
)
mock_user_api_key_dict = UserAPIKeyAuth(
api_key="test",
user_id="test_user",
object_permission=LiteLLM_ObjectPermissionTable(
object_permission_id="dummy",
mcp_servers=[mock_server.server_id],
),
)
# Mock the _get_tools_for_single_server function
with patch(
"litellm.proxy._experimental.mcp_server.rest_endpoints._get_tools_for_single_server"
) as mock_get_tools:
from litellm.proxy._experimental.mcp_server.server import (
ListMCPToolsRestAPIResponseObject,
)
mock_tools = [
ListMCPToolsRestAPIResponseObject(
name="send_email",
description="Send an email",
inputSchema={"type": "object"},
mcp_info={"server_name": "zapier"},
)
]
mock_get_tools.return_value = mock_tools
# Call the function
result = await list_tool_rest_api(
request=mock_request,
server_id="test-server-123",
user_api_key_dict=mock_user_api_key_dict,
)
# Verify the result
assert result["error"] is None
assert len(result["tools"]) == 1
assert result["tools"][0].name == "send_email"
# Verify that _get_tools_for_single_server was called with the correct auth header
mock_get_tools.assert_called_once()
call_args = mock_get_tools.call_args
assert call_args[0][0] == mock_server # server
assert (
call_args[0][1] == "Bearer zapier_token"
) # server_auth_header
@pytest.mark.asyncio
async def test_list_tool_rest_api_with_default_auth():
"""Test list_tool_rest_api with default auth header when no server-specific header is found."""
from litellm.proxy._experimental.mcp_server.rest_endpoints import list_tool_rest_api
from litellm.proxy._experimental.mcp_server.auth.user_api_key_auth_mcp import (
MCPRequestHandler,
)
from litellm.proxy._types import UserAPIKeyAuth
# Create mock request with default auth header only
mock_request = MagicMock()
mock_request.headers = {
"authorization": "Bearer user_token",
"x-mcp-authorization": "Bearer default_token",
}
# Mock the MCPRequestHandler methods
with patch.object(
MCPRequestHandler, "_get_mcp_auth_header_from_headers"
) as mock_get_auth:
with patch.object(
MCPRequestHandler, "_get_mcp_server_auth_headers_from_headers"
) as mock_get_server_auth:
mock_get_auth.return_value = "Bearer default_token"
mock_get_server_auth.return_value = {} # No server-specific headers
# Mock the global_mcp_server_manager
with patch(
"litellm.proxy._experimental.mcp_server.rest_endpoints.global_mcp_server_manager"
) as mock_manager:
mock_manager.get_allowed_mcp_servers = AsyncMock(
return_value=["test-server-123"]
)
# Create a mock server
mock_server = MagicMock()
mock_server.server_id = "test-server-123"
mock_server.alias = "unknown_server"
mock_server.name = "unknown_server"
mock_server.mcp_info = {"server_name": "unknown_server"}
mock_manager.get_mcp_server_by_id.return_value = mock_server
# Mock filter_server_ids_by_ip_with_info to return input unchanged (no IP filtering in test)
mock_manager.filter_server_ids_by_ip_with_info = MagicMock(
side_effect=lambda server_ids, client_ip: (server_ids, 0)
)
mock_user_api_key_dict = UserAPIKeyAuth(
api_key="test",
user_id="test_user",
object_permission=LiteLLM_ObjectPermissionTable(
object_permission_id="dummy",
mcp_servers=[mock_server.server_id],
),
)
# Mock the _get_tools_for_single_server function
with patch(
"litellm.proxy._experimental.mcp_server.rest_endpoints._get_tools_for_single_server"
) as mock_get_tools:
from litellm.proxy._experimental.mcp_server.server import (
ListMCPToolsRestAPIResponseObject,
)
mock_tools = [
ListMCPToolsRestAPIResponseObject(
name="send_email",
description="Send an email",
inputSchema={"type": "object"},
mcp_info={"server_name": "unknown_server"},
)
]
mock_get_tools.return_value = mock_tools
# Call the function
result = await list_tool_rest_api(
request=mock_request,
server_id="test-server-123",
user_api_key_dict=mock_user_api_key_dict,
)
# Verify the result
assert result["error"] is None
assert len(result["tools"]) == 1
assert result["tools"][0].name == "send_email"
# Verify that _get_tools_for_single_server was called with the default auth header
mock_get_tools.assert_called_once()
call_args = mock_get_tools.call_args
assert call_args[0][0] == mock_server # server
assert (
call_args[0][1] == "Bearer default_token"
) # server_auth_header
@pytest.mark.asyncio
async def test_list_tool_rest_api_all_servers_with_auth():
"""Test list_tool_rest_api for all servers with server-specific auth headers."""
from litellm.proxy._experimental.mcp_server.rest_endpoints import list_tool_rest_api
from litellm.proxy._experimental.mcp_server.auth.user_api_key_auth_mcp import (
MCPRequestHandler,
)
from litellm.proxy._types import UserAPIKeyAuth
# Create mock request with server-specific auth headers
mock_request = MagicMock()
mock_request.headers = {
"authorization": "Bearer user_token",
"x-mcp-zapier-authorization": "Bearer zapier_token",
"x-mcp-slack-authorization": "Bearer slack_token",
}
# Mock the MCPRequestHandler methods
with patch.object(
MCPRequestHandler, "_get_mcp_auth_header_from_headers"
) as mock_get_auth:
with patch.object(
MCPRequestHandler, "_get_mcp_server_auth_headers_from_headers"
) as mock_get_server_auth:
mock_get_auth.return_value = "Bearer default_token"
mock_get_server_auth.return_value = {
"zapier": "Bearer zapier_token",
"slack": "Bearer slack_token",
}
# Mock the global_mcp_server_manager
with patch(
"litellm.proxy._experimental.mcp_server.rest_endpoints.global_mcp_server_manager"
) as mock_manager:
# Create mock servers
mock_zapier_server = MagicMock()
mock_zapier_server.alias = "zapier"
mock_zapier_server.server_name = "zapier_server"
mock_zapier_server.mcp_info = {"server_name": "zapier"}
mock_slack_server = MagicMock()
mock_slack_server.alias = "slack"
mock_slack_server.server_name = "slack_server"
mock_slack_server.mcp_info = {"server_name": "slack"}
mock_manager.get_registry.return_value = {
"zapier": mock_zapier_server,
"slack": mock_slack_server,
}
mock_manager.get_allowed_mcp_servers = AsyncMock(
return_value=["zapier", "slack"]
)
mock_manager.get_mcp_server_by_id.side_effect = (
lambda server_id: mock_manager.get_registry.return_value.get(
server_id
)
)
# Mock filter_server_ids_by_ip_with_info to return input unchanged (no IP filtering in test)
mock_manager.filter_server_ids_by_ip_with_info = MagicMock(
side_effect=lambda server_ids, client_ip: (server_ids, 0)
)
mock_user_api_key_dict = UserAPIKeyAuth(
api_key="test",
user_id="test_user",
object_permission=LiteLLM_ObjectPermissionTable(
object_permission_id="dummy",
mcp_servers=["zapier", "slack"],
),
)
# Mock the _get_tools_for_single_server function
with patch(
"litellm.proxy._experimental.mcp_server.rest_endpoints._get_tools_for_single_server"
) as mock_get_tools:
from litellm.proxy._experimental.mcp_server.server import (
ListMCPToolsRestAPIResponseObject,
)
# Mock tools for each server
mock_get_tools.side_effect = [
[
ListMCPToolsRestAPIResponseObject(
name="send_email",
description="Send an email",
inputSchema={"type": "object"},
mcp_info={"server_name": "zapier"},
)
],
[
ListMCPToolsRestAPIResponseObject(
name="send_message",
description="Send a message",
inputSchema={"type": "object"},
mcp_info={"server_name": "slack"},
)
],
]
# Call the function without server_id (query all servers)
result = await list_tool_rest_api(
request=mock_request,
server_id=None,
user_api_key_dict=mock_user_api_key_dict,
)
# Verify the result
assert result["error"] is None
assert len(result["tools"]) == 2
assert result["tools"][0].name == "send_email"
assert result["tools"][1].name == "send_message"
# Verify that _get_tools_for_single_server was called for both servers
assert mock_get_tools.call_count == 2
server_auth_map = {
call_args[0][0]: call_args[0][1]
for call_args in mock_get_tools.call_args_list
}
assert server_auth_map.get(mock_zapier_server) == "Bearer zapier_token"
assert server_auth_map.get(mock_slack_server) == "Bearer slack_token"
@pytest.mark.asyncio
async def test_filter_tools_by_allowed_tools_integration():
"""Test that filter_tools_by_allowed_tools works correctly via _get_tools_from_mcp_servers"""
from litellm.proxy._experimental.mcp_server.server import (
_get_tools_from_mcp_servers,
)
from litellm.proxy._types import UserAPIKeyAuth
from mcp.types import Tool as MCPTool
# Create a mock user auth
mock_user_auth = UserAPIKeyAuth(api_key="test_key", user_id="test_user")
# Create mock tools that will be returned by the server
mock_tools = [
MCPTool(
name="allowed_tool_1",
description="This tool should be allowed",
inputSchema={"type": "object"},
),
MCPTool(
name="allowed_tool_2",
description="This tool should also be allowed",
inputSchema={"type": "object"},
),
MCPTool(
name="blocked_tool_1",
description="This tool should be blocked",
inputSchema={"type": "object"},
),
MCPTool(
name="blocked_tool_2",
description="This tool should also be blocked",
inputSchema={"type": "object"},
),
]
# Create a mock server with allowed_tools restriction
mock_server = MCPServer(
server_id="test-server-123",
name="test_server_with_allowed_tools",
url="https://test-server.com/mcp",
transport=MCPTransport.http,
allowed_tools=[
"allowed_tool_1",
"allowed_tool_2",
], # Only these tools should be returned
disallowed_tools=None,
)
# Create a mock MCPClient that returns all tools
mock_client = AsyncMock()
mock_client.list_tools = AsyncMock(return_value=mock_tools)
mock_client.__aenter__ = AsyncMock(return_value=mock_client)
mock_client.__aexit__ = AsyncMock(return_value=None)
def mock_client_constructor(*args, **kwargs):
return mock_client
# Mock the global MCP server manager
with patch(
"litellm.proxy._experimental.mcp_server.server.global_mcp_server_manager"
) as mock_manager:
# Mock manager methods
mock_manager.get_allowed_mcp_servers = AsyncMock(
return_value=["test-server-123"]
)
mock_manager.get_mcp_server_by_id = MagicMock(return_value=mock_server)
# Mock filter_server_ids_by_ip_with_info to return input unchanged (no IP filtering in test)
mock_manager.filter_server_ids_by_ip_with_info = MagicMock(
side_effect=lambda server_ids, client_ip: (server_ids, 0)
)
# Mock the _get_tools_from_server method to return all tools
mock_manager._get_tools_from_server = AsyncMock(return_value=mock_tools)
# Mock the MCPClient constructor
with patch(
"litellm.proxy._experimental.mcp_server.mcp_server_manager.MCPClient",
mock_client_constructor,
):
# Call _get_tools_from_mcp_servers which should apply the filtering
filtered_tools = await _get_tools_from_mcp_servers(
user_api_key_auth=mock_user_auth,
mcp_auth_header="Bearer test_token",
mcp_servers=None, # Get from all servers
)
# Verify that only allowed tools are returned
assert (
len(filtered_tools) == 2
), f"Expected 2 tools, got {len(filtered_tools)}"
tool_names = [tool.name for tool in filtered_tools]
assert (
"allowed_tool_1" in tool_names
), "allowed_tool_1 should be in filtered results"
assert (
"allowed_tool_2" in tool_names
), "allowed_tool_2 should be in filtered results"
assert (
"blocked_tool_1" not in tool_names
), "blocked_tool_1 should be filtered out"
assert (
"blocked_tool_2" not in tool_names
), "blocked_tool_2 should be filtered out"
# Verify the manager methods were called correctly
mock_manager.get_allowed_mcp_servers.assert_called_once_with(mock_user_auth)
# Note: get_mcp_server_by_id is now called for each server ID instead of batch
# Verify it was called with the correct server ID
assert mock_manager.get_mcp_server_by_id.call_count > 0
mock_manager._get_tools_from_server.assert_called_once()
@pytest.mark.asyncio
async def test_filter_tools_by_disallowed_tools_integration():
"""Test that filter_tools_by_allowed_tools works correctly with disallowed_tools via _get_tools_from_mcp_servers"""
from litellm.proxy._experimental.mcp_server.server import (
_get_tools_from_mcp_servers,
)
from litellm.proxy._types import UserAPIKeyAuth
from mcp.types import Tool as MCPTool
# Create a mock user auth
mock_user_auth = UserAPIKeyAuth(api_key="test_key", user_id="test_user")
# Create mock tools that will be returned by the server
mock_tools = [
MCPTool(
name="safe_tool_1",
description="This tool should be allowed",
inputSchema={"type": "object"},
),
MCPTool(
name="safe_tool_2",
description="This tool should also be allowed",
inputSchema={"type": "object"},
),
MCPTool(
name="dangerous_tool_1",
description="This tool should be blocked",
inputSchema={"type": "object"},
),
MCPTool(
name="dangerous_tool_2",
description="This tool should also be blocked",
inputSchema={"type": "object"},
),
]
# Create a mock server with disallowed_tools restriction
mock_server = MCPServer(
server_id="test-server-456",
name="test_server_with_disallowed_tools",
url="https://test-server.com/mcp",
transport=MCPTransport.http,
allowed_tools=None,
disallowed_tools=[
"dangerous_tool_1",
"dangerous_tool_2",
], # These tools should be filtered out
)
# Create a mock MCPClient that returns all tools
mock_client = AsyncMock()
mock_client.list_tools = AsyncMock(return_value=mock_tools)
mock_client.__aenter__ = AsyncMock(return_value=mock_client)
mock_client.__aexit__ = AsyncMock(return_value=None)
def mock_client_constructor(*args, **kwargs):
return mock_client
# Mock the global MCP server manager
with patch(
"litellm.proxy._experimental.mcp_server.server.global_mcp_server_manager"
) as mock_manager:
# Mock manager methods
mock_manager.get_allowed_mcp_servers = AsyncMock(
return_value=["test-server-456"]
)
mock_manager.get_mcp_server_by_id = MagicMock(return_value=mock_server)
# Mock filter_server_ids_by_ip_with_info to return input unchanged (no IP filtering in test)
mock_manager.filter_server_ids_by_ip_with_info = MagicMock(
side_effect=lambda server_ids, client_ip: (server_ids, 0)
)
# Mock the _get_tools_from_server method to return all tools
mock_manager._get_tools_from_server = AsyncMock(return_value=mock_tools)
# Mock the MCPClient constructor
with patch(
"litellm.proxy._experimental.mcp_server.mcp_server_manager.MCPClient",
mock_client_constructor,
):
# Call _get_tools_from_mcp_servers which should apply the filtering
filtered_tools = await _get_tools_from_mcp_servers(
user_api_key_auth=mock_user_auth,
mcp_auth_header="Bearer test_token",
mcp_servers=None, # Get from all servers
)
# Verify that only safe tools are returned (dangerous tools filtered out)
assert (
len(filtered_tools) == 2
), f"Expected 2 tools, got {len(filtered_tools)}"
tool_names = [tool.name for tool in filtered_tools]
assert (
"safe_tool_1" in tool_names
), "safe_tool_1 should be in filtered results"
assert (
"safe_tool_2" in tool_names
), "safe_tool_2 should be in filtered results"
assert (
"dangerous_tool_1" not in tool_names
), "dangerous_tool_1 should be filtered out"
assert (
"dangerous_tool_2" not in tool_names
), "dangerous_tool_2 should be filtered out"
# Verify the manager methods were called correctly
mock_manager.get_allowed_mcp_servers.assert_called_once_with(mock_user_auth)
# Note: get_mcp_server_by_id is now called for each server ID instead of batch
# Verify it was called with the correct server ID
assert mock_manager.get_mcp_server_by_id.call_count > 0
mock_manager._get_tools_from_server.assert_called_once()
@pytest.mark.asyncio
async def test_filter_tools_no_restrictions_integration():
"""Test that filter_tools_by_allowed_tools returns all tools when no restrictions are set"""
from litellm.proxy._experimental.mcp_server.server import (
_get_tools_from_mcp_servers,
)
from litellm.proxy._types import UserAPIKeyAuth
from mcp.types import Tool as MCPTool
# Create a mock user auth
mock_user_auth = UserAPIKeyAuth(api_key="test_key", user_id="test_user")
# Create mock tools that will be returned by the server
mock_tools = [
MCPTool(
name="tool_1",
description="Tool 1",
inputSchema={"type": "object"},
),
MCPTool(
name="tool_2",
description="Tool 2",
inputSchema={"type": "object"},
),
]
# Create a mock server with no tool restrictions
mock_server = MCPServer(
server_id="test-server-000",
name="test_server_no_restrictions",
url="https://test-server.com/mcp",
transport=MCPTransport.http,
allowed_tools=None, # No restrictions
disallowed_tools=None, # No restrictions
)
# Create a mock MCPClient that returns all tools
mock_client = AsyncMock()
mock_client.list_tools = AsyncMock(return_value=mock_tools)
mock_client.__aenter__ = AsyncMock(return_value=mock_client)
mock_client.__aexit__ = AsyncMock(return_value=None)
def mock_client_constructor(*args, **kwargs):
return mock_client
# Mock the global MCP server manager
with patch(
"litellm.proxy._experimental.mcp_server.server.global_mcp_server_manager"
) as mock_manager:
# Mock manager methods
mock_manager.get_allowed_mcp_servers = AsyncMock(
return_value=["test-server-000"]
)
mock_manager.get_mcp_server_by_id = MagicMock(return_value=mock_server)
# Mock filter_server_ids_by_ip_with_info to return input unchanged (no IP filtering in test)
mock_manager.filter_server_ids_by_ip_with_info = MagicMock(
side_effect=lambda server_ids, client_ip: (server_ids, 0)
)
# Mock the _get_tools_from_server method to return all tools
mock_manager._get_tools_from_server = AsyncMock(return_value=mock_tools)
# Mock the MCPClient constructor
with patch(
"litellm.proxy._experimental.mcp_server.mcp_server_manager.MCPClient",
mock_client_constructor,
):
# Call _get_tools_from_mcp_servers which should apply the filtering
filtered_tools = await _get_tools_from_mcp_servers(
user_api_key_auth=mock_user_auth,
mcp_auth_header="Bearer test_token",
mcp_servers=None, # Get from all servers
)
# Should return all tools when no restrictions
assert (
len(filtered_tools) == 2
), f"Expected 2 tools, got {len(filtered_tools)}"
tool_names = [tool.name for tool in filtered_tools]
assert "tool_1" in tool_names, "tool_1 should be in filtered results"
assert "tool_2" in tool_names, "tool_2 should be in filtered results"
@pytest.mark.asyncio
async def test_mcp_access_group_permission_inheritance_integration():
"""Integration test for MCP access group permission inheritance"""
from litellm.proxy._experimental.mcp_server.auth.user_api_key_auth_mcp import (
MCPRequestHandler,
)
from litellm.proxy._types import UserAPIKeyAuth
# Test scenario: team has access groups, key has no permissions -> should inherit
# Use direct mocking of the helper functions instead of complex database mocking
with patch.object(
MCPRequestHandler, "_get_allowed_mcp_servers_for_key"
) as mock_key:
with patch.object(
MCPRequestHandler, "_get_allowed_mcp_servers_for_team"
) as mock_team:
# Key has no permissions, team has servers
mock_key.return_value = [] # Key inherits nothing directly
mock_team.return_value = [
"staff-server-1",
"staff-server-2",
"ops-server-1",
] # Team has servers
# Create user auth object
user_auth = UserAPIKeyAuth(
api_key="test-key",
user_id="test-user",
team_id="team-staff",
object_permission_id=None, # Key has no explicit permissions
)
# Test the inheritance logic
allowed_servers = await MCPRequestHandler.get_allowed_mcp_servers(user_auth)
# Should inherit all team servers since key has no permissions
expected_servers = ["staff-server-1", "staff-server-2", "ops-server-1"]
assert sorted(allowed_servers) == sorted(expected_servers)
@pytest.mark.asyncio
async def test_mcp_access_group_permission_intersection_integration():
"""Integration test for MCP access group permission intersection"""
from litellm.proxy._experimental.mcp_server.auth.user_api_key_auth_mcp import (
MCPRequestHandler,
)
from litellm.proxy._types import UserAPIKeyAuth
# Test scenario: both team and key have access groups -> should intersect
# Use direct mocking of the helper functions instead of complex database mocking
with patch.object(
MCPRequestHandler, "_get_allowed_mcp_servers_for_key"
) as mock_key:
with patch.object(
MCPRequestHandler, "_get_allowed_mcp_servers_for_team"
) as mock_team:
# Both key and team have permissions - should intersect
mock_key.return_value = [
"ops-server",
"external-server",
] # Key has these servers
mock_team.return_value = [
"staff-server",
"ops-server",
"admin-server",
] # Team has these servers
# Create user auth object
user_auth = UserAPIKeyAuth(
api_key="test-key",
user_id="test-user",
team_id="team-staff",
object_permission_id="key-permission-id", # Key has explicit permissions
)
# Test the intersection logic
allowed_servers = await MCPRequestHandler.get_allowed_mcp_servers(user_auth)
# Should only get intersection (ops-server is common)
expected_servers = ["ops-server"]
assert sorted(allowed_servers) == sorted(expected_servers)
@pytest.mark.asyncio
async def test_mcp_server_manager_with_access_groups_integration():
"""Integration test for MCPServerManager with access group filtering"""
from litellm.proxy._experimental.mcp_server.auth.user_api_key_auth_mcp import (
MCPRequestHandler,
)
from litellm.proxy._types import UserAPIKeyAuth
# Create a test manager
test_manager = MCPServerManager()
# Load servers with access groups
await test_manager.load_servers_from_config(
{
"staff_server": {
"url": "https://staff-server.com/mcp",
"access_groups": ["staff"],
"transport": MCPTransport.http,
},
"ops_server": {
"url": "https://ops-server.com/mcp",
"access_groups": ["ops"],
"transport": MCPTransport.http,
},
"admin_server": {
"url": "https://admin-server.com/mcp",
"access_groups": ["admin"],
"transport": MCPTransport.http,
},
}
)
# Mock user with specific access groups
user_auth = UserAPIKeyAuth(
api_key="test-key", user_id="test-user", team_id="team-staff"
)
# Mock the permission lookup to return staff access group
with patch.object(MCPRequestHandler, "get_allowed_mcp_servers") as mock_get_allowed:
mock_get_allowed.return_value = [
"staff-server-id",
"ops-server-id",
] # User has access to staff and ops
allowed_servers = await test_manager.get_allowed_mcp_servers(user_auth)
# Should only get servers user has access to
assert len(allowed_servers) >= 0 # At least verify no errors
mock_get_allowed.assert_called_once_with(user_auth)
@pytest.mark.asyncio
async def test_get_allowed_mcp_servers_returns_registry_for_admin():
from litellm.proxy._types import LitellmUserRoles, UserAPIKeyAuth
from litellm.proxy._experimental.mcp_server.auth.user_api_key_auth_mcp import (
MCPRequestHandler,
)
test_manager = MCPServerManager()
await test_manager.load_servers_from_config(
{
"alpha_server": {
"url": "https://alpha.server/mcp",
"transport": MCPTransport.http,
},
"beta_server": {
"url": "https://beta.server/mcp",
"transport": MCPTransport.http,
},
}
)
admin_auth = UserAPIKeyAuth(
api_key="admin-key",
user_role=LitellmUserRoles.PROXY_ADMIN,
)
with patch.object(
MCPRequestHandler, "get_allowed_mcp_servers", new_callable=AsyncMock
) as mock_permission_lookup:
allowed_servers = await test_manager.get_allowed_mcp_servers(admin_auth)
assert set(allowed_servers) == set(test_manager.get_registry().keys())
mock_permission_lookup.assert_not_called()
@pytest.mark.asyncio
async def test_get_allowed_mcp_servers_returns_empty_for_non_admin_without_permissions():
from litellm.proxy._types import LitellmUserRoles, UserAPIKeyAuth
from litellm.proxy._experimental.mcp_server.auth.user_api_key_auth_mcp import (
MCPRequestHandler,
)
test_manager = MCPServerManager()
await test_manager.load_servers_from_config(
{
"alpha_server": {
"url": "https://alpha.server/mcp",
"transport": MCPTransport.http,
},
"beta_server": {
"url": "https://beta.server/mcp",
"transport": MCPTransport.http,
},
}
)
user_auth = UserAPIKeyAuth(
api_key="user-key",
user_role=LitellmUserRoles.INTERNAL_USER,
)
with patch.object(
MCPRequestHandler, "get_allowed_mcp_servers", new_callable=AsyncMock
) as mock_permission_lookup:
mock_permission_lookup.return_value = []
allowed_servers = await test_manager.get_allowed_mcp_servers(user_auth)
assert allowed_servers == []
mock_permission_lookup.assert_awaited_once()
@pytest.mark.asyncio
async def test_call_mcp_tool_uses_manager_permission_lookup():
from litellm.proxy._experimental.mcp_server.server import (
call_mcp_tool,
global_mcp_server_manager,
)
mock_server = MCPServer(
server_id="server-123",
name="test_server",
alias="test_server",
server_name="test_server",
url="https://test-server.com/mcp",
transport=MCPTransport.http,
mcp_info={"server_name": "test_server"},
)
expected_response = [TextContent(type="text", text="ok")]
with patch.object(
global_mcp_server_manager,
"get_allowed_mcp_servers",
new_callable=AsyncMock,
) as mock_get_allowed, patch.object(
global_mcp_server_manager,
"get_mcp_server_by_id",
return_value=mock_server,
), patch.object(
global_mcp_server_manager,
"_get_mcp_server_from_tool_name",
return_value=mock_server,
) as mock_get_server, patch(
"litellm.proxy._experimental.mcp_server.server.global_mcp_tool_registry"
) as mock_tool_registry, patch(
"litellm.proxy._experimental.mcp_server.server._handle_managed_mcp_tool",
new_callable=AsyncMock,
) as mock_handle_managed, patch(
"litellm.proxy._experimental.mcp_server.server.MCPRequestHandler.is_tool_allowed",
return_value=True,
):
mock_get_allowed.return_value = [mock_server.server_id]
mock_tool_registry.get_tool.return_value = None
mock_handle_managed.return_value = expected_response
result = await call_mcp_tool(
name=f"{mock_server.name}/gmail_send_email",
arguments={"body": "hello"},
mcp_servers=["test_server"],
)
assert result == expected_response
mock_get_allowed.assert_awaited_once()
# We call `_get_mcp_server_from_tool_name` multiple times:
# - for logging/metadata
# - for resolving the server during dispatch
# - and inside `call_tool` for guardrails/hooks
# The exact count isn't important, only that it is used.
assert mock_get_server.call_count >= 2
# First call should use the prefixed tool name
assert (
mock_get_server.call_args_list[0][0][0]
== f"{mock_server.name}/gmail_send_email"
)
@pytest.mark.asyncio
async def test_call_mcp_tool_resolves_unprefixed_tool_name_and_checks_permissions():
"""
Ensure `call_mcp_tool` correctly resolves the MCP server for an unprefixed tool
name and enforces server-level permissions using that resolved server.
"""
from litellm.proxy._experimental.mcp_server.server import (
call_mcp_tool,
global_mcp_server_manager,
)
mock_server = MCPServer(
server_id="server-123",
name="test_server",
alias="test_server",
server_name="test_server",
url="https://test-server.com/mcp",
transport=MCPTransport.http,
mcp_info={"server_name": "test_server"},
)
expected_response = [TextContent(type="text", text="ok")]
with patch.object(
global_mcp_server_manager,
"get_allowed_mcp_servers",
new_callable=AsyncMock,
) as mock_get_allowed, patch.object(
global_mcp_server_manager,
"get_mcp_server_by_id",
return_value=mock_server,
), patch.object(
global_mcp_server_manager,
"_get_mcp_server_from_tool_name",
return_value=mock_server,
) as mock_get_server, patch(
"litellm.proxy._experimental.mcp_server.server.global_mcp_tool_registry"
) as mock_tool_registry, patch(
"litellm.proxy._experimental.mcp_server.server._handle_managed_mcp_tool",
new_callable=AsyncMock,
) as mock_handle_managed, patch(
"litellm.proxy._experimental.mcp_server.server.MCPRequestHandler.is_tool_allowed",
return_value=True,
) as mock_is_allowed:
mock_get_allowed.return_value = [mock_server.server_id]
mock_tool_registry.get_tool.return_value = None
mock_handle_managed.return_value = expected_response
# Call with UNPREFIXED tool name; server should be resolved via mapping
result = await call_mcp_tool(
name="gmail_send_email",
arguments={"body": "hello"},
mcp_servers=["test_server"],
)
assert result == expected_response
mock_get_allowed.assert_awaited_once()
# We should resolve the server at least once using the unprefixed name
assert mock_get_server.call_count >= 1
assert mock_get_server.call_args_list[0][0][0] == "gmail_send_email"
# Permissions check should be invoked with the resolved server name
mock_is_allowed.assert_called_once()