phoenix-oss/llama-stack-mirror
0
0
Fork 1
mirror of https://github.com/meta-llama/llama-stack.git synced 2025-12-03 18:00:36 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added minor changes

Browse source
This commit is contained in:
Omar Abdelwahab 2025-11-03 15:57:45 -08:00
parent d0a8878337
commit 57eb575ea1
2 changed files with 55 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

39
client-sdks/stainless/openapi.yml
View file

@ -7656,6 +7656,41 @@ components:
title: ResponseGuardrailSpec title: ResponseGuardrailSpec
description: >- description: >-
Specification for a guardrail to apply during response generation. Specification for a guardrail to apply during response generation.
MCPAuthentication:
type: object
properties:
type:
type: string
enum:
- bearer
- basic
- api_key
description: >-
Authentication type ("bearer", "basic", or "api_key")
token:
type: string
description: Bearer token for bearer authentication
username:
type: string
description: Username for basic authentication
password:
type: string
description: Password for basic authentication
api_key:
type: string
description: API key for api_key authentication
header_name:
type: string
default: X-API-Key
description: >-
Custom header name for API key (default: "X-API-Key")
additionalProperties: false
required:
- type
- header_name
title: MCPAuthentication
description: >-
Authentication configuration for MCP servers.
OpenAIResponseInputTool: OpenAIResponseInputTool:
oneOf: oneOf:
- $ref: '#/components/schemas/OpenAIResponseInputToolWebSearch' - $ref: '#/components/schemas/OpenAIResponseInputToolWebSearch'
@ -7695,6 +7730,10 @@ components:
- type: object - type: object
description: >- description: >-
(Optional) HTTP headers to include when connecting to the server (Optional) HTTP headers to include when connecting to the server
authentication:
$ref: '#/components/schemas/MCPAuthentication'
description: >-
(Optional) Authentication configuration for the MCP server
require_approval: require_approval:
oneOf: oneOf:
- type: string - type: string

24
tests/integration/responses/test_mcp_authentication.py
View file

@ -4,6 +4,8 @@
# This source code is licensed under the terms described in the LICENSE file in # This source code is licensed under the terms described in the LICENSE file in
# the root directory of this source tree. # the root directory of this source tree.
import os
import pytest import pytest
from llama_stack import LlamaStackAsLibraryClient from llama_stack import LlamaStackAsLibraryClient
@ -12,6 +14,13 @@ from tests.common.mcp import make_mcp_server
from .helpers import setup_mcp_tools from .helpers import setup_mcp_tools
# Skip these tests in replay mode until recordings are generated
pytestmark = pytest.mark.skipif(
os.environ.get("LLAMA_STACK_TEST_INFERENCE_MODE") == "replay",
reason="No recordings yet for authentication tests. Run with --inference-mode=record-if-missing to generate.",
)
def test_mcp_authentication_bearer(compat_client, text_model_id): def test_mcp_authentication_bearer(compat_client, text_model_id):
"""Test that bearer authentication is correctly applied to MCP requests.""" """Test that bearer authentication is correctly applied to MCP requests."""
if not isinstance(compat_client, LlamaStackAsLibraryClient): if not isinstance(compat_client, LlamaStackAsLibraryClient):
@ -52,23 +61,22 @@ def test_mcp_authentication_bearer(compat_client, text_model_id):
assert response.output[1].error is None assert response.output[1].error is None
def test_mcp_authentication_api_key(compat_client, text_model_id): def test_mcp_authentication_different_token(compat_client, text_model_id):
"""Test that API key authentication is correctly applied to MCP requests.""" """Test authentication with a different bearer token."""
if not isinstance(compat_client, LlamaStackAsLibraryClient): if not isinstance(compat_client, LlamaStackAsLibraryClient):
pytest.skip("in-process MCP server is only supported in library client") pytest.skip("in-process MCP server is only supported in library client")
test_api_key = "test-api-key-456" test_token = "different-token-456"
with make_mcp_server(required_auth_token=test_api_key, auth_header="X-API-Key") as mcp_server_info: with make_mcp_server(required_auth_token=test_token) as mcp_server_info:
tools = setup_mcp_tools( tools = setup_mcp_tools(
[ [
{ {
"type": "mcp", "type": "mcp",
"server_label": "apikey-mcp", "server_label": "auth2-mcp",
"server_url": "<FILLED_BY_TEST_RUNNER>", "server_url": "<FILLED_BY_TEST_RUNNER>",
"authentication": { "authentication": {
"type": "api_key", "type": "bearer",
"api_key": test_api_key, "token": test_token,
"header_name": "X-API-Key",
}, },
} }
], ],