diff --git a/.gitignore b/.gitignore index d200b58..f2bcda1 100644 --- a/.gitignore +++ b/.gitignore @@ -36,3 +36,7 @@ coverage.html # IDE files .vscode + +# node modules +node_modules +openmcpauthproxy diff --git a/Makefile b/Makefile index b0d0926..3c0c590 100644 --- a/Makefile +++ b/Makefile @@ -24,9 +24,9 @@ TEST_OPTS := -v -race .PHONY: all clean test fmt lint vet coverage help # Default target -all: lint test build-linux build-linux-arm build-darwin +all: lint test build-linux build-linux-arm build-darwin build-windows -build: clean test build-linux build-linux-arm build-darwin +build: clean test build-linux build-linux-arm build-darwin build-windows build-linux: mkdir -p $(BUILD_DIR)/linux @@ -46,6 +46,12 @@ build-darwin: -o $(BUILD_DIR)/darwin/openmcpauthproxy $(PROJECT_ROOT)/cmd/proxy cp config.yaml $(BUILD_DIR)/darwin +build-windows: + mkdir -p $(BUILD_DIR)/windows + GOOS=windows GOARCH=amd64 CGO_ENABLED=0 go build -x -ldflags "-X main.version=$(BUILD_VERSION)" \ + -o $(BUILD_DIR)/windows/openmcpauthproxy.exe ./cmd/proxy + cp config.yaml $(BUILD_DIR)/windows + # Clean build artifacts clean: @echo "Cleaning build artifacts..." diff --git a/README.md b/README.md index 6be3ece..c63194e 100644 --- a/README.md +++ b/README.md @@ -51,10 +51,16 @@ Open MCP Auth Proxy sits between MCP clients and your MCP server to: 2. Start the proxy in demo mode (uses pre-configured authentication with Asgardeo sandbox): +#### Linux/macOS: ```bash ./openmcpauthproxy --demo ``` +#### Windows: +```powershell +.\openmcpauthproxy.exe --demo +``` + > The repository comes with a default `config.yaml` file that contains the basic configuration: > > ```yaml @@ -215,12 +221,104 @@ asgardeo: client_id: "" client_secret: "" ``` +## Build from Source -### Build from source +### Prerequisites for Building -```bash -git clone https://github.com/wso2/open-mcp-auth-proxy -cd open-mcp-auth-proxy -go get github.com/golang-jwt/jwt/v4 gopkg.in/yaml.v2 -go build -o openmcpauthproxy ./cmd/proxy -``` +* Go 1.20 or higher +* Git +* Make (for Linux/macOS builds) + +### Building on Linux/macOS + +1. Clone the repository: + ```bash + git clone https://github.com/wso2/open-mcp-auth-proxy + cd open-mcp-auth-proxy + ``` + +2. Install dependencies: + ```bash + go get -v -t -d ./... + ``` + +3. Build for your platform: + ```bash + # Build for all platforms + make all + + # Or build for a specific platform + make build-linux # For Linux + make build-darwin # For macOS + make build-linux-arm # For ARM-based Linux + make build-windows # For Windows + ``` + +4. Find your build in the `build` directory: + ```bash + # For Linux + ./build/linux/openmcpauthproxy --demo + + # For macOS + ./build/darwin/openmcpauthproxy --demo + ``` + +### Building on Windows + +1. Clone the repository: + ```powershell + git clone https://github.com/wso2/open-mcp-auth-proxy + cd open-mcp-auth-proxy + ``` + +2. Install dependencies: + ```powershell + go get -v -t -d ./... + ``` + +3. Option 1: Build using Make if you have it installed: + ```powershell + make build-windows + ``` + + Option 2: Build manually without Make: + ```powershell + mkdir -p build\windows + go build -o build\windows\openmcpauthproxy.exe .\cmd\proxy + copy config.yaml build\windows\ + ``` + +4. Run the built application: + ```powershell + cd build\windows + .\openmcpauthproxy.exe --demo + ``` + +### Starting the Proxy on Windows + +1. Open Command Prompt or PowerShell +2. Navigate to the build directory: + ```powershell + cd build\windows + ``` + +3. Run the executable with your desired options: + ```powershell + # Start in demo mode (using Asgardeo sandbox) + openmcpauthproxy.exe --demo + + # Start with Asgardeo integration + openmcpauthproxy.exe --asgardeo + + # Start in stdio mode + openmcpauthproxy.exe --demo --stdio + + # Enable debug logging + openmcpauthproxy.exe --demo --debug + + # See all available options + openmcpauthproxy.exe --help + ``` + +4. The proxy will start and display messages indicating it's running +5. To stop the proxy, press `Ctrl+C` in the command window diff --git a/internal/config/config.go b/internal/config/config.go index fc6743c..c50d9ed 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -3,6 +3,8 @@ package config import ( "fmt" "os" + "runtime" + "strings" "gopkg.in/yaml.v2" ) @@ -145,7 +147,16 @@ func (c *Config) BuildExecCommand() string { return "" } - // Construct the full command + + if runtime.GOOS == "windows" { + // For Windows, we need to properly escape the inner command + escapedCommand := strings.ReplaceAll(c.Stdio.UserCommand, `"`, `\"`) + return fmt.Sprintf( + `npx -y supergateway --stdio "%s" --port %d --baseUrl %s --ssePath %s --messagePath %s`, + escapedCommand, c.Port, c.BaseURL, c.Paths.SSE, c.Paths.Messages, + ) + } + return fmt.Sprintf( `npx -y supergateway --stdio "%s" --port %d --baseUrl %s --ssePath %s --messagePath %s`, c.Stdio.UserCommand, c.Port, c.BaseURL, c.Paths.SSE, c.Paths.Messages, diff --git a/internal/subprocess/manager.go b/internal/subprocess/manager.go index fa64337..902a517 100644 --- a/internal/subprocess/manager.go +++ b/internal/subprocess/manager.go @@ -4,13 +4,14 @@ import ( "fmt" "os" "os/exec" + "runtime" + "strings" "sync" "syscall" "time" - "strings" "github.com/wso2/open-mcp-auth-proxy/internal/config" - "github.com/wso2/open-mcp-auth-proxy/internal/logging" + logger "github.com/wso2/open-mcp-auth-proxy/internal/logging" ) // Manager handles starting and graceful shutdown of subprocesses @@ -31,34 +32,39 @@ func NewManager() *Manager { // EnsureDependenciesAvailable checks and installs required package executors func EnsureDependenciesAvailable(command string) error { - // Always ensure npx is available regardless of the command - if _, err := exec.LookPath("npx"); err != nil { - // npx is not available, check if npm is installed - if _, err := exec.LookPath("npm"); err != nil { - return fmt.Errorf("npx not found and npm not available; please install Node.js from https://nodejs.org/") - } - - // Try to install npx using npm - logger.Info("npx not found, attempting to install...") - cmd := exec.Command("npm", "install", "-g", "npx") - cmd.Stdout = os.Stdout - cmd.Stderr = os.Stderr - - if err := cmd.Run(); err != nil { - return fmt.Errorf("failed to install npx: %w", err) - } - - logger.Info("npx installed successfully") - } - - // Check if uv is needed based on the command - if strings.Contains(command, "uv ") { - if _, err := exec.LookPath("uv"); err != nil { - return fmt.Errorf("command requires uv but it's not installed; please install it following instructions at https://github.com/astral-sh/uv") - } - } - - return nil + // Always ensure npx is available regardless of the command + if _, err := exec.LookPath("npx"); err != nil { + // npx is not available, check if npm is installed + if _, err := exec.LookPath("npm"); err != nil { + return fmt.Errorf("npx not found and npm not available; please install Node.js from https://nodejs.org/") + } + + // Try to install npx using npm + logger.Info("npx not found, attempting to install...") + var cmd *exec.Cmd + if runtime.GOOS == "windows" { + cmd = exec.Command("npm.cmd", "install", "-g", "npx") + } else { + cmd = exec.Command("npm", "install", "-g", "npx") + } + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + + if err := cmd.Run(); err != nil { + return fmt.Errorf("failed to install npx: %w", err) + } + + logger.Info("npx installed successfully") + } + + // Check if uv is needed based on the command + if strings.Contains(command, "uv ") { + if _, err := exec.LookPath("uv"); err != nil { + return fmt.Errorf("command requires uv but it's not installed; please install it following instructions at https://github.com/astral-sh/uv") + } + } + + return nil } // SetShutdownDelay sets the maximum time to wait for graceful shutdown @@ -88,8 +94,13 @@ func (m *Manager) Start(cfg *config.Config) error { logger.Info("Starting subprocess with command: %s", execCommand) - // Use the shell to execute the command - cmd := exec.Command("sh", "-c", execCommand) + var cmd *exec.Cmd + if runtime.GOOS == "windows" { + // Use PowerShell on Windows for better quote handling + cmd = exec.Command("powershell", "-Command", execCommand) + } else { + cmd = exec.Command("sh", "-c", execCommand) + } // Set working directory if specified if cfg.Stdio.WorkDir != "" { @@ -105,8 +116,8 @@ func (m *Manager) Start(cfg *config.Config) error { cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr - // Set the process group for proper termination - cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true} + // Set platform-specific process attributes + setProcAttr(cmd) // Start the process if err := cmd.Start(); err != nil { @@ -117,11 +128,13 @@ func (m *Manager) Start(cfg *config.Config) error { m.cmd = cmd logger.Info("Subprocess started with PID: %d", m.process.Pid) - // Get and store the process group ID - pgid, err := syscall.Getpgid(m.process.Pid) + // Get and store the process group ID (Unix) or PID (Windows) + pgid, err := getProcessGroup(m.process.Pid) if err == nil { m.processGroup = pgid - logger.Debug("Process group ID: %d", m.processGroup) + if runtime.GOOS != "windows" { + logger.Debug("Process group ID: %d", m.processGroup) + } } else { logger.Warn("Failed to get process group ID: %v", err) m.processGroup = m.process.Pid @@ -155,7 +168,7 @@ func (m *Manager) IsRunning() bool { // Shutdown gracefully terminates the subprocess func (m *Manager) Shutdown() { m.mutex.Lock() - processToTerminate := m.process // Local copy of the process reference + processToTerminate := m.process // Local copy of the process reference processGroupToTerminate := m.processGroup m.mutex.Unlock() @@ -169,48 +182,73 @@ func (m *Manager) Shutdown() { go func() { defer close(terminateComplete) - // Try graceful termination first with SIGTERM + // Try graceful termination first terminatedGracefully := false - // Try to terminate the process group first - if processGroupToTerminate != 0 { - err := syscall.Kill(-processGroupToTerminate, syscall.SIGTERM) - if err != nil { - logger.Warn("Failed to send SIGTERM to process group: %v", err) + if runtime.GOOS == "windows" { + // Windows: Try to terminate the process + m.mutex.Lock() + if m.process != nil { + err := m.process.Kill() + if err != nil { + logger.Warn("Failed to terminate process: %v", err) + } + } + m.mutex.Unlock() - // Fallback to terminating just the process + // Wait a bit to see if it terminates + for i := 0; i < 10; i++ { + time.Sleep(200 * time.Millisecond) + m.mutex.Lock() + if m.process == nil { + terminatedGracefully = true + m.mutex.Unlock() + break + } + m.mutex.Unlock() + } + } else { + // Unix: Use SIGTERM followed by SIGKILL if necessary + // Try to terminate the process group first + if processGroupToTerminate != 0 { + err := killProcessGroup(processGroupToTerminate, syscall.SIGTERM) + if err != nil { + logger.Warn("Failed to send SIGTERM to process group: %v", err) + + // Fallback to terminating just the process + m.mutex.Lock() + if m.process != nil { + err = m.process.Signal(syscall.SIGTERM) + if err != nil { + logger.Warn("Failed to send SIGTERM to process: %v", err) + } + } + m.mutex.Unlock() + } + } else { + // Try to terminate just the process m.mutex.Lock() if m.process != nil { - err = m.process.Signal(syscall.SIGTERM) + err := m.process.Signal(syscall.SIGTERM) if err != nil { logger.Warn("Failed to send SIGTERM to process: %v", err) } } m.mutex.Unlock() } - } else { - // Try to terminate just the process - m.mutex.Lock() - if m.process != nil { - err := m.process.Signal(syscall.SIGTERM) - if err != nil { - logger.Warn("Failed to send SIGTERM to process: %v", err) + + // Wait for the process to exit gracefully + for i := 0; i < 10; i++ { + time.Sleep(200 * time.Millisecond) + + m.mutex.Lock() + if m.process == nil { + terminatedGracefully = true + m.mutex.Unlock() + break } - } - m.mutex.Unlock() - } - - // Wait for the process to exit gracefully - for i := 0; i < 10; i++ { - time.Sleep(200 * time.Millisecond) - - m.mutex.Lock() - if m.process == nil { - terminatedGracefully = true m.mutex.Unlock() - break } - m.mutex.Unlock() } if terminatedGracefully { @@ -221,12 +259,33 @@ func (m *Manager) Shutdown() { // If the process didn't exit gracefully, force kill logger.Warn("Subprocess didn't exit gracefully, forcing termination...") - // Try to kill the process group first - if processGroupToTerminate != 0 { - if err := syscall.Kill(-processGroupToTerminate, syscall.SIGKILL); err != nil { - logger.Warn("Failed to send SIGKILL to process group: %v", err) + if runtime.GOOS == "windows" { + // On Windows, Kill() is already forceful + m.mutex.Lock() + if m.process != nil { + if err := m.process.Kill(); err != nil { + logger.Error("Failed to kill process: %v", err) + } + } + m.mutex.Unlock() + } else { + // Unix: Try SIGKILL + // Try to kill the process group first + if processGroupToTerminate != 0 { + if err := killProcessGroup(processGroupToTerminate, syscall.SIGKILL); err != nil { + logger.Warn("Failed to send SIGKILL to process group: %v", err) - // Fallback to killing just the process + // Fallback to killing just the process + m.mutex.Lock() + if m.process != nil { + if err := m.process.Kill(); err != nil { + logger.Error("Failed to kill process: %v", err) + } + } + m.mutex.Unlock() + } + } else { + // Try to kill just the process m.mutex.Lock() if m.process != nil { if err := m.process.Kill(); err != nil { @@ -235,15 +294,6 @@ func (m *Manager) Shutdown() { } m.mutex.Unlock() } - } else { - // Try to kill just the process - m.mutex.Lock() - if m.process != nil { - if err := m.process.Kill(); err != nil { - logger.Error("Failed to kill process: %v", err) - } - } - m.mutex.Unlock() } // Wait a bit more to confirm termination diff --git a/internal/subprocess/manager_unix.go b/internal/subprocess/manager_unix.go new file mode 100644 index 0000000..03ae1a8 --- /dev/null +++ b/internal/subprocess/manager_unix.go @@ -0,0 +1,23 @@ +//go:build !windows + +package subprocess + +import ( + "os/exec" + "syscall" +) + +// setProcAttr sets Unix-specific process attributes +func setProcAttr(cmd *exec.Cmd) { + cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true} +} + +// getProcessGroup gets the process group ID on Unix systems +func getProcessGroup(pid int) (int, error) { + return syscall.Getpgid(pid) +} + +// killProcessGroup kills a process group on Unix systems +func killProcessGroup(pgid int, signal syscall.Signal) error { + return syscall.Kill(-pgid, signal) +} diff --git a/internal/subprocess/manager_windows.go b/internal/subprocess/manager_windows.go new file mode 100644 index 0000000..a039897 --- /dev/null +++ b/internal/subprocess/manager_windows.go @@ -0,0 +1,27 @@ +//go:build windows + +package subprocess + +import ( + "os/exec" + "syscall" +) + +// setProcAttr sets Windows-specific process attributes +func setProcAttr(cmd *exec.Cmd) { + cmd.SysProcAttr = &syscall.SysProcAttr{ + CreationFlags: syscall.CREATE_NEW_PROCESS_GROUP, + } +} + +// getProcessGroup returns the PID itself on Windows (no process groups) +func getProcessGroup(pid int) (int, error) { + return pid, nil +} + +// killProcessGroup kills a process on Windows (no process groups) +func killProcessGroup(pgid int, signal syscall.Signal) error { + // On Windows, we'll use the process handle directly + // This function shouldn't be called on Windows, but we provide it for compatibility + return nil +}