feat(mcp): MCP Server skeleton + Bearer Token auth + get_proxy_status tool#12
Open
jayeliu wants to merge 4 commits into
Open
feat(mcp): MCP Server skeleton + Bearer Token auth + get_proxy_status tool#12jayeliu wants to merge 4 commits into
jayeliu wants to merge 4 commits into
Conversation
…xy_status tool Implements Slice 1 of the MCP plugin: Streamable HTTP endpoint at POST /mcp with JSON-RPC 2.0 protocol, Bearer Token authentication (auto-generated random token persisted to ~/.vibeguard/mcp_token), and the get_proxy_status tool that returns proxy runtime stats and configuration. - JSON-RPC 2.0: initialize, tools/list, tools/call with proper error codes - Auth middleware: 401 for missing/invalid Bearer Token - Route wiring in proxy: POST /mcp intercepted before proxy fallback - 12 tests covering protocol, auth, and tool behaviors
5 tasks
added 3 commits
June 16, 2026 23:40
实现 Slice 2/3/4,覆盖 #2, #3, #4: Slice 2 (Engine.Detect 只读检测 + detect_sensitive / preview_redacted): - 新增 Engine.Detect 方法:扫描敏感数据但不生成占位符、不注册到 session - detect_sensitive 工具:默认返回分类/位置,include_originals=true 时返回原始值 - preview_redacted 工具:返回带临时占位符的脱敏文本预览 - proxy.Server 暴露 GetRedactEngine() 供 MCP 访问 Slice 3 (规则查询工具): - list_keywords 工具:返回当前加载的关键词规则(user/builtin/engine 来源) - list_rule_lists 工具:返回规则列表元数据(id/name/enabled/source) - Engine 新增 ListKeywords() 和 ListRegexCategories() 方法 Slice 4 (CLI mcp setup 向导): - vibeguard mcp setup 命令:生成 Claude Code 兼容的 MCP 配置 - --format=json (默认) 输出完整 mcpServers JSON 配置 - --format=env 输出可 source 的环境变量 - token 不存在时给出友好提示 测试: - internal/redact/engine_test.go: 6 个测试覆盖 Detect 只读性 - internal/mcp/server_test.go: 新增 7 个测试覆盖 5 个新工具 - 全量回归测试通过
启动编译后的二进制进程,验证 MCP 端到端通信路径。 覆盖行为: - 进程启动后 /mcp 端点可达,返回有效 JSON-RPC 响应 - token 自动生成机制在真实文件系统上工作 - HTTP 路由正确分流(/mcp 不被 admin 或 proxy 拦截) - 5 个工具的端到端响应(initialize, tools/list, get_proxy_status, detect_sensitive, preview_redacted, list_keywords, list_rule_lists) - 认证:无 token 和无效 token 均返回 401 - detect_sensitive 默认不暴露原始值,include_originals=true 时返回 技术要点: - 二进制只编译一次(sync.Once 共享) - 随机端口避免冲突 - 临时 HOME 隔离每个测试的 .vibeguard 目录 - 显式禁用 rule_lists 让代理走 raw Engine 模式(detect 工具可用)
新增 docs/MCP.md,覆盖协议端点、Bearer Token 认证、CLI 一键配置、5 个工具的完整参数与返回字段、错误码、curl 示例、 Claude Code 集成步骤和故障排查。
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
~/.vibeguard/mcp_tokenget_proxy_status工具返回代理版本、启动时间、请求统计、拦截模式等POST /mcp路由接入 proxy.go HTTP 路由Closes #11
Test plan
go test ./internal/mcp/ -v— 12 个测试全部通过go test ./...— 全量回归测试通过curl -X POST http://localhost:8080/mcp -H "Authorization: Bearer <token>" -d '{"jsonrpc":"2.0","method":"initialize","id":1}'