MockLoop MCP Server

> **NOTE: We have [fully](https://github.com/MockLoop/mockloop-mcp/commit/2fe4f485b5a13346393a6d5ed0f8b3a4dded7bbb) implemented [SchemaPin](https://schemapin.org) to help combat questionable copies of this project on Github and elsewhere. Be sure validate you are using releases from this repo and can use SchemaPin to validate our tool schemas: https://mockloop.com/.well-known/schemapin.json**  # MockLoop MCP - AI-Native Testing Platform [](https://pypi.org/project/mockloop-mcp/) [](https://pypi.org/project/mockloop-mcp/) [](https://pypi.org/project/mockloop-mcp/) [](https://github.com/mockloop/mockloop-mcp/blob/main/LICENSE) [](https://github.com/mockloop/mockloop-mcp/actions) [](https://docs.mockloop.com) [](https://docs.mockloop.com/ai-integration/overview/) [](https://modelcontextprotocol.io/) **The world's first AI-native API testing platform** powered by the Model Context Protocol (MCP). MockLoop MCP revolutionizes API testing with comprehensive AI-driven scenario generation, automated test execution, and intelligent analysis capabilities. **🚀 Revolutionary Capabilities:** 5 AI Prompts • 15 Scenario Resources • 16 Testing Tools • 10 Context Tools • 4 Core Tools • Complete MCP Integration **📚 Documentation:** https://docs.mockloop.com **📦 PyPI Package:** https://pypi.org/project/mockloop-mcp/ **🐙 GitHub Repository:** https://github.com/mockloop/mockloop-mcp ## 🌟 What Makes MockLoop MCP Revolutionary? MockLoop MCP represents a paradigm shift in API testing, introducing the world's first **AI-native testing architecture** that combines: - **🤖 AI-Driven Test Generation**: 5 specialized MCP prompts for intelligent scenario creation - **📦 Community Scenario Packs**: 15 curated testing resources with community architecture - **⚡ Automated Test Execution**: 30 comprehensive MCP tools for complete testing workflows (16 testing + 10 context + 4 core) - **🔄 Stateful Testing**: Advanced context management with GlobalContext and AgentContext - **📊 Enterprise Compliance**: Complete audit logging and regulatory compliance tracking - **🏗️ Dual-Port Architecture**: Eliminates /admin path conflicts with separate mocked API and admin ports ## 🎯 Core AI-Native Architecture ### MCP Audit Logging **Enterprise-grade compliance and regulatory tracking** - Complete request/response audit trails - Regulatory compliance monitoring - Performance metrics and analytics - Security event logging ### MCP Prompts (5 AI-Driven Capabilities) **Intelligent scenario generation powered by AI** - [`analyze_openapi_for_testing`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_prompts.py#L301) - Comprehensive API analysis for testing strategies - [`generate_scenario_config`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_prompts.py#L426) - Dynamic test scenario configuration - [`optimize_scenario_for_load`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_prompts.py#L521) - Load testing optimization - [`generate_error_scenarios`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_prompts.py#L633) - Error condition simulation - [`generate_security_test_scenarios`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_prompts.py#L732) - Security vulnerability testing ### MCP Resources (15 Scenario Packs) **Community-driven testing scenarios with advanced architecture** - **Load Testing Scenarios**: High-volume traffic simulation - **Error Simulation Packs**: Comprehensive error condition testing - **Security Testing Suites**: Vulnerability assessment scenarios - **Performance Benchmarks**: Standardized performance testing - **Integration Test Packs**: Cross-service testing scenarios - **Community Architecture**: Collaborative scenario sharing and validation ### MCP Tools (16 Automated Testing Tools) **Complete automated test execution capabilities** #### Scenario Management (4 tools) - [`validate_scenario_config`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L174) - Scenario validation and verification - [`deploy_scenario`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L267) - Automated scenario deployment - [`switch_scenario`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L385) - Dynamic scenario switching - [`list_active_scenarios`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L476) - Active scenario monitoring #### Test Execution (4 tools) - [`execute_test_plan`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L577) - Comprehensive test plan execution - [`run_test_iteration`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L816) - Individual test iteration management - [`run_load_test`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L945) - Load testing execution - [`run_security_test`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2019) - Security testing automation #### Analysis & Reporting (4 tools) - [`analyze_test_results`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2142) - Intelligent test result analysis - [`generate_test_report`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2225) - Comprehensive reporting - [`compare_test_runs`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2310) - Test run comparison and trends - [`get_performance_metrics`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2418) - Performance metrics collection #### Workflow Management (4 tools) - [`create_test_session`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2524) - Test session initialization - [`end_test_session`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2579) - Session cleanup and finalization - [`schedule_test_suite`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2646) - Automated test scheduling - [`monitor_test_progress`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2702) - Real-time progress monitoring ### MCP Context Management (10 Stateful Workflow Tools) **Advanced state management for complex testing workflows** #### Context Creation & Management - [`create_test_session_context`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1431) - Test session state management - [`create_workflow_context`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1447) - Complex workflow orchestration - [`create_agent_context`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1463) - AI agent state management #### Data Management - [`get_context_data`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1477) - Context data retrieval - [`update_context_data`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1486) - Dynamic context updates - [`list_contexts_by_type`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1508) - Context discovery and listing #### Snapshot & Recovery - [`create_context_snapshot`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1494) - State snapshot creation - [`restore_context_snapshot`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1502) - State rollback capabilities #### Global Context - [`get_global_context_data`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1516) - Cross-session data sharing - [`update_global_context_data`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1523) - Global state management ## 🚀 Quick Start Get started with the world's most advanced AI-native testing platform: ```bash # 1. Install MockLoop MCP pip install mockloop-mcp # 2. Verify installation mockloop-mcp --version # 3. Configure with your MCP client (Cline, Claude Desktop, etc.) # See configuration examples below ``` ## 📋 Prerequisites - Python 3.10+ - Pip package manager - Docker and Docker Compose (for containerized mock servers) - An MCP-compatible client (Cline, Claude Desktop, etc.) ## 🔧 Installation ### Option 1: Install from PyPI (Recommended) ```bash # Install the latest stable version pip install mockloop-mcp # Or install with optional dependencies pip install mockloop-mcp[dev] # Development tools pip install mockloop-mcp[docs] # Documentation tools pip install mockloop-mcp[all] # All optional dependencies # Verify installation mockloop-mcp --version ``` ### Option 2: Development Installation ```bash # Clone the repository git clone https://github.com/mockloop/mockloop-mcp.git cd mockloop-mcp # Create and activate virtual environment python3 -m venv .venv source .venv/bin/activate # On Windows: .venv\Scripts\activate # Install in development mode pip install -e ".[dev]" ``` ## ⚙️ Configuration ### MCP Client Configuration #### Cline (VS Code Extension) Add to your Cline MCP settings file: ```json { "mcpServers": { "MockLoopLocal": { "autoApprove": [], "disabled": false, "timeout": 60, "command": "mockloop-mcp", "args": [], "transportType": "stdio" } } } ``` #### Claude Desktop Add to your Claude Desktop configuration: ```json { "mcpServers": { "mockloop": { "command": "mockloop-mcp", "args": [] } } } ``` #### Virtual Environment Installations For virtual environment installations, use the full Python path: ```json { "mcpServers": { "MockLoopLocal": { "command": "/path/to/your/venv/bin/python", "args": ["-m", "mockloop_mcp"], "transportType": "stdio" } } } ``` ## 🛠️ Available MCP Tools ### Core Mock Generation #### `generate_mock_api` Generate sophisticated FastAPI mock servers with dual-port architecture. **Parameters:** - `spec_url_or_path` (string, required): API specification URL or local file path - `output_dir_name` (string, optional): Output directory name - `auth_enabled` (boolean, optional): Enable authentication middleware (default: true) - `webhooks_enabled` (boolean, optional): Enable webhook support (default: true) - `admin_ui_enabled` (boolean, optional): Enable admin UI (default: true) - `storage_enabled` (boolean, optional): Enable storage functionality (default: true) **Revolutionary Dual-Port Architecture:** - **Mocked API Port**: Serves your API endpoints (default: 8000) - **Admin UI Port**: Separate admin interface (default: 8001) - **Conflict Resolution**: Eliminates /admin path conflicts in OpenAPI specs - **Enhanced Security**: Port-based access control and isolation ### Advanced Analytics #### `query_mock_logs` Query and analyze request logs with AI-powered insights. **Parameters:** - `server_url` (string, required): Mock server URL - `limit` (integer, optional): Maximum logs to return (default: 100) - `offset` (integer, optional): Pagination offset (default: 0) - `method` (string, optional): Filter by HTTP method - `path_pattern` (string, optional): Regex pattern for path filtering - `time_from` (string, optional): Start time filter (ISO format) - `time_to` (string, optional): End time filter (ISO format) - `include_admin` (boolean, optional): Include admin requests (default: false) - `analyze` (boolean, optional): Perform AI analysis (default: true) **AI-Powered Analysis:** - Performance metrics (P95/P99 response times) - Error rate analysis and categorization - Traffic pattern detection - Automated debugging recommendations - Session correlation and tracking #### `discover_mock_servers` Intelligent server discovery with dual-port architecture support. **Parameters:** - `ports` (array, optional): Ports to scan (default: common ports) - `check_health` (boolean, optional): Perform health checks (default: true) - `include_generated` (boolean, optional): Include generated mocks (default: true) **Advanced Discovery:** - Automatic architecture detection (single-port vs dual-port) - Health status monitoring - Server correlation and matching - Port usage analysis #### `manage_mock_data` Dynamic response management without server restart. **Parameters:** - `server_url` (string, required): Mock server URL - `operation` (string, required): Operation type ("update_response", "create_scenario", "switch_scenario", "list_scenarios") - `endpoint_path` (string, optional): API endpoint path - `response_data` (object, optional): New response data - `scenario_name` (string, optional): Scenario name - `scenario_config` (object, optional): Scenario configuration **Dynamic Capabilities:** - Real-time response updates - Scenario-based testing - Runtime configuration management - Zero-downtime modifications ## 🌐 MCP Proxy Functionality MockLoop MCP includes revolutionary proxy capabilities that enable seamless switching between mock and live API environments. This powerful feature transforms your testing workflow by providing: ### Core Proxy Capabilities - **🔄 Seamless Mode Switching**: Transition between mock, proxy, and hybrid modes without code changes - **🎯 Intelligent Routing**: Smart request routing based on configurable rules and conditions - **🔐 Universal Authentication**: Support for API Key, Bearer Token, Basic Auth, and OAuth2 - **📊 Response Comparison**: Automated comparison between mock and live API responses - **⚡ Zero-Downtime Switching**: Change modes dynamically without service interruption ### Operational Modes #### Mock Mode (`MOCK`) - All requests handled by generated mock responses - Predictable, consistent testing environment - Ideal for early development and isolated testing - No external dependencies or network calls #### Proxy Mode (`PROXY`) - All requests forwarded to live API endpoints - Real-time data and authentic responses - Full integration testing capabilities - Network-dependent operation with live credentials #### Hybrid Mode (`HYBRID`) - Intelligent routing between mock and proxy based on rules - Conditional switching based on request patterns, headers, or parameters - Gradual migration from mock to live environments - A/B testing and selective endpoint proxying ### Quick Start Example ```python from mockloop_mcp.mcp_tools import create_mcp_plugin # Create a proxy-enabled plugin plugin_result = await create_mcp_plugin( spec_url_or_path="https://api.example.com/openapi.json", mode="hybrid", # Start with hybrid mode plugin_name="example_api", target_url="https://api.example.com", auth_config={ "auth_type": "bearer_token", "credentials": {"token": "your-token"} }, routing_rules=[ { "pattern": "/api/critical/*", "mode": "proxy", # Critical endpoints use live API "priority": 10 }, { "pattern": "/api/dev/*", "mode": "mock", # Development endpoints use mocks "priority": 5 } ] ) ``` ### Advanced Features - **🔍 Response Validation**: Compare mock vs live responses for consistency - **📈 Performance Monitoring**: Track response times and throughput across modes - **🛡️ Error Handling**: Graceful fallback mechanisms and retry policies - **🎛️ Dynamic Configuration**: Runtime mode switching and rule updates - **📋 Audit Logging**: Complete request/response tracking across all modes ### Authentication Support The proxy system supports comprehensive authentication schemes: - **API Key**: Header, query parameter, or cookie-based authentication - **Bearer Token**: OAuth2 and JWT token support - **Basic Auth**: Username/password combinations - **OAuth2**: Full OAuth2 flow with token refresh - **Custom**: Extensible authentication handlers for proprietary schemes ### Use Cases - **Development Workflow**: Start with mocks, gradually introduce live APIs - **Integration Testing**: Validate against real services while maintaining test isolation - **Performance Testing**: Compare mock vs live API performance characteristics - **Staging Validation**: Ensure mock responses match production API behavior - **Hybrid Deployments**: Route critical operations to live APIs, others to mocks **📚 Complete Guide**: For detailed configuration, examples, and best practices, see the [MCP Proxy Guide](docs/guides/mcp-proxy-guide.md). ## 🤖 AI Framework Integration MockLoop MCP provides native integration with popular AI frameworks: ### LangGraph Integration ```python from langgraph.graph import StateGraph, END from mockloop_mcp import MockLoopClient # Initialize MockLoop client mockloop = MockLoopClient() def setup_ai_testing(state): """AI-driven test setup""" # Generate mock API with AI analysis result = mockloop.generate_mock_api( spec_url_or_path="https://api.example.com/openapi.json", output_dir_name="ai_test_environment" ) # Use AI prompts for scenario generation scenarios = mockloop.analyze_openapi_for_testing( api_spec=state["api_spec"], analysis_depth="comprehensive", include_security_tests=True ) state["mock_server_url"] = "http://localhost:8000" state["test_scenarios"] = scenarios return state def execute_ai_tests(state): """Execute AI-generated test scenarios""" # Deploy AI-generated scenarios for scenario in state["test_scenarios"]: mockloop.deploy_scenario( server_url=state["mock_server_url"], scenario_config=scenario ) # Execute load tests with AI optimization results = mockloop.run_load_test( server_url=state["mock_server_url"], scenario_name=scenario["name"], duration=300, concurrent_users=100 ) # AI-powered result analysis analysis = mockloop.analyze_test_results( test_results=results, include_recommendations=True ) state["test_results"].append(analysis) return state # Build AI-native testing workflow workflow = StateGraph(dict) workflow.add_node("setup_ai_testing", setup_ai_testing) workflow.add_node("execute_ai_tests", execute_ai_tests) workflow.set_entry_point("setup_ai_testing") workflow.add_edge("setup_ai_testing", "execute_ai_tests") workflow.add_edge("execute_ai_tests", END) app = workflow.compile() ``` ### CrewAI Multi-Agent Testing ```python from crewai import Agent, Task, Crew from mockloop_mcp import MockLoopClient # Initialize MockLoop client mockloop = MockLoopClient() # AI Testing Specialist Agent api_testing_agent = Agent( role='AI API Testing Specialist', goal='Generate and execute comprehensive AI-driven API tests', backstory='Expert in AI-native testing with MockLoop MCP integration', tools=[ mockloop.generate_mock_api, mockloop.analyze_openapi_for_testing, mockloop.generate_scenario_config ] ) # Performance Analysis Agent performance_agent = Agent( role='AI Performance Analyst', goal='Analyze API performance with AI-powered insights', backstory='Specialist in AI-driven performance analysis and optimization', tools=[ mockloop.run_load_test, mockloop.get_performance_metrics, mockloop.analyze_test_results ] ) # Security Testing Agent security_agent = Agent( role='AI Security Testing Expert', goal='Conduct AI-driven security testing and vulnerability assessment', backstory='Expert in AI-powered security testing methodologies', tools=[ mockloop.generate_security_test_scenarios, mockloop.run_security_test, mockloop.compare_test_runs ] ) # Define AI-driven tasks ai_setup_task = Task( description='Generate AI-native mock API with comprehensive testing scenarios', agent=api_testing_agent, expected_output='Mock server with AI-generated test scenarios deployed' ) performance_task = Task( description='Execute AI-optimized performance testing and analysis', agent=performance_agent, expected_output='Comprehensive performance analysis with AI recommendations' ) security_task = Task( description='Conduct AI-driven security testing and vulnerability assessment', agent=security_agent, expected_output='Security test results with AI-powered threat analysis' ) # Create AI testing crew ai_testing_crew = Crew( agents=[api_testing_agent, performance_agent, security_agent], tasks=[ai_setup_task, performance_task, security_task], verbose=True ) # Execute AI-native testing workflow results = ai_testing_crew.kickoff() ``` ### LangChain AI Testing Tools ```python from langchain.agents import Tool, AgentExecutor, create_react_agent from langchain.prompts import PromptTemplate from langchain_openai import ChatOpenAI from mockloop_mcp import MockLoopClient # Initialize MockLoop client mockloop = MockLoopClient() # AI-Native Testing Tools def ai_generate_mock_api(spec_path: str) -> str: """Generate AI-enhanced mock API with intelligent scenarios""" # Generate mock API result = mockloop.generate_mock_api(spec_url_or_path=spec_path) # Use AI to analyze and enhance analysis = mockloop.analyze_openapi_for_testing( api_spec=spec_path, analysis_depth="comprehensive", include_security_tests=True ) return f"AI-enhanced mock API generated: {result}\nAI Analysis: {analysis['summary']}" def ai_execute_testing_workflow(server_url: str) -> str: """Execute comprehensive AI-driven testing workflow""" # Create test session context session = mockloop.create_test_session_context( session_name="ai_testing_session", configuration={"ai_enhanced": True} ) # Generate and deploy AI scenarios scenarios = mockloop.generate_scenario_config( api_spec=server_url, scenario_types=["load", "error", "security"], ai_optimization=True ) results = [] for scenario in scenarios: # Deploy scenario mockloop.deploy_scenario( server_url=server_url, scenario_config=scenario ) # Execute tests with AI monitoring test_result = mockloop.execute_test_plan( server_url=server_url, test_plan=scenario["test_plan"], ai_monitoring=True ) results.append(test_result) # AI-powered analysis analysis = mockloop.analyze_test_results( test_results=results, include_recommendations=True, ai_insights=True ) return f"AI testing workflow completed: {analysis['summary']}" # Create LangChain tools ai_testing_tools = [ Tool( name="AIGenerateMockAPI", func=ai_generate_mock_api, description="Generate AI-enhanced mock API with intelligent testing scenarios" ), Tool( name="AIExecuteTestingWorkflow", func=ai_execute_testing_workflow, description="Execute comprehensive AI-driven testing workflow with intelligent analysis" ) ] # Create AI testing agent llm = ChatOpenAI(temperature=0) ai_testing_prompt = PromptTemplate.from_template(""" You are an AI-native testing assistant powered by MockLoop MCP. You have access to revolutionary AI-driven testing capabilities including: - AI-powered scenario generation - Intelligent test execution - Advanced performance analysis - Security vulnerability assessment - Stateful workflow management Tools available: {tools} Tool names: {tool_names} Question: {input} {agent_scratchpad} """) agent = create_react_agent(llm, ai_testing_tools, ai_testing_prompt) agent_executor = AgentExecutor(agent=agent, tools=ai_testing_tools, verbose=True) # Execute AI-native testing response = agent_executor.invoke({ "input": "Generate a comprehensive AI-driven testing environment for a REST API and execute full testing workflow" }) ``` ## 🏗️ Dual-Port Architecture MockLoop MCP introduces a revolutionary **dual-port architecture** that eliminates common conflicts and enhances security: ### Architecture Benefits - **🔒 Enhanced Security**: Complete separation of mocked API and admin functionality - **⚡ Zero Conflicts**: Eliminates /admin path conflicts in OpenAPI specifications - **📊 Clean Analytics**: Admin calls don't appear in mocked API metrics - **🔄 Independent Scaling**: Scale mocked API and admin services separately - **🛡️ Port-Based Access Control**: Enhanced security through network isolation ### Port Configuration ```python # Generate mock with dual-port architecture result = mockloop.generate_mock_api( spec_url_or_path="https://api.example.com/openapi.json", business_port=8000, # Mocked API port admin_port=8001, # Admin UI port admin_ui_enabled=True ) ``` ### Access Points - **Mocked API**: `http://localhost:8000` - Your API endpoints - **Admin UI**: `http://localhost:8001` - Management interface - **API Documentation**: `http://localhost:8000/docs` - Interactive Swagger UI - **Health Check**: `http://localhost:8000/health` - Server status ## 📊 Enterprise Features ### Compliance & Audit Logging MockLoop MCP provides enterprise-grade compliance features: - **Complete Audit Trails**: Every request/response logged with metadata - **Regulatory Compliance**: GDPR, SOX, HIPAA compliance support - **Performance Metrics**: P95/P99 response times, error rates - **Security Monitoring**: Threat detection and analysis - **Session Tracking**: Cross-request correlation and analysis ### Advanced Analytics - **AI-Powered Insights**: Intelligent analysis and recommendations - **Traffic Pattern Detection**: Automated anomaly detection - **Performance Optimization**: AI-driven performance recommendations - **Error Analysis**: Intelligent error categorization and resolution - **Trend Analysis**: Historical performance and usage trends ## 🔄 Stateful Testing Workflows MockLoop MCP supports complex, stateful testing workflows through advanced context management: ### Context Types - **Test Session Context**: Maintain state across test executions - **Workflow Context**: Complex multi-step testing orchestration - **Agent Context**: AI agent state management and coordination - **Global Context**: Cross-session data sharing and persistence ### Example: Stateful E-commerce Testing ```python # Create test session context session = mockloop.create_test_session_context( session_name="ecommerce_integration_test", configuration={ "test_type": "integration", "environment": "staging", "ai_enhanced": True } ) # Create workflow context for multi-step testing workflow = mockloop.create_workflow_context( workflow_name="user_journey_test", parent_context=session["context_id"], steps=[ "user_registration", "product_browsing", "cart_management", "checkout_process", "order_fulfillment" ] ) # Execute stateful test workflow for step in workflow["steps"]: # Update context with step data mockloop.update_context_data( context_id=workflow["context_id"], data={"current_step": step, "timestamp": datetime.now()} ) # Execute step-specific tests test_result = mockloop.execute_test_plan( server_url="http://localhost:8000", test_plan=f"{step}_test_plan", context_id=workflow["context_id"] ) # Create snapshot for rollback capability snapshot = mockloop.create_context_snapshot( context_id=workflow["context_id"], snapshot_name=f"{step}_completion" ) # Analyze complete workflow results final_analysis = mockloop.analyze_test_results( test_results=workflow["results"], context_id=workflow["context_id"], include_recommendations=True ) ``` ## 🚀 Running Generated Mock Servers ### Using Docker Compose (Recommended) ```bash # Navigate to generated mock directory cd generated_mocks/your_api_mock # Start with dual-port architecture docker-compose up --build # Access points: # Mocked API: http://localhost:8000 # Admin UI: http://localhost:8001 ``` ### Using Uvicorn Directly ```bash # Install dependencies pip install -r requirements_mock.txt # Start the mock server uvicorn main:app --reload --port 8000 ``` ### Enhanced Features Access - **Admin UI**: `http://localhost:8001` - Enhanced management interface - **API Documentation**: `http://localhost:8000/docs` - Interactive Swagger UI - **Health Check**: `http://localhost:8000/health` - Server status and metrics - **Log Analytics**: `http://localhost:8001/api/logs/search` - Advanced log querying - **Performance Metrics**: `http://localhost:8001/api/logs/analyze` - AI-powered insights - **Scenario Management**: `http://localhost:8001/api/mock-data/scenarios` - Dynamic testing ## 📈 Performance & Scalability MockLoop MCP is designed for enterprise-scale performance: ### Performance Metrics - **Response Times**: P50, P95, P99 percentile tracking - **Throughput**: Requests per second monitoring - **Error Rates**: Comprehensive error analysis - **Resource Usage**: Memory, CPU, and network monitoring - **Concurrency**: Multi-user load testing support ### Scalability Features - **Horizontal Scaling**: Multi-instance deployment support - **Load Balancing**: Built-in load balancing capabilities - **Caching**: Intelligent response caching - **Database Optimization**: Efficient SQLite and PostgreSQL support - **Container Orchestration**: Kubernetes and Docker Swarm ready ## 🔒 Security Features ### Built-in Security - **Authentication Middleware**: Configurable auth mechanisms - **Rate Limiting**: Prevent abuse and DoS attacks - **Input Validation**: Comprehensive request validation - **Security Headers**: CORS, CSP, and security headers - **Audit Logging**: Complete security event logging ### Security Testing - **Vulnerability Assessment**: AI-powered security testing - **Penetration Testing**: Automated security scenario generation - **Compliance Checking**: Security standard compliance verification - **Threat Modeling**: AI-driven threat analysis - **Security Reporting**: Comprehensive security analytics ## 🔐 SchemaPin Integration - Cryptographic Schema Verification MockLoop MCP now includes **SchemaPin integration** - the industry's first cryptographic schema verification system for MCP tools, preventing "MCP Rug Pull" attacks through ECDSA signature verification and Trust-On-First-Use (TOFU) key pinning. ### Revolutionary Security Enhancement SchemaPin integration transforms MockLoop MCP into the most secure MCP testing platform by providing: - **🔐 Cryptographic Verification**: ECDSA P-256 signatures ensure schema integrity - **🔑 TOFU Key Pinning**: Automatic key discovery and pinning for trusted domains - **📋 Policy Enforcement**: Configurable security policies (enforce/warn/log modes) - **📊 Comprehensive Auditing**: Complete verification logs for compliance - **🔄 Graceful Fallback**: Works with or without SchemaPin library - **🏗️ Hybrid Architecture**: Seamless integration with existing MockLoop systems ### Quick Start Configuration ```python from mockloop_mcp.schemapin import SchemaPinConfig, SchemaVerificationInterceptor # Basic configuration config = SchemaPinConfig( enabled=True, policy_mode="warn", # enforce, warn, or log auto_pin_keys=False, trusted_domains=["api.example.com"], interactive_mode=False ) # Initialize verification interceptor = SchemaVerificationInterceptor(config) # Verify tool schema result = await interceptor.verify_tool_schema( tool_name="database_query", schema=tool_schema, signature="base64_encoded_signature", domain="api.example.com" ) if result.valid: print("✓ Schema verification successful") else: print(f"✗ Verification failed: {result.error}") ``` ### Production Configuration ```python # Production-ready configuration config = SchemaPinConfig( enabled=True, policy_mode="enforce", # Block execution on verification failure auto_pin_keys=True, # Auto-pin keys for trusted domains key_pin_storage_path="/secure/path/keys.db", discovery_timeout=60, cache_ttl=7200, trusted_domains=[ "api.corp.com", "tools.internal.com" ], well_known_endpoints={ "api.corp.com": "https://api.corp.com/.well-known/schemapin.json" }, revocation_check=True, interactive_mode=False ) ``` ### Security Benefits #### MCP Rug Pull Protection SchemaPin prevents malicious actors from modifying tool schemas without detection: - **Cryptographic Signatures**: Every tool schema is cryptographically signed - **Key Pinning**: TOFU model prevents man-in-the-middle attacks - **Audit Trails**: Complete verification logs for security analysis - **Policy Enforcement**: Configurable responses to verification failures #### Compliance & Governance - **Regulatory Compliance**: Audit logs support GDPR, SOX, HIPAA requirements - **Enterprise Security**: Integration with existing security frameworks - **Risk Management**: Configurable security policies for different environments - **Threat Detection**: Automated detection of schema tampering attempts ### Integration Examples #### Basic Tool Verification ```python # Verify a single tool from mockloop_mcp.schemapin import SchemaVerificationInterceptor interceptor = SchemaVerificationInterceptor(config) result = await interceptor.verify_tool_schema( "api_call", tool_schema, signature, "api.example.com" ) ``` #### Batch Verification ```python # Verify multiple tools efficiently from mockloop_mcp.schemapin import SchemaPinWorkflowManager workflow = SchemaPinWorkflowManager(config) results = await workflow.verify_tool_batch([ {"name": "tool1", "schema": schema1, "signature": sig1, "domain": "api.com"}, {"name": "tool2", "schema": schema2, "signature": sig2, "domain": "api.com"} ]) ``` #### MCP Proxy Integration ```python # Integrate with MCP proxy for seamless security class SecureMCPProxy: def __init__(self, config): self.interceptor = SchemaVerificationInterceptor(config) async def proxy_tool_request(self, tool_name, schema, signature, domain, data): # Verify schema before execution result = await self.interceptor.verify_tool_schema( tool_name, schema, signature, domain ) if not result.valid: return {"error": "Schema verification failed"} # Execute tool with verified schema return await self.execute_tool(tool_name, data) ``` ### Policy Modes #### Enforce Mode ```python config = SchemaPinConfig(policy_mode="enforce") # Blocks execution on verification failure # Recommended for production critical tools ``` #### Warn Mode ```python config = SchemaPinConfig(policy_mode="warn") # Logs warnings but allows execution # Recommended for gradual rollout ``` #### Log Mode ```python config = SchemaPinConfig(policy_mode="log") # Logs events without blocking # Recommended for monitoring and testing ``` ### Key Management #### Trust-On-First-Use (TOFU) ```python # Automatic key discovery and pinning key_manager = KeyPinningManager("keys.db") # Pin key for trusted tool success = key_manager.pin_key( tool_id="api.example.com/database_query", domain="api.example.com", public_key_pem=discovered_key, metadata={"developer": "Example Corp"} ) # Check if key is pinned if key_manager.is_key_pinned("api.example.com/database_query"): print("Key is pinned and trusted") ``` #### Key Discovery SchemaPin automatically discovers public keys via `.well-known` endpoints: ``` https://api.example.com/.well-known/schemapin.json ``` Expected format: ```json { "public_key": "-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----", "algorithm": "ES256", "created_at": "2023-01-01T00:00:00Z" } ``` ### Audit & Compliance #### Comprehensive Logging ```python from mockloop_mcp.schemapin import SchemaPinAuditLogger audit_logger = SchemaPinAuditLogger("audit.db") # Verification events are automatically logged stats = audit_logger.get_verification_stats() print(f"Total verifications: {stats['total_verifications']}") print(f"Success rate: {stats['successful_verifications'] / stats['total_verifications'] * 100:.1f}%") ``` #### Compliance Reporting ```python # Generate compliance reports from mockloop_mcp.mcp_compliance import MCPComplianceReporter reporter = MCPComplianceReporter("audit.db") report = reporter.generate_schemapin_compliance_report() print(f"Compliance score: {report['compliance_score']:.1f}%") print(f"Verification coverage: {report['verification_statistics']['unique_tools']} tools") ``` ### Documentation & Examples - **📚 Complete Integration Guide**: [`docs/guides/schemapin-integration.md`](docs/guides/schemapin-integration.md) - **🔧 Basic Usage Example**: [`examples/schemapin/basic_usage.py`](examples/schemapin/basic_usage.py) - **⚡ Advanced Patterns**: [`examples/schemapin/advanced_usage.py`](examples/schemapin/advanced_usage.py) - **🏗️ Architecture Documentation**: [`SchemaPin_MockLoop_Integration_Architecture.md`](SchemaPin_MockLoop_Integration_Architecture.md) - **🧪 Test Coverage**: 56 comprehensive tests (42 unit + 14 integration) ### Migration for Existing Users SchemaPin integration is **completely backward compatible**: 1. **Opt-in Configuration**: SchemaPin is disabled by default 2. **No Breaking Changes**: Existing tools continue to work unchanged 3. **Gradual Rollout**: Start with `log` mode, progress to `warn`, then `enforce` 4. **Zero Downtime**: Enable verification without service interruption ```python # Migration example: gradual rollout # Phase 1: Monitoring (log mode) config = SchemaPinConfig(enabled=True, policy_mode="log") # Phase 2: Warnings (warn mode) config = SchemaPinConfig(enabled=True, policy_mode="warn") # Phase 3: Enforcement (enforce mode) config = SchemaPinConfig(enabled=True, policy_mode="enforce") ``` ### Performance Impact SchemaPin is designed for minimal performance impact: - **Verification Time**: ~5-15ms per tool (cached results) - **Memory Usage**: <10MB additional memory - **Network Overhead**: Key discovery only on first use - **Database Size**: ~1KB per pinned key ### Use Cases #### Development Teams - **Secure Development**: Verify tool schemas during development - **Code Review**: Ensure schema integrity in pull requests - **Testing**: Validate tool behavior with verified schemas #### Enterprise Security - **Threat Prevention**: Block malicious schema modifications - **Compliance**: Meet regulatory requirements with audit trails - **Risk Management**: Configurable security policies - **Incident Response**: Detailed logs for security analysis #### DevOps & CI/CD - **Pipeline Security**: Verify schemas in deployment pipelines - **Environment Promotion**: Ensure schema consistency across environments - **Monitoring**: Continuous verification monitoring - **Automation**: Automated security policy enforcement ## �️ Future Development ### Upcoming Features 🚧 #### Enhanced AI Capabilities - **Advanced ML Models**: Custom model training for API testing - **Predictive Analytics**: AI-powered failure prediction - **Intelligent Test Generation**: Self-improving test scenarios - **Natural Language Testing**: Plain English test descriptions #### Extended Protocol Support - **GraphQL Support**: Native GraphQL API testing - **gRPC Integration**: Protocol buffer testing support - **WebSocket Testing**: Real-time communication testing - **Event-Driven Testing**: Async and event-based API testing #### Enterprise Integration - **CI/CD Integration**: Native pipeline integration - **Monitoring Platforms**: Datadog, New Relic, Prometheus integration - **Identity Providers**: SSO and enterprise auth integration - **Compliance Frameworks**: Extended regulatory compliance support ## 🤝 Contributing We welcome contributions to MockLoop MCP! Please see our [Contributing Guidelines](docs/contributing/guidelines.md) for details. ### Development Setup ```bash # Fork and clone the repository git clone https://github.com/your-username/mockloop-mcp.git cd mockloop-mcp # Create development environment python3 -m venv .venv source .venv/bin/activate # Install development dependencies pip install -e ".[dev]" # Run tests pytest tests/ # Run quality checks ruff check src/ bandit -r src/ ``` ### Community - **GitHub Repository**: [mockloop/mockloop-mcp](https://github.com/mockloop/mockloop-mcp) - **Issues & Bug Reports**: [GitHub Issues](https://github.com/mockloop/mockloop-mcp/issues) - **Feature Requests**: [GitHub Issues](https://github.com/mockloop/mockloop-mcp/issues) - **Documentation**: [docs.mockloop.com](https://docs.mockloop.com) ## 📄 License MockLoop MCP is licensed under the [MIT License](LICENSE). --- ## 🎉 Get Started Today! Ready to revolutionize your API testing with the world's first AI-native testing platform? ```bash pip install mockloop-mcp ``` **Join the AI-native testing revolution** and experience the future of API testing with MockLoop MCP! **🚀 [Get Started Now](https://docs.mockloop.com/getting-started/installation/) →**