Twenty MCP Server

twenty-mcp
tests

ip-protection-tests.js•12.7 KiB

#!/usr/bin/env node import { spawn } from 'child_process'; import { writeFileSync, readFileSync, mkdirSync, existsSync } from 'fs'; import { join } from 'path'; import fetch from 'node-fetch'; // Configuration const RESULTS_DIR = join(process.cwd(), 'test-results'); const TEST_TIMEOUT = 10000; const SERVER_PORT = 3001; // Use different port to avoid conflicts // Ensure directories exist mkdirSync(RESULTS_DIR, { recursive: true }); // Test results const results = { timestamp: new Date().toISOString(), environment: { node: process.version, platform: process.platform, test_type: 'ip_protection' }, tests: [], stats: { total: 0, passed: 0, failed: 0, duration: 0 } }; // Helper to run a test async function runTest(name, testFn) { const startTime = Date.now(); const test = { name, status: 'running', startTime: new Date().toISOString(), logs: [] }; console.log(`\n▶ Running: ${name}`); try { const result = await testFn(); test.status = 'passed'; test.result = result; console.log(`✅ PASSED: ${name}`); results.stats.passed++; } catch (error) { test.status = 'failed'; test.error = error.message; test.errorDetails = error.stack; console.log(`❌ FAILED: ${name}`); console.log(` Error: ${error.message}`); results.stats.failed++; } test.duration = Date.now() - startTime; test.endTime = new Date().toISOString(); results.tests.push(test); results.stats.total++; } // Start server with specific environment async function startServerWithEnv(env = {}) { const serverEnv = { ...process.env, PORT: SERVER_PORT.toString(), ...env }; console.log('Starting server with environment:', Object.keys(env)); const server = spawn('node', ['dist/http-server.js'], { env: serverEnv, stdio: ['pipe', 'pipe', 'pipe'] }); // Wait for server to start await new Promise((resolve, reject) => { const timeout = setTimeout(() => { reject(new Error('Server startup timeout')); }, 5000); server.stderr.on('data', (data) => { const output = data.toString(); if (output.includes('Twenty MCP Server running')) { clearTimeout(timeout); setTimeout(resolve, 500); // Small delay for full startup } }); server.on('error', (error) => { clearTimeout(timeout); reject(error); }); }); return server; } // Make HTTP request to server async function makeRequest(path = '/health', options = {}) { const url = `http://localhost:${SERVER_PORT}${path}`; try { const response = await fetch(url, { timeout: 3000, ...options }); return { status: response.status, statusText: response.statusText, headers: Object.fromEntries(response.headers), body: response.ok ? await response.json() : await response.text() }; } catch (error) { throw new Error(`Request failed: ${error.message}`); } } // Main test execution async function executeTests() { console.log('🛡️ Twenty MCP Server IP Protection Test Suite'); console.log('============================================='); console.log(`📅 Date: ${new Date().toLocaleDateString()}`); console.log(`⏰ Time: ${new Date().toLocaleTimeString()}`); console.log(`🖥️ Node: ${process.version}`); console.log(`🔧 Port: ${SERVER_PORT}`); const startTime = Date.now(); try { // Test 1: IP Protection Disabled (Default) await runTest('IP Protection Disabled - Allow All', async () => { const server = await startServerWithEnv({ IP_PROTECTION_ENABLED: 'false' }); try { const response = await makeRequest('/health'); if (response.status !== 200) { throw new Error(`Expected 200, got ${response.status}`); } if (response.body.ipProtection !== false) { throw new Error(`Expected ipProtection: false, got ${response.body.ipProtection}`); } return { status: response.status, ipProtection: response.body.ipProtection, message: 'All IPs allowed when protection disabled' }; } finally { server.kill(); await new Promise(resolve => setTimeout(resolve, 1000)); } }); // Test 2: IP Protection Enabled - Localhost Allowed await runTest('IP Protection Enabled - Localhost Access', async () => { const server = await startServerWithEnv({ IP_PROTECTION_ENABLED: 'true', IP_ALLOWLIST: '192.168.1.0/24', IP_BLOCK_UNKNOWN: 'true' }); try { const response = await makeRequest('/health'); if (response.status !== 200) { throw new Error(`Expected 200, got ${response.status}`); } if (response.body.ipProtection !== true) { throw new Error(`Expected ipProtection: true, got ${response.body.ipProtection}`); } return { status: response.status, ipProtection: response.body.ipProtection, message: 'Localhost always allowed even with IP protection' }; } finally { server.kill(); await new Promise(resolve => setTimeout(resolve, 1000)); } }); // Test 3: IP Protection with Empty Allowlist await runTest('IP Protection - Empty Allowlist Blocks Non-Localhost', async () => { const server = await startServerWithEnv({ IP_PROTECTION_ENABLED: 'true', IP_ALLOWLIST: '', IP_BLOCK_UNKNOWN: 'true' }); try { // This should still work from localhost const response = await makeRequest('/health'); if (response.status !== 200) { throw new Error(`Localhost should be allowed, got ${response.status}`); } return { status: response.status, message: 'Empty allowlist still allows localhost', ipProtection: response.body.ipProtection }; } finally { server.kill(); await new Promise(resolve => setTimeout(resolve, 1000)); } }); // Test 4: IP Protection Configuration Loading await runTest('IP Protection - Configuration Loading', async () => { const server = await startServerWithEnv({ IP_PROTECTION_ENABLED: 'true', IP_ALLOWLIST: '10.0.0.0/8,192.168.1.100,2001:db8::/32', TRUSTED_PROXIES: '127.0.0.1,10.0.0.1', IP_BLOCK_UNKNOWN: 'false' }); try { const response = await makeRequest('/health'); if (response.status !== 200) { throw new Error(`Expected 200, got ${response.status}`); } // Check that IP protection is enabled if (response.body.ipProtection !== true) { throw new Error(`Expected ipProtection: true, got ${response.body.ipProtection}`); } return { status: response.status, ipProtection: response.body.ipProtection, message: 'Complex IP configuration loaded successfully' }; } finally { server.kill(); await new Promise(resolve => setTimeout(resolve, 1000)); } }); // Test 5: MCP Endpoint Protection await runTest('IP Protection - MCP Endpoint', async () => { const server = await startServerWithEnv({ IP_PROTECTION_ENABLED: 'true', IP_ALLOWLIST: '192.168.1.0/24', TWENTY_API_KEY: process.env.TWENTY_API_KEY || 'test-key' }); try { const response = await makeRequest('/mcp?apiKey=test-key', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ jsonrpc: '2.0', method: 'initialize', params: { protocolVersion: '2024-11-05', capabilities: {}, clientInfo: { name: 'test', version: '1.0.0' } }, id: 1 }) }); // Should work from localhost if (response.status >= 400 && response.status < 500) { // If we get 4xx, check if it's IP-related if (typeof response.body === 'string' && response.body.includes('forbidden')) { throw new Error('IP protection incorrectly blocked localhost'); } } return { status: response.status, message: 'MCP endpoint respects IP protection rules', responseType: typeof response.body }; } finally { server.kill(); await new Promise(resolve => setTimeout(resolve, 1000)); } }); // Test 6: OAuth Endpoints Protection await runTest('IP Protection - OAuth Endpoints', async () => { const server = await startServerWithEnv({ IP_PROTECTION_ENABLED: 'true', IP_ALLOWLIST: '192.168.1.0/24', AUTH_ENABLED: 'true' }); try { // Test OAuth discovery endpoint const response = await makeRequest('/.well-known/oauth-protected-resource'); // Should work from localhost (even though we're not in allowlist) if (response.status !== 200) { // Check if it's IP-related forbidden if (response.status === 403 && typeof response.body === 'string' && response.body.includes('forbidden')) { throw new Error('IP protection incorrectly blocked localhost for OAuth endpoints'); } } return { status: response.status, message: 'OAuth endpoints respect IP protection', endpoint: 'oauth-protected-resource' }; } finally { server.kill(); await new Promise(resolve => setTimeout(resolve, 1000)); } }); } catch (error) { console.error('Test execution failed:', error); } results.stats.duration = Date.now() - startTime; // Generate reports await generateReports(); } // Generate test reports async function generateReports() { // JSON Report const jsonPath = join(RESULTS_DIR, 'ip-protection-test-results.json'); writeFileSync(jsonPath, JSON.stringify(results, null, 2)); // Markdown Report const mdPath = join(RESULTS_DIR, 'IP_PROTECTION_TEST_REPORT.md'); const markdown = `# IP Protection Test Report ## Test Execution Summary - **Date**: ${new Date(results.timestamp).toLocaleDateString()} - **Time**: ${new Date(results.timestamp).toLocaleTimeString()} - **Duration**: ${results.stats.duration}ms - **Test Type**: ${results.environment.test_type} - **Environment**: Node ${results.environment.node} on ${results.environment.platform} ## Results Overview | Metric | Count | |--------|-------| | Total Tests | ${results.stats.total} | | ✅ Passed | ${results.stats.passed} | | ❌ Failed | ${results.stats.failed} | | Success Rate | ${((results.stats.passed / results.stats.total) * 100).toFixed(1)}% | ## Test Details ${results.tests.map((test, i) => ` ### ${i + 1}. ${test.name} - **Status**: ${test.status === 'passed' ? '✅ PASSED' : '❌ FAILED'} - **Duration**: ${test.duration}ms - **Time**: ${new Date(test.startTime).toLocaleTimeString()} ${test.error ? `- **Error**: ${test.error}` : ''} ${test.result ? `- **Result**: \`\`\`json ${JSON.stringify(test.result, null, 2)} \`\`\`` : ''} `).join('\n')} ## IP Protection Features Tested - ✅ Default disabled state - ✅ Localhost always allowed - ✅ Configuration loading from environment - ✅ MCP endpoint protection - ✅ OAuth endpoint protection - ✅ Empty allowlist handling ## Test Coverage Notes This test suite validates the IP protection middleware functionality: 1. **Configuration**: Tests that IP protection can be enabled/disabled via environment variables 2. **Localhost Exception**: Ensures localhost (127.0.0.1, ::1) is always allowed 3. **Allowlist Processing**: Validates IP and CIDR range parsing 4. **Endpoint Coverage**: Tests that protection applies to all server endpoints 5. **Environment Integration**: Confirms integration with existing server configuration --- *Generated automatically by Twenty MCP IP Protection Test Suite* `; writeFileSync(mdPath, markdown); console.log('\n📊 IP Protection Test Reports Generated:'); console.log(` - JSON: ${jsonPath}`); console.log(` - Markdown: ${mdPath}`); // Print summary console.log('\n📈 Test Summary:'); console.log(` Total: ${results.stats.total}`); console.log(` Passed: ${results.stats.passed}`); console.log(` Failed: ${results.stats.failed}`); console.log(` Duration: ${results.stats.duration}ms`); if (results.stats.failed === 0) { console.log('\n✅ All IP protection tests passed!'); } else { console.log('\n❌ Some IP protection tests failed!'); process.exit(1); } } // Run tests executeTests().catch(error => { console.error('\n❌ Fatal error:', error.message); process.exit(1); });

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/jezweb/twenty-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

ip-protection-tests.js•12.7 KiB