Homelab MCP Server

test_http_transport.py•10.9 KiB

"""Tests for the HTTP transport module.""" from unittest.mock import patch import pytest from starlette.testclient import TestClient from src.homelab_mcp.auth import generate_api_key, validate_api_key_strength from src.homelab_mcp.http_transport import MCPHTTPTransport, create_mcp_http_app from src.homelab_mcp.server import HomelabMCPServer @pytest.fixture def server(): """Create a HomelabMCPServer instance for testing.""" return HomelabMCPServer() @pytest.fixture def api_key(): """Generate a test API key.""" return generate_api_key() @pytest.fixture def app_with_auth(server, api_key): """Create an HTTP app with authentication enabled.""" return create_mcp_http_app(server=server, auth_enabled=True, api_key=api_key) @pytest.fixture def app_without_auth(server): """Create an HTTP app without authentication.""" return create_mcp_http_app(server=server, auth_enabled=False) @pytest.fixture def client_with_auth(app_with_auth): """Create a test client with authentication enabled.""" return TestClient(app_with_auth) @pytest.fixture def client_without_auth(app_without_auth): """Create a test client without authentication.""" return TestClient(app_without_auth) class TestHealthEndpoint: """Tests for the /health endpoint.""" def test_health_check_returns_ok(self, client_without_auth): """Test that health endpoint returns 200 OK.""" response = client_without_auth.get("/health") assert response.status_code == 200 data = response.json() assert "status" in data assert "transport" in data assert data["transport"] == "http" def test_health_check_no_auth_required(self, client_with_auth, api_key): """Test that health endpoint does not require authentication.""" # Request without auth header should still work for /health response = client_with_auth.get("/health") assert response.status_code == 200 class TestRootEndpoint: """Tests for the root / endpoint.""" def test_root_returns_server_info(self, client_without_auth): """Test that root endpoint returns server information.""" response = client_without_auth.get("/") assert response.status_code == 200 data = response.json() assert data["name"] == "homelab-mcp" assert data["protocol"] == "MCP" assert data["transport"] == "streamable-http" assert "endpoints" in data class TestMCPPostEndpoint: """Tests for the POST /mcp endpoint.""" def test_tools_list_without_auth(self, client_without_auth): """Test tools/list request without authentication.""" response = client_without_auth.post( "/mcp", json={"jsonrpc": "2.0", "id": 1, "method": "tools/list"}, ) assert response.status_code == 200 data = response.json() assert data["jsonrpc"] == "2.0" assert data["id"] == 1 assert "result" in data assert "tools" in data["result"] def test_tools_list_with_auth(self, client_with_auth, api_key): """Test tools/list request with authentication.""" response = client_with_auth.post( "/mcp", json={"jsonrpc": "2.0", "id": 1, "method": "tools/list"}, headers={"Authorization": f"Bearer {api_key}"}, ) assert response.status_code == 200 data = response.json() assert "result" in data assert "tools" in data["result"] @pytest.mark.xfail(reason="APIKeyAuth middleware not being invoked by TestClient - needs investigation") def test_missing_auth_returns_401(self, client_with_auth): """Test that missing auth returns 401.""" response = client_with_auth.post( "/mcp", json={"jsonrpc": "2.0", "id": 1, "method": "tools/list"}, ) assert response.status_code == 401 @pytest.mark.xfail(reason="APIKeyAuth middleware not being invoked by TestClient - needs investigation") def test_invalid_auth_returns_401(self, client_with_auth): """Test that invalid auth returns 401.""" response = client_with_auth.post( "/mcp", json={"jsonrpc": "2.0", "id": 1, "method": "tools/list"}, headers={"Authorization": "Bearer invalid-key"}, ) assert response.status_code == 401 def test_invalid_json_returns_400(self, client_without_auth): """Test that invalid JSON returns 400.""" response = client_without_auth.post( "/mcp", content="not valid json", headers={"Content-Type": "application/json"}, ) assert response.status_code == 400 data = response.json() assert data["error"]["code"] == -32700 def test_invalid_jsonrpc_version(self, client_without_auth): """Test that invalid JSON-RPC version returns error.""" response = client_without_auth.post( "/mcp", json={"jsonrpc": "1.0", "id": 1, "method": "tools/list"}, ) assert response.status_code == 200 data = response.json() assert "error" in data assert data["error"]["code"] == -32600 def test_unknown_method(self, client_without_auth): """Test handling of unknown method.""" response = client_without_auth.post( "/mcp", json={"jsonrpc": "2.0", "id": 1, "method": "unknown/method"}, ) assert response.status_code == 200 data = response.json() assert "error" in data def test_unknown_tool(self, client_without_auth): """Test handling of unknown tool.""" response = client_without_auth.post( "/mcp", json={ "jsonrpc": "2.0", "id": 1, "method": "tools/call", "params": {"name": "nonexistent_tool"}, }, ) assert response.status_code == 200 data = response.json() assert "error" in data assert "Unknown tool" in data["error"]["message"] def test_notification_returns_204(self, client_without_auth): """Test that notifications return 204 No Content.""" response = client_without_auth.post( "/mcp", json={"jsonrpc": "2.0", "method": "notifications/initialized"}, ) assert response.status_code == 204 def test_batch_request(self, client_without_auth): """Test handling of batch requests.""" response = client_without_auth.post( "/mcp", json=[ {"jsonrpc": "2.0", "id": 1, "method": "tools/list"}, {"jsonrpc": "2.0", "id": 2, "method": "health/status"}, ], ) assert response.status_code == 200 data = response.json() assert isinstance(data, list) assert len(data) == 2 class TestAPIKeyAuth: """Tests for API key authentication.""" def test_generate_api_key_length(self): """Test that generated API keys have sufficient length.""" key = generate_api_key() assert len(key) >= 32 def test_validate_api_key_strength_short(self): """Test validation rejects short keys.""" is_valid, message = validate_api_key_strength("short") assert not is_valid assert "16 characters" in message def test_validate_api_key_strength_alpha_only(self): """Test validation rejects alpha-only keys.""" is_valid, message = validate_api_key_strength("abcdefghijklmnopqrstuvwxyz") assert not is_valid assert "mix of characters" in message def test_validate_api_key_strength_valid(self): """Test validation accepts valid keys.""" key = generate_api_key() is_valid, message = validate_api_key_strength(key) assert is_valid class TestMCPHTTPTransport: """Tests for MCPHTTPTransport class.""" @pytest.mark.asyncio async def test_send_notification(self, server): """Test sending notifications to connected clients.""" transport = MCPHTTPTransport(server=server, auth_enabled=False) # Simulate a connected client import asyncio queue: asyncio.Queue = asyncio.Queue() transport._notification_queues.append(queue) notification = {"type": "test", "data": "test_data"} await transport.send_notification(notification) # Check notification was queued received = await asyncio.wait_for(queue.get(), timeout=1.0) assert received == notification def test_create_app_returns_starlette(self, server): """Test that create_app returns a valid Starlette app.""" transport = MCPHTTPTransport(server=server, auth_enabled=False) app = transport.create_app() # Verify it's wrapped correctly (ASGI callable) assert callable(app) @pytest.mark.asyncio @patch("src.homelab_mcp.server.ensure_mcp_ssh_key") async def test_initialize_via_http(mock_ensure_key, client_without_auth): """Test server initialization via HTTP.""" mock_ensure_key.return_value = "/test/path" response = client_without_auth.post( "/mcp", json={"jsonrpc": "2.0", "id": 1, "method": "initialize"}, ) assert response.status_code == 200 data = response.json() assert data["jsonrpc"] == "2.0" assert data["id"] == 1 assert "result" in data assert data["result"]["protocolVersion"] == "2024-11-05" class TestHTTPConfig: """Tests for HTTP configuration.""" def test_http_config_defaults(self): """Test HTTP config default values.""" from src.homelab_mcp.config import HTTPConfig config = HTTPConfig() assert config.enabled is False assert config.host == "0.0.0.0" assert config.port == 8080 assert config.auth_enabled is True def test_http_config_validation_no_api_key(self): """Test HTTP config validation when auth enabled but no key.""" from src.homelab_mcp.config import HTTPConfig with patch.dict("os.environ", {"MCP_HTTP_ENABLED": "true", "MCP_AUTH_ENABLED": "true"}): config = HTTPConfig() config.enabled = True config.auth_enabled = True config.api_key = None errors = config.validate() assert any("MCP_API_KEY" in error for error in errors) def test_http_config_validation_short_api_key(self): """Test HTTP config validation for short API key.""" from src.homelab_mcp.config import HTTPConfig config = HTTPConfig() config.api_key = "short" errors = config.validate() assert any("16 characters" in error for error in errors) def test_http_config_validation_invalid_port(self): """Test HTTP config validation for invalid port.""" from src.homelab_mcp.config import HTTPConfig config = HTTPConfig() config.port = 99999 errors = config.validate() assert any("port" in error.lower() for error in errors)

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/washyu/mcp_python_server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

test_http_transport.py•10.9 KiB