MockLoop/mockloop-mcp
GitHub: MockLoop/mockloop-mcp
基于MCP协议的AI原生API测试平台,解决自动化测试与合规审计难题。
Stars: 15 | Forks: 6
# MockLoop MCP - AI 原生测试平台
[](https://pypi.org/project/mockloop-mcp/)
[](https://pypi.org/project/mockloop-mcp/)
[](https://pypi.org/project/mockloop-mcp/)
[](https://github.com/mockloop/mockloop-mcp/blob/main/LICENSE)
[](https://github.com/mockloop/mockloop-mcp/actions)
[](https://docs.mockloop.com)
[](https://docs.mockloop.com/ai-integration/overview/)
[](https://modelcontextprotocol.io/)
**The world's first AI-native API testing platform** powered by the Model Context Protocol (MCP). MockLoop MCP revolutionizes API testing with comprehensive AI-driven scenario generation, automated test execution, and intelligent analysis capabilities.
**🚀 Revolutionary Capabilities:** 5 AI Prompts • 15 Scenario Resources • 16 Testing Tools • 10 Context Tools • 4 Core Tools • Complete MCP Integration
**📚 Documentation:** https://docs.mockloop.com
**📦 PyPI Package:** https://pypi.org/project/mockloop-mcp/
**🐙 GitHub Repository:** https://github.com/mockloop/mockloop-mcp
## 🌟 什么让 MockLoop MCP 具有革命性?
MockLoop MCP represents a paradigm shift in API testing, introducing the world's first **AI-native testing architecture** that combines:
- **🤖 AI-Driven Test Generation**: 5 specialized MCP prompts for intelligent scenario creation
- **📦 Community Scenario Packs**: 15 curated testing resources with community architecture
- **⚡ Automated Test Execution**: 30 comprehensive MCP tools for complete testing workflows (16 testing + 10 context + 4 core)
- **🔄 Stateful Testing**: Advanced context management with GlobalContext and AgentContext
- **📊 Enterprise Compliance**: Complete audit logging and regulatory compliance tracking
- **🏗️ Dual-Port Architecture**: Eliminates /admin path conflicts with separate mocked API and admin ports
## 🎯 核心 AI 原生架构
### MCP 审计日志
**Enterprise-grade compliance and regulatory tracking**
- Complete request/response audit trails
- Regulatory compliance monitoring
- Performance metrics and analytics
- Security event logging
### MCP 提示词(5 种 AI 驱动能力)
**Intelligent scenario generation powered by AI**
- [`analyze_openapi_for_testing`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_prompts.py#L301) - Comprehensive API analysis for testing strategies
- [`generate_scenario_config`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_prompts.py#L426) - Dynamic test scenario configuration
- [`optimize_scenario_for_load`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_prompts.py#L521) - Load testing optimization
- [`generate_error_scenarios`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_prompts.py#L633) - Error condition simulation
- [`generate_security_test_scenarios`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_prompts.py#L732) - Security vulnerability testing
### MCP 资源(15 个场景包)
**Community-driven testing scenarios with advanced architecture**
- **Load Testing Scenarios**: High-volume traffic simulation
- **Error Simulation Packs**: Comprehensive error condition testing
- **Security Testing Suites**: Vulnerability assessment scenarios
- **Performance Benchmarks**: Standardized performance testing
- **Integration Test Packs**: Cross-service testing scenarios
- **Community Architecture**: Collaborative scenario sharing and validation
### MCP 工具(16 个自动化测试工具)
**Complete automated test execution capabilities**
#### 场景管理(4 个工具)
- [`validate_scenario_config`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L174) - Scenario validation and verification
- [`deploy_scenario`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L267) - Automated scenario deployment
- [`switch_scenario`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L385) - Dynamic scenario switching
- [`list_active_scenarios`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L476) - Active scenario monitoring
#### 测试执行(4 个工具)
- [`execute_test_plan`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L577) - Comprehensive test plan execution
- [`run_test_iteration`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L816) - Individual test iteration management
- [`run_load_test`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L945) - Load testing execution
- [`run_security_test`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2019) - Security testing automation
#### 分析与报告(4 个工具)
- [`analyze_test_results`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2142) - Intelligent test result analysis
- [`generate_test_report`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2225) - Comprehensive reporting
- [`compare_test_runs`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2310) - Test run comparison and trends
- [`get_performance_metrics`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2418) - Performance metrics collection
#### 工作流管理(4 个工具)
- [`create_test_session`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2524) - Test session initialization
- [`end_test_session`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2579) - Session cleanup and finalization
- [`schedule_test_suite`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2646) - Automated test scheduling
- [`monitor_test_progress`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_tools.py#L2702) - Real-time progress monitoring
### MCP 上下文管理(10 个有状态工作流工具)
**Advanced state management for complex testing workflows**
#### 上下文创建与管理
- [`create_test_session_context`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1431) - Test session state management
- [`create_workflow_context`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1447) - Complex workflow orchestration
- [`create_agent_context`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1463) - AI agent state management
#### 数据管理
- [`get_context_data`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1477) - Context data retrieval
- [`update_context_data`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1486) - Dynamic context updates
- [`list_contexts_by_type`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1508) - Context discovery and listing
#### 快照与恢复
- [`create_context_snapshot`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1494) - State snapshot creation
- [`restore_context_snapshot`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1502) - State rollback capabilities
#### 全局上下文
- [`get_global_context_data`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1516) - Cross-session data sharing
- [`update_global_context_data`](https://github.com/MockLoop/mockloop-mcp/blob/main/src/mockloop_mcp/mcp_context.py#L1523) - Global state management
## 🚀 快速开始
Get started with the world's most advanced AI-native testing platform:
```
# 1. 安装 MockLoop MCP
pip install mockloop-mcp
# 2. 验证安装
mockloop-mcp --version
# 3. 使用 MCP 客户端配置(Cline、Claude Desktop 等)
# 请参见以下配置示例
```
## 📋 先决条件
- Python 3.10+
- Pip package manager
- Docker and Docker Compose (for containerized mock servers)
- An MCP-compatible client (Cline, Claude Desktop, etc.)
## 🔧 安装
### 选项 1:从 PyPI 安装(推荐)
```
# 安装最新稳定版本
pip install mockloop-mcp
# 或安装可选依赖项
pip install mockloop-mcp[dev] # Development tools
pip install mockloop-mcp[docs] # Documentation tools
pip install mockloop-mcp[all] # All optional dependencies
# 验证安装
mockloop-mcp --version
```
### 选项 2:开发环境安装
```
# 克隆仓库
git clone https://github.com/mockloop/mockloop-mcp.git
cd mockloop-mcp
# 创建并激活虚拟环境
python3 -m venv .venv
source .venv/bin/activate # On Windows: .venv\Scripts\activate
# 以开发模式安装
pip install -e ".[dev]"
```
## ⚙️ 配置
### MCP 客户端配置
#### Cline(VS Code 扩展)
Add to your Cline MCP settings file:
```
{
"mcpServers": {
"MockLoopLocal": {
"autoApprove": [],
"disabled": false,
"timeout": 60,
"command": "mockloop-mcp",
"args": [],
"transportType": "stdio"
}
}
}
```
#### Claude 桌面
Add to your Claude Desktop configuration:
```
{
"mcpServers": {
"mockloop": {
"command": "mockloop-mcp",
"args": []
}
}
}
```
#### 虚拟环境安装
For virtual environment installations, use the full Python path:
```
{
"mcpServers": {
"MockLoopLocal": {
"command": "/path/to/your/venv/bin/python",
"args": ["-m", "mockloop_mcp"],
"transportType": "stdio"
}
}
}
```
## 🛠️ 可用 MCP 工具
### 核心模拟生成
#### `generate_mock_api`
Generate sophisticated FastAPI mock servers with dual-port architecture.
**Parameters:**
- `spec_url_or_path` (string, required): API specification URL or local file path
- `output_dir_name` (string, optional): Output directory name
- `auth_enabled` (boolean, optional): Enable authentication middleware (default: true)
- `webhooks_enabled` (boolean, optional): Enable webhook support (default: true)
- `admin_ui_enabled` (boolean, optional): Enable admin UI (default: true)
- `storage_enabled` (boolean, optional): Enable storage functionality (default: true)
**Revolutionary Dual-Port Architecture:**
- **Mocked API Port**: Serves your API endpoints (default: 8000)
- **Admin UI Port**: Separate admin interface (default: 8001)
- **Conflict Resolution**: Eliminates /admin path conflicts in OpenAPI specs
- **Enhanced Security**: Port-based access control and isolation
### 高级分析
#### `query_mock_logs`
Query and analyze request logs with AI-powered insights.
**Parameters:**
- `server_url` (string, required): Mock server URL
- `limit` (integer, optional): Maximum logs to return (default: 100)
- `offset` (integer, optional): Pagination offset (default: 0)
- `method` (string, optional): Filter by HTTP method
- `path_pattern` (string, optional): Regex pattern for path filtering
- `time_from` (string, optional): Start time filter (ISO format)
- `time_to` (string, optional): End time filter (ISO format)
- `include_admin` (boolean, optional): Include admin requests (default: false)
- `analyze` (boolean, optional): Perform AI analysis (default: true)
**AI-Powered Analysis:**
- Performance metrics (P95/P99 response times)
- Error rate analysis and categorization
- Traffic pattern detection
- Automated debugging recommendations
- Session correlation and tracking
#### `discover_mock_servers`
Intelligent server discovery with dual-port architecture support.
**Parameters:**
- `ports` (array, optional): Ports to scan (default: common ports)
- `check_health` (boolean, optional): Perform health checks (default: true)
- `include_generated` (boolean, optional): Include generated mocks (default: true)
**Advanced Discovery:**
- Automatic architecture detection (single-port vs dual-port)
- Health status monitoring
- Server correlation and matching
- Port usage analysis
#### `manage_mock_data`
Dynamic response management without server restart.
**Parameters:**
- `server_url` (string, required): Mock server URL
- `operation` (string, required): Operation type ("update_response", "create_scenario", "switch_scenario", "list_scenarios")
- `endpoint_path` (string, optional): API endpoint path
- `response_data` (object, optional): New response data
- `scenario_name` (string, optional): Scenario name
- `scenario_config` (object, optional): Scenario configuration
**Dynamic Capabilities:**
- Real-time response updates
- Scenario-based testing
- Runtime configuration management
- Zero-downtime modifications
## 🌐 MCP 代理功能
MockLoop MCP includes revolutionary proxy capabilities that enable seamless switching between mock and live API environments. This powerful feature transforms your testing workflow by providing:
### 核心代理能力
- **🔄 Seamless Mode Switching**: Transition between mock, proxy, and hybrid modes without code changes
- **🎯 Intelligent Routing**: Smart request routing based on configurable rules and conditions
- **🔐 Universal Authentication**: Support for API Key, Bearer Token, Basic Auth, and OAuth2
- **📊 Response Comparison**: Automated comparison between mock and live API responses
- **⚡ Zero-Downtime Switching**: Change modes dynamically without service interruption
### 操作模式
#### 模拟模式(`MOCK`)
- All requests handled by generated mock responses
- Predictable, consistent testing environment
- Ideal for early development and isolated testing
- No external dependencies or network calls
#### 代理模式(`PROXY`)
- All requests forwarded to live API endpoints
- Real-time data and authentic responses
- Full integration testing capabilities
- Network-dependent operation with live credentials
#### 混合模式(`HYBRID`)
- Intelligent routing between mock and proxy based on rules
- Conditional switching based on request patterns, headers, or parameters
- Gradual migration from mock to live environments
- A/B testing and selective endpoint proxying
### 快速开始示例
```
from mockloop_mcp.mcp_tools import create_mcp_plugin
# 创建启用代理的插件
plugin_result = await create_mcp_plugin(
spec_url_or_path="https://api.example.com/openapi.json",
mode="hybrid", # Start with hybrid mode
plugin_name="example_api",
target_url="https://api.example.com",
auth_config={
"auth_type": "bearer_token",
"credentials": {"token": "your-token"}
},
routing_rules=[
{
"pattern": "/api/critical/*",
"mode": "proxy", # Critical endpoints use live API
"priority": 10
},
{
"pattern": "/api/dev/*",
"mode": "mock", # Development endpoints use mocks
"priority": 5
}
]
)
```
### 高级功能
- **🔍 Response Validation**: Compare mock vs live responses for consistency
- **📈 Performance Monitoring**: Track response times and throughput across modes
- **🛡️ Error Handling**: Graceful fallback mechanisms and retry policies
- **🎛️ Dynamic Configuration**: Runtime mode switching and rule updates
- **📋 Audit Logging**: Complete request/response tracking across all modes
### 身份验证支持
The proxy system supports comprehensive authentication schemes:
- **API Key**: Header, query parameter, or cookie-based authentication
- **Bearer Token**: OAuth2 and JWT token support
- **Basic Auth**: Username/password combinations
- **OAuth2**: Full OAuth2 flow with token refresh
- **Custom**: Extensible authentication handlers for proprietary schemes
### 使用场景
- **Development Workflow**: Start with mocks, gradually introduce live APIs
- **Integration Testing**: Validate against real services while maintaining test isolation
- **Performance Testing**: Compare mock vs live API performance characteristics
- **Staging Validation**: Ensure mock responses match production API behavior
- **Hybrid Deployments**: Route critical operations to live APIs, others to mocks
**📚 Complete Guide**: For detailed configuration, examples, and best practices, see the [MCP Proxy Guide](docs/guides/mcp-proxy-guide.md).
## 🤖 AI 框架集成
MockLoop MCP provides native integration with popular AI frameworks:
### LangGraph 集成
```
from langgraph.graph import StateGraph, END
from mockloop_mcp import MockLoopClient
# 初始化 MockLoop 客户端
mockloop = MockLoopClient()
def setup_ai_testing(state):
"""AI-driven test setup"""
# Generate mock API with AI analysis
result = mockloop.generate_mock_api(
spec_url_or_path="https://api.example.com/openapi.json",
output_dir_name="ai_test_environment"
)
# Use AI prompts for scenario generation
scenarios = mockloop.analyze_openapi_for_testing(
api_spec=state["api_spec"],
analysis_depth="comprehensive",
include_security_tests=True
)
state["mock_server_url"] = "http://localhost:8000"
state["test_scenarios"] = scenarios
return state
def execute_ai_tests(state):
"""Execute AI-generated test scenarios"""
# Deploy AI-generated scenarios
for scenario in state["test_scenarios"]:
mockloop.deploy_scenario(
server_url=state["mock_server_url"],
scenario_config=scenario
)
# Execute load tests with AI optimization
results = mockloop.run_load_test(
server_url=state["mock_server_url"],
scenario_name=scenario["name"],
duration=300,
concurrent_users=100
)
# AI-powered result analysis
analysis = mockloop.analyze_test_results(
test_results=results,
include_recommendations=True
)
state["test_results"].append(analysis)
return state
# 构建 AI 原生测试工作流
workflow = StateGraph(dict)
workflow.add_node("setup_ai_testing", setup_ai_testing)
workflow.add_node("execute_ai_tests", execute_ai_tests)
workflow.set_entry_point("setup_ai_testing")
workflow.add_edge("setup_ai_testing", "execute_ai_tests")
workflow.add_edge("execute_ai_tests", END)
app = workflow.compile()
```
### CrewAI 多智能体测试
```
from crewai import Agent, Task, Crew
from mockloop_mcp import MockLoopClient
# 初始化 MockLoop 客户端
mockloop = MockLoopClient()
# AI 测试专家智能体
api_testing_agent = Agent(
role='AI API Testing Specialist',
goal='Generate and execute comprehensive AI-driven API tests',
backstory='Expert in AI-native testing with MockLoop MCP integration',
tools=[
mockloop.generate_mock_api,
mockloop.analyze_openapi_for_testing,
mockloop.generate_scenario_config
]
)
# 性能分析智能体
performance_agent = Agent(
role='AI Performance Analyst',
goal='Analyze API performance with AI-powered insights',
backstory='Specialist in AI-driven performance analysis and optimization',
tools=[
mockloop.run_load_test,
mockloop.get_performance_metrics,
mockloop.analyze_test_results
]
)
# 安全测试智能体
security_agent = Agent(
role='AI Security Testing Expert',
goal='Conduct AI-driven security testing and vulnerability assessment',
backstory='Expert in AI-powered security testing methodologies',
tools=[
mockloop.generate_security_test_scenarios,
mockloop.run_security_test,
mockloop.compare_test_runs
]
)
# 定义 AI 驱动任务
ai_setup_task = Task(
description='Generate AI-native mock API with comprehensive testing scenarios',
agent=api_testing_agent,
expected_output='Mock server with AI-generated test scenarios deployed'
)
performance_task = Task(
description='Execute AI-optimized performance testing and analysis',
agent=performance_agent,
expected_output='Comprehensive performance analysis with AI recommendations'
)
security_task = Task(
description='Conduct AI-driven security testing and vulnerability assessment',
agent=security_agent,
expected_output='Security test results with AI-powered threat analysis'
)
# 创建 AI 测试小队
ai_testing_crew = Crew(
agents=[api_testing_agent, performance_agent, security_agent],
tasks=[ai_setup_task, performance_task, security_task],
verbose=True
)
# 执行 AI 原生测试工作流
results = ai_testing_crew.kickoff()
```
### LangChain AI 测试工具
```
from langchain.agents import Tool, AgentExecutor, create_react_agent
from langchain.prompts import PromptTemplate
from langchain_openai import ChatOpenAI
from mockloop_mcp import MockLoopClient
# 初始化 MockLoop 客户端
mockloop = MockLoopClient()
# AI 原生测试工具
def ai_generate_mock_api(spec_path: str) -> str:
"""Generate AI-enhanced mock API with intelligent scenarios"""
# Generate mock API
result = mockloop.generate_mock_api(spec_url_or_path=spec_path)
# Use AI to analyze and enhance
analysis = mockloop.analyze_openapi_for_testing(
api_spec=spec_path,
analysis_depth="comprehensive",
include_security_tests=True
)
return f"AI-enhanced mock API generated: {result}\nAI Analysis: {analysis['summary']}"
def ai_execute_testing_workflow(server_url: str) -> str:
"""Execute comprehensive AI-driven testing workflow"""
# Create test session context
session = mockloop.create_test_session_context(
session_name="ai_testing_session",
configuration={"ai_enhanced": True}
)
# Generate and deploy AI scenarios
scenarios = mockloop.generate_scenario_config(
api_spec=server_url,
scenario_types=["load", "error", "security"],
ai_optimization=True
)
results = []
for scenario in scenarios:
# Deploy scenario
mockloop.deploy_scenario(
server_url=server_url,
scenario_config=scenario
)
# Execute tests with AI monitoring
test_result = mockloop.execute_test_plan(
server_url=server_url,
test_plan=scenario["test_plan"],
ai_monitoring=True
)
results.append(test_result)
# AI-powered analysis
analysis = mockloop.analyze_test_results(
test_results=results,
include_recommendations=True,
ai_insights=True
)
return f"AI testing workflow completed: {analysis['summary']}"
# 创建 LangChain 工具
ai_testing_tools = [
Tool(
name="AIGenerateMockAPI",
func=ai_generate_mock_api,
description="Generate AI-enhanced mock API with intelligent testing scenarios"
),
Tool(
name="AIExecuteTestingWorkflow",
func=ai_execute_testing_workflow,
description="Execute comprehensive AI-driven testing workflow with intelligent analysis"
)
]
# 创建 AI 测试智能体
llm = ChatOpenAI(temperature=0)
ai_testing_prompt = PromptTemplate.from_template("""
You are an AI-native testing assistant powered by MockLoop MCP.
You have access to revolutionary AI-driven testing capabilities including:
- AI-powered scenario generation
- Intelligent test execution
- Advanced performance analysis
- Security vulnerability assessment
- Stateful workflow management
Tools available: {tools}
Tool names: {tool_names}
Question: {input}
{agent_scratchpad}
""")
agent = create_react_agent(llm, ai_testing_tools, ai_testing_prompt)
agent_executor = AgentExecutor(agent=agent, tools=ai_testing_tools, verbose=True)
# 执行 AI 原生测试
response = agent_executor.invoke({
"input": "Generate a comprehensive AI-driven testing environment for a REST API and execute full testing workflow"
})
```
## 🏗️ 双端口架构
MockLoop MCP introduces a revolutionary **dual-port architecture** that eliminates common conflicts and enhances security:
### 架构优势
- **🔒 Enhanced Security**: Complete separation of mocked API and admin functionality
- **⚡ Zero Conflicts**: Eliminates /admin path conflicts in OpenAPI specifications
- **📊 Clean Analytics**: Admin calls don't appear in mocked API metrics
- **🔄 Independent Scaling**: Scale mocked API and admin services separately
- **🛡️ Port-Based Access Control**: Enhanced security through network isolation
### 端口配置
```
# 使用双端口架构生成模拟
result = mockloop.generate_mock_api(
spec_url_or_path="https://api.example.com/openapi.json",
business_port=8000, # Mocked API port
admin_port=8001, # Admin UI port
admin_ui_enabled=True
)
```
### 访问点
- **Mocked API**: `http://localhost:8000` - Your API endpoints
- **Admin UI**: `http://localhost:8001` - Management interface
- **API Documentation**: `http://localhost:8000/docs` - Interactive Swagger UI
- **Health Check**: `http://localhost:8000/health` - Server status
## 📊 企业功能
### 合规与审计日志
MockLoop MCP provides enterprise-grade compliance features:
- **Complete Audit Trails**: Every request/response logged with metadata
- **Regulatory Compliance**: GDPR, SOX, HIPAA compliance support
- **Performance Metrics**: P95/P99 response times, error rates
- **Security Monitoring**: Threat detection and analysis
- **Session Tracking**: Cross-request correlation and analysis
### 高级分析
- **AI-Powered Insights**: Intelligent analysis and recommendations
- **Traffic Pattern Detection**: Automated anomaly detection
- **Performance Optimization**: AI-driven performance recommendations
- **Error Analysis**: Intelligent error categorization and resolution
- **Trend Analysis**: Historical performance and usage trends
## 🔄 有状态测试工作流
MockLoop MCP supports complex, stateful testing workflows through advanced context management:
### 上下文类型
- **Test Session Context**: Maintain state across test executions
- **Workflow Context**: Complex multi-step testing orchestration
- **Agent Context**: AI agent state management and coordination
- **Global Context**: Cross-session data sharing and persistence
### 示例:有状态电商测试
```
# 创建测试会话上下文
session = mockloop.create_test_session_context(
session_name="ecommerce_integration_test",
configuration={
"test_type": "integration",
"environment": "staging",
"ai_enhanced": True
}
)
# 为多步骤测试创建工作流上下文
workflow = mockloop.create_workflow_context(
workflow_name="user_journey_test",
parent_context=session["context_id"],
steps=[
"user_registration",
"product_browsing",
"cart_management",
"checkout_process",
"order_fulfillment"
]
)
# 执行有状态测试工作流
for step in workflow["steps"]:
# Update context with step data
mockloop.update_context_data(
context_id=workflow["context_id"],
data={"current_step": step, "timestamp": datetime.now()}
)
# Execute step-specific tests
test_result = mockloop.execute_test_plan(
server_url="http://localhost:8000",
test_plan=f"{step}_test_plan",
context_id=workflow["context_id"]
)
# Create snapshot for rollback capability
snapshot = mockloop.create_context_snapshot(
context_id=workflow["context_id"],
snapshot_name=f"{step}_completion"
)
# 分析完整工作流结果
final_analysis = mockloop.analyze_test_results(
test_results=workflow["results"],
context_id=workflow["context_id"],
include_recommendations=True
)
```
## 🚀 运行生成的模拟服务器
### 使用 Docker Compose(推荐)
```
# 导航到生成的模拟目录
cd generated_mocks/your_api_mock
# 使用双端口架构启动
docker-compose up --build
# 访问点:
# 模拟 API:http://localhost:8000
# 管理 UI:http://localhost:8001
```
### 直接使用 Uvicorn
```
# 安装依赖项
pip install -r requirements_mock.txt
# 启动模拟服务器
uvicorn main:app --reload --port 8000
```
### 增强功能访问
- **Admin UI**: `http://localhost:8001` - Enhanced management interface
- **API Documentation**: `http://localhost:8000/docs` - Interactive Swagger UI
- **Health Check**: `http://localhost:8000/health` - Server status and metrics
- **Log Analytics**: `http://localhost:8001/api/logs/search` - Advanced log querying
- **Performance Metrics**: `http://localhost:8001/api/logs/analyze` - AI-powered insights
- **Scenario Management**: `http://localhost:8001/api/mock-data/scenarios` - Dynamic testing
## 📈 性能与可扩展性
MockLoop MCP is designed for enterprise-scale performance:
### 性能指标
- **Response Times**: P50, P95, P99 percentile tracking
- **Throughput**: Requests per second monitoring
- **Error Rates**: Comprehensive error analysis
- **Resource Usage**: Memory, CPU, and network monitoring
- **Concurrency**: Multi-user load testing support
### 可扩展性功能
- **Horizontal Scaling**: Multi-instance deployment support
- ** Balancing**: Built-in load balancing capabilities
- **Caching**: Intelligent response caching
- **Database Optimization**: Efficient SQLite and PostgreSQL support
- **Container Orchestration**: Kubernetes and Docker Swarm ready
## 🔒 安全功能
### 内置安全
- **Authentication Middleware**: Configurable auth mechanisms
- **Rate Limiting**: Prevent abuse and DoS attacks
- **Input Validation**: Comprehensive request validation
- **Security Headers**: CORS, CSP, and security headers
- **Audit Logging**: Complete security event logging
### 安全测试
- **Vulnerability Assessment**: AI-powered security testing
- **Penetration Testing**: Automated security scenario generation
- **Compliance Checking**: Security standard compliance verification
- **Threat Modeling**: AI-driven threat analysis
- **Security Reporting**: Comprehensive security analytics
## 🔐 SchemaPin 集成 - 加密模式验证
MockLoop MCP now includes **SchemaPin integration** - the industry's first cryptographic schema verification system for MCP tools, preventing "MCP Rug Pull" attacks through ECDSA signature verification and Trust-On-First-Use (TOFU) key pinning.
### 革命性安全增强
SchemaPin integration transforms MockLoop MCP into the most secure MCP testing platform by providing:
- **🔐 Cryptographic Verification**: ECDSA P-256 signatures ensure schema integrity
- **🔑 TOFU Key Pinning**: Automatic key discovery and pinning for trusted domains
- **📋 Policy Enforcement**: Configurable security policies (enforce/warn/log modes)
- **📊 Comprehensive Auditing**: Complete verification logs for compliance
- **🔄 Graceful Fallback**: Works with or without SchemaPin library
- **🏗️ Hybrid Architecture**: Seamless integration with existing MockLoop systems
### 快速开始配置
```
from mockloop_mcp.schemapin import SchemaPinConfig, SchemaVerificationInterceptor
# 基础配置
config = SchemaPinConfig(
enabled=True,
policy_mode="warn", # enforce, warn, or log
auto_pin_keys=False,
trusted_domains=["api.example.com"],
interactive_mode=False
)
# 初始化验证
interceptor = SchemaVerificationInterceptor(config)
# 验证工具模式
result = await interceptor.verify_tool_schema(
tool_name="database_query",
schema=tool_schema,
signature="base64_encoded_signature",
domain="api.example.com"
)
if result.valid:
print("✓ Schema verification successful")
else:
print(f"✗ Verification failed: {result.error}")
```
### 生产配置
```
# 生产就绪配置
config = SchemaPinConfig(
enabled=True,
policy_mode="enforce", # Block execution on verification failure
auto_pin_keys=True, # Auto-pin keys for trusted domains
key_pin_storage_path="/secure/path/keys.db",
discovery_timeout=60,
cache_ttl=7200,
trusted_domains=[
"api.corp.com",
"tools.internal.com"
],
well_known_endpoints={
"api.corp.com": "https://api.corp.com/.well-known/schemapin.json"
},
revocation_check=True,
interactive_mode=False
)
```
### 安全收益
#### MCP 防拔保护
SchemaPin prevents malicious actors from modifying tool schemas without detection:
- **Cryptographic Signatures**: Every tool schema is cryptographically signed
- **Key Pinning**: TOFU model prevents man-in-the-middle attacks
- **Audit Trails**: Complete verification logs for security analysis
- **Policy Enforcement**: Configurable responses to verification failures
#### 合规与治理
- **Regulatory Compliance**: Audit logs support GDPR, SOX, HIPAA requirements
- **Enterprise Security**: Integration with existing security frameworks
- **Risk Management**: Configurable security policies for different environments
- **Threat Detection**: Automated detection of schema tampering attempts
### 集成示例
#### 基础工具验证
```
# 验证单个工具
from mockloop_mcp.schemapin import SchemaVerificationInterceptor
interceptor = SchemaVerificationInterceptor(config)
result = await interceptor.verify_tool_schema(
"api_call", tool_schema, signature, "api.example.com"
)
```
#### 批量验证
```
# 高效验证多个工具
from mockloop_mcp.schemapin import SchemaPinWorkflowManager
workflow = SchemaPinWorkflowManager(config)
results = await workflow.verify_tool_batch([
{"name": "tool1", "schema": schema1, "signature": sig1, "domain": "api.com"},
{"name": "tool2", "schema": schema2, "signature": sig2, "domain": "api.com"}
])
```
#### MCP 代理集成
```
# 与 MCP 代理集成以实现无缝安全
class SecureMCPProxy:
def __init__(self, config):
self.interceptor = SchemaVerificationInterceptor(config)
async def proxy_tool_request(self, tool_name, schema, signature, domain, data):
# Verify schema before execution
result = await self.interceptor.verify_tool_schema(
tool_name, schema, signature, domain
)
if not result.valid:
return {"error": "Schema verification failed"}
# Execute tool with verified schema
return await self.execute_tool(tool_name, data)
```
### 策略模式
#### 强制模式
```
config = SchemaPinConfig(policy_mode="enforce")
# 在验证失败时阻止执行
# 推荐用于生产关键工具
```
#### 警告模式
```
config = SchemaPinConfig(policy_mode="warn")
# 记录警告但允许执行
# 推荐用于逐步推出
```
#### 日志模式
```
config = SchemaPinConfig(policy_mode="log")
# 记录事件而不阻止
# 推荐用于监控和测试
```
### 密钥管理
#### 首次使用信任(TOFU)
```
# 自动密钥发现与固定
key_manager = KeyPinningManager("keys.db")
# 固定可信工具的密钥
success = key_manager.pin_key(
tool_id="api.example.com/database_query",
domain="api.example.com",
public_key_pem=discovered_key,
metadata={"developer": "Example Corp"}
)
# 检查密钥是否已固定
if key_manager.is_key_pinned("api.example.com/database_query"):
print("Key is pinned and trusted")
```
#### 密钥发现
SchemaPin automatically discovers public keys via `.well-known` endpoints:
```
https://api.example.com/.well-known/schemapin.json
```
Expected format:
```
{
"public_key": "-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----",
"algorithm": "ES256",
"created_at": "2023-01-01T00:00:00Z"
}
```
### 审计与合规
#### 全面日志记录
```
from mockloop_mcp.schemapin import SchemaPinAuditLogger
audit_logger = SchemaPinAuditLogger("audit.db")
# 验证事件自动记录
stats = audit_logger.get_verification_stats()
print(f"Total verifications: {stats['total_verifications']}")
print(f"Success rate: {stats['successful_verifications'] / stats['total_verifications'] * 100:.1f}%")
```
#### 合规报告
```
# 生成合规报告
from mockloop_mcp.mcp_compliance import MCPComplianceReporter
reporter = MCPComplianceReporter("audit.db")
report = reporter.generate_schemapin_compliance_report()
print(f"Compliance score: {report['compliance_score']:.1f}%")
print(f"Verification coverage: {report['verification_statistics']['unique_tools']} tools")
```
### 文档与示例
- **📚 Complete Integration Guide**: [`docs/guides/schemapin-integration.md`](docs/guides/schemapin-integration.md)
- **🔧 Basic Usage Example**: [`examples/schemapin/basic_usage.py`](examples/schemapin/basic_usage.py)
- **⚡ Advanced Patterns**: [`examples/schemapin/advanced_usage.py`](examples/schemapin/advanced_usage.py)
- **🏗️ Architecture Documentation**: [`SchemaPin_MockLoop_Integration_Architecture.md`](SchemaPin_MockLoop_Integration_Architecture.md)
- **🧪 Test Coverage**: 56 comprehensive tests (42 unit + 14 integration)
### 现有用户迁移
SchemaPin integration is **completely backward compatible**:
1. **Opt-in Configuration**: SchemaPin is disabled by default
2. **No Breaking Changes**: Existing tools continue to work unchanged
3. **Gradual Rollout**: Start with `log` mode, progress to `warn`, then `enforce`
4. **Zero Downtime**: Enable verification without service interruption
```
# 迁移示例:逐步推出
# 阶段 1:监控(日志模式)
config = SchemaPinConfig(enabled=True, policy_mode="log")
# 阶段 2:警告(警告模式)
config = SchemaPinConfig(enabled=True, policy_mode="warn")
# 阶段 3:强制执行(强制模式)
config = SchemaPinConfig(enabled=True, policy_mode="enforce")
```
### 性能影响
SchemaPin is designed for minimal performance impact:
- **Verification Time**: ~5-15ms per tool (cached results)
- **Memory Usage**: <10MB additional memory
- **Network Overhead**: Key discovery only on first use
- **Database Size**: ~1KB per pinned key
### 使用场景
#### 开发团队
- **Secure Development**: Verify tool schemas during development
- **Code Review**: Ensure schema integrity in pull requests
- **Testing**: Validate tool behavior with verified schemas
#### 企业安全
- **Threat Prevention**: Block malicious schema modifications
- **Compliance**: Meet regulatory requirements with audit trails
- **Risk Management**: Configurable security policies
- **Incident Response**: Detailed logs for security analysis
#### DevOps 与 CI/CD
- **Pipeline Security**: Verify schemas in deployment pipelines
- **Environment Promotion**: Ensure schema consistency across environments
- **Monitoring**: Continuous verification monitoring
- **Automation**: Automated security policy enforcement
## ️ 未来开发
### 即将推出的功能 🚧
#### 增强 AI 能力
- **Advanced ML Models**: Custom model training for API testing
- **Predictive Analytics**: AI-powered failure prediction
- **Intelligent Test Generation**: Self-improving test scenarios
- **Natural Language Testing**: Plain English test descriptions
#### 扩展协议支持
- **GraphQL Support**: Native GraphQL API testing
- **gRPC Integration**: Protocol buffer testing support
- **WebSocket Testing**: Real-time communication testing
- **Event-Driven Testing**: Async and event-based API testing
#### 企业集成
- **CI/CD Integration**: Native pipeline integration
- **Monitoring Platforms**: Datadog, New Relic, Prometheus integration
- **Identity Providers**: SSO and enterprise auth integration
- **Compliance Frameworks**: Extended regulatory compliance support
## 🤝 贡献
We welcome contributions to MockLoop MCP! Please see our [Contributing Guidelines](docs/contributing/guidelines.md) for details.
### 开发环境设置
```
# 分叉并克隆仓库
git clone https://github.com/your-username/mockloop-mcp.git
cd mockloop-mcp
# 创建开发环境
python3 -m venv .venv
source .venv/bin/activate
# 安装开发依赖项
pip install -e ".[dev]"
# 运行测试
pytest tests/
# 运行质量检查
ruff check src/
bandit -r src/
```
### 社区
- **GitHub Repository**: [mockloop/mockloop-mcp](https://github.com/mockloop/mockloop-mcp)
- **Issues & Bug Reports**: [GitHub Issues](https://github.com/mockloop/mockloop-mcp/issues)
- **Feature Requests**: [GitHub Issues](https://github.com/mockloop/mockloop-mcp/issues)
- **Documentation**: [docs.mockloop.com](https://docs.mockloop.com)
## 📄 许可证
MockLoop MCP is licensed under the [MIT License](LICENSE).
## 🎉 今天开始使用!
Ready to revolutionize your API testing with the world's first AI-native testing platform?
```
pip install mockloop-mcp
```
**Join the AI-native testing revolution** and experience the future of API testing with MockLoop MCP!
**🚀 [Get Started Now](https://docs.mockloop.com/getting-started/installation/) →**
标签:AI原生, AI开发工作流, AI辅助开发, API开发, API测试, MCP, Mock服务, OpenAPI, PyPI, Python, 威胁情报, 子域名突变, 开发者工具, 开源框架, 性能分析, 持续集成, 无后门, 智能分析, 服务发现, 服务器监控, 模型上下文协议, 测试洞察, 生成式AI, 索引, 请求拦截, 逆向工具