soroushdes/Teamup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3d0e9873499f04eb3b5ec2a04b2daec44da235e0
Teamup/src/Modules/TeamUp.Modules.Integrations/Mcp/McpGateway.cs
T
soroush.asadi c5e0e5cfe3 MCP compatibility for AI agents: server registry, JSON-RPC client, gateway, run-time tool catalog 
Agents can now use Model Context Protocol servers. End to end:
- SharedKernel seam IMcpGateway (ListToolsAsync / CallToolAsync) + McpToolDescriptor / McpToolResult,
  so the Assembler discovers and can invoke MCP tools without referencing Integrations' tables.
- Integrations: McpServerConfig (org-scoped, owner-only; auth headers AES-GCM encrypted, never
  returned — only their names) + AddMcpServers migration. McpClient: a dependency-free Streamable-HTTP
  JSON-RPC 2.0 client (initialize → notifications/initialized → tools/list / tools/call), carrying the
  Mcp-Session-Id and parsing both application/json and text/event-stream replies. McpGateway resolves
  an org's servers, decrypts headers server-side, and is best-effort: an unreachable server is logged
  and skipped, never failing the run. CRUD + connectivity-test endpoints (create/test/delete owner-only
  via ManageApiKeys; list via ConfigureAgents to bind).
- OrgBoard: Agent gains McpServerIds (uuid[]; migration backfills existing agents to empty) flowing
  through ConfigureAgent + AgentRunContext.
- Assembler: AgentRunExecutor lists the agent's MCP tools (best-effort) and PromptAssembler renders a
  "# Tools (MCP)" catalog — labelled as data, never instructions — and records it in the run trace.
- Client: SeatsPage gains an MCP servers card (add/test/delete, encrypted auth header) and a per-agent
  MCP server multi-select; api client gains del().

Note: discovery + the governed call gateway are in place now; the autonomous model-driven tool-call
loop (model emits tool_calls → gated execution → feedback) needs a tool-calling model client and is
the next increment — the stub model can't drive it.

Verified: ArchitectureTests 8/8, IntegrationTests 53/53 (McpClientTests: JSON-RPC handshake/session,
json + SSE; McpServerRegistryTests: owner-only, encrypted-header-never-returned, graceful test,
Member 403; PromptAssemblerMcpTests: catalog + trace, omitted when empty), client build green.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-13 19:25:43 +03:30

79 lines
3.0 KiB
C#
Raw Blame History

using System.Text.Json;
using Microsoft.EntityFrameworkCore;
using Microsoft.Extensions.Logging;
using TeamUp.Modules.Integrations.Persistence;
using TeamUp.Modules.Integrations.Security;
using TeamUp.SharedKernel.Ai;
namespace TeamUp.Modules.Integrations.Mcp;
/// <summary>
/// Resolves an org's MCP server configs, decrypts their headers server-side, and talks to them via
/// <see cref="McpClient"/>. Discovery is best-effort: a server that fails to connect is logged and
/// skipped so it never fails the agent run. The decrypted headers never leave the server.
/// </summary>
internal sealed class McpGateway(
IntegrationsDbContext db,
McpClient client,
ISecretProtector protector,
ILogger<McpGateway> logger) : IMcpGateway
{
public async Task<IReadOnlyList<McpToolDescriptor>> ListToolsAsync(
Guid organizationId, IReadOnlyCollection<Guid> serverIds, CancellationToken cancellationToken = default)
{
if (serverIds.Count == 0)
{
return [];
}
var idSet = serverIds.ToHashSet();
var servers = await db.McpServers
.Where(s => s.OrganizationId == organizationId && s.Enabled && idSet.Contains(s.Id))
.ToListAsync(cancellationToken);
var tools = new List<McpToolDescriptor>();
foreach (var server in servers)
{
try
{
var discovered = await client.ListToolsAsync(server.Endpoint, DecryptHeaders(server.EncryptedHeaders), cancellationToken);
tools.AddRange(discovered.Select(t =>
new McpToolDescriptor(server.Id, server.Name, t.Name, t.Description, t.InputSchemaJson)));
}
catch (Exception ex)
{
logger.LogWarning(ex, "MCP server {Server} ({Endpoint}) unreachable; skipping its tools.", server.Name, server.Endpoint);
}
}
return tools;
}
public async Task<McpToolResult> CallToolAsync(
Guid organizationId, Guid serverId, string toolName, string argumentsJson, CancellationToken cancellationToken = default)
{
var server = await db.McpServers.FirstOrDefaultAsync(
s => s.Id == serverId && s.OrganizationId == organizationId && s.Enabled, cancellationToken);
if (server is null)
{
return new McpToolResult(false, null, "MCP server not found or disabled.");
}
try
{
var (success, content, error) = await client.CallToolAsync(
server.Endpoint, DecryptHeaders(server.EncryptedHeaders), toolName, argumentsJson, cancellationToken);
return new McpToolResult(success, content, error);
}
catch (Exception ex)
{
return new McpToolResult(false, null, ex.Message);
}
}
private Dictionary<string, string>? DecryptHeaders(string? encrypted) =>
string.IsNullOrEmpty(encrypted)
? null
: JsonSerializer.Deserialize<Dictionary<string, string>>(protector.Unprotect(encrypted));
}
Reference in New Issue View Git Blame Copy Permalink