Metadata-Version: 2.4
Name: prodmcp
Version: 0.3.8
Summary: Unified production framework for both REST APIs and MCP servers. Drop-in replacement for FastAPI and FastMCP with schema validation, security, middleware, and OpenMCP spec generation.
Author-email: Anish Chelliah CR <anishchelliah.cr@gmail.com>
License-Expression: MIT
Project-URL: Homepage, https://github.com/prodmcp/prodmcp
Project-URL: Documentation, https://github.com/prodmcp/prodmcp#readme
Project-URL: Repository, https://github.com/prodmcp/prodmcp
Keywords: mcp,fastmcp,fastapi,schema,validation,openmcp,unified,rest,api,pydantic,middleware,security
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Programming Language :: Python :: 3.14
Classifier: Topic :: Software Development :: Libraries :: Application Frameworks
Classifier: Typing :: Typed
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: fastmcp>=3.2.0
Requires-Dist: pydantic>=2.10.0
Provides-Extra: dev
Requires-Dist: pytest>=7.0; extra == "dev"
Requires-Dist: pytest-asyncio>=0.21; extra == "dev"
Requires-Dist: anyio>=4.0; extra == "dev"
Provides-Extra: rest
Requires-Dist: fastapi>=0.109.1; extra == "rest"
Requires-Dist: uvicorn[standard]>=0.22.0; extra == "rest"
Dynamic: license-file

# ProdMCP

[![PyPI version](https://img.shields.io/badge/pypi-v0.3.8-blue)](https://pypi.org/project/prodmcp/0.3.8/)
[![Python versions](https://img.shields.io/pypi/pyversions/prodmcp.svg)](https://pypi.org/project/prodmcp/)
[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
[![FOSSA](https://img.shields.io/badge/FOSSA-license%20compliant-brightgreen)](https://app.fossa.com/projects/custom%2B61520%2Fprodmcp)
[![Coverage](https://sonarcloud.io/api/project_badges/measure?project=prodmcp_ProdMCP&metric=coverage)](https://sonarcloud.io/summary/new_code?id=prodmcp_ProdMCP)

> **Unified production framework for both REST APIs and MCP servers.** Drop-in replacement for FastAPI and FastMCP with schema validation, security, middleware, dependency injection, and OpenMCP spec generation.

## 🛡️ Enterprise Compliance & Security
ProdMCP is engineered for highly-regulated enterprise environments.
- **FOSSA**: 100% License Compliant, 0 Security/Dependency Vulnerabilities.
- **SonarCloud SAST**: Grade A (0 Bugs, 0 Vulnerabilities, 0 Security Hotspots, >80% Test Coverage).
- **GitHub Advanced Security**: Active CodeQL tracking.

## Installation

```bash
pip install prodmcp              # Core (MCP tools, prompts, resources)
pip install prodmcp[rest]        # + FastAPI + Uvicorn for the unified server
```

## Quick Start

```python
from pydantic import BaseModel
from prodmcp import ProdMCP

app = ProdMCP("MyServer", version="1.0.0")


# --- Define Schemas ---

class UserInput(BaseModel):
    user_id: str

class UserOutput(BaseModel):
    name: str
    email: str


# --- Unified: Same handler as both MCP tool AND REST endpoint ---

@app.common(input_schema=UserInput, output_schema=UserOutput)
@app.tool(name="get_user", security=[{"type": "bearer", "scopes": ["user"]}])
@app.get("/users/{user_id}")
def get_user(user_id: str) -> dict:
    return {"name": "Alice", "email": "alice@example.com"}


# --- MCP-only Prompt ---

@app.prompt(name="summarize", input_schema=UserInput)
def summarize(user_id: str) -> str:
    return f"Please summarize data for user {user_id}"


# --- MCP-only Resource ---

@app.resource(uri="data://users", name="user_db", output_schema=UserOutput)
def fetch_users() -> list:
    return [{"name": "Alice", "email": "alice@example.com"}]


# --- Export OpenMCP Spec ---

spec = app.export_openmcp()
print(spec)

# --- Run the unified server ---

if __name__ == "__main__":
    app.run()  # REST at / (Swagger at /docs) + MCP SSE at /mcp/sse
```

## Features

- **Unified Framework** — One `ProdMCP` instance replaces both FastAPI and FastMCP
- **Decorator Stacking** — `@app.tool()` + `@app.get()` on the same handler with `@app.common()` for shared config
- **HTTP Methods** — `@app.get()`, `@app.post()`, `@app.put()`, `@app.delete()`, `@app.patch()` (FastAPI-identical)
- **MCP Primitives** — `@app.tool()`, `@app.prompt()`, `@app.resource()` (FastMCP-identical)
- **Schema-First** — Pydantic models or raw JSON Schema for input/output definitions
- **Validation Engine** — Automatic input/output validation with structured error reporting
- **Security Layer** — Bearer, Basic, Digest, API keys, OAuth2, OpenID Connect
- **Middleware System** — Global before/after hooks (logging, rate limiting, tracing)
- **Dependency Injection** — Composable dependencies injected into handlers
- **OpenMCP Spec** — Auto-generated, machine-readable specification from code
- **Unified Server** — REST + MCP SSE on a single HTTP server (`app.run()`)

## License

MIT

---

## Release Notes

### Version 0.3.0 — Unified Framework Release

**One framework. Both worlds.** ProdMCP 0.3.0 makes `ProdMCP` a true drop-in replacement for FastAPI *and* FastMCP.

Key changes:

- **Unified Architecture** — FastAPI-style HTTP decorators + FastMCP-style MCP decorators on a single class
- **`@app.common()`** — Define schemas, security, and middleware once for stacked decorators
- **`app.run(transport="unified")`** — REST at `/` + MCP SSE at `/mcp/sse` on one server (new default)
- **Expanded Security** — `HTTPBasicAuth`, `HTTPDigestAuth`, `APIKeyHeader/Query/Cookie`, `OAuth2PasswordBearer`, `OAuth2AuthorizationCodeBearer`, `OAuth2ClientCredentialsBearer`, `OpenIdConnect`
- **Migration Examples** — `fastapi_migration.py`, `fastmcp_migration.py`, `unified_example.py`
- **Bug Fixes** — Fixed `$ref` paths in OpenMCP spec, security config propagation, and API key scheme naming

See [CHANGELOG.md](CHANGELOG.md) for the full changelog.

### Version 0.2.0 — Initial Public API Release

- **Decorator API**: `@app.tool()`, `@app.prompt()`, `@app.resource()` with schema, security, and middleware support.
- **Schema-First Validation**: Pydantic `BaseModel` input/output validation with `strict_output` toggle.
- **Security Manager**: `BearerAuth`, `ApiKeyAuth`, `CustomAuth` with shorthand inline definitions.
- **Dependency Injection**: `Depends()` for async context resolution.
- **Middleware Hooks**: Global and entity-specific `before`/`after` lifecycle hooks.
- **OpenMCP Spec Engine**: `app.export_openmcp()` generates machine-readable specs.
- **REST Bridge**: `app.as_fastapi()` for MCP-to-REST testing.
