mcp-gateway
by tf1997
Overview
The MCP Gateway acts as an API gateway for the Model Context Protocol (MCP) ecosystem, facilitating secure communication, tool invocation, and prompt management for various backend services.
Installation
go run cmd/main.go -c ./configs/mcp-gateway.yamlEnvironment Variables
- MCP_GATEWAY_PORT
- MCP_GATEWAY_RPC_PORT
- MCP_GATEWAY_CLUSTER_MANAGER
- MCP_GATEWAY_ENV
- MCP_GATEWAY_PID
- MCP_GATEWAY_RELOAD_INTERVAL
- MCP_GATEWAY_RELOAD_SWITCH
- LOGGER_LEVEL
- LOGGER_FORMAT
- LOGGER_OUTPUT
- LOGGER_FILE_PATH
- LOGGER_MAX_SIZE
- LOGGER_MAX_BACKUPS
- LOGGER_MAX_AGE
- LOGGER_COMPRESS
- LOGGER_COLOR
- LOGGER_STACKTRACE
- GATEWAY_STORAGE_TYPE
- GATEWAY_DB_TYPE
- GATEWAY_DB_HOST
- GATEWAY_DB_PORT
- GATEWAY_DB_USER
- GATEWAY_DB_PASSWORD
- GATEWAY_DB_NAME
- GATEWAY_DB_SSL_MODE
- GATEWAY_STORAGE_DISK_PATH
- GATEWAY_STORAGE_API_URL
- GATEWAY_STORAGE_API_CONFIG_JSON_PATH
- GATEWAY_STORAGE_API_TIMEOUT
- NOTIFIER_ROLE
- NOTIFIER_TYPE
- NOTIFIER_SIGNAL
- NOTIFIER_SIGNAL_PID
- NOTIFIER_API_PORT
- NOTIFIER_API_TARGET_URL
- NOTIFIER_REDIS_CLUSTER_TYPE
- NOTIFIER_REDIS_ADDR
- NOTIFIER_REDIS_MASTER_NAME
- NOTIFIER_REDIS_USERNAME
- NOTIFIER_REDIS_PASSWORD
- NOTIFIER_REDIS_DB
- NOTIFIER_REDIS_TOPIC
- SESSION_STORAGE_TYPE
- SESSION_REDIS_CLUSTER_TYPE
- SESSION_REDIS_ADDR
- SESSION_REDIS_MASTER_NAME
- SESSION_REDIS_USERNAME
- SESSION_REDIS_PASSWORD
- SESSION_REDIS_DB
- SESSION_REDIS_TOPIC
- SESSION_REDIS_PREFIX
- SESSION_REDIS_TTL
- SESSION_KAFKA_BROKERS
- SESSION_KAFKA_TOPIC_PREFIX
- SESSION_KAFKA_TIMEOUT
- OAUTH2_ISSUER
- OAUTH2_STORAGE_TYPE
- OAUTH2_REDIS_CLUSTER_TYPE
- OAUTH2_REDIS_ADDR
- OAUTH2_REDIS_MASTER_NAME
- OAUTH2_REDIS_USERNAME
- OAUTH2_REDIS_PASSWORD
Security Notes
The server exhibits critical security risks. The `StdioTransport` executes external commands (`cfg.Command` with `cfg.Args`) based on configuration. If this configuration can be modified by an authenticated but malicious actor via the exposed `/api/v1/configs` endpoint, it could lead to arbitrary Remote Code Execution (RCE) on the gateway server. Additionally, the `text/template` package is used for rendering `tool.Endpoint`, `tool.RequestBody`, and `tool.Headers`, which exposes the `os.Getenv` function through the `.Env` context. This creates a potential template injection vulnerability for information disclosure (e.g., environment variables containing secrets). The `installService` and `uninstallService` commands involve high-privilege operations (moving executables, `systemctl` commands) that, while not direct code execution, demand careful handling and trust in the executable source. While OAuth2 and JWT are integrated, their implementation and secure configuration are crucial and require thorough auditing.
Similar Servers
mcpo
Exposes Model Context Protocol (MCP) tools as OpenAPI-compatible HTTP servers.
mcp-context-forge
Converts web content (HTML, PDF, DOCX, etc.) and local files from a URL into high-quality Markdown format. It supports multiple conversion engines, content optimization, batch processing, and image handling.
Unla
Transforms existing MCP Servers and APIs into MCP protocol-compliant endpoints through configuration, enabling LLM tool calling without code changes.
mcphub
An orchestration hub that aggregates, manages, and routes Model Context Protocol (MCP) servers and their tools, providing a centralized interface, user management, OAuth 2.0 authorization server capabilities, and AI-powered tool discovery and routing.