o ưi~@s^dZddlZddlmZmZmZmZmZddlm Z ddl m Z ddl m Z GdddZdS) z IP address utilities for MCP public/private access control. Internal callers (private IPs) see all MCP servers. External callers (public IPs) only see servers with available_on_public_internet=True. N)AnyDictListOptionalUnion)Request)verbose_proxy_logger)_get_request_ip_addressc @s2eZdZdZededededededgZedee e d e e ej ej ffd d Zedee e d e e ej ej ffd d Zedee de e ej ej fd efddZe ddee dee e ej ej fd efddZe ddedeee efd ee fddZdS)IPAddressUtilsz1Static utilities for IP-based MCP access control.z 10.0.0.0/8z 172.16.0.0/12z192.168.0.0/16z 127.0.0.0/8z::1/128zfc00::/7configured_rangesreturnc Cs\|stjSg}|D]}z |tj|ddWq ty&td|Yq w|r+|StjS)zLParse configured CIDR ranges into network objects, falling back to defaults.Fstrictz4Invalid CIDR in mcp_internal_ip_ranges: %s, skipping)r _DEFAULT_INTERNAL_NETWORKSappend ipaddress ip_network ValueErrorrwarningr networksZcidrrZ/home/app/Keep/.python/lib/python3.10/site-packages/litellm/proxy/auth/ip_address_utils.pyparse_internal_networkss z&IPAddressUtils.parse_internal_networksc CsP|sgSg}|D]}z |tj|ddWqty%td|Yqw|S)z Parse trusted proxy CIDR ranges for XFF validation. Returns empty list if not configured (XFF will not be trusted). Fr z6Invalid CIDR in mcp_trusted_proxy_ranges: %s, skipping)rrrrrrrrrrparse_trusted_proxy_networks.s z+IPAddressUtils.parse_trusted_proxy_networksproxy_iptrusted_networkscsH|r|sdSzt|tfdd|DWSty#YdSw)z:Check if the direct connection IP is from a trusted proxy.Fc3|]}|vVqdSNr.0networkaddrrr Lz2IPAddressUtils.is_trusted_proxy..)r ip_addressstripanyr)rrrr"ris_trusted_proxyBs zIPAddressUtils.is_trusted_proxyN client_ipinternal_networkscsj|sdSd|vr|dd}|ptj}z t|Wn ty)YdSwtfdd|DS)z Check if a client IP is from an internal/private network. Handles X-Forwarded-For comma chains (takes leftmost = original client). Fails closed: empty/invalid IPs are treated as external. F,rc3rrrrr"rrr$kr%z0IPAddressUtils.is_internal_ip..)splitr'r rrr&rr()r*r+rrr"ris_internal_ipPs   zIPAddressUtils.is_internal_iprequestgeneral_settingscCs|durz ddlm}|}Wn tyi}Ynw|dur i}|dd}|rPd|jvrP|d}|rP|jr;|jjnd}t|}t ||sPt d||St ||d S) a Extract client IP from a FastAPI request for MCP access control. Security: Only trusts X-Forwarded-For if: 1. use_x_forwarded_for is enabled in settings 2. The direct connection is from a trusted proxy (if mcp_trusted_proxy_ranges configured) Args: request: FastAPI request object general_settings: Optional settings dict. If not provided, imports from proxy_server. Nr)r0use_x_forwarded_forFzx-forwarded-forZmcp_trusted_proxy_rangesz)XFF header from untrusted IP %s, ignoring)r1) Zlitellm.proxy.proxy_serverr0 ImportErrorgetheadersclienthostr rr)rrr )r/r0Zproxy_general_settingsZuse_xffZtrusted_rangesZ direct_iprrrrget_mcp_client_ipms.      z IPAddressUtils.get_mcp_client_ipr)__name__ __module__ __qualname____doc__rrr staticmethodrrstrr IPv4Network IPv6Networkrrboolr)r.rrrr7rrrrr sb        r )r;rtypingrrrrrZfastapirZlitellm._loggingrZlitellm.proxy.auth.auth_utilsr r rrrrs