MockLoop
diff --git a/‎examples/schemapin/complete_signing_example.py
Lines changed: 156 additions & 0 deletions b/‎examples/schemapin/complete_signing_example.py
Lines changed: 156 additions & 0 deletions
diff --git a/‎examples/schemapin/signing_config_example.json
Lines changed: 31 additions & 0 deletions b/‎examples/schemapin/signing_config_example.json
Lines changed: 31 additions & 0 deletions
diff --git a/‎pyproject.toml
Lines changed: 5 additions & 0 deletions b/‎pyproject.toml
Lines changed: 5 additions & 0 deletions
@@ -0,0 +1,156 @@
+#!/usr/bin/env python3
+"""
+Complete Schema Signing Example
+
+This example demonstrates how to use the MockLoop MCP schema signing system
+for securing MCP tools with cryptographic signatures.
+"""
+
+import asyncio
+import os
+from pathlib import Path
+
+# Add src to path for imports
+import sys
+sys.path.insert(0, str(Path(__file__).parent.parent.parent / "src"))
+
+from mockloop_mcp.schemapin import (
+    signed_tool,
+    SchemaSigner,
+    create_test_signer,
+    get_tool_signature,
+    get_tool_domain,
+    verify_tool_signature,
+    list_signed_tools
+)
+
+
+# Example 1: Basic tool signing with file-based private key
+@signed_tool(
+    domain="example.com",
+    private_key_path="./examples/schemapin/test-private.pem"  # You would use a real key
+)
+async def example_tool_with_file_key(name: str, count: int = 5) -> dict:
+    """
+    Example MCP tool signed with file-based private key.
+
+    Args:
+        name: The name parameter
+        count: Number of items (default: 5)
+
+    Returns:
+        Dictionary with results
+    """
+    return {"name": name, "count": count, "status": "success"}
+
+
+# Example 2: Tool signing with private key content
+EXAMPLE_PRIVATE_KEY = """-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC7VJTUt9Us8cKB...
+-----END PRIVATE KEY-----"""
+
+@signed_tool(
+    domain="example.com",
+    private_key_content=EXAMPLE_PRIVATE_KEY
+)
+async def example_tool_with_key_content(data: dict, validate: bool = True) -> dict:
+    """
+    Example MCP tool signed with private key content.
+
+    Args:
+        data: Input data dictionary
+        validate: Whether to validate input (default: True)
+
+    Returns:
+        Processed data dictionary
+    """
+    if validate:
+        # Perform validation
+        pass
+    return {"processed": data, "validated": validate}
+
+
+# Example 3: Using environment variables for configuration
+@signed_tool(
+    domain=os.getenv("MOCKLOOP_SIGNING_DOMAIN", "example.com"),
+    private_key_path=os.getenv("MOCKLOOP_PRIVATE_KEY_PATH"),
+    private_key_content=os.getenv("MOCKLOOP_PRIVATE_KEY_CONTENT")
+)
+async def example_tool_with_env_config(message: str) -> dict:
+    """
+    Example MCP tool using environment variables for signing configuration.
+
+    Args:
+        message: Message to process
+
+    Returns:
+        Response dictionary
+    """
+    return {"message": f"Processed: {message}", "timestamp": "2024-01-01T00:00:00Z"}
+
+
+async def demonstrate_signing_system():
+    """Demonstrate the complete signing system."""
+    print("MockLoop MCP Schema Signing Demonstration")
+    print("=" * 50)
+
+    # Create a test signer for demonstration
+    print("\n1. Creating test signer...")
+    create_test_signer("demo.example.com")
+    print("   Test signer created for domain: demo.example.com")
+
+    # Demonstrate tool signature verification
+    print("\n2. Verifying tool signatures...")
+
+    # Note: In a real scenario, these tools would be properly signed
+    # For demonstration, we'll show the verification process
+    tools_to_check = [
+        example_tool_with_file_key,
+        example_tool_with_key_content,
+        example_tool_with_env_config
+    ]
+
+    for tool in tools_to_check:
+        signature = get_tool_signature(tool)
+        domain = get_tool_domain(tool)
+        is_valid = verify_tool_signature(tool)
+
+        print(f"   Tool: {tool.__name__}")
+        print(f"   Domain: {domain}")
+        print(f"   Has signature: {signature is not None}")
+        print(f"   Signature valid: {is_valid}")
+        print()
+
+    # List all signed tools in current module
+    print("3. Listing signed tools...")
+    signed_tools = list_signed_tools(sys.modules[__name__])
+    print(f"   Found {len(signed_tools)} signed tools:")
+    for tool_info in signed_tools:
+        print(f"   - {tool_info['name']} (domain: {tool_info['domain']})")
+
+    # Demonstrate tool execution with signature injection
+    print("\n4. Executing signed tool...")
+    try:
+        # The @signed_tool decorator automatically injects signature metadata
+        result = await example_tool_with_env_config("Hello, MockLoop!")
+        print(f"   Tool execution result: {result}")
+    except Exception as e:
+        print(f"   Tool execution failed: {e}")
+
+    print("\n5. Configuration examples:")
+    print("   Environment variables:")
+    print("   export MOCKLOOP_SIGNING_DOMAIN=your-domain.com")
+    print("   export MOCKLOOP_PRIVATE_KEY_PATH=/path/to/private.pem")
+    print("   # OR")
+    print("   export MOCKLOOP_PRIVATE_KEY_CONTENT=\"$(cat /path/to/private.pem)\"")
+
+    print("\n   Batch signing:")
+    print("   python scripts/sign_all_schemas.py --domain your-domain.com --private-key /path/to/key.pem")
+
+    print("\n   Signature validation:")
+    print("   python scripts/validate_signatures.py --domain your-domain.com --public-key /path/to/public.pem")
+
+
+if __name__ == "__main__":
+    asyncio.run(demonstrate_signing_system())
+
@@ -0,0 +1,31 @@
+{
+  "domain": "mockloop.com",
+  "private_key_path": "/path/to/your/private.pem",
+  "search_paths": ["src"],
+  "force_resign": false,
+  "output_file": "signing_results.json",
+  "description": "Example configuration for batch signing MCP tools",
+  "environments": {
+    "development": {
+      "domain": "dev.mockloop.com",
+      "private_key_path": "./dev-keys/private.pem",
+      "force_resign": true
+    },
+    "staging": {
+      "domain": "staging.mockloop.com", 
+      "private_key_path": "/etc/mockloop/staging-private.pem",
+      "force_resign": false
+    },
+    "production": {
+      "domain": "mockloop.com",
+      "private_key_path": "/etc/mockloop/production-private.pem",
+      "force_resign": false
+    }
+  },
+  "usage_examples": {
+    "batch_signing": "python scripts/sign_all_schemas.py --config examples/schemapin/signing_config_example.json",
+    "single_domain": "python scripts/sign_all_schemas.py --domain mockloop.com --private-key /path/to/key.pem",
+    "with_content": "python scripts/sign_all_schemas.py --domain mockloop.com --private-key-content \"$(cat /path/to/key.pem)\"",
+    "validation": "python scripts/validate_signatures.py --config examples/schemapin/signing_config_example.json"
+  }
+}
@@ -301,3 +301,8 @@ directory = "htmlcov"
 
 [tool.coverage.xml]
 output = "coverage.xml"
+
+[dependency-groups]
+dev = [
+    "ruff>=0.11.11",
+]