feat: initial version of databutton-app-mcp

Author: martinal

.gitignore

@@ -1,174 +1,9 @@
-# Byte-compiled / optimized / DLL files
-__pycache__/
-*.py[cod]
-*$py.class
+*.local
+*.env
 
-# C extensions
-*.so
+**/.venv
+**/venv
+**/venvs
 
-# Distribution / packaging
-.Python
-build/
-develop-eggs/
-dist/
-downloads/
-eggs/
-.eggs/
-lib/
-lib64/
-parts/
-sdist/
-var/
-wheels/
-share/python-wheels/
-*.egg-info/
-.installed.cfg
-*.egg
-MANIFEST
-
-# PyInstaller
-#  Usually these files are written by a python script from a template
-#  before PyInstaller builds the exe, so as to inject date/other infos into it.
-*.manifest
-*.spec
-
-# Installer logs
-pip-log.txt
-pip-delete-this-directory.txt
-
-# Unit test / coverage reports
-htmlcov/
-.tox/
-.nox/
-.coverage
-.coverage.*
-.cache
-nosetests.xml
-coverage.xml
-*.cover
-*.py,cover
-.hypothesis/
-.pytest_cache/
-cover/
-
-# Translations
-*.mo
-*.pot
-
-# Django stuff:
-*.log
-local_settings.py
-db.sqlite3
-db.sqlite3-journal
-
-# Flask stuff:
-instance/
-.webassets-cache
-
-# Scrapy stuff:
-.scrapy
-
-# Sphinx documentation
-docs/_build/
-
-# PyBuilder
-.pybuilder/
-target/
-
-# Jupyter Notebook
-.ipynb_checkpoints
-
-# IPython
-profile_default/
-ipython_config.py
-
-# pyenv
-#   For a library or package, you might want to ignore these files since the code is
-#   intended to run in multiple environments; otherwise, check them in:
-# .python-version
-
-# pipenv
-#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
-#   However, in case of collaboration, if having platform-specific dependencies or dependencies
-#   having no cross-platform support, pipenv may install dependencies that don't work, or not
-#   install all needed dependencies.
-#Pipfile.lock
-
-# UV
-#   Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
-#   This is especially recommended for binary packages to ensure reproducibility, and is more
-#   commonly ignored for libraries.
-#uv.lock
-
-# poetry
-#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
-#   This is especially recommended for binary packages to ensure reproducibility, and is more
-#   commonly ignored for libraries.
-#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
-#poetry.lock
-
-# pdm
-#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
-#pdm.lock
-#   pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
-#   in version control.
-#   https://pdm.fming.dev/latest/usage/project/#working-with-version-control
-.pdm.toml
-.pdm-python
-.pdm-build/
-
-# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
-__pypackages__/
-
-# Celery stuff
-celerybeat-schedule
-celerybeat.pid
-
-# SageMath parsed files
-*.sage.py
-
-# Environments
-.env
-.venv
-env/
-venv/
-ENV/
-env.bak/
-venv.bak/
-
-# Spyder project settings
-.spyderproject
-.spyproject
-
-# Rope project settings
-.ropeproject
-
-# mkdocs documentation
-/site
-
-# mypy
-.mypy_cache/
-.dmypy.json
-dmypy.json
-
-# Pyre type checker
-.pyre/
-
-# pytype static type analyzer
-.pytype/
-
-# Cython debug symbols
-cython_debug/
-
-# PyCharm
-#  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
-#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
-#  and can be added to the global gitignore or merged into this file.  For a more nuclear
-#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
-#.idea/
-
-# Ruff stuff:
-.ruff_cache/
-
-# PyPI configuration file
-.pypirc
+**/__pycache__
+*.pyc

.python-version

@@ -0,0 +1 @@
+3.13

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2025 databutton
+Copyright (c) 2025 Databutton AS
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -0,0 +1,33 @@
+# Databutton App MCP
+
+Use API endpoints from your Databutton app as LLM tools from any MCP compatible client!
+
+This is a simple proxy that runs locally and connects securely to your Databutton app
+using the MCP protocol over websockets.
+
+First download an API key from the settings page of your Databutton app, and save it to a file.
+
+For example say you downloaded a key file named `MY-DATABUTTON-APP-KEYID.json`,
+and save it to the directory `~/.config/databutton/mcp-keys/`.
+
+Then to add this app to clients such as Claude Desktop, add the following to your client MCP settings or config file:
+
+```json
+{
+  "mcpServers": {
+    "my-databutton-app": {
+      "command": "uvx",
+      "args": [
+        "databutton-app-mcp"
+      ],
+      "env": {
+        "DATABUTTON_MCP_API_KEY": "~/.config/databutton/mcp-keys/MY-DATABUTTON-APP-KEYID.json"
+      }
+    }
+  }
+}
+```
+
+Here DATABUTTON_MCP_API_KEY either refers to the full path of the api key file you stored,
+or it can be the api key value itself.
+Either way one api key gives access to endpoints of one Databutton app.

pyproject.toml

@@ -0,0 +1,23 @@
+[project]
+name = "databutton-app-mcp"
+version = "0.1.0"
+description = "Call your Databutton app endpoints as LLM tools with MCP"
+readme = "README.md"
+license = { "file" = "LICENSE" }
+classifiers = ["Development Status :: 3 - Alpha"]
+requires-python = ">=3.11"
+dependencies = ["websockets>=15.0.1"]
+
+[project.urls]
+"Homepage" = "https://databutton.com"
+"Github" = "https://github.com/databutton/databutton-app-mcp"
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[tool.hatch.version]
+path = "src/databutton_app_mcp/__init__.py"
+
+[tool.hatch.build.targets.sdist]
+include = ["src/databutton_app_mcp"]

src/databutton_app_mcp/__init__.py

@@ -0,0 +1 @@
+__version__ = "x.y.z"

src/databutton_app_mcp/__main__.py

@@ -0,0 +1,138 @@
+import argparse
+import base64
+import json
+import asyncio
+import signal
+import sys
+import os
+
+from websockets import Subprotocol, connect
+from websockets.asyncio.client import ClientConnection
+
+
+async def stdin_to_ws(websocket: ClientConnection):
+    """Read from stdin and send to websocket"""
+    loop = asyncio.get_event_loop()
+    while True:
+        line = await loop.run_in_executor(None, sys.stdin.readline)
+        if not line:  # EOF
+            break
+        await websocket.send(line.rstrip("\n"))
+
+
+async def ws_to_stdout(websocket: ClientConnection):
+    """Receive from websocket and write to stdout"""
+    async for msg in websocket:
+        print(msg, flush=True)
+
+
+async def run_ws_proxy(uri: str, bearer: str | None = None):
+    # Set up signal handling for graceful exit
+    loop = asyncio.get_event_loop()
+    loop.add_signal_handler(signal.SIGINT, loop.stop)
+
+    auth_headers: list[tuple[str, str]] = []
+    if bearer:
+        auth_headers.append(("Authorization", f"Bearer {bearer}"))
+
+    auth_subprotocols: list[Subprotocol] = []
+    # auth_subprotocols.append(Subprotocol(f"Authorization.Bearer.{bearer}"))
+
+    async with connect(
+        uri,
+        subprotocols=[Subprotocol("mcp")] + auth_subprotocols,
+        additional_headers=auth_headers,
+    ) as websocket:
+        stdin_task = asyncio.create_task(stdin_to_ws(websocket))
+        stdout_task = asyncio.create_task(ws_to_stdout(websocket))
+
+        try:
+            await asyncio.gather(stdin_task, stdout_task)
+        except asyncio.CancelledError:
+            print("Connection terminated", file=sys.stderr)
+        finally:
+            stdin_task.cancel()
+            stdout_task.cancel()
+
+
+def parse_apikey(apikey: str) -> dict[str, str]:
+    if not apikey:
+        raise ValueError("API key must be provided")
+
+    try:
+        return json.loads(base64.urlsafe_b64decode(apikey))
+    except Exception:
+        pass
+
+    try:
+        return json.loads(base64.b64decode(apikey))
+    except Exception:
+        pass
+
+    try:
+        return json.loads(apikey)
+    except Exception:
+        pass
+
+    raise ValueError("Invalid API key")
+
+
+def main():
+    parser = argparse.ArgumentParser(
+        description="Expose Databutton app endpoints as LLM tools with MCP over websocket"
+    )
+    parser.add_argument(
+        "-k",
+        "--apikeyfile",
+        dest="apikeyfile",
+        type=str,
+        help="File containing API key to use",
+        required=False,
+    )
+
+    args = parser.parse_args()
+
+    claims: dict[str, str] = {}
+
+    if env_apikey := os.environ.get("DATABUTTON_API_KEY"):
+        try:
+            claims = parse_apikey(env_apikey)
+        except Exception:
+            with open(env_apikey, "r") as f:
+                claims = parse_apikey(f.read().strip())
+    elif args.apikeyfile:
+        claims = parse_apikey(args.apikeyfile)
+    else:
+        print("No API key provided")
+        sys.exit(1)
+
+    uri = claims.get("uri")
+    if not uri:
+        print("URI must be provided")
+        sys.exit(1)
+    if not (
+        uri.startswith("ws://localhost")
+        or uri.startswith("ws://127.0.0.1:")
+        or uri.startswith("wss://")
+    ):
+        print("URI must start with 'ws://' or 'wss://'")
+        sys.exit(1)
+
+    # TODO: Exchange refresh token for access token here
+    accessToken: str | None = claims.get("accessToken")
+    if claims.get("refreshToken"):
+        pass
+
+    try:
+        asyncio.run(
+            run_ws_proxy(
+                uri=uri,
+                bearer=accessToken,
+            )
+        )
+    except KeyboardInterrupt:
+        print("Program terminated", file=sys.stderr)
+
+
+if __name__ == "__main__":
+    main()