feat(mcp) : re-enable MCP bundle config after package install

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-16 14:09:29 +01:00
parent 65fbd38b55
commit 46ea3ca8ad
7 changed files with 41 additions and 14 deletions
--- a/config/packages/mcp.yaml
+++ b/config/packages/mcp.yaml
@@ -0,0 +1,20 @@
+mcp:
+    app: 'inventory'
+    version: '1.0.0'
+    description: 'Inventory MCP Server - Gestion inventaire industriel (machines, pièces, composants, produits)'
+    instructions: |
+        Serveur MCP pour gérer un inventaire industriel.
+        Entités principales : Machine, Composant, Pièce, Produit, Site, Constructeur.
+        Utilisez search_inventory pour chercher dans toutes les entités.
+        Utilisez get_model_type pour comprendre la structure attendue avant de créer un composant ou une pièce.
+        Consultez la resource inventory://schema/entities pour voir le schéma complet.
+        Authentification requise : envoyez X-Profile-Id et X-Profile-Password dans les headers HTTP.
+    client_transports:
+        stdio: true
+        http: true
+    http:
+        path: /_mcp
+        session:
+            store: file
+            directory: '%kernel.cache_dir%/mcp-sessions'
+            ttl: 3600
--- a/config/packages/rate_limiter.yaml
+++ b/config/packages/rate_limiter.yaml
@@ -0,0 +1,6 @@
+framework:
+    rate_limiter:
+        mcp_auth:
+            policy: sliding_window
+            limit: 5
+            interval: '1 minute'
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -27,12 +27,11 @@ security:
            pattern: ^/api/session/profiles?$
            security: false

-        # TODO: re-enable when symfony/ai-mcp-bundle is installed
-        # mcp:
-        #     pattern: ^/_mcp
-        #     stateless: true
-        #     custom_authenticators:
-        #         - App\Mcp\Security\McpHeaderAuthenticator
+        mcp:
+            pattern: ^/_mcp
+            stateless: true
+            custom_authenticators:
+                - App\Mcp\Security\McpHeaderAuthenticator

        api:
            pattern: ^/api
@@ -56,7 +55,7 @@ security:
        - { path: ^/api/admin, roles: ROLE_ADMIN }
        - { path: ^/api/docs, roles: PUBLIC_ACCESS }
        - { path: ^/api/health$, roles: PUBLIC_ACCESS }
-        # - { path: ^/_mcp, roles: ROLE_USER }  # TODO: re-enable with MCP
+        - { path: ^/_mcp, roles: ROLE_USER }
        - { path: ^/docs, roles: PUBLIC_ACCESS }
        - { path: ^/contexts, roles: PUBLIC_ACCESS }
        - { path: ^/\.well-known, roles: PUBLIC_ACCESS }