5月28日 06:32
How to test MCP? What are the testing strategies and best practices?
Testing strategies for MCP are critical for ensuring system quality and reliability. Here are detailed testing methods and best practices:
Testing Hierarchy
MCP testing should cover the following levels:
- Unit Testing: Test individual functions and components
- Integration Testing: Test interactions between components
- End-to-End Testing: Test complete user scenarios
- Performance Testing: Test system performance and scalability
- Security Testing: Test security vulnerabilities and protection mechanisms
1. Unit Testing
import pytest from unittest.mock import Mock, AsyncMock from mcp.server import Server class TestMCPTools: @pytest.fixture def server(self): """Create test server instance""" return Server("test-server") @pytest.mark.asyncio async def test_tool_registration(self, server): """Test tool registration""" @server.tool( name="test_tool", description="Test tool" ) async def test_tool(param: str) -> str: return f"Result: {param}" # Verify tool is registered tools = await server.list_tools() assert any(t["name"] == "test_tool" for t in tools) @pytest.mark.asyncio async def test_tool_execution(self, server): """Test tool execution""" @server.tool( name="calculate", description="Calculation tool" ) async def calculate(a: int, b: int) -> int: return a + b # Execute tool result = await server.call_tool("calculate", {"a": 2, "b": 3}) assert result == 5 @pytest.mark.asyncio async def test_parameter_validation(self, server): """Test parameter validation""" @server.tool( name="validate", description="Parameter validation tool", inputSchema={ "type": "object", "properties": { "email": { "type": "string", "format": "email" } }, "required": ["email"] } ) async def validate(email: str) -> str: return f"Valid: {email}" # Test valid parameters result = await server.call_tool( "validate", {"email": "test@example.com"} ) assert "Valid" in result # Test invalid parameters with pytest.raises(ValueError): await server.call_tool("validate", {"email": "invalid"})
2. Integration Testing
class TestMCPIntegration: @pytest.mark.asyncio async def test_client_server_communication(self): """Test client-server communication""" from mcp.client import Client from mcp.server import Server # Create server server = Server("integration-test-server") @server.tool(name="echo", description="Echo tool") async def echo(message: str) -> str: return message # Start server await server.start() try: # Create client client = Client("http://localhost:8000") # Test communication result = await client.call_tool("echo", {"message": "Hello"}) assert result == "Hello" finally: await server.stop() @pytest.mark.asyncio async def test_resource_access(self): """Test resource access""" server = Server("resource-test-server") @server.resource( uri="file:///test.txt", name="Test File", description="Test resource" ) async def test_resource() -> str: return "Test content" await server.start() try: client = Client("http://localhost:8000") # Read resource content = await client.read_resource("file:///test.txt") assert content == "Test content" finally: await server.stop()
3. End-to-End Testing
class TestMCPEndToEnd: @pytest.mark.asyncio async def test_complete_workflow(self): """Test complete workflow""" # Simulate user scenario: query database and generate report server = Server("e2e-test-server") @server.tool(name="query_db", description="Query database") async def query_db(query: str) -> list: return [{"id": 1, "name": "Test"}] @server.tool(name="generate_report", description="Generate report") async def generate_report(data: list) -> str: return f"Report: {len(data)} items" await server.start() try: client = Client("http://localhost:8000") # Execute workflow data = await client.call_tool("query_db", {"query": "SELECT *"}) report = await client.call_tool("generate_report", {"data": data}) assert "1 items" in report finally: await server.stop()
4. Performance Testing
import asyncio import time from locust import HttpUser, task, between class MCPPerformanceTest(HttpUser): wait_time = between(1, 3) def on_start(self): """Initialization at test start""" self.client = Client(self.host) @task def tool_call_performance(self): """Test tool call performance""" start_time = time.time() result = self.client.call_tool("test_tool", {"param": "value"}) elapsed = time.time() - start_time # Assert response time assert elapsed < 1.0, f"Response time too long: {elapsed}s" @task def concurrent_requests(self): """Test concurrent requests""" async def make_request(): return self.client.call_tool("test_tool", {"param": "value"}) # Execute 10 requests concurrently tasks = [make_request() for _ in range(10)] results = asyncio.run(asyncio.gather(*tasks)) # Verify all requests succeeded assert all(results)
5. Security Testing
class TestMCPSecurity: @pytest.mark.asyncio async def test_authentication(self): """Test authentication mechanism""" server = Server("security-test-server") # Configure authentication server.set_authenticator(lambda token: token == "valid-token") @server.tool(name="secure_tool", description="Secure tool") async def secure_tool() -> str: return "Secure data" await server.start() try: # Test valid token client = Client("http://localhost:8000", token="valid-token") result = await client.call_tool("secure_tool", {}) assert result == "Secure data" # Test invalid token client_invalid = Client("http://localhost:8000", token="invalid-token") with pytest.raises(AuthenticationError): await client_invalid.call_tool("secure_tool", {}) finally: await server.stop() @pytest.mark.asyncio async def test_sql_injection_prevention(self): """Test SQL injection prevention""" server = Server("sql-injection-test-server") @server.tool(name="query", description="Query tool") async def query(sql: str) -> list: # Should use parameterized queries return execute_safe_query(sql) # Test SQL injection attempt malicious_sql = "SELECT * FROM users WHERE '1'='1'" result = await server.call_tool("query", {"sql": malicious_sql}) # Verify injection is blocked assert result == [] @pytest.mark.asyncio async def test_rate_limiting(self): """Test rate limiting""" server = Server("rate-limit-test-server") # Configure rate limiting server.set_rate_limit(max_requests=10, window=60) @server.tool(name="limited_tool", description="Rate-limited tool") async def limited_tool() -> str: return "Success" # Send multiple requests rapidly for i in range(15): try: await server.call_tool("limited_tool", {}) except RateLimitError: # Expected rate limit error assert i >= 10 break else: pytest.fail("Rate limit not triggered")
6. Mocks and Stubs
from unittest.mock import Mock, patch class TestMCPWithMocks: @pytest.mark.asyncio async def test_with_external_dependency_mock(self): """Test external dependency using Mock""" server = Server("mock-test-server") @server.tool(name="fetch_data", description="Fetch data") async def fetch_data(url: str) -> dict: # Mock external API call with patch('requests.get') as mock_get: mock_get.return_value.json.return_value = { "data": "mocked" } response = requests.get(url) return response.json() result = await server.call_tool( "fetch_data", {"url": "http://api.example.com"} ) assert result == {"data": "mocked"} mock_get.assert_called_once()
7. Test Coverage
# Use pytest-cov to generate coverage reports # Run command: pytest --cov=mcp --cov-report=html class TestCoverage: @pytest.mark.asyncio async def test_all_code_paths(self): """Test all code paths""" server = Server("coverage-test-server") @server.tool(name="complex_tool", description="Complex tool") async def complex_tool(condition: bool) -> str: if condition: return "Branch A" else: return "Branch B" # Test all branches result_a = await server.call_tool("complex_tool", {"condition": True}) assert result_a == "Branch A" result_b = await server.call_tool("complex_tool", {"condition": False}) assert result_b == "Branch B"
Best Practices:
- Test Pyramid: Many unit tests, moderate integration tests, few end-to-end tests
- Independence: Each test should run independently without depending on other tests
- Repeatability: Test results should be repeatable and not affected by environmental factors
- Fast Feedback: Unit tests should execute quickly to provide fast feedback
- Continuous Integration: Integrate testing into CI/CD pipelines
- Coverage Goals: Set reasonable code coverage targets (e.g., 80%)
Through comprehensive testing strategies, you can ensure the quality and reliability of MCP systems.