From db45b2b81dff3b89ea62623dd1036f22e69c8728 Mon Sep 17 00:00:00 2001 From: Evan Herman <85256006+eherman-godaddy@users.noreply.github.com> Date: Wed, 13 Aug 2025 17:04:32 -0400 Subject: [PATCH] Update Readme.md --- Readme.md | 100 +++++++++++++++++++++++++++++------------------------- 1 file changed, 53 insertions(+), 47 deletions(-) diff --git a/Readme.md b/Readme.md index 95ab86b..7d695ec 100644 --- a/Readme.md +++ b/Readme.md @@ -4,20 +4,20 @@ A comprehensive WordPress plugin that implements the [Model Context Protocol (MCP)](https://modelcontextprotocol.io) to expose WordPress functionality through standardized interfaces. This plugin enables AI models and applications to interact with WordPress sites securely using multiple transport protocols and enterprise-grade authentication. -## Features +## โœจ Features -- **Dual Transport Protocols**: STDIO and HTTP-based (Streamable) transports -- **JWT Authentication**: Secure token-based authentication with management UI -- **Admin Interface**: React-based token management and settings dashboard -- **AI-Friendly APIs**: JSON-RPC 2.0 compliant endpoints for AI integration -- **Extensible Architecture**: Custom tools, resources, and prompts support -- **WordPress Feature API**: Adapter for standardized WordPress functionality -- **Experimental REST API CRUD Tools**: Generic tools for any WordPress REST API endpoint -- **Comprehensive Testing**: 200+ test cases covering all protocols and authentication -- **High Performance**: Optimized routing and caching mechanisms -- **Enterprise Security**: Multi-layer authentication and audit logging +- ๐Ÿ”„ **Dual Transport Protocols**: STDIO and HTTP-based (Streamable) transports +- ๐Ÿ” **JWT Authentication**: Secure token-based authentication with management UI +- ๐ŸŽ›๏ธ **Admin Interface**: React-based token management and settings dashboard +- ๐Ÿค– **AI-Friendly APIs**: JSON-RPC 2.0 compliant endpoints for AI integration +- ๐Ÿ—๏ธ **Extensible Architecture**: Custom tools, resources, and prompts support +- ๐Ÿ”Œ **WordPress Feature API**: Adapter for standardized WordPress functionality +- ๐Ÿงช **Experimental REST API CRUD Tools**: Generic tools for any WordPress REST API endpoint +- ๐Ÿงช **Comprehensive Testing**: 200+ test cases covering all protocols and authentication +- โšก **High Performance**: Optimized routing and caching mechanisms +- ๐Ÿ”’ **Enterprise Security**: Multi-layer authentication and audit logging -## Architecture +## ๐Ÿ—๏ธ Architecture The plugin implements a dual transport architecture: @@ -42,7 +42,7 @@ WordPress MCP Plugin | **STDIO** | `/wp/v2/wpmcp` | WordPress-style | JWT + App Passwords | Legacy compatibility | | **Streamable** | `/wp/v2/wpmcp/streamable` | JSON-RPC 2.0 | JWT only | Modern AI clients | -## Installation +## ๐Ÿš€ Installation ### Quick Install @@ -61,7 +61,7 @@ composer install --no-dev npm install && npm run build ``` -## Authentication Setup +## ๐Ÿ” Authentication Setup ### JWT Token Generation @@ -164,7 +164,7 @@ npx @modelcontextprotocol/inspector \ } ``` -## Usage +## ๐ŸŽฏ Usage ### With MCP Clients @@ -196,9 +196,9 @@ The streamable transport provides a direct JSON-RPC 2.0 compliant endpoint, whil | `prompts/list` | List available prompts | Both | | `prompts/get` | Get prompt template | Both | -### Experimental REST API CRUD Tools +### ๐Ÿงช Experimental REST API CRUD Tools -**EXPERIMENTAL FEATURE**: This functionality is experimental and may change or be removed in future versions. +โš ๏ธ **EXPERIMENTAL FEATURE**: This functionality is experimental and may change or be removed in future versions. When enabled via `Settings > WordPress MCP > Enable REST API CRUD Tools`, the plugin provides three powerful generic tools that can interact with any WordPress REST API endpoint: @@ -232,7 +232,7 @@ When enabled via `Settings > WordPress MCP > Enable REST API CRUD Tools`, the pl - **Standards Compliant**: Uses standard HTTP methods (GET, POST, PATCH, DELETE) - **Permission Safe**: Inherits WordPress user capabilities and respects endpoint permissions -## Development +## ๐Ÿ”ง Development ### Project Structure @@ -260,17 +260,18 @@ You can extend the MCP functionality by adding custom tools through your own plu register_tool([ + public function register_tools(): void { + new RegisterMcpTool([ 'name' => 'my_custom_tool', 'description' => 'My custom tool description', + 'type' => 'read', // or 'action' for tools that modify data 'inputSchema' => [ 'type' => 'object', 'properties' => [ @@ -279,6 +280,7 @@ class MyCustomTool { 'required' => ['param1'] ], 'callback' => [$this, 'execute'], + 'permission_callback' => [$this, 'check_permissions'], // optional ]); } @@ -286,6 +288,11 @@ class MyCustomTool { // Your tool logic here return ['result' => 'success']; } + + public function check_permissions(): bool { + // Optional: Add custom permission checks + return current_user_can('edit_posts'); + } } ``` @@ -297,15 +304,15 @@ You can extend the MCP functionality by adding custom resources through your own register_resource([ + public function register_resources(): void { + new RegisterMcpResource([ 'uri' => 'custom://my-resource', 'name' => 'My Custom Resource', 'description' => 'Custom resource description', @@ -350,7 +357,7 @@ npm run build npm run start ``` -## Security +## ๐Ÿ”’ Security ### Best Practices @@ -364,14 +371,14 @@ npm run start ### Security Features -- JWT signature validation -- Token expiration and revocation -- User capability inheritance -- Secure secret key generation -- Audit logging for security events -- Protection against malformed requests +- โœ… JWT signature validation +- โœ… Token expiration and revocation +- โœ… User capability inheritance +- โœ… Secure secret key generation +- โœ… Audit logging for security events +- โœ… Protection against malformed requests -## Testing Coverage +## ๐Ÿ“Š Testing Coverage The plugin includes extensive testing: @@ -383,7 +390,7 @@ The plugin includes extensive testing: View detailed testing documentation in [`tests/README.md`](tests/README.md). -## Configuration +## ๐Ÿ”ง Configuration ### Environment Variables @@ -413,9 +420,9 @@ The plugin provides granular control over CRUD operations: - **Enable Delete Tools**: โš ๏ธ Allow DELETE operations via MCP tools (use with caution) - **Enable REST API CRUD Tools**: ๐Ÿงช Enable experimental generic REST API access tools -**Security Note**: Delete operations can permanently remove data. Only enable delete tools if you trust all users with MCP access. +โš ๏ธ **Security Note**: Delete operations can permanently remove data. Only enable delete tools if you trust all users with MCP access. -## Contributing +## ๐Ÿค Contributing We welcome contributions! Please see our [Contributing Guidelines](CONTRIBUTING.md). @@ -427,7 +434,7 @@ We welcome contributions! Please see our [Contributing Guidelines](CONTRIBUTING. 4. Set up WordPress test environment 5. Run tests with `vendor/bin/phpunit` -## Documentation +## ๐Ÿ“š Documentation - **Documentation Overview**: [docs/README.md](docs/README.md) - **Client Setup Guide**: [docs/client-setup.md](docs/client-setup.md) @@ -438,19 +445,18 @@ We welcome contributions! Please see our [Contributing Guidelines](CONTRIBUTING. - **Register MCP Tools**: [docs/register-mcp-tools.md](docs/register-mcp-tools.md) - **Register MCP Prompts**: [docs/register-mcp-prompt.md](docs/register-mcp-prompt.md) - **Register MCP Resources**: [docs/register-mcp-resources.md](docs/register-mcp-resources.md) -- **Troubleshooting Guide**: [docs/troubleshooting.md](docs/troubleshooting.md) - **Testing Guide**: [tests/README.md](tests/README.md) -## Support +## ๐Ÿ†˜ Support For support and questions: -- **Documentation**: [docs/README.md](docs/README.md) -- **Bug Reports**: [GitHub Issues](https://github.com/Automattic/wordpress-mcp/issues) -- **Discussions**: [GitHub Discussions](https://github.com/Automattic/wordpress-mcp/discussions) -- **Contact**: Reach out to the maintainers +- ๐Ÿ“– **Documentation**: [docs/README.md](docs/README.md) +- ๐Ÿ› **Bug Reports**: [GitHub Issues](https://github.com/Automattic/wordpress-mcp/issues) +- ๐Ÿ’ฌ **Discussions**: [GitHub Discussions](https://github.com/Automattic/wordpress-mcp/discussions) +- โœ‰๏ธ **Contact**: Reach out to the maintainers -## License +## ๐Ÿ“„ License This project is licensed under the [GPL v2 or later](LICENSE).