From 64cd08164c7c3e3cb4e132c98a5abeaf961323d0 Mon Sep 17 00:00:00 2001 From: Enric Tobella Date: Mon, 20 Apr 2026 09:18:02 +0200 Subject: [PATCH] [ADD] ai_oca_mcp --- ai_oca_mcp/README.rst | 121 ++++++ ai_oca_mcp/__init__.py | 3 + ai_oca_mcp/__manifest__.py | 22 + ai_oca_mcp/controllers/__init__.py | 1 + ai_oca_mcp/controllers/mcp_controller.py | 71 ++++ ai_oca_mcp/models/__init__.py | 3 + ai_oca_mcp/models/mcp_server.py | 40 ++ ai_oca_mcp/models/mcp_server_key.py | 105 +++++ ai_oca_mcp/models/mcp_server_log.py | 16 + ai_oca_mcp/readme/CONTRIBUTORS.md | 2 + ai_oca_mcp/readme/DESCRIPTION.md | 6 + ai_oca_mcp/readme/USAGE.md | 19 + ai_oca_mcp/security/ir.model.access.csv | 5 + ai_oca_mcp/static/description/icon.png | Bin 0 -> 9455 bytes ai_oca_mcp/static/description/index.html | 475 ++++++++++++++++++++++ ai_oca_mcp/tests/__init__.py | 1 + ai_oca_mcp/tests/test_mcp.py | 219 ++++++++++ ai_oca_mcp/views/mcp_server.xml | 92 +++++ ai_oca_mcp/views/mcp_server_key.xml | 52 +++ ai_oca_mcp/views/mcp_server_log.xml | 82 ++++ ai_oca_mcp/wizards/__init__.py | 1 + ai_oca_mcp/wizards/mcp_server_key_add.py | 29 ++ ai_oca_mcp/wizards/mcp_server_key_add.xml | 50 +++ setup/ai_oca_mcp/odoo/addons/ai_oca_mcp | 1 + setup/ai_oca_mcp/setup.py | 6 + 25 files changed, 1422 insertions(+) create mode 100644 ai_oca_mcp/README.rst create mode 100644 ai_oca_mcp/__init__.py create mode 100644 ai_oca_mcp/__manifest__.py create mode 100644 ai_oca_mcp/controllers/__init__.py create mode 100644 ai_oca_mcp/controllers/mcp_controller.py create mode 100644 ai_oca_mcp/models/__init__.py create mode 100644 ai_oca_mcp/models/mcp_server.py create mode 100644 ai_oca_mcp/models/mcp_server_key.py create mode 100644 ai_oca_mcp/models/mcp_server_log.py create mode 100644 ai_oca_mcp/readme/CONTRIBUTORS.md create mode 100644 ai_oca_mcp/readme/DESCRIPTION.md create mode 100644 ai_oca_mcp/readme/USAGE.md create mode 100644 ai_oca_mcp/security/ir.model.access.csv create mode 100644 ai_oca_mcp/static/description/icon.png create mode 100644 ai_oca_mcp/static/description/index.html create mode 100644 ai_oca_mcp/tests/__init__.py create mode 100644 ai_oca_mcp/tests/test_mcp.py create mode 100644 ai_oca_mcp/views/mcp_server.xml create mode 100644 ai_oca_mcp/views/mcp_server_key.xml create mode 100644 ai_oca_mcp/views/mcp_server_log.xml create mode 100644 ai_oca_mcp/wizards/__init__.py create mode 100644 ai_oca_mcp/wizards/mcp_server_key_add.py create mode 100644 ai_oca_mcp/wizards/mcp_server_key_add.xml create mode 120000 setup/ai_oca_mcp/odoo/addons/ai_oca_mcp create mode 100644 setup/ai_oca_mcp/setup.py diff --git a/ai_oca_mcp/README.rst b/ai_oca_mcp/README.rst new file mode 100644 index 00000000..314fa000 --- /dev/null +++ b/ai_oca_mcp/README.rst @@ -0,0 +1,121 @@ +.. image:: https://odoo-community.org/readme-banner-image + :target: https://odoo-community.org/get-involved?utm_source=readme + :alt: Odoo Community Association + +========== +Ai Oca Mcp +========== + +.. + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + !! This file is generated by oca-gen-addon-readme !! + !! changes will be overwritten. !! + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + !! source digest: sha256:77c677f59d0b6ca70acba28eabf1fd8140521f9c15b7093e7f3fe2a7c173ad32 + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + +.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png + :target: https://odoo-community.org/page/development-status + :alt: Beta +.. |badge2| image:: https://img.shields.io/badge/license-AGPL--3-blue.png + :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html + :alt: License: AGPL-3 +.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fai-lightgray.png?logo=github + :target: https://github.com/OCA/ai/tree/16.0/ai_oca_mcp + :alt: OCA/ai +.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png + :target: https://translation.odoo-community.org/projects/ai-16-0/ai-16-0-ai_oca_mcp + :alt: Translate me on Weblate +.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png + :target: https://runboat.odoo-community.org/builds?repo=OCA/ai&target_branch=16.0 + :alt: Try me on Runboat + +|badge1| |badge2| |badge3| |badge4| |badge5| + +This module exposes Odoo AI tools as an MCP (Model Context Protocol) +server, allowing external AI clients such as n8n or custom agents to +call Odoo functions via the standardized MCP protocol. Authentication is +handled via per-client API keys. + +Note: Claude Desktop requires OAuth 2.0, which is not supported directly +by this module. An extension could be required. + +**Table of contents** + +.. contents:: + :local: + +Usage +===== + +- Access in Developer mode +- Go to ``AI > MCP Server`` +- Create a new MCP Server and add the ``generic`` tools you want to + expose +- Click **Add Key** to generate a new API key for a client — the key is + only shown once +- Use the provided URL and the generated key to configure your AI client + +Connecting from n8n +------------------- + +Use the MCP node with: + +- **URL**: the value shown in the ``URL`` field +- **Authentication**: Bearer Token +- **Token**: the generated API key + +Tool limitations +---------------- + +Only tools of kind ``generic`` are supported. Tools requiring a record +context (``generic_model``, ``record``) cannot be used via MCP. + +Security +-------- + +Each client should have its own API key. Keys can be expired +individually from the server form or from ``AI > MCP Server Log`` to +audit all calls. + +Bug Tracker +=========== + +Bugs are tracked on `GitHub Issues `_. +In case of trouble, please check there if your issue has already been reported. +If you spotted it first, help us to smash it by providing a detailed and welcomed +`feedback `_. + +Do not contact contributors directly about support or help with technical issues. + +Credits +======= + +Authors +------- + +* Dixmit + +Contributors +------------ + +- `Dixmit `__ + + - Enric Tobella + +Maintainers +----------- + +This module is maintained by the OCA. + +.. image:: https://odoo-community.org/logo.png + :alt: Odoo Community Association + :target: https://odoo-community.org + +OCA, or the Odoo Community Association, is a nonprofit organization whose +mission is to support the collaborative development of Odoo features and +promote its widespread use. + +This module is part of the `OCA/ai `_ project on GitHub. + +You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute. diff --git a/ai_oca_mcp/__init__.py b/ai_oca_mcp/__init__.py new file mode 100644 index 00000000..ada0b87b --- /dev/null +++ b/ai_oca_mcp/__init__.py @@ -0,0 +1,3 @@ +from . import controllers +from . import models +from . import wizards diff --git a/ai_oca_mcp/__manifest__.py b/ai_oca_mcp/__manifest__.py new file mode 100644 index 00000000..884735c1 --- /dev/null +++ b/ai_oca_mcp/__manifest__.py @@ -0,0 +1,22 @@ +# Copyright 2026 Dixmit +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl). + +{ + "name": "Ai Oca Mcp", + "summary": """MCP Interface for Odoo""", + "version": "16.0.1.0.0", + "license": "AGPL-3", + "author": "Dixmit,Odoo Community Association (OCA)", + "website": "https://github.com/OCA/ai", + "depends": [ + "ai_tool", + ], + "data": [ + "views/mcp_server_log.xml", + "security/ir.model.access.csv", + "views/mcp_server_key.xml", + "wizards/mcp_server_key_add.xml", + "views/mcp_server.xml", + ], + "demo": [], +} diff --git a/ai_oca_mcp/controllers/__init__.py b/ai_oca_mcp/controllers/__init__.py new file mode 100644 index 00000000..350e2127 --- /dev/null +++ b/ai_oca_mcp/controllers/__init__.py @@ -0,0 +1 @@ +from . import mcp_controller diff --git a/ai_oca_mcp/controllers/mcp_controller.py b/ai_oca_mcp/controllers/mcp_controller.py new file mode 100644 index 00000000..f90ac8bd --- /dev/null +++ b/ai_oca_mcp/controllers/mcp_controller.py @@ -0,0 +1,71 @@ +import json +import re + +from odoo import fields, http +from odoo.http import request + + +class McpController(http.Controller): + @http.route( + "/mcp/", type="http", auth="none", methods=["POST"], csrf=False + ) + def mcp_endpoint(self, key, **kwargs): + match = re.match( + r"Bearer (.+)", request.httprequest.headers.get("Authorization", "") + ) + payload = json.loads(request.httprequest.data.decode("utf-8")) + if not match: + return request.make_json_response( + { + "jsonrpc": "2.0", + "id": payload.get("id"), + "error": {"code": -32000, "message": "Connection failed"}, + }, + status=401, + ) + security_key = match.group(1).strip() + server_id, expiration_date = ( + request.env["mcp.server.key"] + .sudo() + ._get_mcp_server_by_key(key, security_key) + ) + if expiration_date and expiration_date < fields.Datetime.now(): + request.env["mcp.server.key"].sudo().browse(server_id).expire_key() + server_id = False + if not server_id: + return request.make_json_response( + { + "jsonrpc": "2.0", + "id": payload.get("id"), + "error": {"code": -32000, "message": "Connection failed"}, + } + ) + server = request.env["mcp.server.key"].sudo().browse(server_id) + server = server.with_user(server.user_id.id) + method = payload.get("method") + if method == "initialize": + return request.make_json_response( + { + "jsonrpc": "2.0", + "id": payload.get("id"), + "result": { + "protocolVersion": "2025-03-26", + "capabilities": {"tools": {"listChanged": True}}, + "serverInfo": {"name": "odoo-mcp", "version": "0.1.0"}, + }, + } + ) + + if method == "tools/list": + return request.make_json_response(server._tools_list(payload)) + + if method == "tools/call": + return request.make_json_response(server._tools_call(payload)) + + return request.make_json_response( + { + "jsonrpc": "2.0", + "id": payload.get("id"), + "error": {"code": -32601, "message": "Method not found"}, + } + ) diff --git a/ai_oca_mcp/models/__init__.py b/ai_oca_mcp/models/__init__.py new file mode 100644 index 00000000..9370d8c8 --- /dev/null +++ b/ai_oca_mcp/models/__init__.py @@ -0,0 +1,3 @@ +from . import mcp_server +from . import mcp_server_key +from . import mcp_server_log diff --git a/ai_oca_mcp/models/mcp_server.py b/ai_oca_mcp/models/mcp_server.py new file mode 100644 index 00000000..adff7953 --- /dev/null +++ b/ai_oca_mcp/models/mcp_server.py @@ -0,0 +1,40 @@ +# Copyright 2026 Dixmit +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl). + +from uuid import uuid4 + +from odoo import api, fields, models + + +class McpServer(models.Model): + + _name = "mcp.server" + _description = "Mcp Server" + + name = fields.Char() + description = fields.Text() + active = fields.Boolean(default=True) + key = fields.Char( + required=True, + copy=False, + default=lambda self: uuid4(), + groups="base.group_system", + ) + tool_ids = fields.Many2many( + "ai.tool", string="Tools", domain=[("kind", "=", "generic")] + ) + url = fields.Char( + compute="_compute_url", + groups="base.group_system", + ) + key_ids = fields.One2many("mcp.server.key", "server_id", string="Access Keys") + + _sql_constraints = [ + ("key_uniq", "unique(key)", "The key must be unique"), + ] + + @api.depends("key") + def _compute_url(self): + base_url = self.env["ir.config_parameter"].sudo().get_param("web.base.url") + for record in self: + record.url = f"{base_url}/mcp/{record.key}" diff --git a/ai_oca_mcp/models/mcp_server_key.py b/ai_oca_mcp/models/mcp_server_key.py new file mode 100644 index 00000000..a40442af --- /dev/null +++ b/ai_oca_mcp/models/mcp_server_key.py @@ -0,0 +1,105 @@ +# Copyright 2026 Dixmit +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl). + +import json +from hashlib import sha256 + +from odoo import api, fields, models, tools + + +class McpServerKey(models.Model): + + _name = "mcp.server.key" + _description = "Mcp Server Key" + + name = fields.Char(required=True) + server_id = fields.Many2one("mcp.server", required=True, ondelete="cascade") + hashed_key = fields.Char(copy=False) + state = fields.Selection( + [("active", "Active"), ("expired", "Expired")], default="active" + ) + user_id = fields.Many2one("res.users", default=lambda self: self.env.user) + expiration_date = fields.Datetime() + expired_on = fields.Datetime(readonly=True) + + def expire_key(self): + self.filtered(lambda key: key.state == "active").write( + { + "state": "expired", + "expired_on": fields.Datetime.now(), + } + ) + self._get_mcp_server_by_key.clear_cache(self) + + _sql_constraints = [ + ("key_uniq", "unique(hashed_key)", "The key must be unique"), + ] + + @api.model + def _hash_key(self, key): + return sha256(key.encode()).hexdigest() + + @tools.ormcache("key", "security_key") + def _get_mcp_server_by_key(self, key, security_key): + key = self.sudo().search( + [ + ("server_id.key", "=", key), + ("server_id.active", "=", True), + ("hashed_key", "=", self._hash_key(security_key)), + "|", + ("expiration_date", "=", False), + ("expiration_date", ">", fields.Datetime.now()), + ("state", "=", "active"), + ], + limit=1, + ) + return (key.id, key.expiration_date) if key else (False, False) + + def _tools_list(self, payload): + tools = self.server_id.tool_ids + result = [] + for tool in tools: + result.append(tool._get_tool_definition()) + return {"jsonrpc": "2.0", "id": payload.get("id"), "result": {"tools": result}} + + def _tools_call(self, payload): + params = payload.get("params", {}) + tool_name = params.get("name") + args = params.get("arguments", {}) + result_vals = { + "request": json.dumps(params), + "server_id": self.server_id.id, + "server_key_id": self.id, + } + + tool = self.server_id.tool_ids.filtered(lambda t: t.name == tool_name) + + if not tool: + self._add_log(**result_vals, error="Tool not found") + return { + "jsonrpc": "2.0", + "id": payload.get("id"), + "error": {"code": -32000, "message": "Unknown tool"}, + } + try: + with self.env.cr.savepoint(flush=False): + result = tool._execute_tool(**args) or {} + self._add_log(**result_vals, response=json.dumps(result)) + return { + "jsonrpc": "2.0", + "id": payload.get("id"), + "result": { + "structuredContent": result, + "content": [{"type": "text", "text": json.dumps(result)}], + }, + } + except Exception as e: + self._add_log(**result_vals, error=str(e)) + return { + "jsonrpc": "2.0", + "id": payload.get("id"), + "error": {"code": -32000, "message": str(e)}, + } + + def _add_log(self, **log_vals): + return self.env["mcp.server.log"].sudo().create(log_vals) diff --git a/ai_oca_mcp/models/mcp_server_log.py b/ai_oca_mcp/models/mcp_server_log.py new file mode 100644 index 00000000..5bd6103a --- /dev/null +++ b/ai_oca_mcp/models/mcp_server_log.py @@ -0,0 +1,16 @@ +# Copyright 2026 Dixmit +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl). + +from odoo import fields, models + + +class McpServerLog(models.Model): + _name = "mcp.server.log" + _description = "Mcp Server Log" + + server_id = fields.Many2one("mcp.server", required=True, ondelete="cascade") + server_key_id = fields.Many2one("mcp.server.key", required=True, ondelete="cascade") + request = fields.Text() + response = fields.Text() + error = fields.Text() + date = fields.Datetime(default=fields.Datetime.now, index=True) diff --git a/ai_oca_mcp/readme/CONTRIBUTORS.md b/ai_oca_mcp/readme/CONTRIBUTORS.md new file mode 100644 index 00000000..2c066ba7 --- /dev/null +++ b/ai_oca_mcp/readme/CONTRIBUTORS.md @@ -0,0 +1,2 @@ +- [Dixmit](https://www.dixmit.com) + - Enric Tobella diff --git a/ai_oca_mcp/readme/DESCRIPTION.md b/ai_oca_mcp/readme/DESCRIPTION.md new file mode 100644 index 00000000..a7eb05ee --- /dev/null +++ b/ai_oca_mcp/readme/DESCRIPTION.md @@ -0,0 +1,6 @@ +This module exposes Odoo AI tools as an MCP (Model Context Protocol) server, +allowing external AI clients such as n8n or custom agents to call Odoo functions +via the standardized MCP protocol. Authentication is handled via per-client API keys. + +Note: Claude Desktop requires OAuth 2.0, which is not supported directly by this module. +An extension could be required. diff --git a/ai_oca_mcp/readme/USAGE.md b/ai_oca_mcp/readme/USAGE.md new file mode 100644 index 00000000..4a4f37ea --- /dev/null +++ b/ai_oca_mcp/readme/USAGE.md @@ -0,0 +1,19 @@ +- Access in Developer mode +- Go to `AI > MCP Server` +- Create a new MCP Server and add the `generic` tools you want to expose +- Click **Add Key** to generate a new API key for a client — the key is only shown once +- Use the provided URL and the generated key to configure your AI client + +## Connecting from n8n +Use the MCP node with: +- **URL**: the value shown in the `URL` field +- **Authentication**: Bearer Token +- **Token**: the generated API key + +## Tool limitations +Only tools of kind `generic` are supported. Tools requiring a record context +(`generic_model`, `record`) cannot be used via MCP. + +## Security +Each client should have its own API key. Keys can be expired individually +from the server form or from `AI > MCP Server Log` to audit all calls. diff --git a/ai_oca_mcp/security/ir.model.access.csv b/ai_oca_mcp/security/ir.model.access.csv new file mode 100644 index 00000000..cf664cda --- /dev/null +++ b/ai_oca_mcp/security/ir.model.access.csv @@ -0,0 +1,5 @@ +id,name,model_id:id,group_id:id,perm_read,perm_write,perm_create,perm_unlink +access_mcp_server,access_mcp_server,model_mcp_server,base.group_system,1,1,1,1 +access_mcp_server_key,access_mcp_server_key,model_mcp_server_key,base.group_system,1,1,1,1 +access_mcp_server_key_add,access_mcp_server_key_add,model_mcp_server_key_add,base.group_system,1,1,1,1 +access_mcp_server_log,access_mcp_server_log,model_mcp_server_log,base.group_system,1,0,0,0 diff --git a/ai_oca_mcp/static/description/icon.png b/ai_oca_mcp/static/description/icon.png new file mode 100644 index 0000000000000000000000000000000000000000..3a0328b516c4980e8e44cdb63fd945757ddd132d GIT binary patch literal 9455 zcmW++2RxMjAAjx~&dlBk9S+%}OXg)AGE&Cb*&}d0jUxM@u(PQx^-s)697TX`ehR4?GS^qbkof1cslKgkU)h65qZ9Oc=ml_0temigYLJfnz{IDzUf>bGs4N!v3=Z3jMq&A#7%rM5eQ#dc?k~! zVpnB`o+K7|Al`Q_U;eD$B zfJtP*jH`siUq~{KE)`jP2|#TUEFGRryE2`i0**z#*^6~AI|YzIWy$Cu#CSLW3q=GA z6`?GZymC;dCPk~rBS%eCb`5OLr;RUZ;D`}um=H)BfVIq%7VhiMr)_#G0N#zrNH|__ zc+blN2UAB0=617@>_u;MPHN;P;N#YoE=)R#i$k_`UAA>WWCcEVMh~L_ zj--gtp&|K1#58Yz*AHCTMziU1Jzt_jG0I@qAOHsk$2}yTmVkBp_eHuY$A9)>P6o~I z%aQ?!(GqeQ-Y+b0I(m9pwgi(IIZZzsbMv+9w{PFtd_<_(LA~0H(xz{=FhLB@(1&qHA5EJw1>>=%q2f&^X>IQ{!GJ4e9U z&KlB)z(84HmNgm2hg2C0>WM{E(DdPr+EeU_N@57;PC2&DmGFW_9kP&%?X4}+xWi)( z;)z%wI5>D4a*5XwD)P--sPkoY(a~WBw;E~AW`Yue4kFa^LM3X`8x|}ZUeMnqr}>kH zG%WWW>3ml$Yez?i%)2pbKPI7?5o?hydokgQyZsNEr{a|mLdt;X2TX(#B1j35xPnPW z*bMSSOauW>o;*=kO8ojw91VX!qoOQb)zHJ!odWB}d+*K?#sY_jqPdg{Sm2HdYzdEx zOGVPhVRTGPtv0o}RfVP;Nd(|CB)I;*t&QO8h zFfekr30S!-LHmV_Su-W+rEwYXJ^;6&3|L$mMC8*bQptyOo9;>Qb9Q9`ySe3%V$A*9 zeKEe+b0{#KWGp$F+tga)0RtI)nhMa-K@JS}2krK~n8vJ=Ngm?R!9G<~RyuU0d?nz# z-5EK$o(!F?hmX*2Yt6+coY`6jGbb7tF#6nHA zuKk=GGJ;ZwON1iAfG$E#Y7MnZVmrY|j0eVI(DN_MNFJmyZ|;w4tf@=CCDZ#5N_0K= z$;R~bbk?}TpfDjfB&aiQ$VA}s?P}xPERJG{kxk5~R`iRS(SK5d+Xs9swCozZISbnS zk!)I0>t=A<-^z(cmSFz3=jZ23u13X><0b)P)^1T_))Kr`e!-pb#q&J*Q`p+B6la%C zuVl&0duN<;uOsB3%T9Fp8t{ED108<+W(nOZd?gDnfNBC3>M8WE61$So|P zVvqH0SNtDTcsUdzaMDpT=Ty0pDHHNL@Z0w$Y`XO z2M-_r1S+GaH%pz#Uy0*w$Vdl=X=rQXEzO}d6J^R6zjM1u&c9vYLvLp?W7w(?np9x1 zE_0JSAJCPB%i7p*Wvg)pn5T`8k3-uR?*NT|J`eS#_#54p>!p(mLDvmc-3o0mX*mp_ zN*AeS<>#^-{S%W<*mz^!X$w_2dHWpcJ6^j64qFBft-o}o_Vx80o0>}Du;>kLts;$8 zC`7q$QI(dKYG`Wa8#wl@V4jVWBRGQ@1dr-hstpQL)Tl+aqVpGpbSfN>5i&QMXfiZ> zaA?T1VGe?rpQ@;+pkrVdd{klI&jVS@I5_iz!=UMpTsa~mBga?1r}aRBm1WS;TT*s0f0lY=JBl66Upy)-k4J}lh=P^8(SXk~0xW=T9v*B|gzIhN z>qsO7dFd~mgxAy4V?&)=5ieYq?zi?ZEoj)&2o)RLy=@hbCRcfT5jigwtQGE{L*8<@Yd{zg;CsL5mvzfDY}P-wos_6PfprFVaeqNE%h zKZhLtcQld;ZD+>=nqN~>GvROfueSzJD&BE*}XfU|H&(FssBqY=hPCt`d zH?@s2>I(|;fcW&YM6#V#!kUIP8$Nkdh0A(bEVj``-AAyYgwY~jB zT|I7Bf@%;7aL7Wf4dZ%VqF$eiaC38OV6oy3Z#TER2G+fOCd9Iaoy6aLYbPTN{XRPz z;U!V|vBf%H!}52L2gH_+j;`bTcQRXB+y9onc^wLm5wi3-Be}U>k_u>2Eg$=k!(l@I zcCg+flakT2Nej3i0yn+g+}%NYb?ta;R?(g5SnwsQ49U8Wng8d|{B+lyRcEDvR3+`O{zfmrmvFrL6acVP%yG98X zo&+VBg@px@i)%o?dG(`T;n*$S5*rnyiR#=wW}}GsAcfyQpE|>a{=$Hjg=-*_K;UtD z#z-)AXwSRY?OPefw^iI+ z)AXz#PfEjlwTes|_{sB?4(O@fg0AJ^g8gP}ex9Ucf*@_^J(s_5jJV}c)s$`Myn|Kd z$6>}#q^n{4vN@+Os$m7KV+`}c%4)4pv@06af4-x5#wj!KKb%caK{A&Y#Rfs z-po?Dcb1({W=6FKIUirH&(yg=*6aLCekcKwyfK^JN5{wcA3nhO(o}SK#!CINhI`-I z1)6&n7O&ZmyFMuNwvEic#IiOAwNkR=u5it{B9n2sAJV5pNhar=j5`*N!Na;c7g!l$ z3aYBqUkqqTJ=Re-;)s!EOeij=7SQZ3Hq}ZRds%IM*PtM$wV z@;rlc*NRK7i3y5BETSKuumEN`Xu_8GP1Ri=OKQ$@I^ko8>H6)4rjiG5{VBM>B|%`&&s^)jS|-_95&yc=GqjNo{zFkw%%HHhS~e=s zD#sfS+-?*t|J!+ozP6KvtOl!R)@@-z24}`9{QaVLD^9VCSR2b`b!KC#o;Ki<+wXB6 zx3&O0LOWcg4&rv4QG0)4yb}7BFSEg~=IR5#ZRj8kg}dS7_V&^%#Do==#`u zpy6{ox?jWuR(;pg+f@mT>#HGWHAJRRDDDv~@(IDw&R>9643kK#HN`!1vBJHnC+RM&yIh8{gG2q zA%e*U3|N0XSRa~oX-3EAneep)@{h2vvd3Xvy$7og(sayr@95+e6~Xvi1tUqnIxoIH zVWo*OwYElb#uyW{Imam6f2rGbjR!Y3`#gPqkv57dB6K^wRGxc9B(t|aYDGS=m$&S!NmCtrMMaUg(c zc2qC=2Z`EEFMW-me5B)24AqF*bV5Dr-M5ig(l-WPS%CgaPzs6p_gnCIvTJ=Y<6!gT zVt@AfYCzjjsMEGi=rDQHo0yc;HqoRNnNFeWZgcm?f;cp(6CNylj36DoL(?TS7eU#+ z7&mfr#y))+CJOXQKUMZ7QIdS9@#-}7y2K1{8)cCt0~-X0O!O?Qx#E4Og+;A2SjalQ zs7r?qn0H044=sDN$SRG$arw~n=+T_DNdSrarmu)V6@|?1-ZB#hRn`uilTGPJ@fqEy zGt(f0B+^JDP&f=r{#Y_wi#AVDf-y!RIXU^0jXsFpf>=Ji*TeqSY!H~AMbJdCGLhC) zn7Rx+sXw6uYj;WRYrLd^5IZq@6JI1C^YkgnedZEYy<&4(z%Q$5yv#Boo{AH8n$a zhb4Y3PWdr269&?V%uI$xMcUrMzl=;w<_nm*qr=c3Rl@i5wWB;e-`t7D&c-mcQl7x! zZWB`UGcw=Y2=}~wzrfLx=uet<;m3~=8I~ZRuzvMQUQdr+yTV|ATf1Uuomr__nDf=X zZ3WYJtHp_ri(}SQAPjv+Y+0=fH4krOP@S&=zZ-t1jW1o@}z;xk8 z(Nz1co&El^HK^NrhVHa-_;&88vTU>_J33=%{if;BEY*J#1n59=07jrGQ#IP>@u#3A z;!q+E1Rj3ZJ+!4bq9F8PXJ@yMgZL;>&gYA0%_Kbi8?S=XGM~dnQZQ!yBSgcZhY96H zrWnU;k)qy`rX&&xlDyA%(a1Hhi5CWkmg(`Gb%m(HKi-7Z!LKGRP_B8@`7&hdDy5n= z`OIxqxiVfX@OX1p(mQu>0Ai*v_cTMiw4qRt3~NBvr9oBy0)r>w3p~V0SCm=An6@3n)>@z!|o-$HvDK z|3D2ZMJkLE5loMKl6R^ez@Zz%S$&mbeoqH5`Bb){Ei21q&VP)hWS2tjShfFtGE+$z zzCR$P#uktu+#!w)cX!lWN1XU%K-r=s{|j?)Akf@q#3b#{6cZCuJ~gCxuMXRmI$nGtnH+-h z+GEi!*X=AP<|fG`1>MBdTb?28JYc=fGvAi2I<$B(rs$;eoJCyR6_bc~p!XR@O-+sD z=eH`-ye})I5ic1eL~TDmtfJ|8`0VJ*Yr=hNCd)G1p2MMz4C3^Mj?7;!w|Ly%JqmuW zlIEW^Ft%z?*|fpXda>Jr^1noFZEwFgVV%|*XhH@acv8rdGxeEX{M$(vG{Zw+x(ei@ zmfXb22}8-?Fi`vo-YVrTH*C?a8%M=Hv9MqVH7H^J$KsD?>!SFZ;ZsvnHr_gn=7acz z#W?0eCdVhVMWN12VV^$>WlQ?f;P^{(&pYTops|btm6aj>_Uz+hqpGwB)vWp0Cf5y< zft8-je~nn?W11plq}N)4A{l8I7$!ks_x$PXW-2XaRFswX_BnF{R#6YIwMhAgd5F9X zGmwdadS6(a^fjHtXg8=l?Rc0Sm%hk6E9!5cLVloEy4eh(=FwgP`)~I^5~pBEWo+F6 zSf2ncyMurJN91#cJTy_u8Y}@%!bq1RkGC~-bV@SXRd4F{R-*V`bS+6;W5vZ(&+I<9$;-V|eNfLa5n-6% z2(}&uGRF;p92eS*sE*oR$@pexaqr*meB)VhmIg@h{uzkk$9~qh#cHhw#>O%)b@+(| z^IQgqzuj~Sk(J;swEM-3TrJAPCq9k^^^`q{IItKBRXYe}e0Tdr=Huf7da3$l4PdpwWDop%^}n;dD#K4s#DYA8SHZ z&1!riV4W4R7R#C))JH1~axJ)RYnM$$lIR%6fIVA@zV{XVyx}C+a-Dt8Y9M)^KU0+H zR4IUb2CJ{Hg>CuaXtD50jB(_Tcx=Z$^WYu2u5kubqmwp%drJ6 z?Fo40g!Qd<-l=TQxqHEOuPX0;^z7iX?Ke^a%XT<13TA^5`4Xcw6D@Ur&VT&CUe0d} z1GjOVF1^L@>O)l@?bD~$wzgf(nxX1OGD8fEV?TdJcZc2KoUe|oP1#=$$7ee|xbY)A zDZq+cuTpc(fFdj^=!;{k03C69lMQ(|>uhRfRu%+!k&YOi-3|1QKB z z?n?eq1XP>p-IM$Z^C;2L3itnbJZAip*Zo0aw2bs8@(s^~*8T9go!%dHcAz2lM;`yp zD=7&xjFV$S&5uDaiScyD?B-i1ze`+CoRtz`Wn+Zl&#s4&}MO{@N!ufrzjG$B79)Y2d3tBk&)TxUTw@QS0TEL_?njX|@vq?Uz(nBFK5Pq7*xj#u*R&i|?7+6# z+|r_n#SW&LXhtheZdah{ZVoqwyT{D>MC3nkFF#N)xLi{p7J1jXlmVeb;cP5?e(=f# zuT7fvjSbjS781v?7{)-X3*?>tq?)Yd)~|1{BDS(pqC zC}~H#WXlkUW*H5CDOo<)#x7%RY)A;ShGhI5s*#cRDA8YgqG(HeKDx+#(ZQ?386dv! zlXCO)w91~Vw4AmOcATuV653fa9R$fyK8ul%rG z-wfS zihugoZyr38Im?Zuh6@RcF~t1anQu7>#lPpb#}4cOA!EM11`%f*07RqOVkmX{p~KJ9 z^zP;K#|)$`^Rb{rnHGH{~>1(fawV0*Z#)}M`m8-?ZJV<+e}s9wE# z)l&az?w^5{)`S(%MRzxdNqrs1n*-=jS^_jqE*5XDrA0+VE`5^*p3CuM<&dZEeCjoz zR;uu_H9ZPZV|fQq`Cyw4nscrVwi!fE6ciMmX$!_hN7uF;jjKG)d2@aC4ropY)8etW=xJvni)8eHi`H$%#zn^WJ5NLc-rqk|u&&4Z6fD_m&JfSI1Bvb?b<*n&sfl0^t z=HnmRl`XrFvMKB%9}>PaA`m-fK6a0(8=qPkWS5bb4=v?XcWi&hRY?O5HdulRi4?fN zlsJ*N-0Qw+Yic@s0(2uy%F@ib;GjXt01Fmx5XbRo6+n|pP(&nodMoap^z{~q ziEeaUT@Mxe3vJSfI6?uLND(CNr=#^W<1b}jzW58bIfyWTDle$mmS(|x-0|2UlX+9k zQ^EX7Nw}?EzVoBfT(-LT|=9N@^hcn-_p&sqG z&*oVs2JSU+N4ZD`FhCAWaS;>|wH2G*Id|?pa#@>tyxX`+4HyIArWDvVrX)2WAOQff z0qyHu&-S@i^MS-+j--!pr4fPBj~_8({~e1bfcl0wI1kaoN>mJL6KUPQm5N7lB(ui1 zE-o%kq)&djzWJ}ob<-GfDlkB;F31j-VHKvQUGQ3sp`CwyGJk_i!y^sD0fqC@$9|jO zOqN!r!8-p==F@ZVP=U$qSpY(gQ0)59P1&t@y?5rvg<}E+GB}26NYPp4f2YFQrQtot5mn3wu_qprZ=>Ig-$ zbW26Ws~IgY>}^5w`vTB(G`PTZaDiGBo5o(tp)qli|NeV( z@H_=R8V39rt5J5YB2Ky?4eJJ#b`_iBe2ot~6%7mLt5t8Vwi^Jy7|jWXqa3amOIoRb zOr}WVFP--DsS`1WpN%~)t3R!arKF^Q$e12KEqU36AWwnCBICpH4XCsfnyrHr>$I$4 z!DpKX$OKLWarN7nv@!uIA+~RNO)l$$w}p(;b>mx8pwYvu;dD_unryX_NhT8*Tj>BTrTTL&!?O+%Rv;b?B??gSzdp?6Uug9{ zd@V08Z$BdI?fpoCS$)t4mg4rT8Q_I}h`0d-vYZ^|dOB*Q^S|xqTV*vIg?@fVFSmMpaw0qtTRbx} z({Pg?#{2`sc9)M5N$*N|4;^t$+QP?#mov zGVC@I*lBVrOU-%2y!7%)fAKjpEFsgQc4{amtiHb95KQEwvf<(3T<9-Zm$xIew#P22 zc2Ix|App^>v6(3L_MCU0d3W##AB0M~3D00EWoKZqsJYT(#@w$Y_H7G22M~ApVFTRHMI_3be)Lkn#0F*V8Pq zc}`Cjy$bE;FJ6H7p=0y#R>`}-m4(0F>%@P|?7fx{=R^uFdISRnZ2W_xQhD{YuR3t< z{6yxu=4~JkeA;|(J6_nv#>Nvs&FuLA&PW^he@t(UwFFE8)|a!R{`E`K`i^ZnyE4$k z;(749Ix|oi$c3QbEJ3b~D_kQsPz~fIUKym($a_7dJ?o+40*OLl^{=&oq$<#Q(yyrp z{J-FAniyAw9tPbe&IhQ|a`DqFTVQGQ&Gq3!C2==4x{6EJwiPZ8zub-iXoUtkJiG{} zPaR&}_fn8_z~(=;5lD-aPWD3z8PZS@AaUiomF!G8I}Mf>e~0g#BelA-5#`cj;O5>N Xviia!U7SGha1wx#SCgwmn*{w2TRX*I literal 0 HcmV?d00001 diff --git a/ai_oca_mcp/static/description/index.html b/ai_oca_mcp/static/description/index.html new file mode 100644 index 00000000..b127fdeb --- /dev/null +++ b/ai_oca_mcp/static/description/index.html @@ -0,0 +1,475 @@ + + + + + +README.rst + + + +
+ + + +Odoo Community Association + +
+

Ai Oca Mcp

+ +

Beta License: AGPL-3 OCA/ai Translate me on Weblate Try me on Runboat

+

This module exposes Odoo AI tools as an MCP (Model Context Protocol) +server, allowing external AI clients such as n8n or custom agents to +call Odoo functions via the standardized MCP protocol. Authentication is +handled via per-client API keys.

+

Note: Claude Desktop requires OAuth 2.0, which is not supported directly +by this module. An extension could be required.

+

Table of contents

+ +
+

Usage

+
    +
  • Access in Developer mode
    • +
  • Go to AI > MCP Server
    • +
  • Create a new MCP Server and add the generic tools you want to +expose
    • +
  • Click Add Key to generate a new API key for a client — the key is +only shown once
    • +
  • Use the provided URL and the generated key to configure your AI client
    • +
+
+

Connecting from n8n

+

Use the MCP node with:

+
    +
  • URL: the value shown in the URL field
    • +
  • Authentication: Bearer Token
    • +
  • Token: the generated API key
    • +
+
+
+

Tool limitations

+

Only tools of kind generic are supported. Tools requiring a record +context (generic_model, record) cannot be used via MCP.

+
+
+

Security

+

Each client should have its own API key. Keys can be expired +individually from the server form or from AI > MCP Server Log to +audit all calls.

+
+
+
+

Bug Tracker

+

Bugs are tracked on GitHub Issues. +In case of trouble, please check there if your issue has already been reported. +If you spotted it first, help us to smash it by providing a detailed and welcomed +feedback.

+

Do not contact contributors directly about support or help with technical issues.

+
+
+

Credits

+
+

Authors

+
    +
  • Dixmit
    • +
+
+
+

Contributors

+ +
+
+

Maintainers

+

This module is maintained by the OCA.

+ +Odoo Community Association + +

OCA, or the Odoo Community Association, is a nonprofit organization whose +mission is to support the collaborative development of Odoo features and +promote its widespread use.

+

This module is part of the OCA/ai project on GitHub.

+

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

+
+
+
+
+ + diff --git a/ai_oca_mcp/tests/__init__.py b/ai_oca_mcp/tests/__init__.py new file mode 100644 index 00000000..cb03ee12 --- /dev/null +++ b/ai_oca_mcp/tests/__init__.py @@ -0,0 +1 @@ +from . import test_mcp diff --git a/ai_oca_mcp/tests/test_mcp.py b/ai_oca_mcp/tests/test_mcp.py new file mode 100644 index 00000000..15e3e454 --- /dev/null +++ b/ai_oca_mcp/tests/test_mcp.py @@ -0,0 +1,219 @@ +# Copyright 2026 Dixmit +# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl). + +import json + +from freezegun import freeze_time + +from odoo.tests.common import HttpCase +from odoo.tools import mute_logger + + +class TestMcp(HttpCase): + @classmethod + def setUpClass(cls): + super().setUpClass() + cls.server = cls.env["mcp.server"].create( + { + "name": "Test Server", + "tool_ids": [(4, cls.env.ref("ai_tool.current_date").id)], + } + ) + wizard = ( + cls.env["mcp.server.key.add"] + .with_context(default_server_id=cls.server.id) + .create({"name": "Test Key"}) + ) + wizard.generate_key() + cls.security_key = wizard.key + + @mute_logger("odoo.http") + def test_no_authorization(self): + request = self.url_open( + f"/mcp/{self.server.key}", + data=json.dumps( + { + "jsonrpc": "2.0", + "id": "1", + "method": "initialize", + } + ), + headers={"Content-Type": "application/json"}, + ) + self.assertEqual(request.status_code, 401) + + def test_wrong_authorization(self): + request = self.url_open( + f"/mcp/{self.server.key}", + data=json.dumps( + { + "jsonrpc": "2.0", + "id": "1", + "method": "initialize", + } + ), + headers={ + "Content-Type": "application/json", + "Authorization": "Bearer wrong", + }, + ) + self.assertEqual(request.status_code, 200) + response = json.loads(request.content.decode("utf-8")) + self.assertIn("error", response) + + def test_wrong_method(self): + request = self.url_open( + f"/mcp/{self.server.key}", + data=json.dumps( + { + "jsonrpc": "2.0", + "id": "1", + "method": "wrong_method", + } + ), + headers={ + "Content-Type": "application/json", + "Authorization": f"Bearer {self.security_key}", + }, + ) + self.assertEqual(request.status_code, 200) + response = json.loads(request.content.decode("utf-8")) + self.assertIn("error", response) + + def test_correct_initialize(self): + request = self.url_open( + f"/mcp/{self.server.key}", + data=json.dumps( + { + "jsonrpc": "2.0", + "id": "1", + "method": "initialize", + } + ), + headers={ + "Content-Type": "application/json", + "Authorization": f"Bearer {self.security_key}", + }, + ) + self.assertEqual(request.status_code, 200) + response = json.loads(request.content.decode("utf-8")) + self.assertIn("result", response) + self.assertIn("capabilities", response["result"]) + self.assertIn("tools", response["result"]["capabilities"]) + + def test_list_tools(self): + request = self.url_open( + f"/mcp/{self.server.key}", + data=json.dumps( + { + "jsonrpc": "2.0", + "id": "1", + "method": "tools/list", + } + ), + headers={ + "Content-Type": "application/json", + "Authorization": f"Bearer {self.security_key}", + }, + ) + self.assertEqual(request.status_code, 200) + response = json.loads(request.content.decode("utf-8")) + self.assertIn("result", response) + self.assertIn("tools", response["result"]) + self.assertEqual(1, len(response["result"]["tools"])) + self.assertEqual("get_date", response["result"]["tools"][0]["name"]) + + def test_execute_wrong_tool(self): + with freeze_time("2024-01-01"): + request = self.url_open( + f"/mcp/{self.server.key}", + data=json.dumps( + { + "jsonrpc": "2.0", + "id": "1", + "method": "tools/call", + "params": { + "name": "post_message", + "arguments": {}, + }, + } + ), + headers={ + "Content-Type": "application/json", + "Authorization": f"Bearer {self.security_key}", + }, + ) + self.assertEqual(request.status_code, 200) + response = json.loads(request.content.decode("utf-8")) + self.assertIn("error", response) + + def test_execute_tool(self): + with freeze_time("2024-01-01"): + request = self.url_open( + f"/mcp/{self.server.key}", + data=json.dumps( + { + "jsonrpc": "2.0", + "id": "1", + "method": "tools/call", + "params": { + "name": "get_date", + "arguments": {}, + }, + } + ), + headers={ + "Content-Type": "application/json", + "Authorization": f"Bearer {self.security_key}", + }, + ) + self.assertEqual(request.status_code, 200) + response = json.loads(request.content.decode("utf-8")) + self.assertIn("result", response) + self.assertIn("structuredContent", response["result"]) + self.assertEqual(response["result"]["structuredContent"]["date"], "2024-01-01") + + def test_url(self): + self.server.key = "newkey" + self.assertEqual(self.server.url, "http://127.0.0.1:8069/mcp/newkey") + + def test_expiration_handling(self): + self.server.key_ids.write({"expiration_date": "2024-01-02 00:00:00"}) + with freeze_time("2024-01-01"): + request = self.url_open( + f"/mcp/{self.server.key}", + data=json.dumps( + { + "jsonrpc": "2.0", + "id": "1", + "method": "initialize", + } + ), + headers={ + "Content-Type": "application/json", + "Authorization": f"Bearer {self.security_key}", + }, + ) + self.assertEqual(request.status_code, 200) + response = json.loads(request.content.decode("utf-8")) + self.assertIn("result", response) + self.assertNotIn("error", response) + with freeze_time("2024-01-03"): + request = self.url_open( + f"/mcp/{self.server.key}", + data=json.dumps( + { + "jsonrpc": "2.0", + "id": "1", + "method": "initialize", + } + ), + headers={ + "Content-Type": "application/json", + "Authorization": f"Bearer {self.security_key}", + }, + ) + self.assertEqual(request.status_code, 200) + response = json.loads(request.content.decode("utf-8")) + self.assertNotIn("result", response) + self.assertIn("error", response) diff --git a/ai_oca_mcp/views/mcp_server.xml b/ai_oca_mcp/views/mcp_server.xml new file mode 100644 index 00000000..27f5be9f --- /dev/null +++ b/ai_oca_mcp/views/mcp_server.xml @@ -0,0 +1,92 @@ + + + + + + mcp.server + +
+
+
+ +
+
+ +
+
+ + + + + + + + + + + + + +
+ + + + + mcp.server + + + + + + + + + mcp.server + + + + + + + + + MCP Server + mcp.server + tree,form + [] + {} + + + + MCP Server + + + + + + diff --git a/ai_oca_mcp/views/mcp_server_key.xml b/ai_oca_mcp/views/mcp_server_key.xml new file mode 100644 index 00000000..54f4f41c --- /dev/null +++ b/ai_oca_mcp/views/mcp_server_key.xml @@ -0,0 +1,52 @@ + + + + + + mcp.server.key + +
+
+
+ + + + + + + + + +
+ + + + + mcp.server.key + + + + +