[BUG]: Enhanced Validation Missing in GatewayCreate #694
Description
Issue: Enhanced Validation Missing in GatewayCreate
Description: The enhanced validation for multi-headers (header key format validation and 100-header limit) is only implemented in GatewayUpdate but missing in GatewayCreate.
Current State:
- GatewayUpdate has comprehensive validation (lines 2084-2126 in mcpgateway/schemas.py)
- GatewayCreate has basic validation (lines 1901-1918 in mcpgateway/schemas.py)
Impact:
- Users can create gateways with invalid header keys via create endpoint
- Users can create gateways with >100 headers via create endpoint
- Inconsistent behavior between create and update operations
Fix Required:
- Copy enhanced validation logic from GatewayUpdate._process_auth_fields() to GatewayCreate._process_auth_fields()
- Add header key format validation: if not all(c.isalnum() or c in "-_" for c in key.replace(" ", ""))
- Add excessive headers check: if len(header_dict) > 100
- Add duplicate key warning with logging
Files to Modify:
- mcpgateway/schemas.py (lines 1904-1909)
Test Coverage:
- Add test cases to tests/unit/mcpgateway/test_multi_auth_headers.py for:
- Invalid header key format in create
- Excessive headers (>100) in create
- Duplicate key handling in create
Priority: VERY LOW - UI/UX Polish
Issue: JavaScript Console Errors
Description: Minor JavaScript issues in admin interface.
Files: mcpgateway/static/admin.js
- Line 6432: Changed showNotification to console.error - consider implementing proper notification system
- Consider adding user-friendly error messages for header validation failures
Impact: Very Low - functionality works, just less polished UX
Action: Implement proper notification system for admin UI