feat: refactor backend architecture with interface pattern and trusted proxy support

[hrntknr]

Summary

This PR refactors the backend architecture to use an interface pattern, providing better separation of concerns and extensibility. It introduces trusted proxy support for enhanced security when running behind reverse proxies.

Type of Change

• feat: A new feature
• fix: A bug fix
• docs: Documentation only changes
• style: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)
• refactor: A code change that neither fixes a bug nor adds a feature
• perf: A code change that improves performance
• test: Adding missing tests or correcting existing tests
• build: Changes that affect the build system or external dependencies
• ci: Changes to our CI configuration files and scripts
• chore: Other changes that don't modify src or test files
• revert: Reverts a previous commit

Related Issues

Changes Made

• Extract Backend interface for better abstraction
• Split monolithic backend.go into separate implementations:
  • proxy.go: Handles MCP server execution and proxying
  • transparent.go: Handles HTTP/HTTPS URL proxying with trusted proxy support
• Add trusted proxy configuration with IP/CIDR range validation
• Implement comprehensive test coverage for new backend implementations
• Maintain full backward compatibility with existing functionality

Testing

• Added unit tests for all new backend implementations
• Verified trusted proxy functionality with various IP and CIDR configurations
• Ensured existing MCP server proxy functionality remains unchanged

[codecov]

Codecov Report

❌ Patch coverage is 48.19277% with 43 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
pkg/backend/transparent.go	62.90%	18 Missing and 5 partials ⚠️
pkg/mcp-proxy/main.go	0.00%	11 Missing ⚠️
main.go	0.00%	9 Missing ⚠️

📢 Thoughts on this report? Let us know!

[Copilot]

Pull Request Overview

This PR refactors the backend architecture to introduce an interface pattern for better abstraction and adds trusted proxy support for enhanced security when running behind reverse proxies. The changes maintain backward compatibility while providing better separation of concerns.

• Extracted a Backend interface to abstract proxy implementations
• Split the monolithic backend into separate proxy and transparent implementations
• Added trusted proxy configuration with IP/CIDR validation for secure header handling

Reviewed Changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
pkg/backend/interface.go	Defines the new Backend interface with Run, Wait, and Close methods
pkg/backend/proxy.go	Updates ProxyBackend to implement the Backend interface
pkg/backend/transparent.go	New TransparentBackend implementation for HTTP/HTTPS proxying with trusted proxy support
pkg/backend/transparent_test.go	Comprehensive test coverage for the transparent backend functionality
pkg/backend/proxy_test.go	Enhanced test coverage for proxy backend context handling
pkg/backend/main_test.go	Test setup configuration for the backend package
pkg/mcp-proxy/main.go	Integration of trusted proxy support and backend interface usage
main.go	Command-line flag addition for trusted proxy configuration

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

The Wait() method accesses p.ctx without proper synchronization. Consider using the ctxLock mutex to safely read p.ctx, similar to how it's protected in the Run() method.

Suggested change

	if p.ctx == nil {
	return nil
	}
	<-p.ctx.Done()
	p.ctxLock.Lock()
	ctx := p.ctx
	p.ctxLock.Unlock()
	if ctx == nil {
	return nil
	}
	<-ctx.Done()