Handle empty API tool parameters more gracefully

Author: mneudert

McpTools/AbstractApiCall.php

@@ -15,6 +15,7 @@
 use Piwik\Plugins\McpServer\Contracts\Ports\Api\ApiCallQueryServiceInterface;
 use Piwik\Plugins\McpServer\Contracts\Ports\Api\ApiMethodSummaryQueryServiceInterface;
 use Piwik\Plugins\McpServer\Contracts\Records\Api\ApiCallRecord;
+use Piwik\Plugins\McpServer\Support\Normalization\ToolDataNormalizer;
 use Piwik\Plugins\McpServer\SystemSettings;
 
 /**
@@ -41,6 +42,10 @@ public function call(
         ?string $action = null,
         ?array $parameters = null
     ): array {
+        $parameters = $parameters === null
+            ? null
+            : ToolDataNormalizer::requireStringKeyedArrayOrEmptyList($parameters, 'parameters');
+
         $accessMode = $this->systemSettings->getRawApiAccessMode();
         $resolvedMethod = $this->apiMethodSummaryQueryService->getApiMethodSummaryBySelector(
             $accessMode,

Schemas/Api/ApiCallToolInputSchema.php

@@ -32,9 +32,18 @@ final class ApiCallToolInputSchema
                 'description' => 'Exact Matomo API action name.',
             ],
             'parameters' => [
-                'type' => 'object',
-                'additionalProperties' => true,
-                'description' => 'Optional Matomo API parameters for the selected method.',
+                'oneOf' => [
+                    [
+                        'type' => 'object',
+                        'additionalProperties' => true,
+                        'description' => 'Optional Matomo API parameters for the selected method.',
+                    ],
+                    [
+                        'type' => 'array',
+                        'maxItems' => 0,
+                        'description' => 'Empty array is accepted and normalized as no parameters.',
+                    ],
+                ],
             ],
         ],
         'not' => [

tests/Integration/McpTools/ApiCallTest.php

@@ -91,6 +91,55 @@ public function testReadModeCallsKnownReadMethodByModuleAndActionSelector(): voi
         self::assertIsString($content['result']);
     }
 
+    public function testReadModeAcceptsEmptyParametersList(): void
+    {
+        McpTestHelper::setRawApiAccessMode('read');
+
+        $server = McpTestHelper::buildServer();
+        $sessionId = McpTestHelper::initializeSession($server);
+        $content = McpTestHelper::callToolAndAssertSuccess(
+            $server,
+            $sessionId,
+            ApiCallRead::TOOL_NAME,
+            ['method' => 'API.getMatomoVersion', 'parameters' => []],
+            __METHOD__
+        );
+
+        $resolvedMethod = $content['resolvedMethod'] ?? null;
+        self::assertIsArray($resolvedMethod);
+        self::assertSame('API.getMatomoVersion', $resolvedMethod['method'] ?? null);
+        self::assertIsString($content['result'] ?? null);
+    }
+
+    public function testReadModeAcceptsEmptyParametersObject(): void
+    {
+        McpTestHelper::setRawApiAccessMode('read');
+
+        $server = McpTestHelper::buildServer();
+        $sessionId = McpTestHelper::initializeSession($server);
+        $payload = json_encode([
+            'jsonrpc' => '2.0',
+            'id' => __METHOD__,
+            'method' => 'tools/call',
+            'params' => [
+                'name' => ApiCallRead::TOOL_NAME,
+                'arguments' => [
+                    'method' => 'API.getMatomoVersion',
+                    'parameters' => new \stdClass(),
+                ],
+            ],
+        ], JSON_THROW_ON_ERROR);
+
+        $response = McpTestHelper::postJson($server, $payload, ['Mcp-Session-Id' => $sessionId]);
+        $message = McpTestHelper::decodeResponse($response);
+        $result = McpTestHelper::parseCallTool($message);
+        $content = McpTestHelper::assertToolSuccess($result);
+        $resolvedMethod = $content['resolvedMethod'] ?? null;
+        self::assertIsArray($resolvedMethod);
+        self::assertSame('API.getMatomoVersion', $resolvedMethod['method'] ?? null);
+        self::assertIsString($content['result'] ?? null);
+    }
+
     public function testReadModeRejectsWriteOnlyMethod(): void
     {
         McpTestHelper::setRawApiAccessMode('read');
@@ -329,6 +378,29 @@ public function testRejectsReservedParameterKeys(): void
         );
     }
 
+    public function testRejectsNonEmptyParametersListAtSchemaLevel(): void
+    {
+        McpTestHelper::setRawApiAccessMode('read');
+
+        $server = McpTestHelper::buildServer();
+        $sessionId = McpTestHelper::initializeSession($server);
+        $message = McpTestHelper::callToolExpectInvalidParams(
+            $server,
+            $sessionId,
+            ApiCallRead::TOOL_NAME,
+            [
+                'method' => 'API.getMatomoVersion',
+                'parameters' => ['flat'],
+            ],
+            __METHOD__
+        );
+
+        self::assertStringContainsString(
+            "Invalid parameters for tool '" . ApiCallRead::TOOL_NAME . "':",
+            $message->message
+        );
+    }
+
     public function testRejectsMissingSelectorAtSchemaLevel(): void
     {
         McpTestHelper::setRawApiAccessMode('full');

tests/Unit/McpTools/ApiCallTest.php

@@ -160,6 +160,76 @@ public function callApi(
         self::assertSame(['userLogin' => 'alice'], $capturedValues['parameters']);
     }
 
+    public function testCallNormalizesEmptyParameterList(): void
+    {
+        $captured = new stdClass();
+        $captured->values = [];
+
+        $record = new ApiMethodSummaryRecord(
+            'API',
+            'getMatomoVersion',
+            'API.getMatomoVersion',
+            [],
+            ApiMethodOperationClassifier::CATEGORY_READ,
+            ApiMethodOperationClassifier::CONFIDENCE_HIGH,
+            'action-prefix:get'
+        );
+
+        $tool = new ApiCallRead(
+            new class ($captured) implements ApiCallQueryServiceInterface {
+                public function __construct(private stdClass $captured)
+                {
+                }
+
+                public function callApi(
+                    ApiMethodSummaryRecord $resolvedMethod,
+                    ?array $parameters = null
+                ): ApiCallRecord {
+                    $this->captured->values = [
+                        'resolvedMethod' => $resolvedMethod,
+                        'parameters' => $parameters,
+                    ];
+
+                    return new ApiCallRecord('6.0.0', $resolvedMethod);
+                }
+            },
+            $this->createMethodSummaryQueryServiceStub($record),
+            $this->createSystemSettingsStub('read')
+        );
+
+        $actual = $tool->call(method: 'API.getMatomoVersion', parameters: []);
+
+        self::assertSame('6.0.0', $actual['result']);
+        /** @var array<string, mixed> $capturedValues */
+        $capturedValues = $captured->values;
+        self::assertSame([], $capturedValues['parameters']);
+    }
+
+    public function testCallRejectsNonEmptyParameterList(): void
+    {
+        $record = new ApiMethodSummaryRecord(
+            'API',
+            'getMatomoVersion',
+            'API.getMatomoVersion',
+            [],
+            ApiMethodOperationClassifier::CATEGORY_READ,
+            ApiMethodOperationClassifier::CONFIDENCE_HIGH,
+            'action-prefix:get'
+        );
+
+        $tool = new ApiCallRead(
+            $this->createMock(ApiCallQueryServiceInterface::class),
+            $this->createMethodSummaryQueryServiceStub($record),
+            $this->createSystemSettingsStub('read')
+        );
+
+        $this->expectException(ToolCallException::class);
+        $this->expectExceptionMessage('parameters is invalid.');
+
+        /** @phpstan-ignore-next-line intentional invalid direct invocation coverage */
+        $tool->call(method: 'API.getMatomoVersion', parameters: ['flat']);
+    }
+
     public function testScopedToolRejectsMethodOutsideExpectedOperationCategory(): void
     {
         $tool = new ApiCallRead(