0nmcp 3.2.1 → 4.0.0

package/crm/index.js

@@ -11,8 +11,18 @@
 //   crm/index.js     — This file (wires everything together)
 // ============================================================
 
-import { registerTools, crmHeaders, CRM_API_BASE, API_VERSION } from "./helpers.js";
+import { registerTools, crmHeaders, CRM_API_BASE, API_VERSION, setTokenResolver } from "./helpers.js";
 import { registerAuthTools } from "./auth.js";
+import { registerOAuthStoreTools, resolveToken } from "./oauth-store.js";
+import { registerCourseTools } from "./course-generator.js";
+import { registerUserContextTools } from "./user-context.js";
+import { registerBillingTools } from "./billing.js";
+import { registerEmailCampaignTools } from "./email-campaigns.js";
+import { registerMarketplaceBillingTools } from "./marketplace-billing.js";
+import { registerMediaTools } from "./media.js";
+import { registerSaasManagementTools } from "./saas-management.js";
+import { registerSurveyFormTools } from "./surveys-forms.js";
+import { registerAgentBuilderTools } from "./agent-builder.js";
 
 // Category modules — each exports a default array of tool definitions
 import contacts from "./contacts.js";
@@ -30,6 +40,7 @@ import knowledgeBase from "./knowledge-base.js";
 import voiceAi from "./voice-ai.js";
 import saas from "./saas.js";
 import funnels from "./funnels.js"; // includes forms, surveys, associations, snapshots
+import phoneSystem from "./phone-system.js";
 import agentStudio from "./agent-studio.js";
 
 // Re-export definitions + helpers for external consumers (e.g. CRM bridges)
@@ -50,6 +61,7 @@ export {
   saas,
   funnels,
   agentStudio,
+  resolveToken,
   crmHeaders,
   CRM_API_BASE,
   API_VERSION,
@@ -63,9 +75,42 @@ export {
  * @param {import("../capability-proxy.js").CapabilityProxy} [proxy]
  */
 export function registerCrmTools(server, z, proxy) {
+  // 0. Wire up OAuth token auto-resolution
+  setTokenResolver(resolveToken);
+
   // 1. Auth & custom-logic tools (OAuth, snapshot deploy, workflow process)
   registerAuthTools(server, z);
 
+  // 1b. OAuth store tools (connect, status, resolve)
+  registerOAuthStoreTools(server, z);
+
+  // 1c. SDK-powered tools (courses, etc.)
+  registerCourseTools(server, z);
+
+  // 1d. User context decryption (marketplace app embeds)
+  registerUserContextTools(server, z);
+
+  // 1e. External billing (Stripe → CRM webhook) + payment config
+  registerBillingTools(server, z);
+
+  // 1f. Email campaign execution (templates, campaigns, warmup, send)
+  registerEmailCampaignTools(server, z);
+
+  // 1g. Marketplace billing (charge, rebilling, installer details)
+  registerMarketplaceBillingTools(server, z);
+
+  // 1h. Media library (upload, folders, browse, delete)
+  registerMediaTools(server, z);
+
+  // 1i. SaaS management (locations, plans, rebilling, payment links)
+  registerSaasManagementTools(server, z);
+
+  // 1j. Surveys & Forms (list, submissions, file upload)
+  registerSurveyFormTools(server, z);
+
+  // 1k. AI Agent Builder (create, list, execute AI Workflows)
+  registerAgentBuilderTools(server, z);
+
   // 2. Data-driven tools by category
   const categories = [
     { name: "Contacts", defs: contacts },
@@ -84,9 +129,10 @@ export function registerCrmTools(server, z, proxy) {
     { name: "SaaS & Billing", defs: saas },
     { name: "Funnels, Forms, Surveys & More", defs: funnels },
     { name: "Agent Studio", defs: agentStudio },
+    { name: "Phone System", defs: phoneSystem },
   ];
 
-  let totalTools = 5; // auth tools count
+  let totalTools = 5 + 3 + 2 + 1 + 2 + 6 + 7 + 6 + 3 + 3 + 3; // auth(5) + oauth-store(3) + course(2) + user-context(1) + billing(2) + email-campaigns(6) + marketplace-billing(7) + media(6) + saas-mgmt(3) + surveys-forms(3) + agent-builder(3)
   for (const cat of categories) {
     registerTools(server, z, cat.defs, proxy);
     totalTools += cat.defs.length;

package/crm/marketplace-billing.js

@@ -0,0 +1,162 @@
+// ============================================================
+// 0nMCP — CRM Marketplace Billing & Rebilling Tools
+// ============================================================
+// Full marketplace billing: charge locations, check funds,
+// get installer details, rebilling config, uninstall.
+//
+// SDK methods: marketplace.charge, marketplace.getCharges,
+//   marketplace.hasFunds, marketplace.getInstallerDetails,
+//   marketplace.getSpecificCharge, marketplace.deleteCharge,
+//   marketplace.uninstallApplication
+//
+// REST: GET /marketplace/app/:appId/rebilling-config/location/:locationId
+// ============================================================
+
+import getSDK from "./sdk.js";
+import { crmHeaders, CRM_API_BASE } from "./helpers.js";
+
+export function registerMarketplaceBillingTools(server, z) {
+
+  server.tool(
+    "crm_marketplace_charge",
+    "Charge a location for an add-on or service through the CRM marketplace billing. The CRM handles payment collection from the sub-account owner.",
+    {
+      location_id: z.string().describe("CRM location ID to charge"),
+      amount: z.number().describe("Amount in cents"),
+      description: z.string().describe("Charge description"),
+      name: z.string().describe("Product/add-on name"),
+    },
+    async ({ location_id, amount, description, name }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.marketplace.charge({
+          locationId: location_id,
+          amount,
+          description,
+          name,
+        });
+        return { content: [{ type: "text", text: JSON.stringify({ charged: true, data: result }, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_marketplace_get_charges",
+    "List all marketplace charges for a location. Shows charge history, amounts, and status.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+    },
+    async ({ location_id }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.marketplace.getCharges({ locationId: location_id });
+        return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_marketplace_has_funds",
+    "Check if a location has sufficient funds for a marketplace charge. Use before attempting to charge.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      amount: z.number().describe("Amount in cents to check"),
+    },
+    async ({ location_id, amount }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.marketplace.hasFunds({ locationId: location_id, amount });
+        return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_marketplace_installer_details",
+    "Get installer details for a marketplace app — which locations have it installed, installation status, and configuration.",
+    {
+      app_id: z.string().optional().describe("Marketplace app ID (default: 0nCORE app)"),
+    },
+    async ({ app_id }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.marketplace.getInstallerDetails({
+          appId: app_id || "69c762225a31e1cd2f28dd4c",
+        });
+        return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_marketplace_rebilling_config",
+    "Get the rebilling/subscription config for an app at a specific location. Shows pricing plans, usage limits, and subscription status.",
+    {
+      app_id: z.string().optional().describe("Marketplace app ID (default: 0nCORE app)"),
+      location_id: z.string().describe("CRM location ID"),
+      access_token: z.string().optional().describe("OAuth access token (auto-resolved)"),
+    },
+    async ({ app_id, location_id, access_token }) => {
+      try {
+        const appId = app_id || "69c762225a31e1cd2f28dd4c";
+        const token = access_token;
+        if (!token) {
+          return { content: [{ type: "text", text: JSON.stringify({ error: "access_token required for rebilling config" }) }] };
+        }
+        const headers = crmHeaders(token);
+        const res = await fetch(`${CRM_API_BASE}/marketplace/app/${appId}/rebilling-config/location/${location_id}`, { headers });
+        const data = await res.json();
+        return { content: [{ type: "text", text: JSON.stringify({ ok: res.ok, data }, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_marketplace_delete_charge",
+    "Delete/cancel a specific marketplace charge.",
+    {
+      charge_id: z.string().describe("Charge ID to delete"),
+      location_id: z.string().describe("CRM location ID"),
+    },
+    async ({ charge_id, location_id }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.marketplace.deleteCharge({ chargeId: charge_id, locationId: location_id });
+        return { content: [{ type: "text", text: JSON.stringify({ deleted: true, data: result }, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_marketplace_uninstall",
+    "Uninstall a marketplace app from a location.",
+    {
+      app_id: z.string().optional().describe("Marketplace app ID"),
+      location_id: z.string().describe("CRM location ID"),
+    },
+    async ({ app_id, location_id }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.marketplace.uninstallApplication({
+          appId: app_id || "69c762225a31e1cd2f28dd4c",
+          locationId: location_id,
+        });
+        return { content: [{ type: "text", text: JSON.stringify({ uninstalled: true, data: result }, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+}

package/crm/media.js

@@ -0,0 +1,167 @@
+// ============================================================
+// 0nMCP — CRM Media Library Tools (SDK-powered)
+// ============================================================
+// Upload, organize, browse, folder management.
+// SDK: medias.fetchMediaContent, uploadMediaContent,
+//   deleteMediaContent, updateMediaObject, createMediaFolder,
+//   bulkUpdateMediaObjects, bulkDeleteMediaObjects
+// ============================================================
+
+import getSDK from "./sdk.js";
+
+export function registerMediaTools(server, z) {
+
+  server.tool(
+    "crm_media_list",
+    "List files and folders from the CRM media library. Supports pagination, search, and folder browsing.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      parent_id: z.string().optional().describe("Folder ID to browse into (omit for root)"),
+      type: z.string().optional().describe("Filter: file, folder, or all (default: all)"),
+      query: z.string().optional().describe("Search query"),
+      limit: z.number().optional().describe("Max results (default 50)"),
+      offset: z.number().optional().describe("Pagination offset"),
+      sort_by: z.string().optional().describe("Sort field (default: createdAt)"),
+      sort_order: z.string().optional().describe("asc or desc (default: desc)"),
+    },
+    async ({ location_id, parent_id, type, query, limit, offset, sort_by, sort_order }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.medias.fetchMediaContent({
+          altType: "location",
+          altId: location_id,
+          type: type || "all",
+          sortBy: sort_by || "createdAt",
+          sortOrder: sort_order || "desc",
+          limit: String(limit || 50),
+          offset: String(offset || 0),
+          query: query || undefined,
+          parentId: parent_id || undefined,
+        });
+        return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_media_upload",
+    "Upload a file to the CRM media library. Provide a hosted URL or file data. Max 25MB.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      file_url: z.string().describe("URL of the file to upload"),
+      name: z.string().describe("File name"),
+      folder_id: z.string().optional().describe("Parent folder ID"),
+    },
+    async ({ location_id, file_url, name, folder_id }) => {
+      try {
+        const sdk = await getSDK();
+        const body = {
+          hosted: true,
+          fileUrl: file_url,
+          name,
+          altType: "location",
+          altId: location_id,
+          parentId: folder_id || undefined,
+        };
+        const result = await sdk.medias.uploadMediaContent(body);
+        return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_media_create_folder",
+    "Create a new folder in the CRM media library.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      name: z.string().describe("Folder name"),
+      parent_id: z.string().optional().describe("Parent folder ID (omit for root)"),
+    },
+    async ({ location_id, name, parent_id }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.medias.createMediaFolder({
+          altType: "location",
+          altId: location_id,
+          name,
+          parentId: parent_id || undefined,
+        });
+        return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_media_delete",
+    "Delete a file or folder from the CRM media library.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      id: z.string().describe("File or folder ID to delete"),
+    },
+    async ({ location_id, id }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.medias.deleteMediaContent({
+          id,
+          altType: "location",
+          altId: location_id,
+        });
+        return { content: [{ type: "text", text: JSON.stringify({ deleted: true, data: result }, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_media_rename",
+    "Rename a file or folder in the CRM media library.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      id: z.string().describe("File or folder ID"),
+      name: z.string().describe("New name"),
+    },
+    async ({ location_id, id, name }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.medias.updateMediaObject(
+          { id },
+          { name, altType: "location", altId: location_id }
+        );
+        return { content: [{ type: "text", text: JSON.stringify({ renamed: true, data: result }, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_media_bulk_delete",
+    "Bulk delete or trash multiple files and folders.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      ids: z.array(z.string()).describe("Array of file/folder IDs to delete"),
+      trash: z.boolean().optional().describe("Soft delete (trash) instead of permanent (default: true)"),
+    },
+    async ({ location_id, ids, trash }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.medias.bulkDeleteMediaObjects({
+          altType: "location",
+          altId: location_id,
+          filesToBeDeleted: ids.map(id => ({ _id: id })),
+          status: trash !== false ? "trashed" : "deleted",
+        });
+        return { content: [{ type: "text", text: JSON.stringify({ deleted: ids.length, data: result }, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+}

package/crm/oauth-store.js

@@ -0,0 +1,262 @@
+// ============================================================
+// 0nMCP — CRM OAuth Token Store
+// ============================================================
+// Stores and auto-refreshes OAuth tokens per CRM location.
+// Tokens stored in ~/.0n/connections/crm-oauth-{locationId}.0n
+// Falls back to PIT from crm.0n if no OAuth token exists.
+//
+// Usage in tool factory:
+//   const token = await oauthStore.resolveToken(locationId)
+//   // token is always a valid access_token — OAuth or PIT
+// ============================================================
+
+import { readFile, writeFile, mkdir } from "fs/promises";
+import { existsSync } from "fs";
+import { join } from "path";
+import { homedir } from "os";
+
+const CONNECTIONS_DIR = join(homedir(), ".0n", "connections");
+const TOKEN_URL = "https://services.leadconnectorhq.com/oauth/token";
+const REFRESH_BUFFER_MS = 5 * 60 * 1000; // refresh 5 min before expiry
+
+// Default marketplace app credentials (0nCORE app — 140+ scopes)
+const DEFAULT_CLIENT_ID = "69c762225a31e1cd2f28dd4c-mnu5pazi";
+const DEFAULT_CLIENT_SECRET = "92cb8fc3-2b23-40bf-adce-6b6afe9b8445";
+
+/**
+ * @typedef {Object} StoredToken
+ * @property {string} access_token
+ * @property {string} refresh_token
+ * @property {number} expires_at - Unix timestamp in ms
+ * @property {string} location_id
+ * @property {string} [company_id]
+ * @property {string} [client_id]
+ * @property {string} [client_secret]
+ */
+
+function tokenPath(locationId) {
+  return join(CONNECTIONS_DIR, `crm-oauth-${locationId}.0n`);
+}
+
+/**
+ * Load stored OAuth token for a location.
+ * @param {string} locationId
+ * @returns {Promise<StoredToken|null>}
+ */
+export async function loadToken(locationId) {
+  const path = tokenPath(locationId);
+  if (!existsSync(path)) return null;
+  try {
+    const raw = await readFile(path, "utf-8");
+    const data = JSON.parse(raw);
+    return data.oauth || null;
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * Save OAuth token for a location.
+ * @param {string} locationId
+ * @param {Object} tokens - { access_token, refresh_token, expires_in, companyId }
+ * @param {string} [clientId]
+ * @param {string} [clientSecret]
+ */
+export async function saveToken(locationId, tokens, clientId, clientSecret) {
+  await mkdir(CONNECTIONS_DIR, { recursive: true });
+  const path = tokenPath(locationId);
+  const data = {
+    "$0n": {
+      type: "connection",
+      name: `CRM OAuth — ${locationId}`,
+      version: "1.0.0",
+      created: new Date().toISOString(),
+      updated: new Date().toISOString(),
+    },
+    service: "crm",
+    auth: { type: "oauth" },
+    oauth: {
+      access_token: tokens.access_token,
+      refresh_token: tokens.refresh_token,
+      expires_at: Date.now() + (tokens.expires_in || 86400) * 1000,
+      location_id: locationId,
+      company_id: tokens.companyId || tokens.company_id || null,
+      client_id: clientId || DEFAULT_CLIENT_ID,
+      client_secret: clientSecret || DEFAULT_CLIENT_SECRET,
+    },
+  };
+  await writeFile(path, JSON.stringify(data, null, 2));
+  console.error(`[oauth-store] Saved token for location ${locationId}`);
+}
+
+/**
+ * Refresh an expired token.
+ * @param {StoredToken} stored
+ * @returns {Promise<StoredToken>}
+ */
+async function refreshToken(stored) {
+  const clientId = stored.client_id || DEFAULT_CLIENT_ID;
+  const clientSecret = stored.client_secret || DEFAULT_CLIENT_SECRET;
+
+  console.error(`[oauth-store] Refreshing token for ${stored.location_id}...`);
+
+  const res = await fetch(TOKEN_URL, {
+    method: "POST",
+    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+    body: new URLSearchParams({
+      client_id: clientId,
+      client_secret: clientSecret,
+      grant_type: "refresh_token",
+      refresh_token: stored.refresh_token,
+    }),
+  });
+
+  if (!res.ok) {
+    const err = await res.text();
+    console.error(`[oauth-store] Refresh failed for ${stored.location_id}:`, err);
+    throw new Error(`OAuth refresh failed: ${res.status}`);
+  }
+
+  const data = await res.json();
+  const updated = {
+    access_token: data.access_token,
+    refresh_token: data.refresh_token || stored.refresh_token,
+    expires_at: Date.now() + (data.expires_in || 86400) * 1000,
+    location_id: stored.location_id,
+    company_id: data.companyId || stored.company_id,
+    client_id: clientId,
+    client_secret: clientSecret,
+  };
+
+  await saveToken(stored.location_id, {
+    access_token: updated.access_token,
+    refresh_token: updated.refresh_token,
+    expires_in: data.expires_in || 86400,
+    companyId: updated.company_id,
+  }, clientId, clientSecret);
+
+  return updated;
+}
+
+/**
+ * Resolve a valid access token for a location.
+ * Auto-refreshes if expired. Falls back to PIT if no OAuth token.
+ * @param {string} locationId
+ * @returns {Promise<string>} - Valid access_token
+ */
+export async function resolveToken(locationId) {
+  let stored = await loadToken(locationId);
+
+  if (stored) {
+    if (Date.now() >= stored.expires_at - REFRESH_BUFFER_MS) {
+      stored = await refreshToken(stored);
+    }
+    return stored.access_token;
+  }
+
+  // Fall back to PIT from crm.0n
+  const pitPath = join(CONNECTIONS_DIR, "crm.0n");
+  if (existsSync(pitPath)) {
+    try {
+      const raw = await readFile(pitPath, "utf-8");
+      const data = JSON.parse(raw);
+      const pit = data.auth?.credentials?.access_token;
+      if (pit) {
+        console.error(`[oauth-store] No OAuth for ${locationId}, falling back to PIT`);
+        return pit;
+      }
+    } catch {}
+  }
+
+  throw new Error(`No OAuth or PIT token available for location ${locationId}`);
+}
+
+/**
+ * List all locations with stored OAuth tokens.
+ * @returns {Promise<Array<{location_id: string, expires_at: number, expired: boolean}>>}
+ */
+export async function listConnectedLocations() {
+  if (!existsSync(CONNECTIONS_DIR)) return [];
+  const { readdir } = await import("fs/promises");
+  const files = await readdir(CONNECTIONS_DIR);
+  const locations = [];
+  for (const f of files) {
+    if (f.startsWith("crm-oauth-") && f.endsWith(".0n")) {
+      try {
+        const raw = await readFile(join(CONNECTIONS_DIR, f), "utf-8");
+        const data = JSON.parse(raw);
+        if (data.oauth) {
+          locations.push({
+            location_id: data.oauth.location_id,
+            company_id: data.oauth.company_id,
+            expires_at: data.oauth.expires_at,
+            expired: Date.now() >= data.oauth.expires_at,
+            file: f,
+          });
+        }
+      } catch {}
+    }
+  }
+  return locations;
+}
+
+/**
+ * Register OAuth store MCP tools.
+ */
+export function registerOAuthStoreTools(server, z) {
+  server.tool(
+    "crm_oauth_connect",
+    "Store OAuth tokens for a CRM location after OAuth callback. This enables auto-auth for all CRM tools on that location.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      access_token: z.string().describe("OAuth access token"),
+      refresh_token: z.string().describe("OAuth refresh token"),
+      expires_in: z.number().optional().describe("Token TTL in seconds (default 86400)"),
+      company_id: z.string().optional().describe("Company ID"),
+      client_id: z.string().optional().describe("Marketplace app client ID (default: 0nCORE app)"),
+      client_secret: z.string().optional().describe("Marketplace app client secret (default: 0nCORE app)"),
+    },
+    async ({ location_id, access_token, refresh_token, expires_in, company_id, client_id, client_secret }) => {
+      await saveToken(location_id, { access_token, refresh_token, expires_in: expires_in || 86400, companyId: company_id }, client_id, client_secret);
+      return { content: [{ type: "text", text: JSON.stringify({ status: "connected", location_id, expires_in: expires_in || 86400 }) }] };
+    }
+  );
+
+  server.tool(
+    "crm_oauth_status",
+    "Show OAuth connection status for all CRM locations. Shows which have OAuth tokens and which are using PIT fallback.",
+    {},
+    async () => {
+      const locations = await listConnectedLocations();
+      return { content: [{ type: "text", text: JSON.stringify({ connected_locations: locations, count: locations.length }, null, 2) }] };
+    }
+  );
+
+  server.tool(
+    "crm_oauth_resolve",
+    "Resolve a working access token for a location. Auto-refreshes if expired, falls back to PIT if no OAuth. Use this to test auth before making API calls.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+    },
+    async ({ location_id }) => {
+      try {
+        const token = await resolveToken(location_id);
+        const stored = await loadToken(location_id);
+        return {
+          content: [{
+            type: "text",
+            text: JSON.stringify({
+              status: "ok",
+              location_id,
+              auth_type: stored ? "oauth" : "pit",
+              token_preview: token.slice(0, 20) + "...",
+              expires_at: stored?.expires_at ? new Date(stored.expires_at).toISOString() : null,
+            }, null, 2),
+          }],
+        };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ status: "error", message: err.message }) }] };
+      }
+    }
+  );
+}