0nmcp 3.2.2 → 4.5.0

package/crm/media.js

@@ -0,0 +1,167 @@
+// ============================================================
+// 0nMCP — CRM Media Library Tools (SDK-powered)
+// ============================================================
+// Upload, organize, browse, folder management.
+// SDK: medias.fetchMediaContent, uploadMediaContent,
+//   deleteMediaContent, updateMediaObject, createMediaFolder,
+//   bulkUpdateMediaObjects, bulkDeleteMediaObjects
+// ============================================================
+
+import getSDK from "./sdk.js";
+
+export function registerMediaTools(server, z) {
+
+  server.tool(
+    "crm_media_list",
+    "List files and folders from the CRM media library. Supports pagination, search, and folder browsing.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      parent_id: z.string().optional().describe("Folder ID to browse into (omit for root)"),
+      type: z.string().optional().describe("Filter: file, folder, or all (default: all)"),
+      query: z.string().optional().describe("Search query"),
+      limit: z.number().optional().describe("Max results (default 50)"),
+      offset: z.number().optional().describe("Pagination offset"),
+      sort_by: z.string().optional().describe("Sort field (default: createdAt)"),
+      sort_order: z.string().optional().describe("asc or desc (default: desc)"),
+    },
+    async ({ location_id, parent_id, type, query, limit, offset, sort_by, sort_order }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.medias.fetchMediaContent({
+          altType: "location",
+          altId: location_id,
+          type: type || "all",
+          sortBy: sort_by || "createdAt",
+          sortOrder: sort_order || "desc",
+          limit: String(limit || 50),
+          offset: String(offset || 0),
+          query: query || undefined,
+          parentId: parent_id || undefined,
+        });
+        return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_media_upload",
+    "Upload a file to the CRM media library. Provide a hosted URL or file data. Max 25MB.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      file_url: z.string().describe("URL of the file to upload"),
+      name: z.string().describe("File name"),
+      folder_id: z.string().optional().describe("Parent folder ID"),
+    },
+    async ({ location_id, file_url, name, folder_id }) => {
+      try {
+        const sdk = await getSDK();
+        const body = {
+          hosted: true,
+          fileUrl: file_url,
+          name,
+          altType: "location",
+          altId: location_id,
+          parentId: folder_id || undefined,
+        };
+        const result = await sdk.medias.uploadMediaContent(body);
+        return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_media_create_folder",
+    "Create a new folder in the CRM media library.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      name: z.string().describe("Folder name"),
+      parent_id: z.string().optional().describe("Parent folder ID (omit for root)"),
+    },
+    async ({ location_id, name, parent_id }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.medias.createMediaFolder({
+          altType: "location",
+          altId: location_id,
+          name,
+          parentId: parent_id || undefined,
+        });
+        return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_media_delete",
+    "Delete a file or folder from the CRM media library.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      id: z.string().describe("File or folder ID to delete"),
+    },
+    async ({ location_id, id }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.medias.deleteMediaContent({
+          id,
+          altType: "location",
+          altId: location_id,
+        });
+        return { content: [{ type: "text", text: JSON.stringify({ deleted: true, data: result }, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_media_rename",
+    "Rename a file or folder in the CRM media library.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      id: z.string().describe("File or folder ID"),
+      name: z.string().describe("New name"),
+    },
+    async ({ location_id, id, name }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.medias.updateMediaObject(
+          { id },
+          { name, altType: "location", altId: location_id }
+        );
+        return { content: [{ type: "text", text: JSON.stringify({ renamed: true, data: result }, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_media_bulk_delete",
+    "Bulk delete or trash multiple files and folders.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      ids: z.array(z.string()).describe("Array of file/folder IDs to delete"),
+      trash: z.boolean().optional().describe("Soft delete (trash) instead of permanent (default: true)"),
+    },
+    async ({ location_id, ids, trash }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.medias.bulkDeleteMediaObjects({
+          altType: "location",
+          altId: location_id,
+          filesToBeDeleted: ids.map(id => ({ _id: id })),
+          status: trash !== false ? "trashed" : "deleted",
+        });
+        return { content: [{ type: "text", text: JSON.stringify({ deleted: ids.length, data: result }, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+}

package/crm/oauth-store.js

@@ -0,0 +1,262 @@
+// ============================================================
+// 0nMCP — CRM OAuth Token Store
+// ============================================================
+// Stores and auto-refreshes OAuth tokens per CRM location.
+// Tokens stored in ~/.0n/connections/crm-oauth-{locationId}.0n
+// Falls back to PIT from crm.0n if no OAuth token exists.
+//
+// Usage in tool factory:
+//   const token = await oauthStore.resolveToken(locationId)
+//   // token is always a valid access_token — OAuth or PIT
+// ============================================================
+
+import { readFile, writeFile, mkdir } from "fs/promises";
+import { existsSync } from "fs";
+import { join } from "path";
+import { homedir } from "os";
+
+const CONNECTIONS_DIR = join(homedir(), ".0n", "connections");
+const TOKEN_URL = "https://services.leadconnectorhq.com/oauth/token";
+const REFRESH_BUFFER_MS = 5 * 60 * 1000; // refresh 5 min before expiry
+
+// Default marketplace app credentials (0nCORE app — 140+ scopes)
+const DEFAULT_CLIENT_ID = "69c762225a31e1cd2f28dd4c-mnu5pazi";
+const DEFAULT_CLIENT_SECRET = "92cb8fc3-2b23-40bf-adce-6b6afe9b8445";
+
+/**
+ * @typedef {Object} StoredToken
+ * @property {string} access_token
+ * @property {string} refresh_token
+ * @property {number} expires_at - Unix timestamp in ms
+ * @property {string} location_id
+ * @property {string} [company_id]
+ * @property {string} [client_id]
+ * @property {string} [client_secret]
+ */
+
+function tokenPath(locationId) {
+  return join(CONNECTIONS_DIR, `crm-oauth-${locationId}.0n`);
+}
+
+/**
+ * Load stored OAuth token for a location.
+ * @param {string} locationId
+ * @returns {Promise<StoredToken|null>}
+ */
+export async function loadToken(locationId) {
+  const path = tokenPath(locationId);
+  if (!existsSync(path)) return null;
+  try {
+    const raw = await readFile(path, "utf-8");
+    const data = JSON.parse(raw);
+    return data.oauth || null;
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * Save OAuth token for a location.
+ * @param {string} locationId
+ * @param {Object} tokens - { access_token, refresh_token, expires_in, companyId }
+ * @param {string} [clientId]
+ * @param {string} [clientSecret]
+ */
+export async function saveToken(locationId, tokens, clientId, clientSecret) {
+  await mkdir(CONNECTIONS_DIR, { recursive: true });
+  const path = tokenPath(locationId);
+  const data = {
+    "$0n": {
+      type: "connection",
+      name: `CRM OAuth — ${locationId}`,
+      version: "1.0.0",
+      created: new Date().toISOString(),
+      updated: new Date().toISOString(),
+    },
+    service: "crm",
+    auth: { type: "oauth" },
+    oauth: {
+      access_token: tokens.access_token,
+      refresh_token: tokens.refresh_token,
+      expires_at: Date.now() + (tokens.expires_in || 86400) * 1000,
+      location_id: locationId,
+      company_id: tokens.companyId || tokens.company_id || null,
+      client_id: clientId || DEFAULT_CLIENT_ID,
+      client_secret: clientSecret || DEFAULT_CLIENT_SECRET,
+    },
+  };
+  await writeFile(path, JSON.stringify(data, null, 2));
+  console.error(`[oauth-store] Saved token for location ${locationId}`);
+}
+
+/**
+ * Refresh an expired token.
+ * @param {StoredToken} stored
+ * @returns {Promise<StoredToken>}
+ */
+async function refreshToken(stored) {
+  const clientId = stored.client_id || DEFAULT_CLIENT_ID;
+  const clientSecret = stored.client_secret || DEFAULT_CLIENT_SECRET;
+
+  console.error(`[oauth-store] Refreshing token for ${stored.location_id}...`);
+
+  const res = await fetch(TOKEN_URL, {
+    method: "POST",
+    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+    body: new URLSearchParams({
+      client_id: clientId,
+      client_secret: clientSecret,
+      grant_type: "refresh_token",
+      refresh_token: stored.refresh_token,
+    }),
+  });
+
+  if (!res.ok) {
+    const err = await res.text();
+    console.error(`[oauth-store] Refresh failed for ${stored.location_id}:`, err);
+    throw new Error(`OAuth refresh failed: ${res.status}`);
+  }
+
+  const data = await res.json();
+  const updated = {
+    access_token: data.access_token,
+    refresh_token: data.refresh_token || stored.refresh_token,
+    expires_at: Date.now() + (data.expires_in || 86400) * 1000,
+    location_id: stored.location_id,
+    company_id: data.companyId || stored.company_id,
+    client_id: clientId,
+    client_secret: clientSecret,
+  };
+
+  await saveToken(stored.location_id, {
+    access_token: updated.access_token,
+    refresh_token: updated.refresh_token,
+    expires_in: data.expires_in || 86400,
+    companyId: updated.company_id,
+  }, clientId, clientSecret);
+
+  return updated;
+}
+
+/**
+ * Resolve a valid access token for a location.
+ * Auto-refreshes if expired. Falls back to PIT if no OAuth token.
+ * @param {string} locationId
+ * @returns {Promise<string>} - Valid access_token
+ */
+export async function resolveToken(locationId) {
+  let stored = await loadToken(locationId);
+
+  if (stored) {
+    if (Date.now() >= stored.expires_at - REFRESH_BUFFER_MS) {
+      stored = await refreshToken(stored);
+    }
+    return stored.access_token;
+  }
+
+  // Fall back to PIT from crm.0n
+  const pitPath = join(CONNECTIONS_DIR, "crm.0n");
+  if (existsSync(pitPath)) {
+    try {
+      const raw = await readFile(pitPath, "utf-8");
+      const data = JSON.parse(raw);
+      const pit = data.auth?.credentials?.access_token;
+      if (pit) {
+        console.error(`[oauth-store] No OAuth for ${locationId}, falling back to PIT`);
+        return pit;
+      }
+    } catch {}
+  }
+
+  throw new Error(`No OAuth or PIT token available for location ${locationId}`);
+}
+
+/**
+ * List all locations with stored OAuth tokens.
+ * @returns {Promise<Array<{location_id: string, expires_at: number, expired: boolean}>>}
+ */
+export async function listConnectedLocations() {
+  if (!existsSync(CONNECTIONS_DIR)) return [];
+  const { readdir } = await import("fs/promises");
+  const files = await readdir(CONNECTIONS_DIR);
+  const locations = [];
+  for (const f of files) {
+    if (f.startsWith("crm-oauth-") && f.endsWith(".0n")) {
+      try {
+        const raw = await readFile(join(CONNECTIONS_DIR, f), "utf-8");
+        const data = JSON.parse(raw);
+        if (data.oauth) {
+          locations.push({
+            location_id: data.oauth.location_id,
+            company_id: data.oauth.company_id,
+            expires_at: data.oauth.expires_at,
+            expired: Date.now() >= data.oauth.expires_at,
+            file: f,
+          });
+        }
+      } catch {}
+    }
+  }
+  return locations;
+}
+
+/**
+ * Register OAuth store MCP tools.
+ */
+export function registerOAuthStoreTools(server, z) {
+  server.tool(
+    "crm_oauth_connect",
+    "Store OAuth tokens for a CRM location after OAuth callback. This enables auto-auth for all CRM tools on that location.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+      access_token: z.string().describe("OAuth access token"),
+      refresh_token: z.string().describe("OAuth refresh token"),
+      expires_in: z.number().optional().describe("Token TTL in seconds (default 86400)"),
+      company_id: z.string().optional().describe("Company ID"),
+      client_id: z.string().optional().describe("Marketplace app client ID (default: 0nCORE app)"),
+      client_secret: z.string().optional().describe("Marketplace app client secret (default: 0nCORE app)"),
+    },
+    async ({ location_id, access_token, refresh_token, expires_in, company_id, client_id, client_secret }) => {
+      await saveToken(location_id, { access_token, refresh_token, expires_in: expires_in || 86400, companyId: company_id }, client_id, client_secret);
+      return { content: [{ type: "text", text: JSON.stringify({ status: "connected", location_id, expires_in: expires_in || 86400 }) }] };
+    }
+  );
+
+  server.tool(
+    "crm_oauth_status",
+    "Show OAuth connection status for all CRM locations. Shows which have OAuth tokens and which are using PIT fallback.",
+    {},
+    async () => {
+      const locations = await listConnectedLocations();
+      return { content: [{ type: "text", text: JSON.stringify({ connected_locations: locations, count: locations.length }, null, 2) }] };
+    }
+  );
+
+  server.tool(
+    "crm_oauth_resolve",
+    "Resolve a working access token for a location. Auto-refreshes if expired, falls back to PIT if no OAuth. Use this to test auth before making API calls.",
+    {
+      location_id: z.string().describe("CRM location ID"),
+    },
+    async ({ location_id }) => {
+      try {
+        const token = await resolveToken(location_id);
+        const stored = await loadToken(location_id);
+        return {
+          content: [{
+            type: "text",
+            text: JSON.stringify({
+              status: "ok",
+              location_id,
+              auth_type: stored ? "oauth" : "pit",
+              token_preview: token.slice(0, 20) + "...",
+              expires_at: stored?.expires_at ? new Date(stored.expires_at).toISOString() : null,
+            }, null, 2),
+          }],
+        };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ status: "error", message: err.message }) }] };
+      }
+    }
+  );
+}

package/crm/phone-system.js

@@ -0,0 +1,88 @@
+// ============================================================
+// 0nMCP — CRM Phone System API Tool Definitions
+// ============================================================
+// Phone number purchasing, management, and number pools.
+// Scopes: phonenumbers.read, phonenumbers.write, numberpools.read
+// ============================================================
+
+export default [
+  {
+    name: "crm_purchase_phone_number",
+    description: "Purchase a phone number for a CRM location. Specify country, capabilities (voice/sms), and optionally an area code or contains pattern.",
+    method: "POST",
+    path: "/phone-number/purchase",
+    params: {
+      locationId: { type: "string", description: "Location ID", required: true, in: "body" },
+      number: { type: "string", description: "Specific phone number to purchase (E.164 format, e.g. +14155551234)", required: false, in: "body" },
+      country: { type: "string", description: "Country code (US, CA, GB, etc.)", required: false, in: "body" },
+      areaCode: { type: "string", description: "Desired area code (e.g. 412, 724)", required: false, in: "body" },
+      contains: { type: "string", description: "Pattern the number should contain", required: false, in: "body" },
+      capabilities: { type: "array", description: "Capabilities: ['voice', 'sms', 'mms']", required: false, in: "body" },
+    },
+    body: ["locationId", "number", "country", "areaCode", "contains", "capabilities"],
+  },
+
+  {
+    name: "crm_search_phone_numbers",
+    description: "Search available phone numbers to purchase by area code, country, or pattern.",
+    method: "GET",
+    path: "/phone-number/search",
+    params: {
+      locationId: { type: "string", description: "Location ID", required: true, in: "query" },
+      country: { type: "string", description: "Country code (US, CA, GB, etc.)", required: false, in: "query" },
+      areaCode: { type: "string", description: "Area code to search (e.g. 412)", required: false, in: "query" },
+      contains: { type: "string", description: "Pattern to search for", required: false, in: "query" },
+      type: { type: "string", description: "Number type: local, tollfree, mobile", required: false, in: "query" },
+      limit: { type: "number", description: "Max results", required: false, in: "query" },
+    },
+  },
+
+  {
+    name: "crm_list_active_numbers",
+    description: "List all active phone numbers for a location with pagination.",
+    method: "GET",
+    path: "/phone-number/active",
+    params: {
+      locationId: { type: "string", description: "Location ID", required: true, in: "query" },
+      page: { type: "number", description: "Page number", required: false, in: "query" },
+      pageSize: { type: "number", description: "Results per page", required: false, in: "query" },
+      searchFilter: { type: "string", description: "Filter by number or label", required: false, in: "query" },
+    },
+  },
+
+  {
+    name: "crm_release_phone_number",
+    description: "Release (cancel) a phone number from a location.",
+    method: "DELETE",
+    path: "/phone-number/:phoneNumberId",
+    params: {
+      phoneNumberId: { type: "string", description: "Phone number ID to release", required: true, in: "path" },
+      locationId: { type: "string", description: "Location ID", required: true, in: "query" },
+    },
+  },
+
+  {
+    name: "crm_update_phone_number",
+    description: "Update phone number settings — label, forwarding, voicemail, call recording.",
+    method: "PUT",
+    path: "/phone-number/:phoneNumberId",
+    params: {
+      phoneNumberId: { type: "string", description: "Phone number ID", required: true, in: "path" },
+      locationId: { type: "string", description: "Location ID", required: true, in: "body" },
+      name: { type: "string", description: "Label/name for the number", required: false, in: "body" },
+      forwardingNumber: { type: "string", description: "Forward calls to this number", required: false, in: "body" },
+      callRecording: { type: "boolean", description: "Enable call recording", required: false, in: "body" },
+    },
+    body: ["locationId", "name", "forwardingNumber", "callRecording"],
+  },
+
+  {
+    name: "crm_list_number_pools",
+    description: "List number pools for a location (used for call tracking).",
+    method: "GET",
+    path: "/phone-number/number-pool",
+    params: {
+      locationId: { type: "string", description: "Location ID", required: true, in: "query" },
+    },
+  },
+]

package/crm/saas-management.js

@@ -0,0 +1,72 @@
+// ============================================================
+// 0nMCP — CRM SaaS Management Tools (SDK-powered)
+// ============================================================
+// SDK-only tools that complement the data-driven saas.js module.
+// These use the SDK directly for methods not in the REST catalog.
+// ============================================================
+
+import getSDK from "./sdk.js";
+
+export function registerSaasManagementTools(server, z) {
+
+  server.tool(
+    "crm_saas_generate_payment_link",
+    "Generate a payment link for a sub-account to pay for their SaaS subscription.",
+    {
+      company_id: z.string().describe("Agency company ID"),
+      location_id: z.string().describe("Location ID"),
+    },
+    async ({ company_id, location_id }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.saasApi.generatePaymentLink({
+          companyId: company_id,
+          locationId: location_id,
+        });
+        return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_saas_get_company_info",
+    "Get agency company details — name, settings, billing configuration.",
+    {
+      company_id: z.string().describe("Agency company ID"),
+    },
+    async ({ company_id }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.companies.getCompany({ companyId: company_id });
+        return { content: [{ type: "text", text: JSON.stringify(result, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+
+  server.tool(
+    "crm_saas_update_location_rebilling",
+    "Update rebilling/pricing configuration for a specific sub-account location via SDK.",
+    {
+      company_id: z.string().describe("Agency company ID"),
+      location_id: z.string().describe("Location ID"),
+      config: z.record(z.any()).describe("Rebilling configuration object"),
+    },
+    async ({ company_id, location_id, config }) => {
+      try {
+        const sdk = await getSDK();
+        const result = await sdk.saasApi.updateRebilling({
+          companyId: company_id,
+          locationId: location_id,
+          ...config,
+        });
+        return { content: [{ type: "text", text: JSON.stringify({ updated: true, data: result }, null, 2) }] };
+      } catch (err) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: err.message }) }] };
+      }
+    }
+  );
+}

package/crm/sdk.js

@@ -0,0 +1,60 @@
+// ============================================================
+// 0nMCP — HighLevel SDK Singleton
+// ============================================================
+// Initialized once with 0nCORE marketplace app credentials.
+// Supabase-backed session storage for persistent OAuth tokens.
+// Every module available: courses, voiceAi, marketplace, etc.
+// ============================================================
+
+import { SupabaseSessionStorage } from "./supabase-session-storage.js";
+
+let _sdk = null;
+let _initPromise = null;
+
+const CLIENT_ID = process.env.CRM_MARKETPLACE_CLIENT_ID || "69c762225a31e1cd2f28dd4c-mnu5pazi";
+const CLIENT_SECRET = process.env.CRM_MARKETPLACE_CLIENT_SECRET || "92cb8fc3-2b23-40bf-adce-6b6afe9b8445";
+
+/**
+ * Get the HighLevel SDK singleton.
+ * Lazy-loads and initializes with Supabase session storage.
+ */
+export async function getSDK() {
+  if (_sdk) return _sdk;
+  if (_initPromise) return _initPromise;
+
+  _initPromise = (async () => {
+    const { HighLevel } = await import("@gohighlevel/api-client");
+
+    _sdk = new HighLevel({
+      clientId: CLIENT_ID,
+      clientSecret: CLIENT_SECRET,
+      sessionStorage: new SupabaseSessionStorage(),
+    });
+
+    console.error("[0nMCP] HighLevel SDK initialized with Supabase session storage");
+    return _sdk;
+  })();
+
+  return _initPromise;
+}
+
+/**
+ * Store an OAuth token in the SDK's session storage.
+ * Call this after OAuth callback to persist tokens.
+ */
+export async function storeOAuthToken(locationId, tokenData) {
+  const sdk = await getSDK();
+  const key = `location:${locationId}`;
+  await sdk.config.sessionStorage.set(key, {
+    access_token: tokenData.access_token,
+    refresh_token: tokenData.refresh_token,
+    expires_at: Date.now() + (tokenData.expires_in || 86400) * 1000,
+    location_id: locationId,
+    company_id: tokenData.companyId || null,
+    token_type: tokenData.token_type || "Bearer",
+    scope: tokenData.scope || "",
+  });
+  console.error(`[0nMCP] OAuth token stored for location ${locationId}`);
+}
+
+export default getSDK;