@adeu/mcp-server 1.6.8 → 1.7.1

package/src/mcp.bugs.test.ts

@@ -0,0 +1,162 @@
+// FILE: node/packages/mcp-server/src/mcp.bugs.test.ts
+import { describe, it, expect, beforeAll, afterAll } from "vitest";
+import { spawn, ChildProcess } from "node:child_process";
+import { resolve, join } from "node:path";
+import { tmpdir } from "node:os";
+import { readFileSync, writeFileSync, existsSync, unlinkSync } from "node:fs";
+import { DocumentObject, RedlineEngine } from "@adeu/core";
+
+describe("Resolved Bugs MCP Server Verification", () => {
+  let serverProc: ChildProcess;
+  let cleanDocPath: string;
+  let dirtyDocPath: string;
+
+  beforeAll(async () => {
+    // 1. Grab the shared golden fixture from the monorepo root
+    const fixturePath = resolve(
+      __dirname,
+      "../../../../shared/fixtures/golden.docx",
+    );
+
+    cleanDocPath = join(tmpdir(), `adeu_clean_${Date.now()}.docx`);
+    dirtyDocPath = join(tmpdir(), `adeu_dirty_${Date.now()}.docx`);
+
+    // Save a clean copy
+    const fixtureBuf = readFileSync(fixturePath);
+    writeFileSync(cleanDocPath, fixtureBuf);
+
+    // Load it via the public API, dirty it, and save a dirty copy
+    const doc = await DocumentObject.load(fixtureBuf);
+    const engine = new RedlineEngine(doc, "Reviewer");
+
+    // "document" is original base text, so we won't trigger the cross-author nested redline constraint
+    engine.process_batch([
+      {
+        type: "modify",
+        target_text: "document",
+        new_text: "dirty modified document",
+      },
+    ]);
+    writeFileSync(dirtyDocPath, await doc.save());
+
+    // 2. Boot the compiled MCP server
+    const serverPath = resolve(__dirname, "../dist/index.js");
+    if (!existsSync(serverPath)) {
+      throw new Error(
+        "MCP server not built. Run 'npm run build' before tests.",
+      );
+    }
+
+    serverProc = spawn("node", [serverPath]);
+  });
+
+  afterAll(() => {
+    if (serverProc && !serverProc.killed) serverProc.kill();
+    if (existsSync(cleanDocPath)) unlinkSync(cleanDocPath);
+    if (existsSync(dirtyDocPath)) unlinkSync(dirtyDocPath);
+  });
+
+  // Helper to interact with the stdio JSON-RPC server
+  function sendRpc(method: string, params: any, id: number = 1): Promise<any> {
+    return new Promise((resolve, reject) => {
+      const timeout = setTimeout(() => reject(new Error("RPC Timeout")), 5000);
+
+      const listener = (data: Buffer) => {
+        const lines = data.toString().trim().split("\n");
+        for (const line of lines) {
+          if (!line.startsWith("{")) continue;
+          try {
+            const res = JSON.parse(line);
+            if (res.id === id) {
+              clearTimeout(timeout);
+              serverProc.stdout?.removeListener("data", listener);
+              resolve(res);
+            }
+          } catch (e) {
+            // Ignore incomplete chunks
+          }
+        }
+      };
+
+      serverProc.stdout?.on("data", listener);
+      serverProc.stdin?.write(
+        JSON.stringify({ jsonrpc: "2.0", id, method, params }) + "\n",
+      );
+    });
+  }
+
+  it("BUG-5: Rejects empty changes array early without writing files", async () => {
+    const outPath = join(tmpdir(), `adeu_out_${Date.now()}.docx`);
+    if (existsSync(outPath)) unlinkSync(outPath);
+
+    const res = await sendRpc(
+      "tools/call",
+      {
+        name: "process_document_batch",
+        arguments: {
+          original_docx_path: cleanDocPath,
+          author_name: "Agent",
+          changes: [],
+          output_path: outPath,
+        },
+      },
+      101,
+    );
+
+    expect(res.result.content[0].text).toBe("Error: No changes provided.");
+    expect(existsSync(outPath)).toBe(false); // Proves no-op
+  });
+
+  it("BUG-9: diff_docx_files tool respects compare_clean parameter", async () => {
+    // 1. compare_clean = true (Default) -> Should output clean text comparison
+    const resClean = await sendRpc(
+      "tools/call",
+      {
+        name: "diff_docx_files",
+        arguments: {
+          original_path: cleanDocPath,
+          modified_path: dirtyDocPath,
+          compare_clean: true,
+        },
+      },
+      102,
+    );
+
+    const cleanText = resClean.result.content[0].text;
+    expect(cleanText).toContain("dirty modified");
+    expect(cleanText).not.toContain("{++"); // No CriticMarkup
+
+    // 2. compare_clean = false -> Should output raw CriticMarkup comparison
+    const resRaw = await sendRpc(
+      "tools/call",
+      {
+        name: "diff_docx_files",
+        arguments: {
+          original_path: cleanDocPath,
+          modified_path: dirtyDocPath,
+          compare_clean: false,
+        },
+      },
+      103,
+    );
+
+    const rawText = resRaw.result.content[0].text;
+    expect(rawText).toContain("{++dirty modified ++}");
+  });
+  it("BUG-10: Traps ENOENT and returns clean File Not Found errors", async () => {
+    const res = await sendRpc(
+      "tools/call",
+      {
+        name: "read_docx",
+        arguments: { file_path: join(tmpdir(), "DEF_DOES_NOT_EXIST.docx") },
+      },
+      104,
+    );
+
+    expect(res.result.isError).toBe(true);
+    expect(res.result.content[0].text).toContain(
+      "Error executing tool read_docx: File not found:",
+    );
+    expect(res.result.content[0].text).not.toContain("ENOENT"); // Raw node error must not leak
+  });
+});

package/src/mcp.cloud.test.ts

@@ -0,0 +1,138 @@
+// FILE: node/packages/mcp-server/src/mcp.cloud.test.ts
+import { describe, it, expect, beforeAll, afterAll } from "vitest";
+import { spawn, ChildProcess } from "node:child_process";
+import { resolve, join } from "node:path";
+import { tmpdir } from "node:os";
+import {
+  existsSync,
+  mkdirSync,
+  readFileSync,
+  writeFileSync,
+  rmSync,
+} from "node:fs";
+
+describe("Cloud Auth & Email Tools MCP Verification", () => {
+  let serverProc: ChildProcess;
+  let testHomeDir: string;
+  let adeuConfigDir: string;
+  let credPath: string;
+
+  beforeAll(async () => {
+    // 1. Create a sandboxed home directory so we don't nuke the dev's actual login
+    testHomeDir = join(tmpdir(), `adeu_test_home_${Date.now()}`);
+    adeuConfigDir = join(testHomeDir, ".adeu");
+    credPath = join(adeuConfigDir, "credentials.json");
+    mkdirSync(testHomeDir, { recursive: true });
+
+    // 2. Boot the compiled MCP server with the sandboxed HOME environment
+    const serverPath = resolve(__dirname, "../dist/index.js");
+    if (!existsSync(serverPath)) {
+      throw new Error(
+        "MCP server not built. Run 'npm run build' before tests.",
+      );
+    }
+
+    serverProc = spawn("node", [serverPath], {
+      env: {
+        ...process.env,
+        HOME: testHomeDir, // Mock homedir() for macOS/Linux
+        USERPROFILE: testHomeDir, // Mock homedir() for Windows
+      },
+    });
+  });
+
+  afterAll(() => {
+    if (serverProc && !serverProc.killed) serverProc.kill();
+    if (existsSync(testHomeDir)) {
+      rmSync(testHomeDir, { recursive: true, force: true });
+    }
+  });
+
+  // Helper to interact with the stdio JSON-RPC server
+  function sendRpc(method: string, params: any, id: number = 1): Promise<any> {
+    return new Promise((resolve, reject) => {
+      const timeout = setTimeout(() => reject(new Error("RPC Timeout")), 5000);
+
+      const listener = (data: Buffer) => {
+        const lines = data.toString().trim().split("\n");
+        for (const line of lines) {
+          if (!line.startsWith("{")) continue;
+          try {
+            const res = JSON.parse(line);
+            if (res.id === id) {
+              clearTimeout(timeout);
+              serverProc.stdout?.removeListener("data", listener);
+              resolve(res);
+            }
+          } catch (e) {
+            // Ignore incomplete chunks
+          }
+        }
+      };
+
+      serverProc.stdout?.on("data", listener);
+      serverProc.stdin?.write(
+        JSON.stringify({ jsonrpc: "2.0", id, method, params }) + "\n",
+      );
+    });
+  }
+
+  it("CLOUD-1: Enforces authentication trap for search_and_fetch_emails", async () => {
+    // Attempt to search emails without a credentials.json file in the sandbox
+    const res = await sendRpc(
+      "tools/call",
+      {
+        name: "search_and_fetch_emails",
+        arguments: { subject: "Invoice" },
+      },
+      201,
+    );
+
+    expect(res.result.isError).toBe(true);
+    expect(res.result.content[0].text).toContain("Authentication Required");
+    expect(res.result.content[0].text).toContain("login_to_adeu_cloud");
+  });
+
+  it("CLOUD-2: Validates create_email_draft missing required arguments", async () => {
+    // To bypass the auth trap for this test, we inject a dummy credential file
+    mkdirSync(adeuConfigDir, { recursive: true });
+    writeFileSync(credPath, JSON.stringify({ api_key: "dummy_test_key" }));
+
+    const res = await sendRpc(
+      "tools/call",
+      {
+        name: "create_email_draft",
+        arguments: {
+          body_markdown: "Hello World",
+          // Missing reply_to_email_id AND subject/to_recipients
+        },
+      },
+      202,
+    );
+
+    expect(res.result.isError).toBe(true);
+    expect(res.result.content[0].text).toContain(
+      "You must provide either 'reply_to_email_id' OR both 'subject' and 'to_recipients'",
+    );
+  });
+
+  it("CLOUD-3: logout_of_adeu_cloud successfully deletes the credentials file", async () => {
+    // Ensure the dummy file from the previous test exists
+    expect(existsSync(credPath)).toBe(true);
+
+    const res = await sendRpc(
+      "tools/call",
+      {
+        name: "logout_of_adeu_cloud",
+        arguments: {},
+      },
+      203,
+    );
+
+    expect(res.result.isError).toBeFalsy();
+    expect(res.result.content[0].text).toContain("Successfully logged out");
+
+    // Verify the file was physically deleted from the sandboxed .adeu directory
+    expect(existsSync(credPath)).toBe(false);
+  });
+});

package/src/shared.ts

@@ -0,0 +1,7 @@
+// FILE: node/packages/mcp-server/src/shared.ts
+export const FRONTEND_URL =
+  process.env.ADEU_FRONTEND_URL || "https://app.adeu.ai";
+export const BACKEND_URL =
+  process.env.ADEU_BACKEND_URL || "https://app.adeu.ai";
+export const MARKDOWN_UI_URI = "ui://adeu/markdown-ui";
+export const EMAIL_UI_URI = "ui://adeu/email-ui";

package/src/tools/auth.ts

@@ -0,0 +1,49 @@
+// FILE: node/packages/mcp-server/src/tools/auth.ts
+import { DesktopAuthManager } from "../desktop-auth.js";
+import { BACKEND_URL } from "../shared.js";
+import { ToolResult } from "../response-builders.js";
+
+export async function login_to_adeu_cloud(): Promise<ToolResult> {
+  try {
+    const apiKey = await DesktopAuthManager.ensureAuthenticated();
+
+    const res = await fetch(`${BACKEND_URL}/api/v1/auth/me`, {
+      headers: {
+        Authorization: `Bearer ${apiKey}`,
+        Accept: "application/json",
+      },
+    });
+
+    if (res.status === 401) {
+      DesktopAuthManager.clearApiKey();
+      throw new Error(
+        "Your previous session expired. The stale key has been cleared. Please call `login_to_adeu_cloud` ONE MORE TIME to log in fresh.",
+      );
+    }
+    if (!res.ok) throw new Error(`HTTP Error: ${res.status}`);
+
+    const data: any = await res.json();
+    return {
+      content: [
+        {
+          type: "text",
+          text: `Login successful! Connected to Adeu Cloud as: ${data.email || "Unknown Email"}.`,
+        },
+      ],
+    };
+  } catch (err: any) {
+    return { isError: true, content: [{ type: "text", text: err.message }] };
+  }
+}
+
+export async function logout_of_adeu_cloud(): Promise<ToolResult> {
+  DesktopAuthManager.clearApiKey();
+  return {
+    content: [
+      {
+        type: "text",
+        text: "Successfully logged out. The local API key has been removed.",
+      },
+    ],
+  };
+}

package/src/tools/email.ts

@@ -0,0 +1,313 @@
+// FILE: node/packages/mcp-server/src/tools/email.ts
+import { homedir, tmpdir } from "node:os";
+import { join } from "node:path";
+import { readFileSync, writeFileSync, mkdirSync, existsSync } from "node:fs";
+import { DesktopAuthManager, getCloudAuthToken } from "../desktop-auth.js";
+import { BACKEND_URL } from "../shared.js";
+import { ToolResult } from "../response-builders.js";
+import { createHash } from "node:crypto";
+
+const CACHE_FILE = join(homedir(), ".adeu", "mcp_id_cache.json");
+const MAX_CACHE_SIZE = 1000;
+
+function loadIdCache(): Record<string, string> {
+  if (existsSync(CACHE_FILE)) {
+    try {
+      return JSON.parse(readFileSync(CACHE_FILE, "utf-8"));
+    } catch {
+      return {};
+    }
+  }
+  return {};
+}
+
+function saveIdCache(cache: Record<string, string>): void {
+  try {
+    mkdirSync(join(homedir(), ".adeu"), { recursive: true });
+    const keys = Object.keys(cache);
+    if (keys.length > MAX_CACHE_SIZE) {
+      const trimmed: Record<string, string> = {};
+      keys.slice(-MAX_CACHE_SIZE).forEach((k) => (trimmed[k] = cache[k]));
+      cache = trimmed;
+    }
+    writeFileSync(CACHE_FILE, JSON.stringify(cache));
+  } catch {
+    /* ignore */
+  }
+}
+
+function minifyEmailId(realId: string, cache: Record<string, string>): string {
+  if (!realId) return realId;
+  const hash = createHash("md5").update(realId).digest("hex").slice(0, 6);
+  const shortId = `msg_${hash}`;
+  cache[shortId] = realId;
+  return shortId;
+}
+
+function resolveEmailId(shortId: string): string {
+  if (!shortId) return shortId;
+  const cache = loadIdCache();
+  return cache[shortId] || shortId;
+}
+
+function stripTags(html: string): string {
+  if (!html) return "";
+  let text = html.replace(/<(style|script|head)[^>]*>[\s\S]*?<\/\1>/gi, "");
+  text = text.replace(
+    /<\/?(p|div|br|hr|tr|li|h[1-6]|blockquote)\b[^>]*>/gi,
+    "\n",
+  );
+  text = text.replace(/<[^>]+>/g, "");
+  return text.replace(/\n\s*\n\s*\n+/g, "\n\n").trim();
+}
+
+function removeNestedQuotes(text: string): string {
+  if (!text) return "";
+  const patterns = [
+    /_{10,}/m,
+    /^From:\s.*?\n(?:.*\n){0,5}?Sent:\s/m,
+    /-----Original Message-----/m,
+    /On .{1,200}? wrote:/m,
+    /^Original Message$/m,
+  ];
+  let earliestCut = text.length;
+  for (const pattern of patterns) {
+    const match = pattern.exec(text);
+    if (match && match.index < earliestCut) {
+      earliestCut = match.index;
+    }
+  }
+  return text.substring(0, earliestCut).trim();
+}
+
+function getUniqueFilepath(saveDir: string, filename: string): string {
+  let filepath = join(saveDir, filename);
+  let counter = 1;
+  const parts = filename.split(".");
+  const ext = parts.length > 1 ? `.${parts.pop()}` : "";
+  const stem = parts.join(".");
+
+  while (existsSync(filepath)) {
+    filepath = join(saveDir, `${stem}_${counter}${ext}`);
+    counter++;
+  }
+  return filepath;
+}
+
+export async function search_and_fetch_emails(args: any): Promise<ToolResult> {
+  const apiKey = await getCloudAuthToken();
+  const realEmailId = args.email_id ? resolveEmailId(args.email_id) : undefined;
+
+  const payload = {
+    email_id: realEmailId,
+    sender: args.sender,
+    subject: args.subject,
+    has_attachments: args.has_attachments,
+    attachment_name: args.attachment_name,
+    is_unread: args.is_unread,
+    days_ago: args.days_ago,
+    folder: args.folder,
+    limit: args.limit ?? 10,
+    offset: args.offset ?? 0,
+  };
+
+  // Remove undefined fields
+  Object.keys(payload).forEach(
+    (k) => (payload as any)[k] === undefined && delete (payload as any)[k],
+  );
+
+  const res = await fetch(`${BACKEND_URL}/api/v1/emails/search`, {
+    method: "POST",
+    headers: {
+      Authorization: `Bearer ${apiKey}`,
+      "Content-Type": "application/json",
+    },
+    body: JSON.stringify(payload),
+  });
+
+  if (res.status === 401) {
+    DesktopAuthManager.clearApiKey();
+    throw new Error(
+      "Authentication expired. Please call `login_to_adeu_cloud` to re-authenticate.",
+    );
+  }
+  if (!res.ok) throw new Error(`Cloud search failed: ${await res.text()}`);
+
+  const data: any = await res.json();
+  const cache = loadIdCache();
+
+  if (data.type === "previews") {
+    const previews = data.previews || [];
+    if (!previews.length)
+      return {
+        content: [
+          {
+            type: "text",
+            text: "No emails found matching your search criteria.",
+          },
+        ],
+      };
+
+    const lines = [
+      `Found ${previews.length} email(s). Here are the previews:`,
+      "",
+    ];
+    for (const p of previews) {
+      const shortId = minifyEmailId(p.id, cache);
+      const attFlag = p.has_attachments ? "📎 (Has Attachments)" : "";
+      const unreadFlag = p.is_read === false ? "🟢 [UNREAD]" : "";
+      lines.push(
+        `- **ID**: \`${shortId}\`\n  **Subject**: ${p.subject} ${attFlag} ${unreadFlag}\n  **From**: ${p.sender_name} <${p.sender_email}>\n  **Date**: ${p.received_datetime}\n  **Preview**: ${p.preview_text}\n`,
+      );
+    }
+    saveIdCache(cache);
+    lines.push(
+      "⚠️ **ACTION REQUIRED**: To read the full body of an email and download its attachments, call this tool again and provide the exact `email_id`.",
+    );
+    return { content: [{ type: "text", text: lines.join("\n") }] };
+  }
+
+  if (data.type === "full_email") {
+    const full = data.full_email || {};
+    const shortTargetId = minifyEmailId(full.id || "unknown_id", cache);
+
+    saveIdCache(cache);
+
+    const baseDir =
+      args.working_directory && existsSync(args.working_directory)
+        ? args.working_directory
+        : tmpdir();
+    const saveDir = join(
+      baseDir,
+      args.working_directory ? "adeu_attachments" : "adeu_downloads",
+      shortTargetId,
+    );
+    mkdirSync(saveDir, { recursive: true });
+
+    async function processAttachments(msg: any): Promise<string[]> {
+      const localFiles: string[] = [];
+      for (const att of msg.attachments || []) {
+        if (att.base64_data) {
+          try {
+            const filepath = getUniqueFilepath(
+              saveDir,
+              att.filename || "unnamed_file",
+            );
+            writeFileSync(filepath, Buffer.from(att.base64_data, "base64"));
+            localFiles.push(filepath);
+            delete att.base64_data; // Free memory
+          } catch (e) {
+            console.error(`Failed to save attachment ${att.filename}`, e);
+          }
+        }
+      }
+      return localFiles;
+    }
+
+    const targetFiles = await processAttachments(full);
+    const lines = [
+      `# Email Thread: ${full.subject}`,
+      "",
+      "## Target Message (Newest):",
+      `**From**: ${full.sender_name} <${full.sender_email}>`,
+      `**Date**: ${full.received_datetime}`,
+    ];
+
+    if (targetFiles.length) {
+      lines.push("**Attachments Saved Locally**:");
+      targetFiles.forEach((f) => lines.push(`- 📎 \`${f}\``));
+    }
+
+    const cleanBody = removeNestedQuotes(stripTags(full.body_html || ""));
+    lines.push(`**Body**:\n\`\`\`\n${cleanBody}\n\`\`\`\n`);
+
+    if (full.is_thread && full.messages?.length) {
+      lines.push("## Previous Messages in Thread (Historical Context):");
+      for (let i = 0; i < full.messages.length; i++) {
+        const histMsg = full.messages[i];
+        const histFiles = await processAttachments(histMsg);
+        lines.push(
+          `### Message -${i + 1} (Older)\n**From**: ${histMsg.sender_name} <${histMsg.sender_email}>\n**Date**: ${histMsg.received_datetime}`,
+        );
+        if (histFiles.length) {
+          lines.push("**Attachments Saved Locally**:");
+          histFiles.forEach((f) => lines.push(`- 📎 \`${f}\``));
+        }
+        lines.push(
+          `**Body**:\n\`\`\`\n${removeNestedQuotes(stripTags(histMsg.body_html || ""))}\n\`\`\`\n`,
+        );
+      }
+    }
+    return { content: [{ type: "text", text: lines.join("\n") }] };
+  }
+
+  return {
+    isError: true,
+    content: [{ type: "text", text: "Unknown response format from backend." }],
+  };
+}
+
+export async function create_email_draft(args: any): Promise<ToolResult> {
+  const apiKey = await getCloudAuthToken();
+  if (!args.reply_to_email_id && (!args.subject || !args.to_recipients)) {
+    throw new Error(
+      "You must provide either 'reply_to_email_id' OR both 'subject' and 'to_recipients'.",
+    );
+  }
+
+  const formData = new FormData();
+  formData.append("body_markdown", args.body_markdown);
+
+  if (args.reply_to_email_id) {
+    formData.append(
+      "reply_to_email_id",
+      resolveEmailId(args.reply_to_email_id),
+    );
+  }
+  if (args.subject) formData.append("subject", args.subject);
+
+  if (args.to_recipients) {
+    const recips =
+      typeof args.to_recipients === "string"
+        ? JSON.parse(args.to_recipients)
+        : args.to_recipients;
+    formData.append("to_recipients", JSON.stringify(recips));
+  }
+
+  if (args.attachment_paths) {
+    const paths =
+      typeof args.attachment_paths === "string"
+        ? JSON.parse(args.attachment_paths)
+        : args.attachment_paths;
+    for (const p of paths) {
+      const buf = readFileSync(p);
+      const filename = p.split(/[/\\]/).pop();
+      formData.append("files", new Blob([buf]), filename);
+    }
+  }
+
+  const res = await fetch(`${BACKEND_URL}/api/v1/emails/drafts/new`, {
+    method: "POST",
+    headers: { Authorization: `Bearer ${apiKey}`, Accept: "application/json" },
+    body: formData as any,
+  });
+
+  if (res.status === 401) {
+    DesktopAuthManager.clearApiKey();
+    throw new Error(
+      "Authentication expired. Please call `login_to_adeu_cloud`.",
+    );
+  }
+  if (!res.ok)
+    throw new Error(`Cloud draft creation failed: ${await res.text()}`);
+
+  const data: any = await res.json();
+  return {
+    content: [
+      {
+        type: "text",
+        text: `Successfully created email draft! Draft ID: ${data.id}`,
+      },
+    ],
+  };
+}