@app-connect/core 1.7.23 → 1.7.24

package/handlers/admin.js

@@ -6,6 +6,7 @@ const { RingCentral } = require('../lib/ringcentral');
 const { Connector } = require('../models/dynamo/connectorSchema');
 const logger = require('../lib/logger');
 const { handleDatabaseError } = require('../lib/errorHandler');
+const { getHashValue } = require('../lib/util');
 
 const CALL_AGGREGATION_GROUPS = ["Company", "CompanyNumbers", "Users", "Queues", "IVRs", "IVAs", "SharedLines", "UserGroups", "Sites", "Departments"]
 const RC_EXTENSION_ENDPOINT = 'https://platform.ringcentral.com/restapi/v1.0/account/~/extension/~';
@@ -108,7 +109,8 @@ async function getAdminReport({ rcAccountId, timezone, timeFrom, timeTo, groupBy
             clientSecret: process.env.RINGCENTRAL_CLIENT_SECRET,
             redirectUri: `${process.env.APP_SERVER}/ringcentral/oauth/callback`
         });
-        let adminConfig = await AdminConfigModel.findByPk(rcAccountId);
+        const hashedRcAccountId = getHashValue(rcAccountId, process.env.HASH_KEY);
+        let adminConfig = await AdminConfigModel.findByPk(hashedRcAccountId);
         const isTokenExpired = adminConfig.adminTokenExpiry < new Date();
         if (isTokenExpired) {
             const { access_token, refresh_token, expire_time } = await rcSDK.refreshToken({
@@ -116,7 +118,7 @@ async function getAdminReport({ rcAccountId, timezone, timeFrom, timeTo, groupBy
                 expires_in: adminConfig.adminTokenExpiry,
                 refresh_token_expires_in: adminConfig.adminTokenExpiry
             });
-            adminConfig = await AdminConfigModel.update({ adminAccessToken: access_token, adminRefreshToken: refresh_token, adminTokenExpiry: expire_time }, { where: { id: rcAccountId } });
+            adminConfig = await AdminConfigModel.update({ adminAccessToken: access_token, adminRefreshToken: refresh_token, adminTokenExpiry: expire_time }, { where: { id: hashedRcAccountId } });
         }
         const callsAggregationData = await rcSDK.getCallsAggregationData({
             token: { access_token: adminConfig.adminAccessToken, token_type: 'Bearer' },
@@ -177,7 +179,8 @@ async function getUserReport({ rcAccountId, rcExtensionId, timezone, timeFrom, t
             clientSecret: process.env.RINGCENTRAL_CLIENT_SECRET,
             redirectUri: `${process.env.APP_SERVER}/ringcentral/oauth/callback`
         });
-        let adminConfig = await AdminConfigModel.findByPk(rcAccountId);
+        const hashedRcAccountId = getHashValue(rcAccountId, process.env.HASH_KEY);
+        let adminConfig = await AdminConfigModel.findByPk(hashedRcAccountId);
         const isTokenExpired = adminConfig.adminTokenExpiry < new Date();
         if (isTokenExpired) {
             const { access_token, refresh_token, expire_time } = await rcSDK.refreshToken({
@@ -185,7 +188,7 @@ async function getUserReport({ rcAccountId, rcExtensionId, timezone, timeFrom, t
                 expires_in: adminConfig.adminTokenExpiry,
                 refresh_token_expires_in: adminConfig.adminTokenExpiry
             });
-            adminConfig = await AdminConfigModel.update({ adminAccessToken: access_token, adminRefreshToken: refresh_token, adminTokenExpiry: expire_time }, { where: { id: rcAccountId } });
+            adminConfig = await AdminConfigModel.update({ adminAccessToken: access_token, adminRefreshToken: refresh_token, adminTokenExpiry: expire_time }, { where: { id: hashedRcAccountId } });
         }
         const callLogData = await rcSDK.getCallLogData({
             extensionId: rcExtensionId,

package/handlers/auth.js

@@ -7,6 +7,7 @@ const adminCore = require('./admin');
 const { Connector } = require('../models/dynamo/connectorSchema');
 const { handleDatabaseError } = require('../lib/errorHandler');
 const managedAuthCore = require('./managedAuth');
+const { getHashValue } = require('../lib/util');
 
 async function onOAuthCallback({ platform, hostname, tokenUrl, query, hashedRcExtensionId, isFromMCP = false }) {
     const callbackUri = query.callbackUri;
@@ -279,8 +280,9 @@ async function onRingcentralOAuthCallback({ code, rcAccountId }) {
         redirectUri: `${process.env.APP_SERVER}/ringcentral/oauth/callback`
     });
     const { access_token, refresh_token, expire_time } = await rcSDK.generateToken({ code });
+    const hashedRcAccountId = getHashValue(rcAccountId, process.env.HASH_KEY);
     await adminCore.updateAdminRcTokens({
-        hashedRcAccountId: rcAccountId,
+        hashedRcAccountId,
         adminAccessToken: access_token,
         adminRefreshToken: refresh_token,
         adminTokenExpiry: expire_time

package/index.js

@@ -89,6 +89,19 @@ async function initDB() {
             await UserModel.sync();
             logger.info('hashedRcExtensionId column added to users table');
         }
+
+        // if LlmSessionModel doesn't have expiry column, add it
+        const llmSessionTableName = LlmSessionModel.getTableName();
+        const llmSessionTableSchema = await queryInterface.describeTable(llmSessionTableName);
+        if (!llmSessionTableSchema.expiry) {
+            logger.info('adding expiry column to llmSessions table...');
+            await queryInterface.addColumn(llmSessionTableName, 'expiry', {
+                type: Sequelize.DATE,
+                allowNull: true,
+            });
+            await LlmSessionModel.sync();
+            logger.info('expiry column added to llmSessions table');
+        }
     }
 }
 

package/lib/authSession.js

@@ -7,7 +7,20 @@
 const { CacheModel } = require('../models/cacheModel');
 
 const AUTH_SESSION_PREFIX = 'auth-session';
-const SESSION_EXPIRY_MINUTES = 5;
+const PENDING_SESSION_EXPIRY_MINUTES = 5;
+const SETTLED_SESSION_EXPIRY_MINUTES = 15;
+
+function getSessionRecordId(sessionId) {
+    return `${AUTH_SESSION_PREFIX}-${sessionId}`;
+}
+
+function getExpiry(minutes) {
+    return new Date(Date.now() + minutes * 60 * 1000);
+}
+
+function isExpired(record) {
+    return Boolean(record?.expiry && record.expiry <= new Date());
+}
 
 /**
  * Create (or reset) an auth session.
@@ -16,9 +29,13 @@ const SESSION_EXPIRY_MINUTES = 5;
  * correctly for the new attempt.
  */
 async function createAuthSession(sessionId, data) {
-    const id = `${AUTH_SESSION_PREFIX}-${sessionId}`;
-    const expiry = new Date(Date.now() + SESSION_EXPIRY_MINUTES * 60 * 1000);
-    const sessionData = { ...data, createdAt: new Date().toISOString() };
+    const id = getSessionRecordId(sessionId);
+    const expiry = getExpiry(PENDING_SESSION_EXPIRY_MINUTES);
+    const sessionData = {
+        platform: data.platform,
+        hostname: data.hostname || '',
+        createdAt: new Date().toISOString(),
+    };
 
     const existing = await CacheModel.findByPk(id);
     if (existing) {
@@ -39,10 +56,21 @@ async function createAuthSession(sessionId, data) {
  * Get an auth session by ID
  */
 async function getAuthSession(sessionId) {
-    const record = await CacheModel.findByPk(`${AUTH_SESSION_PREFIX}-${sessionId}`);
-    
+    const record = await CacheModel.findByPk(getSessionRecordId(sessionId));
+
     if (!record) return null;
-    
+
+    if (isExpired(record)) {
+        if (record.status !== 'expired') {
+            await record.update({ status: 'expired' });
+        }
+        return {
+            sessionId: record.userId,
+            status: 'expired',
+            ...record.data
+        };
+    }
+
     return {
         sessionId: record.userId,
         status: record.status,
@@ -54,18 +82,22 @@ async function getAuthSession(sessionId) {
  * Update an auth session
  */
 async function updateAuthSession(sessionId, data) {
-    const record = await CacheModel.findByPk(`${AUTH_SESSION_PREFIX}-${sessionId}`);
-    
+    const record = await CacheModel.findByPk(getSessionRecordId(sessionId));
+
     if (!record) return;
-    
+
     const existingData = record.data || {};
+    const nextStatus = data.status || record.status;
     await record.update({
-        status: data.status || record.status,
+        status: nextStatus,
         data: {
             ...existingData,
             ...data,
             updatedAt: new Date().toISOString()
-        }
+        },
+        expiry: nextStatus === 'pending'
+            ? getExpiry(PENDING_SESSION_EXPIRY_MINUTES)
+            : getExpiry(SETTLED_SESSION_EXPIRY_MINUTES)
     });
 }
 

package/mcp/mcpHandler.js

@@ -7,6 +7,7 @@
  */
 
 const axios = require('axios');
+const { Op } = require('sequelize');
 const tools = require('./tools');
 const { LlmSessionModel } = require('../models/llmSessionModel');
 const { CacheModel } = require('../models/cacheModel');
@@ -23,6 +24,8 @@ const path = require('path');
  */
 const WIDGET_VERSION = 10;
 const WIDGET_URI = `ui://widget/ConnectorList-v${WIDGET_VERSION}.html`;
+const RC_EXTENSION_CACHE_KEY = 'rcExtensionId';
+const RC_EXTENSION_CACHE_STATUS = 'resolved';
 
 const JSON_RPC_INTERNAL_ERROR = -32603;
 const JSON_RPC_METHOD_NOT_FOUND = -32601;
@@ -104,7 +107,7 @@ async function resolveSessionContext(rcAccessToken, openaiSessionId) {
 
     if (openaiSessionId) {
         try {
-            const cached = await CacheModel.findByPk(`${openaiSessionId}-rcExtensionId`);
+            const cached = await CacheModel.findByPk(`${openaiSessionId}-${RC_EXTENSION_CACHE_KEY}`);
             if (cached?.data?.rcExtensionId && (!cached.expiry || cached.expiry > new Date())) {
                 return { rcExtensionId: cached.data.rcExtensionId };
             }
@@ -118,11 +121,11 @@ async function resolveSessionContext(rcAccessToken, openaiSessionId) {
         rcExtensionId = await resolveRcExtensionId(rcAccessToken);
         if (openaiSessionId && rcExtensionId) {
             await CacheModel.upsert({
-                id: `${openaiSessionId}-rcExtensionId`,
+                id: `${openaiSessionId}-${RC_EXTENSION_CACHE_KEY}`,
                 userId: openaiSessionId,
-                cacheKey: 'rcExtensionId',
+                cacheKey: RC_EXTENSION_CACHE_KEY,
                 data: { rcExtensionId },
-                status: 'active',
+                status: RC_EXTENSION_CACHE_STATUS,
                 expiry: new Date(Date.now() + 24 * 60 * 60 * 1000), // 24h TTL
             });
         }
@@ -203,15 +206,34 @@ async function handleMcpRequest(req, res) {
                     toolArgs.rcExtensionId = rcExtensionId;
                     if (!toolArgs.jwtToken) {
                         let llmSession = await LlmSessionModel.findByPk(rcExtensionId);
+                        if (llmSession?.expiry && llmSession.expiry < new Date()) {
+                            await LlmSessionModel.destroy({ where: { id: rcExtensionId } });
+                            llmSession = null;
+                        }
                         if (!llmSession?.jwtToken && openaiSessionId) {
                             const fallback = await LlmSessionModel.findByPk(openaiSessionId);
                             if (fallback?.jwtToken) {
-                                await LlmSessionModel.upsert({ id: rcExtensionId, jwtToken: fallback.jwtToken });
-                                llmSession = fallback;
+                                const { id: fallbackUserId } = jwt.decodeJwt(fallback.jwtToken);
+                                const fallbackUser = fallbackUserId
+                                    ? await UserModel.findByPk(fallbackUserId)
+                                    : null;
+                                if (fallbackUser?.accessToken) {
+                                    await LlmSessionModel.upsert({ id: rcExtensionId, jwtToken: fallback.jwtToken, expiry: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000) });
+                                    llmSession = fallback;
+                                }
                             }
-                            else {
+                            if (!llmSession?.jwtToken) {
                                 const hashedRcExtensionId = getHashValue(rcExtensionId, process.env.HASH_KEY);
-                                const user = await UserModel.findOne({ where: { hashedRcExtensionId } });
+                                const user = await UserModel.findOne({
+                                    where: {
+                                        hashedRcExtensionId,
+                                        [Op.and]: [
+                                            { accessToken: { [Op.not]: null } },
+                                            { accessToken: { [Op.ne]: '' } },
+                                        ],
+                                    },
+                                    order: [['updatedAt', 'DESC']],
+                                });
                                 if (user?.accessToken) {
                                     await LlmSessionModel.upsert({
                                         id: rcExtensionId,
@@ -219,6 +241,7 @@ async function handleMcpRequest(req, res) {
                                             id: user.id.toString(),
                                             platform: user.platform
                                         }),
+                                        expiry: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000)
                                     });
                                     llmSession = await LlmSessionModel.findByPk(rcExtensionId);
                                 }

package/mcp/tools/checkAuthStatus.js

@@ -3,7 +3,7 @@ const { LlmSessionModel } = require('../../models/llmSessionModel');
 
 /**
  * MCP Tool: Check Auth Status
- * 
+ *
  * Polls the status of an ongoing OAuth authentication session
  */
 
@@ -37,7 +37,7 @@ const toolDefinition = {
 async function execute(args) {
     try {
         // rcExtensionId is injected by mcpHandler after verifying the RC access
-        // token.  Using it as the DB key binds the CRM credential to a verified
+        // token. Using it as the DB key binds the CRM credential to a verified
         // RC identity.
         const { sessionId, rcExtensionId } = args;
         if (!rcExtensionId) {
@@ -53,16 +53,12 @@ async function execute(args) {
         }
 
         switch (session.status) {
-            case 'completed': {
-                // Guard against duplicate DB writes if polled concurrently
-                try {
-                    await LlmSessionModel.create({
-                        id: rcExtensionId,
-                        jwtToken: session.jwtToken
-                    });
-                } catch {
-                    // Record already exists from a prior poll — safe to ignore
-                }
+            case 'completed':
+                await LlmSessionModel.upsert({
+                    id: rcExtensionId,
+                    jwtToken: session.jwtToken,
+                    expiry: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000)
+                });
                 return {
                     data: {
                         status: 'completed',
@@ -71,7 +67,14 @@ async function execute(args) {
                         message: 'IMPORTANT: Authentication successful! Keep jwtToken in memory for future use. DO NOT directly show it to user.'
                     }
                 };
-            }
+
+            case 'expired':
+                return {
+                    data: {
+                        status: 'expired',
+                        errorMessage: 'Authentication session expired. Ask the user to start the auth flow again.'
+                    }
+                };
 
             case 'failed':
                 return {
@@ -100,4 +103,3 @@ async function execute(args) {
 
 exports.definition = toolDefinition;
 exports.execute = execute;
-

package/mcp/tools/getPublicConnectors.js

@@ -1,4 +1,5 @@
 const axios = require('axios');
+const { Op } = require('sequelize');
 const { UserModel } = require('../../models/userModel');
 const { getHashValue } = require('../../lib/util');
 
@@ -56,7 +57,16 @@ async function execute({ rcAccessToken, openaiSessionId } = {}) {
 
     // Check if user session already exists from Chrome extension
     const hashedRcExtensionId = getHashValue(rcExtensionId, process.env.HASH_KEY);
-    const user = await UserModel.findOne({ where: { hashedRcExtensionId } });
+    const user = await UserModel.findOne({
+        where: {
+            hashedRcExtensionId,
+            [Op.and]: [
+                { accessToken: { [Op.not]: null } },
+                { accessToken: { [Op.ne]: '' } },
+            ],
+        },
+        order: [['updatedAt', 'DESC']],
+    });
     // Case: user exists, return user info in plain message
     if (user?.accessToken) {
         return {

package/mcp/tools/getSessionInfo.js

@@ -0,0 +1,90 @@
+const jwt = require('../../lib/jwt');
+const { UserModel } = require('../../models/userModel');
+const { RingCentral } = require('../../lib/ringcentral');
+
+/**
+ * MCP Tool: Get Session Info
+ *
+ * Returns non-sensitive information about the current MCP/CRM session.
+ */
+
+const toolDefinition = {
+    name: 'getSessionInfo',
+    description: 'Get the current user session info, including RingCentral identity and CRM connection status.',
+    inputSchema: {
+        type: 'object',
+        properties: {},
+        required: []
+    },
+    annotations: {
+        readOnlyHint: true,
+        openWorldHint: false,
+        destructiveHint: false
+    }
+};
+
+/**
+ * Execute the getSessionInfo tool
+ * @param {Object} args - Tool arguments injected by mcpHandler
+ * @param {string} [args.openaiSessionId] - OpenAI session identifier
+ * @param {string} [args.rcExtensionId] - Verified RingCentral extension identifier
+ * @param {string} [args.jwtToken] - CRM JWT token
+ * @param {string} [args.rcAccessToken] - RingCentral access token
+ * @returns {Object} Result object with session information
+ */
+async function execute(args = {}) {
+    try {
+        const {
+            openaiSessionId = null,
+            rcExtensionId = null,
+            jwtToken,
+            rcAccessToken,
+        } = args;
+
+        const decodedToken = jwtToken ? jwt.decodeJwt(jwtToken) : null;
+        const userId = decodedToken?.id ?? null;
+        const user = userId ? await UserModel.findByPk(userId) : null;
+
+        let rcExtensionInfo = null;
+        if (rcExtensionId && rcAccessToken) {
+            const rcSDK = new RingCentral({
+                server: process.env.RINGCENTRAL_SERVER,
+                clientId: process.env.RINGCENTRAL_CLIENT_ID,
+                clientSecret: process.env.RINGCENTRAL_CLIENT_SECRET,
+                redirectUri: `${process.env.APP_SERVER}/ringcentral/oauth/callback`
+            });
+            rcExtensionInfo = await rcSDK.getExtensionInfo(rcExtensionId, {
+                access_token: rcAccessToken,
+                token_type: 'Bearer'
+            });
+        }
+        return {
+            success: true,
+            data: {
+                openaiSessionId,
+                dataToShow: {
+                    isCrmAuthenticated: Boolean(decodedToken && user?.accessToken),
+                    ringcentral: {
+                        extensionId: rcExtensionId ?? null,
+                        name: rcExtensionInfo?.name ?? null,
+                    },
+                    crm: {
+                        userId,
+                        platform: decodedToken?.platform ?? user?.platform ?? null,
+                        hostname: user?.hostname ?? null
+                    }
+                }
+            }
+        };
+    }
+    catch (error) {
+        return {
+            success: false,
+            error: error.message || 'Unknown error occurred',
+            errorDetails: error.stack
+        };
+    }
+}
+
+exports.definition = toolDefinition;
+exports.execute = execute;

package/mcp/tools/index.js

@@ -8,6 +8,7 @@
 
 const getHelp = require('./getHelp');
 const getPublicConnectors = require('./getPublicConnectors');
+const getSessionInfo = require('./getSessionInfo');
 const doAuth = require('./doAuth');
 const checkAuthStatus = require('./checkAuthStatus');
 const logout = require('./logout');
@@ -15,13 +16,14 @@ const findContact = require('./findContactByPhone');
 const findContactWithName = require('./findContactByName');
 const createCallLog = require('./createCallLog');
 const rcGetCallLogs = require('./rcGetCallLogs');
-const getGoogleFilePicker = require('./getGoogleFilePicker');
+// const getGoogleFilePicker = require('./getGoogleFilePicker');
 const createContact = require('./createContact');
 
 // AI-visible MCP tools — registered in the MCP server
 module.exports.tools = [
     getHelp,
     getPublicConnectors,
+    getSessionInfo,
     logout,
     findContact,
     findContactWithName,

package/mcp/tools/logout.js

@@ -1,8 +1,11 @@
 const jwt = require('../../lib/jwt');
 const { UserModel } = require('../../models/userModel');
 const { LlmSessionModel } = require('../../models/llmSessionModel');
+const { CacheModel } = require('../../models/cacheModel');
 const connectorRegistry = require('../../connector/registry');
 
+const RC_EXTENSION_CACHE_KEY = 'rcExtensionId';
+
 /**
  * MCP Tool: Logout
  * 
@@ -38,7 +41,7 @@ function isMissingSessionTableError(error) {
  */
 async function execute(args) {
     try {
-        const { jwtToken } = args;
+        const { jwtToken, rcExtensionId, openaiSessionId } = args;
         const session = jwt.decodeJwt(jwtToken);
         if (!session?.platform || !session?.id) {
             throw new Error('Invalid JWT token');
@@ -46,6 +49,12 @@ async function execute(args) {
         const { platform, id } = session;
         try {
             await LlmSessionModel.destroy({ where: { id } });
+            if (rcExtensionId && rcExtensionId !== id) {
+                await LlmSessionModel.destroy({ where: { id: rcExtensionId } });
+            }
+            if (openaiSessionId) {
+                await CacheModel.destroy({ where: { id: `${openaiSessionId}-${RC_EXTENSION_CACHE_KEY}` } });
+            }
         }
         catch (error) {
             if (!isMissingSessionTableError(error)) {

package/models/llmSessionModel.js

@@ -10,5 +10,8 @@ exports.LlmSessionModel = sequelize.define('llmSessions', {
     },
     jwtToken: {
         type: Sequelize.STRING,
+    },
+    expiry: {
+        type: Sequelize.DATE
     }
 });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@app-connect/core",
-  "version": "1.7.23",
+  "version": "1.7.24",
   "description": "RingCentral App Connect Core",
   "main": "index.js",
   "repository": {

package/releaseNotes.json

@@ -1,4 +1,16 @@
 {
+    "1.7.24": {
+        "global": [
+            {
+                "type": "New",
+                "description": "Click-to-dial number matcher selection in User Setting -> General"
+            },  
+            {
+                "type": "Fix",
+                "description": "Error report upload"
+            }
+        ]
+    },
     "1.7.23": {
         "global": [
             {

package/test/mcp/tools/checkAuthStatus.test.js

@@ -0,0 +1,82 @@
+const checkAuthStatus = require('../../../mcp/tools/checkAuthStatus');
+const { getAuthSession } = require('../../../lib/authSession');
+const { LlmSessionModel } = require('../../../models/llmSessionModel');
+
+jest.mock('../../../lib/authSession');
+jest.mock('../../../models/llmSessionModel');
+
+describe('MCP Tool: checkAuthStatus', () => {
+  beforeEach(() => {
+    jest.clearAllMocks();
+    LlmSessionModel.upsert.mockResolvedValue([{}, true]);
+  });
+
+  test('should return pending when auth session is still waiting', async () => {
+    getAuthSession.mockResolvedValue({ status: 'pending' });
+
+    const result = await checkAuthStatus.execute({
+      sessionId: 'session-1',
+      rcExtensionId: 'rc-ext-1'
+    });
+
+    expect(result).toEqual({
+      data: {
+        status: 'pending'
+      }
+    });
+    expect(LlmSessionModel.upsert).not.toHaveBeenCalled();
+  });
+
+  test('should persist completed auth against rcExtensionId', async () => {
+    getAuthSession.mockResolvedValue({
+      status: 'completed',
+      jwtToken: 'jwt-token',
+      userInfo: { id: 'user-1', name: 'Casey' }
+    });
+
+    const result = await checkAuthStatus.execute({
+      sessionId: 'session-1',
+      rcExtensionId: 'rc-ext-1'
+    });
+
+    expect(LlmSessionModel.upsert).toHaveBeenCalledWith({
+      id: 'rc-ext-1',
+      jwtToken: 'jwt-token'
+    });
+    expect(result).toEqual({
+      data: {
+        status: 'completed',
+        jwtToken: 'jwt-token',
+        userInfo: { id: 'user-1', name: 'Casey' },
+        message: expect.stringContaining('IMPORTANT')
+      }
+    });
+  });
+
+  test('should return expired when the auth session TTL has elapsed', async () => {
+    getAuthSession.mockResolvedValue({ status: 'expired' });
+
+    const result = await checkAuthStatus.execute({
+      sessionId: 'session-1',
+      rcExtensionId: 'rc-ext-1'
+    });
+
+    expect(result).toEqual({
+      data: {
+        status: 'expired',
+        errorMessage: 'Authentication session expired. Ask the user to start the auth flow again.'
+      }
+    });
+  });
+
+  test('should return an error when rcExtensionId is missing', async () => {
+    const result = await checkAuthStatus.execute({
+      sessionId: 'session-1'
+    });
+
+    expect(result).toEqual({
+      success: false,
+      error: 'CRM auth status check error: rcExtensionId is required'
+    });
+  });
+});

package/test/mcp/tools/getSessionInfo.test.js

@@ -0,0 +1,127 @@
+const getSessionInfo = require('../../../mcp/tools/getSessionInfo');
+const jwt = require('../../../lib/jwt');
+const { UserModel } = require('../../../models/userModel');
+const { RingCentral } = require('../../../lib/ringcentral');
+
+jest.mock('../../../lib/jwt');
+jest.mock('../../../models/userModel');
+jest.mock('../../../lib/ringcentral');
+
+describe('MCP Tool: getSessionInfo', () => {
+  beforeEach(() => {
+    jest.clearAllMocks();
+    RingCentral.mockImplementation(() => ({
+      getExtensionInfo: jest.fn().mockResolvedValue({ name: 'Demo Extension' })
+    }));
+  });
+
+  describe('tool definition', () => {
+    test('should have correct tool definition', () => {
+      expect(getSessionInfo.definition).toBeDefined();
+      expect(getSessionInfo.definition.name).toBe('getSessionInfo');
+      expect(getSessionInfo.definition.description).toContain('session info');
+      expect(getSessionInfo.definition.inputSchema).toBeDefined();
+      expect(getSessionInfo.definition.inputSchema.properties).toEqual({});
+    });
+  });
+
+  describe('execute', () => {
+    test('should return unauthenticated session info when no CRM jwtToken exists', async () => {
+      const result = await getSessionInfo.execute({
+        openaiSessionId: 'session-123',
+        rcExtensionId: 'ext-456',
+        rcAccessToken: 'rc-token'
+      });
+
+      expect(result).toEqual({
+        success: true,
+        data: {
+          openaiSessionId: 'session-123',
+          dataToShow: {
+            isCrmAuthenticated: false,
+            ringcentral: {
+              extensionId: 'ext-456',
+              name: 'Demo Extension',
+            },
+            crm: {
+              userId: null,
+              platform: null,
+              hostname: null
+            }
+          }
+        }
+      });
+      expect(jwt.decodeJwt).not.toHaveBeenCalled();
+      expect(UserModel.findByPk).not.toHaveBeenCalled();
+    });
+
+    test('should return connected CRM session info when jwtToken resolves to a saved user', async () => {
+      jwt.decodeJwt.mockReturnValue({
+        id: 'crm-user-1',
+        platform: 'clio'
+      });
+      UserModel.findByPk.mockResolvedValue({
+        id: 'crm-user-1',
+        platform: 'clio',
+        hostname: 'app.clio.com',
+        accessToken: 'crm-access-token',
+      });
+
+      const result = await getSessionInfo.execute({
+        openaiSessionId: 'session-123',
+        rcExtensionId: 'ext-456',
+        rcAccessToken: 'rc-token',
+        jwtToken: 'jwt-token'
+      });
+
+      expect(jwt.decodeJwt).toHaveBeenCalledWith('jwt-token');
+      expect(UserModel.findByPk).toHaveBeenCalledWith('crm-user-1');
+      expect(result).toEqual({
+        success: true,
+        data: {
+          openaiSessionId: 'session-123',
+          dataToShow: {
+            isCrmAuthenticated: true,
+            ringcentral: {
+              extensionId: 'ext-456',
+              name: 'Demo Extension',
+            },
+            crm: {
+              userId: 'crm-user-1',
+              platform: 'clio',
+              hostname: 'app.clio.com'
+            }
+          }
+        }
+      });
+    });
+
+    test('should report not authenticated when jwtToken is invalid', async () => {
+      jwt.decodeJwt.mockReturnValue(null);
+
+      const result = await getSessionInfo.execute({
+        jwtToken: 'bad-token'
+      });
+
+      expect(result).toEqual({
+        success: true,
+        data: {
+          openaiSessionId: null,
+          dataToShow: {
+            isCrmAuthenticated: false,
+            ringcentral: {
+              extensionId: null,
+              name: null,
+            },
+            crm: {
+              userId: null,
+              platform: null,
+              hostname: null
+            }
+          }
+        }
+      });
+      expect(UserModel.findByPk).not.toHaveBeenCalled();
+    });
+  });
+});

package/test/mcp/tools/logout.test.js

@@ -1,16 +1,22 @@
 const logout = require('../../../mcp/tools/logout');
 const jwt = require('../../../lib/jwt');
 const { UserModel } = require('../../../models/userModel');
+const { LlmSessionModel } = require('../../../models/llmSessionModel');
+const { CacheModel } = require('../../../models/cacheModel');
 const connectorRegistry = require('../../../connector/registry');
 
 // Mock dependencies
 jest.mock('../../../lib/jwt');
 jest.mock('../../../models/userModel');
+jest.mock('../../../models/llmSessionModel');
+jest.mock('../../../models/cacheModel');
 jest.mock('../../../connector/registry');
 
 describe('MCP Tool: logout', () => {
   beforeEach(() => {
     jest.clearAllMocks();
+    LlmSessionModel.destroy.mockResolvedValue(1);
+    CacheModel.destroy.mockResolvedValue(1);
   });
 
   describe('tool definition', () => {
@@ -65,6 +71,7 @@ describe('MCP Tool: logout', () => {
         }
       });
       expect(jwt.decodeJwt).toHaveBeenCalledWith('mock-jwt-token');
+      expect(LlmSessionModel.destroy).toHaveBeenCalledWith({ where: { id: 'test-user-id' } });
       expect(UserModel.findByPk).toHaveBeenCalledWith('test-user-id');
       expect(connectorRegistry.getConnector).toHaveBeenCalledWith('testCRM');
       expect(mockConnector.unAuthorize).toHaveBeenCalledWith({
@@ -170,6 +177,57 @@ describe('MCP Tool: logout', () => {
       expect(consoleSpy).toHaveBeenCalled();
       consoleSpy.mockRestore();
     });
+
+    test('should clear both CRM user and RC extension session rows when rcExtensionId is provided', async () => {
+      const mockUser = {
+        id: 'test-user-id',
+        platform: 'testCRM'
+      };
+
+      jwt.decodeJwt.mockReturnValue({
+        id: 'test-user-id',
+        platform: 'testCRM'
+      });
+      UserModel.findByPk.mockResolvedValue(mockUser);
+      connectorRegistry.getConnector.mockReturnValue({
+        unAuthorize: jest.fn().mockResolvedValue({})
+      });
+
+      const result = await logout.execute({
+        jwtToken: 'mock-jwt-token',
+        rcExtensionId: 'rc-ext-123'
+      });
+
+      expect(result.success).toBe(true);
+      expect(LlmSessionModel.destroy).toHaveBeenNthCalledWith(1, { where: { id: 'test-user-id' } });
+      expect(LlmSessionModel.destroy).toHaveBeenNthCalledWith(2, { where: { id: 'rc-ext-123' } });
+    });
+
+    test('should clear the resolved rcExtension cache for the current OpenAI session on logout', async () => {
+      const mockUser = {
+        id: 'test-user-id',
+        platform: 'testCRM'
+      };
+
+      jwt.decodeJwt.mockReturnValue({
+        id: 'test-user-id',
+        platform: 'testCRM'
+      });
+      UserModel.findByPk.mockResolvedValue(mockUser);
+      connectorRegistry.getConnector.mockReturnValue({
+        unAuthorize: jest.fn().mockResolvedValue({})
+      });
+
+      const result = await logout.execute({
+        jwtToken: 'mock-jwt-token',
+        openaiSessionId: 'oa-session-123'
+      });
+
+      expect(result.success).toBe(true);
+      expect(CacheModel.destroy).toHaveBeenCalledWith({
+        where: { id: 'oa-session-123-rcExtensionId' }
+      });
+    });
   });
 });