npm - @joshluedeman/m365-mcp - Versions diffs - 0.1.0 - Mend

@joshluedeman/m365-mcp 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/LICENSE +21 -0
package/README.md +196 -0
package/dist/chunk-JEMHJMEL.js +207 -0
package/dist/chunk-JEMHJMEL.js.map +1 -0
package/dist/index.cjs +1183 -0
package/dist/index.cjs.map +1 -0
package/dist/index.js +796 -0
package/dist/index.js.map +1 -0
package/dist/setup-K6EYBEFH.js +72 -0
package/dist/setup-K6EYBEFH.js.map +1 -0
package/package.json +66 -0

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 Josh Luedeman
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,196 @@
+# 📬 m365-mcp
+**Microsoft 365 tools for any MCP-compatible AI client — Mail, Calendar, Tasks, and Contacts via the Microsoft Graph API.**
+[![npm version](https://img.shields.io/npm/v/@joshluedeman/m365-mcp)](https://www.npmjs.com/package/@joshluedeman/m365-mcp)
+[![license](https://img.shields.io/npm/l/@joshluedeman/m365-mcp)](./LICENSE)
+[![CI](https://img.shields.io/github/actions/workflow/status/joshluedeman/m365-mcp/ci.yml?label=CI)](https://github.com/joshluedeman/m365-mcp/actions)
+[![node](https://img.shields.io/node/v/@joshluedeman/m365-mcp)](https://www.npmjs.com/package/@joshluedeman/m365-mcp)
+`m365-mcp` is a [Model Context Protocol](https://modelcontextprotocol.io) server that connects your Microsoft 365 account to any MCP-compatible AI client. It exposes 22 tools across Mail, Calendar, Tasks (Microsoft To Do), and Contacts — all authenticated via a single device code sign-in with no Azure portal setup required. It runs over stdio and works with Claude Desktop, Claude Code, Cursor, Zed, Windsurf, and any other MCP-compatible client.
+---
+## ✨ Features
+- 📧 **Mail** — search, read, send, flag, and organize email across folders
+- 📅 **Calendar** — search events, create/update meetings, find free/busy availability
+- ✅ **Tasks** — full Microsoft To Do integration: task lists, tasks, create/complete/delete
+- 👤 **Contacts** — search, read, create, and update personal contacts
+- 🔐 **Zero Azure setup** — ships with a pre-registered multi-tenant app; no portal configuration required
+- 📦 **npx distribution** — run with `npx @joshluedeman/m365-mcp`, no global install needed
+- 🖥 **Any MCP client** — Claude Desktop, Claude Code, Cursor, Zed, Windsurf, and more
+---
+## 🏗 How it works
+```mermaid
+graph LR
+    User["User"] --> Client["MCP Client"]
+    Client -->|"MCP stdio"| Server["m365-mcp"]
+    Server -->|"HTTPS"| Graph["Microsoft Graph API"]
+    Graph --> Mail["Mail"]
+    Graph --> Calendar["Calendar"]
+    Graph --> Tasks["Tasks"]
+    Graph --> Contacts["Contacts"]
+```
+---
+## 🚀 Quick Start
+**1. (Optional) Install globally**
+```bash
+npm install -g @joshluedeman/m365-mcp
+```
+Or skip this and use `npx` directly — it works either way.
+**2. Run setup**
+```bash
+npx @joshluedeman/m365-mcp setup
+```
+This opens a browser for device code sign-in. Sign in with your Microsoft 365 account and the token is cached to `~/.config/m365-mcp/token-cache.json`. You will not be prompted again unless the refresh token expires (~90 days).
+**3. Add to your MCP client**
+Most MCP clients accept a JSON server definition in this form:
+```json
+{
+  "mcpServers": {
+    "m365": {
+      "command": "npx",
+      "args": ["m365-mcp"]
+    }
+  }
+}
+```
+**Claude Desktop** — edit `~/Library/Application Support/Claude/claude_desktop_config.json` (macOS) or `%APPDATA%\Claude\claude_desktop_config.json` (Windows).
+**Claude Code** — add via CLI:
+```bash
+claude mcp add m365 -- npx @joshluedeman/m365-mcp
+```
+**Cursor** — add to `.cursor/mcp.json` in your project or `~/.cursor/mcp.json` globally.
+**Zed** — add to your Zed settings under `"context_servers"`.
+**Other clients** — consult your client's MCP server configuration docs; the command is `npx @joshluedeman/m365-mcp`.
+---
+## 🔐 Authentication
+Authentication uses the [MSAL device code flow](https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-device-code). No Azure CLI, no service principal, no secrets to manage.
+```mermaid
+sequenceDiagram
+    participant U as User
+    participant S as m365-mcp setup
+    participant A as Azure AD
+    U->>S: npx @joshluedeman/m365-mcp setup
+    S->>A: Request device code
+    A-->>S: Device code + verification URL
+    S-->>U: Display URL and code
+    U->>A: Open browser, enter code, sign in
+    A-->>S: Access token + refresh token
+    S->>S: Cache tokens to ~/.config/m365-mcp/token-cache.json
+    S-->>U: Done — setup complete
+```
+On subsequent runs the server loads the cached token silently. The refresh token is valid for approximately 90 days; re-run `npx @joshluedeman/m365-mcp setup` if it expires.
+---
+## 🛠 Available Tools
+### Mail
+| Tool | Description |
+|------|-------------|
+| `search_emails` | Search emails by keyword, sender, date range, or folder |
+| `read_email` | Read the full content of an email by ID |
+| `send_email` | Send a new email |
+| `flag_email` | Flag or unflag an email for follow-up |
+| `list_mail_folders` | List all mail folders in the mailbox |
+| `move_email` | Move an email to a different folder |
+### Calendar
+| Tool | Description |
+|------|-------------|
+| `search_events` | Search calendar events by keyword or time range |
+| `get_event` | Get full details of a calendar event by ID |
+| `create_event` | Create a new calendar event |
+| `update_event` | Update an existing calendar event |
+| `find_availability` | Find free/busy availability across attendees |
+### Tasks (Microsoft To Do)
+| Tool | Description |
+|------|-------------|
+| `list_task_lists` | List all task lists |
+| `list_tasks` | List tasks in a task list |
+| `get_task` | Get details of a specific task |
+| `create_task` | Create a new task in a task list |
+| `update_task` | Update an existing task |
+| `complete_task` | Mark a task as completed |
+| `delete_task` | Delete a task |
+### Contacts
+| Tool | Description |
+|------|-------------|
+| `search_contacts` | Search personal contacts by name or email |
+| `get_contact` | Get full details of a contact by ID |
+| `create_contact` | Create a new personal contact |
+| `update_contact` | Update an existing contact |
+---
+## ⚙️ Enterprise / Advanced Configuration
+### Environment variables
+| Variable | Description |
+|----------|-------------|
+| `M365_MCP_CLIENT_ID` | Override the built-in app registration with your own Azure AD client ID |
+| `M365_MCP_TENANT_ID` | Restrict authentication to a specific tenant (defaults to `common`) |
+### Config file override
+Create `~/.config/m365-mcp/config.json` to set options persistently:
+```json
+{
+  "clientId": "your-azure-ad-app-client-id",
+  "tenantId": "your-tenant-id"
+}
+```
+Environment variables take precedence over the config file.
+### Enterprise consent
+The built-in app registration is multi-tenant and supports personal Microsoft accounts. First-time sign-in for work/school accounts will show an **"unverified publisher"** consent screen — this is expected for community-distributed apps. An Azure AD admin can pre-consent on behalf of the organization to suppress this prompt for all users. If your organization requires a verified app registration, use the `M365_MCP_CLIENT_ID` override with your own registered application.
+---
+## 🤝 Contributing
+Contributions are welcome. See [CONTRIBUTING.md](./CONTRIBUTING.md) for development setup, branching conventions, and the pull request process.
+---
+## 📄 License
+MIT — see [LICENSE](./LICENSE).

package/dist/chunk-JEMHJMEL.js ADDED Viewed

@@ -0,0 +1,207 @@
+// src/auth/msal-client.ts
+import fs2 from "fs";
+import path2 from "path";
+import os2 from "os";
+import { PublicClientApplication } from "@azure/msal-node";
+// src/auth/token-cache.ts
+import fs from "fs";
+import path from "path";
+import os from "os";
+var CACHE_DIR = path.join(os.homedir(), ".config", "m365-mcp");
+var CACHE_PATH = path.join(CACHE_DIR, "token-cache.json");
+function ensureCacheDir() {
+  if (!fs.existsSync(CACHE_DIR)) {
+    fs.mkdirSync(CACHE_DIR, { recursive: true });
+  }
+}
+var tokenCachePlugin = {
+  async beforeCacheAccess(tokenCacheContext) {
+    try {
+      if (fs.existsSync(CACHE_PATH)) {
+        const data = fs.readFileSync(CACHE_PATH, "utf-8");
+        tokenCacheContext.tokenCache.deserialize(data);
+      }
+    } catch (err) {
+      process.stderr.write(`[m365-mcp] token cache read error (starting fresh): ${String(err)}
+`);
+    }
+  },
+  async afterCacheAccess(tokenCacheContext) {
+    if (!tokenCacheContext.cacheHasChanged) {
+      return;
+    }
+    try {
+      ensureCacheDir();
+      const data = tokenCacheContext.tokenCache.serialize();
+      fs.writeFileSync(CACHE_PATH, data, { encoding: "utf-8", mode: 384 });
+      fs.chmodSync(CACHE_PATH, 384);
+    } catch (err) {
+      process.stderr.write(`[m365-mcp] token cache write error: ${String(err)}
+`);
+    }
+  }
+};
+// src/auth/app-config.ts
+var DEFAULT_CLIENT_ID = "dc9f42bd-30a5-4c43-a498-305ef0c3ad87";
+// src/auth/msal-client.ts
+var USER_CONFIG_PATH = path2.join(os2.homedir(), ".config", "m365-mcp", "config.json");
+var LOCAL_CONFIG_PATH = path2.join(process.cwd(), ".m365-mcp.json");
+function readConfigFile(filePath) {
+  try {
+    if (fs2.existsSync(filePath)) {
+      const raw = fs2.readFileSync(filePath, "utf-8");
+      return JSON.parse(raw);
+    }
+  } catch {
+  }
+  return null;
+}
+function loadClientId() {
+  const envClientId = process.env["M365_MCP_CLIENT_ID"];
+  if (envClientId) {
+    return envClientId;
+  }
+  const userConfig = readConfigFile(USER_CONFIG_PATH);
+  if (userConfig?.clientId) {
+    return userConfig.clientId;
+  }
+  const localConfig = readConfigFile(LOCAL_CONFIG_PATH);
+  if (localConfig?.clientId) {
+    return localConfig.clientId;
+  }
+  if (DEFAULT_CLIENT_ID) {
+    return DEFAULT_CLIENT_ID;
+  }
+  throw new Error('No client ID configured. Run "npx m365-mcp setup" to get started.');
+}
+function loadTenantId() {
+  const envTenantId = process.env["M365_MCP_TENANT_ID"];
+  if (envTenantId) {
+    return envTenantId;
+  }
+  const userConfig = readConfigFile(USER_CONFIG_PATH);
+  if (userConfig?.tenantId) {
+    return userConfig.tenantId;
+  }
+  const localConfig = readConfigFile(LOCAL_CONFIG_PATH);
+  if (localConfig?.tenantId) {
+    return localConfig.tenantId;
+  }
+  return "common";
+}
+var _msalClient;
+function getMsalClient() {
+  if (_msalClient) {
+    return _msalClient;
+  }
+  const clientId = loadClientId();
+  const tenantId = loadTenantId();
+  const msalConfig = {
+    auth: {
+      clientId,
+      authority: `https://login.microsoftonline.com/${tenantId}`
+    },
+    cache: {
+      cachePlugin: tokenCachePlugin
+    },
+    system: {
+      loggerOptions: {
+        loggerCallback: (_level, message, containsPii) => {
+          if (!containsPii) {
+            process.stderr.write(`[msal] ${message}
+`);
+          }
+        },
+        piiLoggingEnabled: false
+      }
+    }
+  };
+  _msalClient = new PublicClientApplication(msalConfig);
+  return _msalClient;
+}
+// src/auth/scopes.ts
+var GRAPH_SCOPES = [
+  "Mail.ReadWrite",
+  "Mail.Send",
+  "Calendars.ReadWrite",
+  "Tasks.ReadWrite",
+  "Contacts.ReadWrite",
+  "offline_access",
+  "User.Read"
+];
+// src/auth/device-code-flow.ts
+async function trySilentAcquire() {
+  const client = getMsalClient();
+  const accounts = await client.getAllAccounts();
+  if (accounts.length === 0) {
+    return null;
+  }
+  for (const account of accounts) {
+    try {
+      const result = await client.acquireTokenSilent({
+        account,
+        scopes: GRAPH_SCOPES
+      });
+      if (result?.accessToken) {
+        return result.accessToken;
+      }
+    } catch {
+    }
+  }
+  return null;
+}
+async function acquireToken() {
+  const silentToken = await trySilentAcquire();
+  if (silentToken) {
+    return silentToken;
+  }
+  const client = getMsalClient();
+  const deviceCodeRequest = {
+    scopes: GRAPH_SCOPES,
+    deviceCodeCallback: (response) => {
+      process.stderr.write("\n[m365-mcp] Authentication required\n");
+      process.stderr.write(`[m365-mcp] ${response.message}
+`);
+    }
+  };
+  const result = await client.acquireTokenByDeviceCode(deviceCodeRequest);
+  if (!result?.accessToken) {
+    throw new Error("Device code authentication did not return an access token.");
+  }
+  return result.accessToken;
+}
+async function runAuthCommand() {
+  process.stderr.write("[m365-mcp] Starting authentication...\n");
+  try {
+    const token = await acquireToken();
+    if (!token) {
+      process.stderr.write("[m365-mcp] Authentication failed \u2014 no token returned.\n");
+      process.exit(1);
+    }
+    const client = getMsalClient();
+    const accounts = await client.getAllAccounts();
+    const account = accounts[0];
+    if (account) {
+      process.stderr.write(`[m365-mcp] Authenticated as: ${account.username}
+`);
+    } else {
+      process.stderr.write("[m365-mcp] Authentication successful.\n");
+    }
+  } catch (err) {
+    process.stderr.write(`[m365-mcp] Authentication error: ${String(err)}
+`);
+    process.exit(1);
+  }
+}
+export {
+  acquireToken,
+  runAuthCommand
+};
+//# sourceMappingURL=chunk-JEMHJMEL.js.map

package/dist/chunk-JEMHJMEL.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/auth/msal-client.ts","../src/auth/token-cache.ts","../src/auth/app-config.ts","../src/auth/scopes.ts","../src/auth/device-code-flow.ts"],"sourcesContent":["import fs from 'fs';\nimport path from 'path';\nimport os from 'os';\nimport { PublicClientApplication } from '@azure/msal-node';\nimport type { Configuration } from '@azure/msal-node';\nimport { tokenCachePlugin } from './token-cache.js';\nimport { DEFAULT_CLIENT_ID } from './app-config.js';\n\n// Priority 2: ~/.config/m365-mcp/config.json (written by `setup` command)\nconst USER_CONFIG_PATH = path.join(os.homedir(), '.config', 'm365-mcp', 'config.json');\n// Priority 3: legacy per-directory config\nconst LOCAL_CONFIG_PATH = path.join(process.cwd(), '.m365-mcp.json');\n\ninterface M365Config {\n clientId: string;\n tenantId?: string;\n}\n\nfunction readConfigFile(filePath: string): M365Config | null {\n try {\n if (fs.existsSync(filePath)) {\n const raw = fs.readFileSync(filePath, 'utf-8');\n return JSON.parse(raw) as M365Config;\n }\n } catch {\n // unreadable or malformed — treat as missing\n }\n return null;\n}\n\nfunction loadClientId(): string {\n // 1. Environment variable\n const envClientId = process.env['M365_MCP_CLIENT_ID'];\n if (envClientId) {\n return envClientId;\n }\n\n // 2. ~/.config/m365-mcp/config.json (written by `setup` command)\n const userConfig = readConfigFile(USER_CONFIG_PATH);\n if (userConfig?.clientId) {\n return userConfig.clientId;\n }\n\n // 3. .m365-mcp.json in cwd (legacy fallback)\n const localConfig = readConfigFile(LOCAL_CONFIG_PATH);\n if (localConfig?.clientId) {\n return localConfig.clientId;\n }\n\n // 4. Shared publisher-registered app ID baked into the package\n if (DEFAULT_CLIENT_ID) {\n return DEFAULT_CLIENT_ID;\n }\n\n throw new Error('No client ID configured. Run \"npx m365-mcp setup\" to get started.');\n}\n\nfunction loadTenantId(): string {\n const envTenantId = process.env['M365_MCP_TENANT_ID'];\n if (envTenantId) {\n return envTenantId;\n }\n\n // 2. ~/.config/m365-mcp/config.json\n const userConfig = readConfigFile(USER_CONFIG_PATH);\n if (userConfig?.tenantId) {\n return userConfig.tenantId;\n }\n\n // 3. .m365-mcp.json in cwd (legacy fallback)\n const localConfig = readConfigFile(LOCAL_CONFIG_PATH);\n if (localConfig?.tenantId) {\n return localConfig.tenantId;\n }\n\n // Use common endpoint for multi-tenant / personal accounts\n return 'common';\n}\n\nlet _msalClient: PublicClientApplication | undefined;\n\nexport function getMsalClient(): PublicClientApplication {\n if (_msalClient) {\n return _msalClient;\n }\n\n const clientId = loadClientId();\n const tenantId = loadTenantId();\n\n const msalConfig: Configuration = {\n auth: {\n clientId,\n authority: `https://login.microsoftonline.com/${tenantId}`,\n },\n cache: {\n cachePlugin: tokenCachePlugin,\n },\n system: {\n loggerOptions: {\n loggerCallback: (_level, message, containsPii) => {\n if (!containsPii) {\n process.stderr.write(`[msal] ${message}\\n`);\n }\n },\n piiLoggingEnabled: false,\n },\n },\n };\n\n _msalClient = new PublicClientApplication(msalConfig);\n return _msalClient;\n}\n","import fs from 'fs';\nimport path from 'path';\nimport os from 'os';\nimport type { ICachePlugin, TokenCacheContext } from '@azure/msal-node';\n\nconst CACHE_DIR = path.join(os.homedir(), '.config', 'm365-mcp');\nconst CACHE_PATH = path.join(CACHE_DIR, 'token-cache.json');\n\nfunction ensureCacheDir(): void {\n if (!fs.existsSync(CACHE_DIR)) {\n fs.mkdirSync(CACHE_DIR, { recursive: true });\n }\n}\n\nexport const tokenCachePlugin: ICachePlugin = {\n async beforeCacheAccess(tokenCacheContext: TokenCacheContext): Promise<void> {\n try {\n if (fs.existsSync(CACHE_PATH)) {\n const data = fs.readFileSync(CACHE_PATH, 'utf-8');\n tokenCacheContext.tokenCache.deserialize(data);\n }\n } catch (err) {\n // Cache file unreadable or corrupt — start fresh\n process.stderr.write(`[m365-mcp] token cache read error (starting fresh): ${String(err)}\\n`);\n }\n },\n\n async afterCacheAccess(tokenCacheContext: TokenCacheContext): Promise<void> {\n if (!tokenCacheContext.cacheHasChanged) {\n return;\n }\n try {\n ensureCacheDir();\n const data = tokenCacheContext.tokenCache.serialize();\n fs.writeFileSync(CACHE_PATH, data, { encoding: 'utf-8', mode: 0o600 });\n // Enforce 600 even if file already existed with different permissions\n fs.chmodSync(CACHE_PATH, 0o600);\n } catch (err) {\n process.stderr.write(`[m365-mcp] token cache write error: ${String(err)}\\n`);\n }\n },\n};\n\nexport { CACHE_PATH };\n","// Shared public client app registration for m365-mcp.\n// Registered once by the publisher; all users share this client ID.\n// Override via M365_MCP_CLIENT_ID env var or ~/.config/m365-mcp/config.json for enterprise use.\nexport const DEFAULT_CLIENT_ID = 'dc9f42bd-30a5-4c43-a498-305ef0c3ad87';\n","/**\n * Microsoft Graph API scopes required by this server.\n * offline_access is required for refresh token acquisition.\n */\nexport const GRAPH_SCOPES: string[] = [\n 'Mail.ReadWrite',\n 'Mail.Send',\n 'Calendars.ReadWrite',\n 'Tasks.ReadWrite',\n 'Contacts.ReadWrite',\n 'offline_access',\n 'User.Read',\n];\n","import type { AccountInfo, AuthenticationResult, DeviceCodeRequest } from '@azure/msal-node';\nimport { getMsalClient } from './msal-client.js';\nimport { GRAPH_SCOPES } from './scopes.js';\n\n/**\n * Attempts silent token acquisition using cached accounts.\n * Returns null if no cached accounts exist or silent acquisition fails.\n */\nasync function trySilentAcquire(): Promise<string | null> {\n const client = getMsalClient();\n const accounts = await client.getAllAccounts();\n\n if (accounts.length === 0) {\n return null;\n }\n\n // Try each cached account — use the first one that succeeds\n for (const account of accounts) {\n try {\n const result: AuthenticationResult | null = await client.acquireTokenSilent({\n account,\n scopes: GRAPH_SCOPES,\n });\n if (result?.accessToken) {\n return result.accessToken;\n }\n } catch {\n // Silent acquisition failed for this account — try next or fall through to device code\n }\n }\n\n return null;\n}\n\n/**\n * Acquires an access token. Tries silent auth first; falls back to device code flow.\n * Prints device code instructions to stderr (stdout is reserved for MCP JSON-RPC).\n */\nexport async function acquireToken(): Promise<string> {\n const silentToken = await trySilentAcquire();\n if (silentToken) {\n return silentToken;\n }\n\n const client = getMsalClient();\n\n const deviceCodeRequest: DeviceCodeRequest = {\n scopes: GRAPH_SCOPES,\n deviceCodeCallback: (response) => {\n process.stderr.write('\\n[m365-mcp] Authentication required\\n');\n process.stderr.write(`[m365-mcp] ${response.message}\\n\\n`);\n },\n };\n\n const result: AuthenticationResult | null = await client.acquireTokenByDeviceCode(deviceCodeRequest);\n\n if (!result?.accessToken) {\n throw new Error('Device code authentication did not return an access token.');\n }\n\n return result.accessToken;\n}\n\n/**\n * CLI `auth` subcommand — runs device code flow interactively and reports the signed-in account.\n */\nexport async function runAuthCommand(): Promise<void> {\n process.stderr.write('[m365-mcp] Starting authentication...\\n');\n\n try {\n const token = await acquireToken();\n\n if (!token) {\n process.stderr.write('[m365-mcp] Authentication failed — no token returned.\\n');\n process.exit(1);\n }\n\n // Retrieve account info for confirmation message\n const client = getMsalClient();\n const accounts: AccountInfo[] = await client.getAllAccounts();\n const account = accounts[0];\n\n if (account) {\n process.stderr.write(`[m365-mcp] Authenticated as: ${account.username}\\n`);\n } else {\n process.stderr.write('[m365-mcp] Authentication successful.\\n');\n }\n } catch (err) {\n process.stderr.write(`[m365-mcp] Authentication error: ${String(err)}\\n`);\n process.exit(1);\n }\n}\n"],"mappings":";AAAA,OAAOA,SAAQ;AACf,OAAOC,WAAU;AACjB,OAAOC,SAAQ;AACf,SAAS,+BAA+B;;;ACHxC,OAAO,QAAQ;AACf,OAAO,UAAU;AACjB,OAAO,QAAQ;AAGf,IAAM,YAAY,KAAK,KAAK,GAAG,QAAQ,GAAG,WAAW,UAAU;AAC/D,IAAM,aAAa,KAAK,KAAK,WAAW,kBAAkB;AAE1D,SAAS,iBAAuB;AAC9B,MAAI,CAAC,GAAG,WAAW,SAAS,GAAG;AAC7B,OAAG,UAAU,WAAW,EAAE,WAAW,KAAK,CAAC;AAAA,EAC7C;AACF;AAEO,IAAM,mBAAiC;AAAA,EAC5C,MAAM,kBAAkB,mBAAqD;AAC3E,QAAI;AACF,UAAI,GAAG,WAAW,UAAU,GAAG;AAC7B,cAAM,OAAO,GAAG,aAAa,YAAY,OAAO;AAChD,0BAAkB,WAAW,YAAY,IAAI;AAAA,MAC/C;AAAA,IACF,SAAS,KAAK;AAEZ,cAAQ,OAAO,MAAM,uDAAuD,OAAO,GAAG,CAAC;AAAA,CAAI;AAAA,IAC7F;AAAA,EACF;AAAA,EAEA,MAAM,iBAAiB,mBAAqD;AAC1E,QAAI,CAAC,kBAAkB,iBAAiB;AACtC;AAAA,IACF;AACA,QAAI;AACF,qBAAe;AACf,YAAM,OAAO,kBAAkB,WAAW,UAAU;AACpD,SAAG,cAAc,YAAY,MAAM,EAAE,UAAU,SAAS,MAAM,IAAM,CAAC;AAErE,SAAG,UAAU,YAAY,GAAK;AAAA,IAChC,SAAS,KAAK;AACZ,cAAQ,OAAO,MAAM,uCAAuC,OAAO,GAAG,CAAC;AAAA,CAAI;AAAA,IAC7E;AAAA,EACF;AACF;;;ACtCO,IAAM,oBAAoB;;;AFMjC,IAAM,mBAAmBC,MAAK,KAAKC,IAAG,QAAQ,GAAG,WAAW,YAAY,aAAa;AAErF,IAAM,oBAAoBD,MAAK,KAAK,QAAQ,IAAI,GAAG,gBAAgB;AAOnE,SAAS,eAAe,UAAqC;AAC3D,MAAI;AACF,QAAIE,IAAG,WAAW,QAAQ,GAAG;AAC3B,YAAM,MAAMA,IAAG,aAAa,UAAU,OAAO;AAC7C,aAAO,KAAK,MAAM,GAAG;AAAA,IACvB;AAAA,EACF,QAAQ;AAAA,EAER;AACA,SAAO;AACT;AAEA,SAAS,eAAuB;AAE9B,QAAM,cAAc,QAAQ,IAAI,oBAAoB;AACpD,MAAI,aAAa;AACf,WAAO;AAAA,EACT;AAGA,QAAM,aAAa,eAAe,gBAAgB;AAClD,MAAI,YAAY,UAAU;AACxB,WAAO,WAAW;AAAA,EACpB;AAGA,QAAM,cAAc,eAAe,iBAAiB;AACpD,MAAI,aAAa,UAAU;AACzB,WAAO,YAAY;AAAA,EACrB;AAGA,MAAI,mBAAmB;AACrB,WAAO;AAAA,EACT;AAEA,QAAM,IAAI,MAAM,mEAAmE;AACrF;AAEA,SAAS,eAAuB;AAC9B,QAAM,cAAc,QAAQ,IAAI,oBAAoB;AACpD,MAAI,aAAa;AACf,WAAO;AAAA,EACT;AAGA,QAAM,aAAa,eAAe,gBAAgB;AAClD,MAAI,YAAY,UAAU;AACxB,WAAO,WAAW;AAAA,EACpB;AAGA,QAAM,cAAc,eAAe,iBAAiB;AACpD,MAAI,aAAa,UAAU;AACzB,WAAO,YAAY;AAAA,EACrB;AAGA,SAAO;AACT;AAEA,IAAI;AAEG,SAAS,gBAAyC;AACvD,MAAI,aAAa;AACf,WAAO;AAAA,EACT;AAEA,QAAM,WAAW,aAAa;AAC9B,QAAM,WAAW,aAAa;AAE9B,QAAM,aAA4B;AAAA,IAChC,MAAM;AAAA,MACJ;AAAA,MACA,WAAW,qCAAqC,QAAQ;AAAA,IAC1D;AAAA,IACA,OAAO;AAAA,MACL,aAAa;AAAA,IACf;AAAA,IACA,QAAQ;AAAA,MACN,eAAe;AAAA,QACb,gBAAgB,CAAC,QAAQ,SAAS,gBAAgB;AAChD,cAAI,CAAC,aAAa;AAChB,oBAAQ,OAAO,MAAM,UAAU,OAAO;AAAA,CAAI;AAAA,UAC5C;AAAA,QACF;AAAA,QACA,mBAAmB;AAAA,MACrB;AAAA,IACF;AAAA,EACF;AAEA,gBAAc,IAAI,wBAAwB,UAAU;AACpD,SAAO;AACT;;;AG3GO,IAAM,eAAyB;AAAA,EACpC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;;;ACJA,eAAe,mBAA2C;AACxD,QAAM,SAAS,cAAc;AAC7B,QAAM,WAAW,MAAM,OAAO,eAAe;AAE7C,MAAI,SAAS,WAAW,GAAG;AACzB,WAAO;AAAA,EACT;AAGA,aAAW,WAAW,UAAU;AAC9B,QAAI;AACF,YAAM,SAAsC,MAAM,OAAO,mBAAmB;AAAA,QAC1E;AAAA,QACA,QAAQ;AAAA,MACV,CAAC;AACD,UAAI,QAAQ,aAAa;AACvB,eAAO,OAAO;AAAA,MAChB;AAAA,IACF,QAAQ;AAAA,IAER;AAAA,EACF;AAEA,SAAO;AACT;AAMA,eAAsB,eAAgC;AACpD,QAAM,cAAc,MAAM,iBAAiB;AAC3C,MAAI,aAAa;AACf,WAAO;AAAA,EACT;AAEA,QAAM,SAAS,cAAc;AAE7B,QAAM,oBAAuC;AAAA,IAC3C,QAAQ;AAAA,IACR,oBAAoB,CAAC,aAAa;AAChC,cAAQ,OAAO,MAAM,wCAAwC;AAC7D,cAAQ,OAAO,MAAM,cAAc,SAAS,OAAO;AAAA;AAAA,CAAM;AAAA,IAC3D;AAAA,EACF;AAEA,QAAM,SAAsC,MAAM,OAAO,yBAAyB,iBAAiB;AAEnG,MAAI,CAAC,QAAQ,aAAa;AACxB,UAAM,IAAI,MAAM,4DAA4D;AAAA,EAC9E;AAEA,SAAO,OAAO;AAChB;AAKA,eAAsB,iBAAgC;AACpD,UAAQ,OAAO,MAAM,yCAAyC;AAE9D,MAAI;AACF,UAAM,QAAQ,MAAM,aAAa;AAEjC,QAAI,CAAC,OAAO;AACV,cAAQ,OAAO,MAAM,8DAAyD;AAC9E,cAAQ,KAAK,CAAC;AAAA,IAChB;AAGA,UAAM,SAAS,cAAc;AAC7B,UAAM,WAA0B,MAAM,OAAO,eAAe;AAC5D,UAAM,UAAU,SAAS,CAAC;AAE1B,QAAI,SAAS;AACX,cAAQ,OAAO,MAAM,gCAAgC,QAAQ,QAAQ;AAAA,CAAI;AAAA,IAC3E,OAAO;AACL,cAAQ,OAAO,MAAM,yCAAyC;AAAA,IAChE;AAAA,EACF,SAAS,KAAK;AACZ,YAAQ,OAAO,MAAM,oCAAoC,OAAO,GAAG,CAAC;AAAA,CAAI;AACxE,YAAQ,KAAK,CAAC;AAAA,EAChB;AACF;","names":["fs","path","os","path","os","fs"]}