@liselvins/lark-mcp 0.1.0

package/dist/cli/login-handler.js

@@ -0,0 +1,288 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LoginHandler = void 0;
+const readline_1 = __importDefault(require("readline"));
+const express_1 = __importDefault(require("express"));
+const handler_local_1 = require("../auth/handler/handler-local");
+const store_1 = require("../auth/store");
+const utils_1 = require("../auth/utils");
+const pkce_1 = require("../auth/utils/pkce");
+const http_instance_1 = require("../utils/http-instance");
+const logger_1 = require("../utils/logger");
+const open_1 = __importDefault(require("open"));
+function readLineFromStdin(prompt) {
+    const rl = readline_1.default.createInterface({ input: process.stdin, output: process.stderr });
+    return new Promise((resolve) => {
+        rl.question(prompt, (answer) => {
+            rl.close();
+            resolve(answer.trim());
+        });
+    });
+}
+class LoginHandler {
+    static async checkTokenWithTimeout(timeout, appId) {
+        let time = 0;
+        return new Promise((resolve) => {
+            const interval = setInterval(async () => {
+                const token = await store_1.authStore.getLocalAccessToken(appId);
+                if (token) {
+                    clearInterval(interval);
+                    resolve(true);
+                }
+                time += 2000;
+                if (time >= timeout) {
+                    clearInterval(interval);
+                    resolve(false);
+                }
+            }, 2000);
+        });
+    }
+    static async handleLogin(options) {
+        if (options.headless) {
+            return this.handleHeadlessLogin(options);
+        }
+        const { appId, appSecret, domain, host, port, scope, timeout = 60000, externalUrl } = options;
+        if (!appId || !appSecret) {
+            console.error('Error: Missing App Credentials (appId and appSecret are required for login)');
+            process.exit(1);
+        }
+        try {
+            console.log('🔐 Starting OAuth login process...');
+            const app = (0, express_1.default)();
+            app.use(express_1.default.json());
+            const authHandler = new handler_local_1.LarkAuthHandlerLocal(app, {
+                port: parseInt(port),
+                host,
+                domain,
+                appId,
+                appSecret,
+                scope,
+                externalUrl,
+            });
+            authHandler.setupRoutes();
+            const result = await authHandler.reAuthorize(undefined, true);
+            if (result.authorizeUrl) {
+                console.log('📱 Please open the following URL in your browser to complete the login:');
+                console.log(`💡 Note: Please ensure the redirect URL (${authHandler.callbackUrl}) is configured in your app's security settings.`);
+                console.log(`   If not configured yet, go to: ${domain}/app/${appId}/safe`);
+                console.log('🔗 Authorization URL:');
+                console.log(result.authorizeUrl);
+                console.log('\n⏳ Waiting for authorization... (timeout in 60 seconds)');
+                (0, open_1.default)(result.authorizeUrl);
+                await store_1.authStore.removeLocalAccessToken(appId);
+                const success = await this.checkTokenWithTimeout(timeout, appId);
+                if (success) {
+                    console.log('✅ Successfully logged in');
+                    process.exit(0);
+                }
+                else {
+                    console.log('❌ Login failed');
+                    process.exit(1);
+                }
+            }
+            else {
+                process.exit(1);
+            }
+        }
+        catch (error) {
+            console.error('❌ Login failed:', error);
+            process.exit(1);
+        }
+    }
+    static async handleHeadlessLogin(options) {
+        var _a, _b;
+        const { appId, appSecret, domain, host, port, scope, externalUrl } = options;
+        if (!appId || !appSecret) {
+            console.error('Error: Missing App Credentials (appId and appSecret are required for login)');
+            process.exit(1);
+        }
+        const baseUrl = (externalUrl === null || externalUrl === void 0 ? void 0 : externalUrl.replace(/\/+$/, '')) || `http://${host}:${port}`;
+        const redirectUri = `${baseUrl}/callback`;
+        const hasScope = scope && scope.length > 0;
+        let authUrl;
+        let codeVerifier;
+        if (hasScope) {
+            // OAuth2 flow with PKCE
+            const pkce = (0, pkce_1.generatePKCEPair)();
+            codeVerifier = pkce.codeVerifier;
+            const params = new URLSearchParams({
+                client_id: appId,
+                response_type: 'code',
+                redirect_uri: redirectUri,
+                code_challenge: pkce.codeChallenge,
+                code_challenge_method: 'S256',
+                scope: scope.join(' '),
+            });
+            authUrl = `${domain}/open-apis/authen/v1/authorize?${params.toString()}`;
+        }
+        else {
+            // OIDC flow
+            const params = new URLSearchParams({
+                app_id: appId,
+                redirect_uri: redirectUri,
+            });
+            authUrl = `${domain}/open-apis/authen/v1/index?${params.toString()}`;
+        }
+        console.log('\n🔐 Headless OAuth login mode\n');
+        console.log(`💡 Ensure the redirect URL is configured in your app's security settings:`);
+        console.log(`   ${redirectUri}`);
+        console.log(`   Configure at: ${domain}/app/${appId}/safe\n`);
+        console.log('📱 Open the following URL in your browser:\n');
+        console.log(authUrl);
+        console.log('\nAfter authorization, your browser will redirect to a URL like:');
+        console.log(`   ${redirectUri}?code=xxxxxxxx`);
+        console.log('\nCopy the full URL or just the code value, and paste it below:\n');
+        const input = await readLineFromStdin('> ');
+        // Parse code from input (could be full URL or just the code)
+        let code;
+        try {
+            const url = new URL(input);
+            code = url.searchParams.get('code') || input;
+        }
+        catch (_c) {
+            code = input.trim();
+        }
+        if (!code) {
+            console.error('❌ No authorization code provided');
+            process.exit(1);
+        }
+        console.log('⏳ Exchanging authorization code for token...');
+        try {
+            let accessToken;
+            let refreshToken;
+            let expiresIn;
+            let tokenScope;
+            if (hasScope) {
+                // OAuth2 token exchange
+                const response = await http_instance_1.commonHttpInstance.post(`${domain}/open-apis/authen/v2/oauth/token`, {
+                    grant_type: 'authorization_code',
+                    client_id: appId,
+                    client_secret: appSecret,
+                    code,
+                    redirect_uri: redirectUri,
+                    code_verifier: codeVerifier,
+                }, { headers: { 'Content-Type': 'application/json; charset=utf-8' } });
+                const data = response.data;
+                if (!data.access_token) {
+                    throw new Error(`Token exchange failed: ${data.code || ''} ${data.msg || JSON.stringify(data)}`);
+                }
+                accessToken = data.access_token;
+                refreshToken = data.refresh_token;
+                expiresIn = data.expires_in;
+                tokenScope = data.scope;
+            }
+            else {
+                // OIDC token exchange: first get app_access_token
+                const appTokenResponse = await http_instance_1.commonHttpInstance.post(`${domain}/open-apis/auth/v3/app_access_token/internal`, { app_id: appId, app_secret: appSecret }, { headers: { 'Content-Type': 'application/json; charset=utf-8' } });
+                const appAccessToken = appTokenResponse.data.app_access_token;
+                if (!appAccessToken) {
+                    throw new Error(`Failed to get app_access_token: ${JSON.stringify(appTokenResponse.data)}`);
+                }
+                const response = await http_instance_1.commonHttpInstance.post(`${domain}/open-apis/authen/v1/oidc/access_token`, { grant_type: 'authorization_code', code }, {
+                    headers: {
+                        'Content-Type': 'application/json; charset=utf-8',
+                        Authorization: `Bearer ${appAccessToken}`,
+                    },
+                });
+                const data = response.data;
+                if (data.code !== 0 || !((_a = data.data) === null || _a === void 0 ? void 0 : _a.access_token)) {
+                    throw new Error(`Token exchange failed: ${data.code || ''} ${data.msg || JSON.stringify(data)}`);
+                }
+                accessToken = data.data.access_token;
+                refreshToken = data.data.refresh_token;
+                expiresIn = data.data.expires_in;
+                tokenScope = data.data.scope;
+            }
+            // Store token with refresh info (same as LarkAuthHandlerLocal callback)
+            const expiresAt = expiresIn ? expiresIn + Date.now() / 1000 : undefined;
+            const clientId = 'client_id_for_local_auth';
+            await store_1.authStore.storeToken({
+                clientId,
+                token: accessToken,
+                scopes: (tokenScope === null || tokenScope === void 0 ? void 0 : tokenScope.split(' ')) || [],
+                expiresAt,
+                extra: {
+                    refreshToken,
+                    appId,
+                    appSecret,
+                },
+            });
+            await store_1.authStore.storeLocalAccessToken(accessToken, appId);
+            logger_1.logger.info(`[LoginHandler] Headless login: token stored for app ${appId}, expiresAt: ${expiresAt}`);
+            console.log('✅ Successfully logged in');
+            process.exit(0);
+        }
+        catch (error) {
+            const detail = ((_b = error.response) === null || _b === void 0 ? void 0 : _b.data) || error.message || error;
+            console.error('❌ Login failed:', detail);
+            process.exit(1);
+        }
+    }
+    static async handleLogout(appId) {
+        try {
+            console.log('🔓 Logging out...');
+            if (!appId) {
+                await store_1.authStore.removeAllLocalAccessTokens();
+                console.log('✅ Successfully logged out from all apps');
+                process.exit(0);
+            }
+            const currentToken = await store_1.authStore.getLocalAccessToken(appId);
+            if (!currentToken) {
+                console.log(`ℹ️ No active login session found for app: ${appId}`);
+                process.exit(0);
+            }
+            await store_1.authStore.removeLocalAccessToken(appId);
+            console.log(`✅ Successfully logged out from app: ${appId}`);
+            process.exit(0);
+        }
+        catch (error) {
+            console.error('❌ Logout failed:', error);
+            process.exit(1);
+        }
+    }
+    static simpleMask(str) {
+        if (!str) {
+            return '';
+        }
+        if (str.length < 6) {
+            return '*'.repeat(str.length);
+        }
+        return str.slice(0, 4) + '*'.repeat(str.length - 6) + str.slice(-2);
+    }
+    static async handleWhoAmI() {
+        var _a, _b, _c;
+        const tokens = await store_1.authStore.getAllLocalAccessTokens();
+        if (Object.keys(tokens).length <= 0) {
+            console.log('ℹ️ No active login sessions found');
+            process.exit(0);
+        }
+        console.log('👤 Current login sessions:\n');
+        for (const [appId, accessToken] of Object.entries(tokens)) {
+            const token = await store_1.authStore.getToken(accessToken);
+            if (!token) {
+                console.log('❌ No token info found');
+                continue;
+            }
+            console.log(`📱 App ID: ${appId}`);
+            console.log(`⌚️ AccessToken Expired: ${(0, utils_1.isTokenExpired)(token)}`);
+            console.log(`🔐 Token Info:`);
+            console.log(JSON.stringify({
+                clientId: token.clientId,
+                token: this.simpleMask(token.token),
+                scopes: token.scopes,
+                expiresAt: token.expiresAt,
+                extra: {
+                    refreshToken: this.simpleMask((_a = token.extra) === null || _a === void 0 ? void 0 : _a.refreshToken),
+                    appId: (_b = token.extra) === null || _b === void 0 ? void 0 : _b.appId,
+                    appSecret: this.simpleMask((_c = token.extra) === null || _c === void 0 ? void 0 : _c.appSecret),
+                },
+            }, null, 2));
+            console.log('\n');
+        }
+        process.exit(0);
+    }
+}
+exports.LoginHandler = LoginHandler;

package/dist/cli.d.ts

@@ -0,0 +1,4 @@
+#!/usr/bin/env node
+import { Command } from 'commander';
+declare const program: Command;
+export { program };

package/dist/cli.js

@@ -0,0 +1,124 @@
+#!/usr/bin/env node
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.program = void 0;
+const fs_1 = __importDefault(require("fs"));
+const dotenv_1 = __importDefault(require("dotenv"));
+const commander_1 = require("commander");
+const version_1 = require("./utils/version");
+const mcp_server_1 = require("./mcp-server");
+const constants_1 = require("./utils/constants");
+const login_handler_1 = require("./cli/login-handler");
+const parser_string_array_1 = require("./utils/parser-string-array");
+const logger_1 = require("./utils/logger");
+dotenv_1.default.config();
+const program = new commander_1.Command();
+exports.program = program;
+program.name('lark-mcp').description('Feishu/Lark MCP Tool').version(version_1.currentVersion);
+program
+    .command('whoami')
+    .description('Print All User Sessions')
+    .action(() => {
+    login_handler_1.LoginHandler.handleWhoAmI();
+});
+program
+    .command('login')
+    .description('Login using OAuth and get user access token')
+    .option('-a, --app-id <appId>', 'Feishu/Lark App ID')
+    .option('-s, --app-secret <appSecret>', 'Feishu/Lark App Secret')
+    .option('-d, --domain <domain>', '(Optional) Feishu/Lark Domain (default: "https://open.feishu.cn")')
+    .option('--host <host>', '(Optional) Host to listen (default: "localhost")')
+    .option('-p, --port <port>', '(Optional) Port to listen (default: "3000")')
+    .option('--scope <scope>', '(Optional) Specify OAuth scope for user access token, default is all permissions granted to the app, separated by spaces or commas')
+    .option('--headless', '(Optional) Headless login mode for environments without a browser (e.g. Docker). Prints auth URL and waits for code input.')
+    .option('--debug', '(Optional) Enable debug mode')
+    .action(async (options) => {
+    if (constants_1.NODE_VERSION_MAJOR < 20) {
+        logger_1.logger.error(`❌ This CLI requires Node.js >= 20. You are using v${process.versions.node}.\n\n` +
+            `👉 Please upgrade Node.js: https://nodejs.org/`);
+        process.exit(1);
+    }
+    const mergedOptions = { ...constants_1.OAPI_MCP_DEFAULT_ARGS, ...constants_1.OAPI_MCP_ENV_ARGS, ...options };
+    if (mergedOptions.debug) {
+        logger_1.logger.setLevel(logger_1.LogLevel.DEBUG);
+    }
+    await login_handler_1.LoginHandler.handleLogin({ ...mergedOptions, scope: (0, parser_string_array_1.parseStringArray)(mergedOptions.scope) });
+});
+program
+    .command('logout')
+    .description('Logout and clear stored user access token')
+    .option('-a, --app-id <appId>', '(Optional) Feishu/Lark App ID, if not specified, logout all apps')
+    .option('--debug', '(Optional) Enable debug mode')
+    .action(async (options) => {
+    if (options.debug) {
+        logger_1.logger.setLevel(logger_1.LogLevel.DEBUG);
+    }
+    await login_handler_1.LoginHandler.handleLogout(options.appId);
+});
+program
+    .command('mcp')
+    .description('Start Feishu/Lark MCP Service')
+    .option('-a, --app-id <appId>', 'Feishu/Lark App ID')
+    .option('-s, --app-secret <appSecret>', 'Feishu/Lark App Secret')
+    .option('-d, --domain <domain>', '(Optional) Feishu/Lark Domain (default: "https://open.feishu.cn")')
+    .option('-t, --tools <tools>', '(Optional) List of API tools to enable, separated by commas or spaces (default: "preset.default")')
+    .option('-c, --tool-name-case <toolNameCase>', '(Optional) Tool Name Case, snake or camel or kebab or dot (default: "snake")')
+    .option('-l, --language <language>', '(Optional) Tools Language, zh or en (default: "en")')
+    .option('--token-mode <tokenMode>', '(Optional) Token Mode, auto or user_access_token or tenant_access_token (default: "auto")')
+    .option('-u, --user-access-token <userAccessToken>', '(Optional) User Access Token (beta)')
+    .option('--oauth', '(Optional) Enable MCP Auth Server to get user_access_token and auto request user login when token expires (Beta) (default: false)')
+    .option('--scope <scope>', '(Optional) Specify OAuth scope for user access token, default is all permissions granted to the app, separated by spaces or commas')
+    .option('-m, --mode <mode>', '(Optional) Transport Mode, stdio or sse or streamable (default: "stdio")')
+    .option('--host <host>', '(Optional) Host to listen (default: "localhost")')
+    .option('-p, --port <port>', '(Optional) Port to listen (default: "3000")')
+    .option('--external-url <externalUrl>', '(Optional) External URL for OAuth callback when behind a reverse proxy (e.g. https://mcp.example.com)')
+    .option('--config <configPath>', '(Optional) Config file path (JSON)')
+    .option('--debug', '(Optional) Enable debug mode')
+    .action(async (options) => {
+    let fileOptions = {};
+    if (options.config) {
+        try {
+            const configContent = fs_1.default.readFileSync(options.config, 'utf-8');
+            fileOptions = JSON.parse(configContent);
+        }
+        catch (err) {
+            logger_1.logger.error(`Failed to read config file: ${err}`);
+            process.exit(1);
+        }
+    }
+    const mergedOptions = { ...constants_1.OAPI_MCP_DEFAULT_ARGS, ...constants_1.OAPI_MCP_ENV_ARGS, ...fileOptions, ...options };
+    if (constants_1.NODE_VERSION_MAJOR < 20 && mergedOptions.oauth) {
+        logger_1.logger.error(`❌ This CLI requires Node.js >= 20. You are using v${process.versions.node}.\n\n` +
+            `👉 Please upgrade Node.js: https://nodejs.org/`);
+        process.exit(1);
+    }
+    if (mergedOptions.debug) {
+        logger_1.logger.setLevel(logger_1.LogLevel.DEBUG);
+    }
+    await (0, mcp_server_1.initMcpServerWithTransport)('oapi', {
+        ...mergedOptions,
+        scope: (0, parser_string_array_1.parseStringArray)(mergedOptions.scope),
+        tools: (0, parser_string_array_1.parseStringArray)(mergedOptions.tools),
+    });
+});
+program
+    .command('recall-developer-documents')
+    .description('Start Feishu/Lark Open Platform Recall MCP Service')
+    .option('-d, --domain <domain>', '(Optional) Feishu Open Platform Domain', 'https://open.feishu.cn')
+    .option('-m, --mode <mode>', '(Optional) Transport Mode, stdio or sse or streamable', 'stdio')
+    .option('--host <host>', '(Optional) Host to listen', 'localhost')
+    .option('-p, --port <port>', '(Optional) Port to listen in sse mode', '3001')
+    .option('--debug', '(Optional) Enable debug mode')
+    .action(async (options) => {
+    if (options.debug) {
+        logger_1.logger.setLevel(logger_1.LogLevel.DEBUG);
+    }
+    await (0, mcp_server_1.initMcpServerWithTransport)('recall', options);
+});
+if (process.argv.length === 2) {
+    program.help();
+}
+program.parse(process.argv);

package/dist/index.d.ts

@@ -0,0 +1,3 @@
+export * from './cli';
+export * from './mcp-tool';
+export * from './mcp-server';

package/dist/index.js

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./cli"), exports);
+__exportStar(require("./mcp-tool"), exports);
+__exportStar(require("./mcp-server"), exports);

package/dist/mcp-server/index.d.ts

@@ -0,0 +1,2 @@
+export * from './transport';
+export * from './shared';

package/dist/mcp-server/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./transport"), exports);
+__exportStar(require("./shared"), exports);

package/dist/mcp-server/shared/index.d.ts

@@ -0,0 +1,2 @@
+export * from './init';
+export * from './types';

package/dist/mcp-server/shared/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./init"), exports);
+__exportStar(require("./types"), exports);

package/dist/mcp-server/shared/init.d.ts

@@ -0,0 +1,10 @@
+import * as larkmcp from '../../mcp-tool';
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import { McpServerOptions, McpServerType } from './types';
+import { LarkAuthHandler } from '../../auth';
+export declare function initOAPIMcpServer(options: McpServerOptions, authHandler?: LarkAuthHandler): {
+    mcpServer: McpServer;
+    larkClient: larkmcp.LarkMcpTool;
+};
+export declare function initRecallMcpServer(options: McpServerOptions): McpServer;
+export declare function initMcpServerWithTransport(serverType: McpServerType, options: McpServerOptions): Promise<void>;

package/dist/mcp-server/shared/init.js

@@ -0,0 +1,121 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.initOAPIMcpServer = initOAPIMcpServer;
+exports.initRecallMcpServer = initRecallMcpServer;
+exports.initMcpServerWithTransport = initMcpServerWithTransport;
+const larkmcp = __importStar(require("../../mcp-tool"));
+const mcp_js_1 = require("@modelcontextprotocol/sdk/server/mcp.js");
+const transport_1 = require("../transport");
+const noop_1 = require("../../utils/noop");
+const version_1 = require("../../utils/version");
+const http_instance_1 = require("../../utils/http-instance");
+const logger_1 = require("../../utils/logger");
+function initOAPIMcpServer(options, authHandler) {
+    const { appId, appSecret, userAccessToken, tokenMode, domain, oauth } = options;
+    if (!appId || !appSecret) {
+        console.error('Error: Missing App Credentials');
+        throw new Error('Missing App Credentials');
+    }
+    let allowTools = options.tools || [];
+    for (const [presetName, presetTools] of Object.entries(larkmcp.presetTools)) {
+        if (allowTools.includes(presetName)) {
+            allowTools = [...presetTools, ...allowTools];
+        }
+    }
+    // Unique
+    allowTools = Array.from(new Set(allowTools));
+    // Create MCP Server
+    const mcpServer = new mcp_js_1.McpServer({ id: 'lark-mcp-server', name: 'Feishu/Lark MCP Server', version: version_1.currentVersion });
+    const toolsOptions = allowTools.length
+        ? { allowTools: allowTools, language: options.language }
+        : { language: options.language };
+    const larkClient = new larkmcp.LarkMcpTool({
+        appId,
+        appSecret,
+        logger: { warn: noop_1.noop, error: noop_1.noop, debug: noop_1.noop, info: noop_1.noop, trace: noop_1.noop },
+        httpInstance: http_instance_1.oapiHttpInstance,
+        domain,
+        toolsOptions,
+        tokenMode,
+        oauth,
+    }, authHandler);
+    if (userAccessToken) {
+        larkClient.updateUserAccessToken(userAccessToken);
+    }
+    larkClient.registerMcpServer(mcpServer, { toolNameCase: options.toolNameCase });
+    return { mcpServer, larkClient };
+}
+function initRecallMcpServer(options) {
+    const server = new mcp_js_1.McpServer({
+        id: 'lark-recall-mcp-server',
+        name: 'Lark Recall MCP Service',
+        version: version_1.currentVersion,
+    });
+    server.tool(larkmcp.RecallTool.name, larkmcp.RecallTool.description, larkmcp.RecallTool.schema, (params) => larkmcp.RecallTool.handler(params, options));
+    return server;
+}
+async function initMcpServerWithTransport(serverType, options) {
+    const { mode, userAccessToken, oauth } = options;
+    if (userAccessToken && oauth) {
+        logger_1.logger.error(`[initMcpServerWithTransport] userAccessToken and oauth cannot be used together`);
+        throw new Error('userAccessToken and oauth cannot be used together');
+    }
+    const getNewServer = (commonOptions, authHandler) => {
+        if (serverType === 'oapi') {
+            const { mcpServer } = initOAPIMcpServer({ ...options, ...commonOptions }, authHandler);
+            return mcpServer;
+        }
+        else if (serverType === 'recall') {
+            return initRecallMcpServer({ ...options, ...commonOptions });
+        }
+        logger_1.logger.error(`[initMcpServerWithTransport] Invalid server type: ${serverType}`);
+        throw new Error('Invalid server type');
+    };
+    const needAuthFlow = serverType === 'oapi';
+    switch (mode) {
+        case 'stdio':
+            await (0, transport_1.initStdioServer)(getNewServer, options, { needAuthFlow });
+            break;
+        case 'sse':
+            await (0, transport_1.initSSEServer)(getNewServer, options, { needAuthFlow });
+            break;
+        case 'streamable':
+            await (0, transport_1.initStreamableServer)(getNewServer, options, { needAuthFlow });
+            break;
+        default:
+            throw new Error('Invalid mode:' + mode);
+    }
+}

package/dist/mcp-server/shared/types.d.ts

@@ -0,0 +1,44 @@
+import * as larkmcp from '../../mcp-tool';
+import { z } from 'zod';
+import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
+import { LarkAuthHandler } from '../../auth';
+export type McpServerType = 'oapi' | 'recall';
+export type McpServerTransport = 'stdio' | 'sse' | 'streamable';
+export declare const mcpServerOptionSchema: z.ZodObject<{
+    tools: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
+    language: z.ZodOptional<z.ZodEnum<["zh", "en"]>>;
+    toolNameCase: z.ZodOptional<z.ZodEnum<["snake", "camel"]>>;
+    tokenMode: z.ZodOptional<z.ZodEnum<["auto", "user_access_token", "tenant_access_token"]>>;
+}, "strip", z.ZodTypeAny, {
+    language?: "en" | "zh" | undefined;
+    tokenMode?: "auto" | "user_access_token" | "tenant_access_token" | undefined;
+    tools?: string | string[] | undefined;
+    toolNameCase?: "snake" | "camel" | undefined;
+}, {
+    language?: "en" | "zh" | undefined;
+    tokenMode?: "auto" | "user_access_token" | "tenant_access_token" | undefined;
+    tools?: string | string[] | undefined;
+    toolNameCase?: "snake" | "camel" | undefined;
+}>;
+export interface McpServerOptions {
+    appId?: string;
+    appSecret?: string;
+    domain?: string;
+    tools?: string[];
+    language?: 'zh' | 'en';
+    toolNameCase?: larkmcp.ToolNameCase;
+    tokenMode?: larkmcp.TokenMode;
+    userAccessToken?: string | larkmcp.SettableValue;
+    oauth?: boolean;
+    scope?: string[];
+    mode?: McpServerTransport;
+    host?: string;
+    port?: number;
+    /**
+     * External URL for OAuth callback when running behind a reverse proxy (e.g. https://mcp.example.com).
+     */
+    externalUrl?: string;
+}
+export type InitTransportServerFunction = (getNewServer: (options?: McpServerOptions, authHandler?: LarkAuthHandler) => McpServer, mcpServerOptions: McpServerOptions, authOptions?: {
+    needAuthFlow: boolean;
+}) => void | Promise<void>;