@softeria/ms-365-mcp-server 0.128.1 → 0.128.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth.js +43 -18
- package/package.json +1 -1
package/dist/auth.js
CHANGED
|
@@ -31,6 +31,36 @@ function createMsalConfig(secrets) {
|
|
|
31
31
|
}
|
|
32
32
|
};
|
|
33
33
|
}
|
|
34
|
+
function buildDiskCoherencyCachePlugin(storage) {
|
|
35
|
+
return {
|
|
36
|
+
beforeCacheAccess: async (context) => {
|
|
37
|
+
try {
|
|
38
|
+
const cacheRaw = await storage.load("token-cache");
|
|
39
|
+
if (cacheRaw) {
|
|
40
|
+
context.tokenCache.deserialize(unwrapCache(cacheRaw).data);
|
|
41
|
+
}
|
|
42
|
+
} catch (error) {
|
|
43
|
+
logger.error(`Error reloading token cache: ${error.message}`);
|
|
44
|
+
if (storage.failClosed) {
|
|
45
|
+
throw error;
|
|
46
|
+
}
|
|
47
|
+
}
|
|
48
|
+
},
|
|
49
|
+
afterCacheAccess: async (context) => {
|
|
50
|
+
if (!context.cacheHasChanged) {
|
|
51
|
+
return;
|
|
52
|
+
}
|
|
53
|
+
try {
|
|
54
|
+
await storage.save("token-cache", wrapCache(context.tokenCache.serialize()));
|
|
55
|
+
} catch (error) {
|
|
56
|
+
logger.error(`Error saving token cache: ${error.message}`);
|
|
57
|
+
if (storage.failClosed) {
|
|
58
|
+
throw error;
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
};
|
|
63
|
+
}
|
|
34
64
|
const SCOPE_HIERARCHY = {
|
|
35
65
|
"Mail.ReadWrite": ["Mail.Read"],
|
|
36
66
|
"Calendars.ReadWrite": ["Calendars.Read"],
|
|
@@ -312,8 +342,15 @@ function consumersAuthorityHint(error, account, authority) {
|
|
|
312
342
|
class AuthManager {
|
|
313
343
|
constructor(config, scopes = [], expectedAccount, storage) {
|
|
314
344
|
logger.info(`And scopes are ${scopes.join(", ")}`, scopes);
|
|
315
|
-
this.config = config;
|
|
316
345
|
this.scopes = scopes;
|
|
346
|
+
this.storage = storage ?? new DefaultTokenCacheStorage();
|
|
347
|
+
this.config = {
|
|
348
|
+
...config,
|
|
349
|
+
cache: {
|
|
350
|
+
...config.cache,
|
|
351
|
+
cachePlugin: buildDiskCoherencyCachePlugin(this.storage)
|
|
352
|
+
}
|
|
353
|
+
};
|
|
317
354
|
this.msalApp = new PublicClientApplication(this.config);
|
|
318
355
|
this.accessToken = null;
|
|
319
356
|
this.tokenExpiry = null;
|
|
@@ -323,7 +360,6 @@ class AuthManager {
|
|
|
323
360
|
this.expectedHomeAccountId = this.normalizeExpectedHomeAccountId(
|
|
324
361
|
expectedAccount?.expectedHomeAccountId
|
|
325
362
|
);
|
|
326
|
-
this.storage = storage ?? new DefaultTokenCacheStorage();
|
|
327
363
|
const oauthTokenFromEnv = process.env.MS365_MCP_OAUTH_TOKEN;
|
|
328
364
|
this.oauthToken = oauthTokenFromEnv ?? null;
|
|
329
365
|
this.isOAuthMode = oauthTokenFromEnv != null;
|
|
@@ -367,17 +403,6 @@ class AuthManager {
|
|
|
367
403
|
}
|
|
368
404
|
}
|
|
369
405
|
}
|
|
370
|
-
async saveTokenCache() {
|
|
371
|
-
try {
|
|
372
|
-
const stamped = wrapCache(this.msalApp.getTokenCache().serialize());
|
|
373
|
-
await this.storage.save("token-cache", stamped);
|
|
374
|
-
} catch (error) {
|
|
375
|
-
logger.error(`Error saving token cache: ${error.message}`);
|
|
376
|
-
if (this.storage.failClosed) {
|
|
377
|
-
throw error;
|
|
378
|
-
}
|
|
379
|
-
}
|
|
380
|
-
}
|
|
381
406
|
async saveSelectedAccount() {
|
|
382
407
|
try {
|
|
383
408
|
const stamped = wrapCache(JSON.stringify({ accountId: this.selectedAccountId }));
|
|
@@ -491,7 +516,10 @@ class AuthManager {
|
|
|
491
516
|
try {
|
|
492
517
|
await this.msalApp.getTokenCache().removeAccount(account);
|
|
493
518
|
} catch (error) {
|
|
494
|
-
logger.
|
|
519
|
+
logger.error(`Failed to remove unexpected account from cache: ${error.message}`);
|
|
520
|
+
throw new Error(
|
|
521
|
+
`Authenticated Microsoft account '${this.describeAccount(account)}' does not match expected Microsoft account '${this.expectedAccountLabel()}', and it could not be removed from the token cache (${error.message}). Its tokens may remain persisted - run --logout to clear the cache, then re-login.`
|
|
522
|
+
);
|
|
495
523
|
}
|
|
496
524
|
throw new Error(
|
|
497
525
|
`Authenticated Microsoft account '${this.describeAccount(account)}' does not match expected Microsoft account '${this.expectedAccountLabel()}'. Login was not persisted.`
|
|
@@ -522,7 +550,6 @@ class AuthManager {
|
|
|
522
550
|
const response = await this.msalApp.acquireTokenSilent(silentRequest);
|
|
523
551
|
this.accessToken = response.accessToken;
|
|
524
552
|
this.tokenExpiry = response.expiresOn ? new Date(response.expiresOn).getTime() : null;
|
|
525
|
-
await this.saveTokenCache();
|
|
526
553
|
return this.accessToken;
|
|
527
554
|
} catch (error) {
|
|
528
555
|
const hint = consumersAuthorityHint(error, currentAccount, this.config.auth.authority);
|
|
@@ -584,7 +611,6 @@ class AuthManager {
|
|
|
584
611
|
await this.saveSelectedAccount();
|
|
585
612
|
logger.info(`Auto-selected new account: ${response.account.username}`);
|
|
586
613
|
}
|
|
587
|
-
await this.saveTokenCache();
|
|
588
614
|
return this.accessToken;
|
|
589
615
|
} catch (error) {
|
|
590
616
|
logger.error(`Error in device code flow: ${error.message}`);
|
|
@@ -626,7 +652,6 @@ class AuthManager {
|
|
|
626
652
|
await this.saveSelectedAccount();
|
|
627
653
|
logger.info(`Auto-selected new account: ${response.account.username}`);
|
|
628
654
|
}
|
|
629
|
-
await this.saveTokenCache();
|
|
630
655
|
return this.accessToken;
|
|
631
656
|
} catch (error) {
|
|
632
657
|
logger.error(`Error in interactive browser flow: ${error.message}`);
|
|
@@ -842,7 +867,6 @@ class AuthManager {
|
|
|
842
867
|
};
|
|
843
868
|
try {
|
|
844
869
|
const response = await this.msalApp.acquireTokenSilent(silentRequest);
|
|
845
|
-
await this.saveTokenCache();
|
|
846
870
|
return response.accessToken;
|
|
847
871
|
} catch (error) {
|
|
848
872
|
const hint = consumersAuthorityHint(error, targetAccount, this.config.auth.authority);
|
|
@@ -858,6 +882,7 @@ class AuthManager {
|
|
|
858
882
|
var auth_default = AuthManager;
|
|
859
883
|
export {
|
|
860
884
|
buildAllowedScopeDiagnostics,
|
|
885
|
+
buildDiskCoherencyCachePlugin,
|
|
861
886
|
buildScopeDiagnostics,
|
|
862
887
|
buildScopesFromEndpoints,
|
|
863
888
|
collapseScopeHierarchy,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@softeria/ms-365-mcp-server",
|
|
3
|
-
"version": "0.128.
|
|
3
|
+
"version": "0.128.2",
|
|
4
4
|
"description": " A Model Context Protocol (MCP) server for interacting with Microsoft 365 and Office services through the Graph API",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.js",
|