@softeria/ms-365-mcp-server 0.28.2 → 0.29.0

package/.env.example

@@ -4,7 +4,7 @@
 # Your Azure AD App Registration Client ID
 MS365_MCP_CLIENT_ID=your-azure-ad-app-client-id-here
 
-# Your Azure AD App Registration Client Secret
+# Your Azure AD App Registration Client Secret (optional, for confidential clients)
 MS365_MCP_CLIENT_SECRET=your-azure-ad-app-client-secret-here
 
 # Tenant ID - use "common" for multi-tenant or your specific tenant ID
@@ -21,4 +21,24 @@ MS365_MCP_TENANT_ID=common
 # 5. Copy the Client ID from Overview page
 # 6. Go to Certificates & secrets → New client secret → Copy the secret value
 # 7. Replace the values above with your actual credentials
-# 8. Rename this file to .env 
+# 8. Rename this file to .env
+
+# -------------------------------------------------------------------
+# Azure Key Vault Integration (Optional)
+# -------------------------------------------------------------------
+# When set, secrets are fetched from Azure Key Vault instead of environment variables.
+# This is useful for production deployments, especially with Azure Container Apps.
+#
+# MS365_MCP_KEYVAULT_URL=https://your-keyvault-name.vault.azure.net
+#
+# Key Vault secret names (store these in your Key Vault):
+#   - ms365-mcp-client-id     (required)
+#   - ms365-mcp-tenant-id     (optional, defaults to "common")
+#   - ms365-mcp-client-secret (optional)
+#
+# Authentication uses DefaultAzureCredential, which supports:
+#   - Managed Identity (recommended for Azure Container Apps)
+#   - Azure CLI credentials (for local development)
+#   - Environment variables (AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, AZURE_TENANT_ID)
+#
+# See README.md for detailed Azure Key Vault setup instructions.

package/README.md

@@ -395,6 +395,74 @@ Environment variables:
 - `MS365_MCP_CLIENT_ID`: Custom Azure app client ID (defaults to built-in app)
 - `MS365_MCP_TENANT_ID`: Custom tenant ID (defaults to 'common' for multi-tenant)
 - `MS365_MCP_OAUTH_TOKEN`: Pre-existing OAuth token for Microsoft Graph API (BYOT method)
+- `MS365_MCP_KEYVAULT_URL`: Azure Key Vault URL for secrets management (see Azure Key Vault section)
+
+## Azure Key Vault Integration
+
+For production deployments, you can store secrets in Azure Key Vault instead of environment variables. This is particularly useful for Azure Container Apps with managed identity.
+
+### Setup
+
+1. **Create a Key Vault** (if you don't have one):
+
+   ```bash
+   az keyvault create --name your-keyvault-name --resource-group your-rg --location eastus
+   ```
+
+2. **Add secrets to Key Vault**:
+
+   ```bash
+   az keyvault secret set --vault-name your-keyvault-name --name ms365-mcp-client-id --value "your-client-id"
+   az keyvault secret set --vault-name your-keyvault-name --name ms365-mcp-tenant-id --value "your-tenant-id"
+   # Optional: if using confidential client flow
+   az keyvault secret set --vault-name your-keyvault-name --name ms365-mcp-client-secret --value "your-secret"
+   ```
+
+3. **Grant access to Key Vault**:
+
+   For Azure Container Apps with managed identity:
+
+   ```bash
+   # Get the managed identity principal ID
+   PRINCIPAL_ID=$(az containerapp show --name your-app --resource-group your-rg --query identity.principalId -o tsv)
+
+   # Grant access to Key Vault secrets
+   az keyvault set-policy --name your-keyvault-name --object-id $PRINCIPAL_ID --secret-permissions get list
+   ```
+
+   For local development with Azure CLI:
+
+   ```bash
+   # Your Azure CLI identity already has access if you have appropriate RBAC roles
+   az login
+   ```
+
+4. **Configure the server**:
+   ```bash
+   MS365_MCP_KEYVAULT_URL=https://your-keyvault-name.vault.azure.net npx @softeria/ms-365-mcp-server
+   ```
+
+### Secret Name Mapping
+
+| Key Vault Secret Name   | Environment Variable    | Required                  |
+| ----------------------- | ----------------------- | ------------------------- |
+| ms365-mcp-client-id     | MS365_MCP_CLIENT_ID     | Yes                       |
+| ms365-mcp-tenant-id     | MS365_MCP_TENANT_ID     | No (defaults to 'common') |
+| ms365-mcp-client-secret | MS365_MCP_CLIENT_SECRET | No                        |
+
+### Authentication
+
+The Key Vault integration uses `DefaultAzureCredential` from the Azure Identity SDK, which automatically tries multiple authentication methods in order:
+
+1. Environment variables (AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, AZURE_TENANT_ID)
+2. Managed Identity (recommended for Azure Container Apps)
+3. Azure CLI credentials (for local development)
+4. Visual Studio Code credentials
+5. Azure PowerShell credentials
+
+### Optional Dependencies
+
+The Azure Key Vault packages (`@azure/identity` and `@azure/keyvault-secrets`) are optional dependencies. They are only loaded when `MS365_MCP_KEYVAULT_URL` is configured. If you don't use Key Vault, these packages are not required.
 
 ## Contributing
 

package/dist/auth.js

@@ -3,6 +3,7 @@ import logger from "./logger.js";
 import fs, { existsSync, readFileSync } from "fs";
 import { fileURLToPath } from "url";
 import path from "path";
+import { getSecrets } from "./secrets.js";
 let keytar = null;
 async function getKeytar() {
   if (keytar === void 0) {
@@ -34,12 +35,14 @@ const SELECTED_ACCOUNT_KEY = "selected-account";
 const FALLBACK_DIR = path.dirname(fileURLToPath(import.meta.url));
 const FALLBACK_PATH = path.join(FALLBACK_DIR, "..", ".token-cache.json");
 const SELECTED_ACCOUNT_PATH = path.join(FALLBACK_DIR, "..", ".selected-account.json");
-const DEFAULT_CONFIG = {
-  auth: {
-    clientId: process.env.MS365_MCP_CLIENT_ID || "084a3e9f-a9f4-43f7-89f9-d229cf97853e",
-    authority: `https://login.microsoftonline.com/${process.env.MS365_MCP_TENANT_ID || "common"}`
-  }
-};
+function createMsalConfig(secrets) {
+  return {
+    auth: {
+      clientId: secrets.clientId || "084a3e9f-a9f4-43f7-89f9-d229cf97853e",
+      authority: `https://login.microsoftonline.com/${secrets.tenantId || "common"}`
+    }
+  };
+}
 const SCOPE_HIERARCHY = {
   "Mail.ReadWrite": ["Mail.Read"],
   "Calendars.ReadWrite": ["Calendars.Read"],
@@ -87,7 +90,7 @@ function buildScopesFromEndpoints(includeWorkAccountScopes = false, enabledTools
   return scopes;
 }
 class AuthManager {
-  constructor(config = DEFAULT_CONFIG, scopes = buildScopesFromEndpoints()) {
+  constructor(config, scopes = buildScopesFromEndpoints()) {
     logger.info(`And scopes are ${scopes.join(", ")}`, scopes);
     this.config = config;
     this.scopes = scopes;
@@ -99,6 +102,15 @@ class AuthManager {
     this.oauthToken = oauthTokenFromEnv ?? null;
     this.isOAuthMode = oauthTokenFromEnv != null;
   }
+  /**
+   * Creates an AuthManager instance with secrets loaded from the configured provider.
+   * Uses Key Vault if MS365_MCP_KEYVAULT_URL is set, otherwise environment variables.
+   */
+  static async create(scopes = buildScopesFromEndpoints()) {
+    const secrets = await getSecrets();
+    const config = createMsalConfig(secrets);
+    return new AuthManager(config, scopes);
+  }
   async loadTokenCache() {
     try {
       let cacheData;

package/dist/graph-client.js

@@ -2,11 +2,12 @@ import logger from "./logger.js";
 import { refreshAccessToken } from "./lib/microsoft-auth.js";
 import { encode as toonEncode } from "@toon-format/toon";
 class GraphClient {
-  constructor(authManager, outputFormat = "json") {
+  constructor(authManager, secrets, outputFormat = "json") {
     this.accessToken = null;
     this.refreshToken = null;
     this.outputFormat = "json";
     this.authManager = authManager;
+    this.secrets = secrets;
     this.outputFormat = outputFormat;
   }
   setOAuthTokens(accessToken, refreshToken) {
@@ -72,9 +73,9 @@ class GraphClient {
     }
   }
   async refreshAccessToken(refreshToken) {
-    const tenantId = process.env.MS365_MCP_TENANT_ID || "common";
-    const clientId = process.env.MS365_MCP_CLIENT_ID || "084a3e9f-a9f4-43f7-89f9-d229cf97853e";
-    const clientSecret = process.env.MS365_MCP_CLIENT_SECRET;
+    const tenantId = this.secrets.tenantId || "common";
+    const clientId = this.secrets.clientId;
+    const clientSecret = this.secrets.clientSecret;
     if (clientSecret) {
       logger.info("GraphClient: Refreshing token with confidential client");
     } else {

package/dist/graph-tools.js

@@ -251,7 +251,10 @@ function registerGraphTools(server, graphClient, readOnly = false, enabledToolsP
         paramSchema,
         {
           title: tool.alias,
-          readOnlyHint: tool.method.toUpperCase() === "GET"
+          readOnlyHint: tool.method.toUpperCase() === "GET",
+          destructiveHint: ["POST", "PATCH", "DELETE"].includes(tool.method.toUpperCase()),
+          openWorldHint: true
+          // All tools call Microsoft Graph API
         },
         async (params) => executeGraphTool(tool, endpointConfig, graphClient, params)
       );
@@ -295,7 +298,9 @@ function registerDiscoveryTools(server, graphClient, readOnly = false, orgMode =
     },
     {
       title: "search-tools",
-      readOnlyHint: true
+      readOnlyHint: true,
+      openWorldHint: true
+      // Searches Microsoft Graph API tools
     },
     async ({ query, category, limit = 20 }) => {
       const maxLimit = Math.min(limit, 50);
@@ -348,7 +353,11 @@ function registerDiscoveryTools(server, graphClient, readOnly = false, orgMode =
     },
     {
       title: "execute-tool",
-      readOnlyHint: false
+      readOnlyHint: false,
+      destructiveHint: true,
+      // Can execute any tool, including write operations
+      openWorldHint: true
+      // Executes against Microsoft Graph API
     },
     async ({ tool_name, parameters = {} }) => {
       const toolData = toolsRegistry.get(tool_name);

package/dist/index.js

@@ -13,7 +13,7 @@ async function main() {
       logger.info("Organization mode enabled - including work account scopes");
     }
     const scopes = buildScopesFromEndpoints(includeWorkScopes, args.enabledTools);
-    const authManager = new AuthManager(void 0, scopes);
+    const authManager = await AuthManager.create(scopes);
     await authManager.loadTokenCache();
     if (args.login) {
       await authManager.acquireTokenByDeviceCode();

package/dist/oauth-provider.js

@@ -1,9 +1,9 @@
 import { ProxyOAuthServerProvider } from "@modelcontextprotocol/sdk/server/auth/providers/proxyProvider.js";
 import logger from "./logger.js";
 class MicrosoftOAuthProvider extends ProxyOAuthServerProvider {
-  constructor(authManager) {
-    const tenantId = process.env.MS365_MCP_TENANT_ID || "common";
-    const clientId = process.env.MS365_MCP_CLIENT_ID || "084a3e9f-a9f4-43f7-89f9-d229cf97853e";
+  constructor(authManager, secrets) {
+    const tenantId = secrets.tenantId || "common";
+    const clientId = secrets.clientId;
     super({
       endpoints: {
         authorizationUrl: `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/authorize`,

package/dist/secrets.js

@@ -0,0 +1,61 @@
+import logger from "./logger.js";
+class EnvironmentSecretsProvider {
+  async getSecrets() {
+    return {
+      clientId: process.env.MS365_MCP_CLIENT_ID || "",
+      tenantId: process.env.MS365_MCP_TENANT_ID || "common",
+      clientSecret: process.env.MS365_MCP_CLIENT_SECRET
+    };
+  }
+}
+class KeyVaultSecretsProvider {
+  constructor(vaultUrl) {
+    this.vaultUrl = vaultUrl;
+  }
+  async getSecrets() {
+    const { DefaultAzureCredential } = await import("@azure/identity");
+    const { SecretClient } = await import("@azure/keyvault-secrets");
+    const credential = new DefaultAzureCredential();
+    const client = new SecretClient(this.vaultUrl, credential);
+    logger.info(`Fetching secrets from Key Vault: ${this.vaultUrl}`);
+    const [clientIdSecret, tenantIdSecret, clientSecretResult] = await Promise.all([
+      client.getSecret("ms365-mcp-client-id"),
+      client.getSecret("ms365-mcp-tenant-id").catch(() => null),
+      client.getSecret("ms365-mcp-client-secret").catch(() => null)
+    ]);
+    if (!clientIdSecret.value) {
+      throw new Error("Required secret ms365-mcp-client-id not found in Key Vault");
+    }
+    logger.info("Successfully retrieved secrets from Key Vault");
+    return {
+      clientId: clientIdSecret.value,
+      tenantId: tenantIdSecret?.value || "common",
+      clientSecret: clientSecretResult?.value
+    };
+  }
+}
+function createSecretsProvider() {
+  const vaultUrl = process.env.MS365_MCP_KEYVAULT_URL;
+  if (vaultUrl) {
+    logger.info("Key Vault URL configured, using Azure Key Vault for secrets");
+    return new KeyVaultSecretsProvider(vaultUrl);
+  }
+  logger.info("Using environment variables for secrets");
+  return new EnvironmentSecretsProvider();
+}
+let cachedSecrets = null;
+async function getSecrets() {
+  if (cachedSecrets) {
+    return cachedSecrets;
+  }
+  const provider = createSecretsProvider();
+  cachedSecrets = await provider.getSecrets();
+  return cachedSecrets;
+}
+function clearSecretsCache() {
+  cachedSecrets = null;
+}
+export {
+  clearSecretsCache,
+  getSecrets
+};

package/dist/server.js

@@ -3,7 +3,6 @@ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"
 import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/streamableHttp.js";
 import { mcpAuthRouter } from "@modelcontextprotocol/sdk/server/auth/router.js";
 import express from "express";
-import crypto from "crypto";
 import logger, { enableConsoleLogging } from "./logger.js";
 import { registerAuthTools } from "./auth-tools.js";
 import { registerGraphTools, registerDiscoveryTools } from "./graph-tools.js";
@@ -15,7 +14,7 @@ import {
   microsoftBearerTokenAuthMiddleware,
   refreshAccessToken
 } from "./lib/microsoft-auth.js";
-const registeredClients = /* @__PURE__ */ new Map();
+import { getSecrets } from "./secrets.js";
 function parseHttpOption(httpOption) {
   if (typeof httpOption === "boolean") {
     return { host: void 0, port: 3e3 };
@@ -34,11 +33,14 @@ class MicrosoftGraphServer {
   constructor(authManager, options = {}) {
     this.authManager = authManager;
     this.options = options;
-    const outputFormat = options.toon ? "toon" : "json";
-    this.graphClient = new GraphClient(authManager, outputFormat);
+    this.graphClient = null;
     this.server = null;
+    this.secrets = null;
   }
   async initialize(version) {
+    this.secrets = await getSecrets();
+    const outputFormat = this.options.toon ? "toon" : "json";
+    this.graphClient = new GraphClient(this.authManager, this.secrets, outputFormat);
     this.server = new McpServer({
       name: "Microsoft365MCP",
       version
@@ -70,10 +72,10 @@ class MicrosoftGraphServer {
       enableConsoleLogging();
     }
     logger.info("Microsoft 365 MCP Server starting...");
-    logger.info("Environment Variables Check:", {
-      CLIENT_ID: process.env.MS365_MCP_CLIENT_ID ? `${process.env.MS365_MCP_CLIENT_ID.substring(0, 8)}...` : "NOT SET",
-      CLIENT_SECRET: process.env.MS365_MCP_CLIENT_SECRET ? "SET" : "NOT SET",
-      TENANT_ID: process.env.MS365_MCP_TENANT_ID || "NOT SET",
+    logger.info("Secrets Check:", {
+      CLIENT_ID: this.secrets?.clientId ? `${this.secrets.clientId.substring(0, 8)}...` : "NOT SET",
+      CLIENT_SECRET: this.secrets?.clientSecret ? "SET" : "NOT SET",
+      TENANT_ID: this.secrets?.tenantId || "NOT SET",
       NODE_ENV: process.env.NODE_ENV || "NOT SET"
     });
     if (this.options.readOnly) {
@@ -99,7 +101,7 @@ class MicrosoftGraphServer {
         }
         next();
       });
-      const oauthProvider = new MicrosoftOAuthProvider(this.authManager);
+      const oauthProvider = new MicrosoftOAuthProvider(this.authManager, this.secrets);
       app.get("/.well-known/oauth-authorization-server", async (req, res) => {
         const protocol = req.secure ? "https" : "http";
         const url = new URL(`${protocol}://${req.get("host")}`);
@@ -108,7 +110,6 @@ class MicrosoftGraphServer {
           issuer: url.origin,
           authorization_endpoint: `${url.origin}/authorize`,
           token_endpoint: `${url.origin}/token`,
-          registration_endpoint: `${url.origin}/register`,
           response_types_supported: ["code"],
           response_modes_supported: ["query"],
           grant_types_supported: ["authorization_code", "refresh_token"],
@@ -129,33 +130,10 @@ class MicrosoftGraphServer {
           resource_documentation: `${url.origin}`
         });
       });
-      app.post("/register", async (req, res) => {
-        const body = req.body;
-        const clientId = crypto.randomUUID();
-        registeredClients.set(clientId, {
-          client_id: clientId,
-          client_name: body.client_name || "MCP Client",
-          redirect_uris: body.redirect_uris || [],
-          grant_types: body.grant_types || ["authorization_code", "refresh_token"],
-          response_types: body.response_types || ["code"],
-          scope: body.scope,
-          token_endpoint_auth_method: "none",
-          created_at: Date.now()
-        });
-        res.status(201).json({
-          client_id: clientId,
-          client_name: body.client_name || "MCP Client",
-          redirect_uris: body.redirect_uris || [],
-          grant_types: body.grant_types || ["authorization_code", "refresh_token"],
-          response_types: body.response_types || ["code"],
-          scope: body.scope,
-          token_endpoint_auth_method: "none"
-        });
-      });
       app.get("/authorize", async (req, res) => {
         const url = new URL(req.url, `${req.protocol}://${req.get("host")}`);
-        const tenantId = process.env.MS365_MCP_TENANT_ID || "common";
-        const clientId = process.env.MS365_MCP_CLIENT_ID || "084a3e9f-a9f4-43f7-89f9-d229cf97853e";
+        const tenantId = this.secrets?.tenantId || "common";
+        const clientId = this.secrets.clientId;
         const microsoftAuthUrl = new URL(
           `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/authorize`
         );
@@ -209,9 +187,9 @@ class MicrosoftGraphServer {
             return;
           }
           if (body.grant_type === "authorization_code") {
-            const tenantId = process.env.MS365_MCP_TENANT_ID || "common";
-            const clientId = process.env.MS365_MCP_CLIENT_ID || "084a3e9f-a9f4-43f7-89f9-d229cf97853e";
-            const clientSecret = process.env.MS365_MCP_CLIENT_SECRET;
+            const tenantId = this.secrets?.tenantId || "common";
+            const clientId = this.secrets.clientId;
+            const clientSecret = this.secrets?.clientSecret;
             if (clientSecret) {
               logger.info("Token endpoint: Using confidential client with client_secret");
             } else {
@@ -227,9 +205,9 @@ class MicrosoftGraphServer {
             );
             res.json(result);
           } else if (body.grant_type === "refresh_token") {
-            const tenantId = process.env.MS365_MCP_TENANT_ID || "common";
-            const clientId = process.env.MS365_MCP_CLIENT_ID || "084a3e9f-a9f4-43f7-89f9-d229cf97853e";
-            const clientSecret = process.env.MS365_MCP_CLIENT_SECRET;
+            const tenantId = this.secrets?.tenantId || "common";
+            const clientId = this.secrets.clientId;
+            const clientSecret = this.secrets?.clientSecret;
             if (clientSecret) {
               logger.info("Refresh endpoint: Using confidential client with client_secret");
             } else {

package/logs/mcp-server.log

@@ -0,0 +1,5 @@
+2025-12-30 13:54:31 INFO: Using environment variables for secrets
+2025-12-30 13:54:31 INFO: Using environment variables for secrets
+2025-12-30 13:54:31 INFO: Using environment variables for secrets
+2025-12-30 13:54:31 INFO: Using environment variables for secrets
+2025-12-30 13:54:31 INFO: Using environment variables for secrets

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@softeria/ms-365-mcp-server",
-  "version": "0.28.2",
+  "version": "0.29.0",
   "description": " A Model Context Protocol (MCP) server for interacting with Microsoft 365 and Office services through the Graph API",
   "type": "module",
   "main": "dist/index.js",
@@ -44,6 +44,8 @@
     "zod": "^3.24.2"
   },
   "optionalDependencies": {
+    "@azure/identity": "^4.5.0",
+    "@azure/keyvault-secrets": "^4.9.0",
     "keytar": "^7.9.0"
   },
   "devDependencies": {
@@ -56,6 +58,7 @@
     "@types/node": "^22.15.15",
     "@typescript-eslint/eslint-plugin": "^8.38.0",
     "@typescript-eslint/parser": "^8.38.0",
+    "@vitest/coverage-v8": "^3.2.4",
     "eslint": "^9.31.0",
     "globals": "^16.3.0",
     "patch-package": "^8.0.1",