@softeria/ms-365-mcp-server 0.3.4 → 0.4.0

package/.github/workflows/build.yml

@@ -27,5 +27,8 @@ jobs:
       - name: Install dependencies
         run: npm ci
 
+      - name: Build TypeScript
+        run: npm run build
+
       - name: Run tests
         run: npm test

package/.github/workflows/npm-publish.yml

@@ -13,6 +13,7 @@ jobs:
         with:
           node-version: 20
       - run: npm ci
+      - run: npm run build
       - run: npm test
 
   publish-npm:
@@ -25,6 +26,7 @@ jobs:
           node-version: 20
           registry-url: https://registry.npmjs.org/
       - run: npm ci
+      - run: npm run build
       - run: npm publish
         env:
           NODE_AUTH_TOKEN: ${{secrets.npm_token}}

package/README.md

@@ -1,6 +1,6 @@
 # ms-365-mcp-server
 
-![npm version](https://img.shields.io/npm/v/@softeria/ms-365-mcp-server.svg) ![build status](https://github.com/softeria/ms-365-mcp-server/actions/workflows/build.yml/badge.svg) ![license](https://img.shields.io/badge/license-MIT-blue.svg)
+[![npm version](https://img.shields.io/npm/v/@softeria/ms-365-mcp-server.svg)](https://www.npmjs.com/package/@softeria/ms-365-mcp-server) [![build status](https://github.com/softeria/ms-365-mcp-server/actions/workflows/build.yml/badge.svg)](https://github.com/softeria/ms-365-mcp-server/actions/workflows/build.yml) [![license](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/softeria/ms-365-mcp-server/blob/main/LICENSE)
 
 Microsoft 365 MCP Server
 
@@ -17,13 +17,11 @@ A Model Context Protocol (MCP) server for interacting with Microsoft 365 service
 - Calendar event management
 - Mail operations
 - OneDrive file management
-- Microsoft Teams integration
 - OneNote notebooks and pages
 - To Do tasks and task lists
 - Planner plans and tasks
-- SharePoint sites and lists
 - Outlook contacts
-- User and group management
+- User management
 - Dynamic tools powered by Microsoft Graph OpenAPI spec
 - Built on the Model Context Protocol
 
@@ -31,7 +29,7 @@ A Model Context Protocol (MCP) server for interacting with Microsoft 365 service
 
 Test login in Claude Desktop:
 
-![Login example](![Image](https://github.com/user-attachments/assets/e457884f-c98a-4186-9e6f-eb323ec24e0a)
+![Login example](https://github.com/user-attachments/assets/e457884f-c98a-4186-9e6f-eb323ec24e0a)
 
 ## Examples
 
@@ -76,23 +74,14 @@ integration method.
     - Call the `login` tool (auto-checks existing token)
     - If needed, get URL+code, visit in browser
     - Use `verify-login` tool to confirm
-    -
 2. **Optional CLI login**:
    ```bash
    npx @softeria/ms-365-mcp-server --login
    ```
-   Follow the URL and code prompt in terminal.
+   Follow the URL and code prompt in the terminal.
 
 Tokens are cached securely in your OS credential store (fallback to file).
 
-## Tools
-
-- **Authentication:** `login`, `logout`, `verify-login`
-- **Excel:** list worksheets, get/set ranges, format, sort, chart
-- **Calendar:** list/create/update/delete events
-- **Mail:** send, read, delete messages
-- **OneDrive:** upload, download, list files
-
 ## License
 
 MIT © 2025 Softeria

package/bin/generate-graph-client.mjs

@@ -0,0 +1,59 @@
+#!/usr/bin/env node
+
+import path from 'path';
+import { fileURLToPath } from 'url';
+import { downloadGraphOpenAPI } from './modules/download-openapi.mjs';
+import { generateMcpTools } from './modules/generate-mcp-tools.mjs';
+import { createAndSaveSimplifiedOpenAPI } from './modules/simplified-openapi.mjs';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+const rootDir = path.resolve(__dirname, '..');
+const openapiDir = path.join(rootDir, 'openapi');
+const srcDir = path.join(rootDir, 'src');
+
+const openapiFile = path.join(openapiDir, 'openapi.yaml');
+const openapiTrimmedFile = path.join(openapiDir, 'openapi-trimmed.yaml');
+const endpointsFile = path.join(srcDir, 'endpoints.json');
+
+const generatedDir = path.join(srcDir, 'generated');
+
+const args = process.argv.slice(2);
+const forceDownload = args.includes('--force');
+
+async function main() {
+  console.log('Microsoft Graph API OpenAPI Processor');
+  console.log('------------------------------------');
+
+  try {
+    console.log('\n📥 Step 1: Downloading OpenAPI specification');
+    const downloaded = await downloadGraphOpenAPI(
+      openapiDir,
+      openapiFile,
+      undefined,
+      forceDownload
+    );
+
+    if (downloaded) {
+      console.log('\n✅ OpenAPI specification successfully downloaded');
+    } else {
+      console.log('\n⏭️ Download skipped (file exists)');
+    }
+
+    console.log('\n🔧 Step 2: Creating simplified OpenAPI specification');
+    createAndSaveSimplifiedOpenAPI(endpointsFile, openapiFile, openapiTrimmedFile);
+    console.log('✅ Successfully created simplified OpenAPI specification');
+
+    console.log('\n🚀 Step 3: Generating client code using openapi-zod-client');
+    generateMcpTools(null, generatedDir);
+    console.log('✅ Successfully generated client code');
+  } catch (error) {
+    console.error('\n❌ Error processing OpenAPI specification:', error.message);
+    process.exit(1);
+  }
+}
+
+main().catch((error) => {
+  console.error('Fatal error:', error);
+  process.exit(1);
+});

package/bin/{download-openapi.mjs → modules/download-openapi.mjs}

@@ -1,22 +1,13 @@
-#!/usr/bin/env node
-
 import fs from 'fs';
-import path from 'path';
-import { fileURLToPath } from 'url';
-
-const args = process.argv.slice(2);
-const forceDownload = args.includes('--force');
-
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = path.dirname(__filename);
 
-const targetDir = path.resolve(__dirname, '..', 'openapi');
-const targetFile = path.join(targetDir, 'openapi.yaml');
+const DEFAULT_OPENAPI_URL = 'https://raw.githubusercontent.com/microsoftgraph/msgraph-metadata/refs/heads/master/openapi/v1.0/openapi.yaml';
 
-const openapiUrl =
-  'https://raw.githubusercontent.com/microsoftgraph/msgraph-metadata/refs/heads/master/openapi/v1.0/openapi.yaml';
-
-async function downloadOpenApi() {
+export async function downloadGraphOpenAPI(
+  targetDir,
+  targetFile,
+  openapiUrl = DEFAULT_OPENAPI_URL,
+  forceDownload = false
+) {
   if (!fs.existsSync(targetDir)) {
     console.log(`Creating directory: ${targetDir}`);
     fs.mkdirSync(targetDir, { recursive: true });
@@ -25,7 +16,7 @@ async function downloadOpenApi() {
   if (fs.existsSync(targetFile) && !forceDownload) {
     console.log(`OpenAPI specification already exists at ${targetFile}`);
     console.log('Use --force to download again');
-    return;
+    return false;
   }
 
   console.log(`Downloading OpenAPI specification from ${openapiUrl}`);
@@ -40,10 +31,9 @@ async function downloadOpenApi() {
     const content = await response.text();
     fs.writeFileSync(targetFile, content);
     console.log(`OpenAPI specification downloaded to ${targetFile}`);
+    return true;
   } catch (error) {
     console.error('Error downloading OpenAPI specification:', error.message);
-    process.exit(1);
+    throw error;
   }
 }
-
-downloadOpenApi();

package/bin/modules/extract-descriptions.mjs

@@ -0,0 +1,48 @@
+import fs from 'fs';
+import yaml from 'js-yaml';
+
+export function convertPathToOpenApiFormat(pathPattern) {
+  let path = pathPattern.replace(/\{([^}]+)\}/g, (match, param) => {
+    const normalizedParam = param.replace(/-/g, '_');
+    return `{${normalizedParam}}`;
+  });
+
+  path = path.replace(/\{([^}]+)_id(\d+)\}/g, (match, param, num) => {
+    return `{${param}_id_${num}}`;
+  });
+
+  if (!path.startsWith('/')) {
+    path = '/' + path;
+  }
+
+  return path;
+}
+
+export function extractDescriptions(openapiFile, endpoints) {
+  console.log('Extracting descriptions from OpenAPI spec...');
+
+  const openApiSpec = yaml.load(fs.readFileSync(openapiFile, 'utf8'));
+  const descriptions = {};
+
+  endpoints.forEach((endpoint) => {
+    const path = convertPathToOpenApiFormat(endpoint.pathPattern);
+    const method = endpoint.method.toLowerCase();
+
+    if (openApiSpec.paths && openApiSpec.paths[path] && openApiSpec.paths[path][method]) {
+      const operation = openApiSpec.paths[path][method];
+
+      const description =
+        operation.description || operation.summary || `Operation for ${endpoint.toolName}`;
+
+      descriptions[endpoint.toolName] = description;
+      console.log(
+        `Found description for ${endpoint.toolName}: ${description.substring(0, 50)}${description.length > 50 ? '...' : ''}`
+      );
+    } else {
+      console.warn(`Path ${path} ${method} not found in OpenAPI spec`);
+      descriptions[endpoint.toolName] = `Operation for ${endpoint.toolName}`;
+    }
+  });
+
+  return descriptions;
+}

package/bin/modules/generate-mcp-tools.mjs

@@ -0,0 +1,36 @@
+import fs from 'fs';
+import path from 'path';
+import { execSync } from 'child_process';
+
+export function generateMcpTools(openApiSpec, outputDir) {
+  try {
+    console.log('Generating client code from OpenAPI spec using openapi-zod-client...');
+
+    if (!fs.existsSync(outputDir)) {
+      fs.mkdirSync(outputDir, { recursive: true });
+      console.log(`Created directory: ${outputDir}`);
+    }
+
+    const rootDir = path.resolve(outputDir, '../..');
+    const openapiDir = path.join(rootDir, 'openapi');
+    const openapiTrimmedFile = path.join(openapiDir, 'openapi-trimmed.yaml');
+
+    const clientFilePath = path.join(outputDir, 'client.ts');
+    execSync(
+      `npx -y openapi-zod-client ${openapiTrimmedFile} -o ${clientFilePath} --with-description`,
+      {
+        stdio: 'inherit',
+      }
+    );
+
+    console.log(`Generated client code at: ${clientFilePath}`);
+
+    let clientCode = fs.readFileSync(clientFilePath, 'utf-8');
+    clientCode = clientCode.replace(/'@zodios\/core';/, "'./hack.js';");
+    fs.writeFileSync(clientFilePath, clientCode);
+
+    return true;
+  } catch (error) {
+    throw new Error(`Error generating client code: ${error.message}`);
+  }
+}

package/bin/modules/simplified-openapi.mjs

@@ -0,0 +1,78 @@
+import fs from 'fs';
+import yaml from 'js-yaml';
+
+export function createAndSaveSimplifiedOpenAPI(endpointsFile, openapiFile, openapiTrimmedFile) {
+  const endpoints = JSON.parse(fs.readFileSync(endpointsFile, 'utf8'));
+
+  const spec = fs.readFileSync(openapiFile, 'utf8');
+  const openApiSpec = yaml.load(spec);
+  for (const [key, value] of Object.entries(openApiSpec.paths)) {
+    const e = endpoints.filter((ep) => ep.pathPattern === key);
+    if (e.length === 0) {
+      delete openApiSpec.paths[key];
+    } else {
+      for (const [method, operation] of Object.entries(value)) {
+        const eo = e.find((ep) => ep.method.toLowerCase() === method);
+        if (eo) {
+          operation.operationId = eo.toolName;
+        } else {
+          delete value[method];
+        }
+      }
+    }
+  }
+
+  if (openApiSpec.components && openApiSpec.components.schemas) {
+    removeODataTypeRecursively(openApiSpec.components.schemas);
+  }
+
+  fs.writeFileSync(openapiTrimmedFile, yaml.dump(openApiSpec));
+}
+
+function removeODataTypeRecursively(obj) {
+  if (!obj || typeof obj !== 'object') return;
+
+  if (Array.isArray(obj)) {
+    obj.forEach((item) => removeODataTypeRecursively(item));
+    return;
+  }
+
+  if (obj.properties && obj.properties['@odata.type']) {
+    delete obj.properties['@odata.type'];
+  }
+
+  if (obj.required && Array.isArray(obj.required)) {
+    const typeIndex = obj.required.indexOf('@odata.type');
+    if (typeIndex !== -1) {
+      obj.required.splice(typeIndex, 1);
+      if (obj.required.length === 0) {
+        delete obj.required;
+      }
+    }
+  }
+
+  if (obj.properties) {
+    removeODataTypeRecursively(obj.properties);
+    Object.values(obj.properties).forEach((prop) => removeODataTypeRecursively(prop));
+  }
+
+  if (obj.additionalProperties && typeof obj.additionalProperties === 'object') {
+    removeODataTypeRecursively(obj.additionalProperties);
+  }
+
+  if (obj.items) {
+    removeODataTypeRecursively(obj.items);
+  }
+
+  ['allOf', 'anyOf', 'oneOf'].forEach((key) => {
+    if (obj[key] && Array.isArray(obj[key])) {
+      obj[key].forEach((item) => removeODataTypeRecursively(item));
+    }
+  });
+
+  Object.keys(obj).forEach((key) => {
+    if (typeof obj[key] === 'object' && obj[key] !== null) {
+      removeODataTypeRecursively(obj[key]);
+    }
+  });
+}

package/dist/auth-tools.js

@@ -0,0 +1,80 @@
+import { z } from 'zod';
+export function registerAuthTools(server, authManager) {
+    server.tool('login', {
+        force: z.boolean().default(false).describe('Force a new login even if already logged in'),
+    }, async ({ force }) => {
+        try {
+            if (!force) {
+                const loginStatus = await authManager.testLogin();
+                if (loginStatus.success) {
+                    return {
+                        content: [
+                            {
+                                type: 'text',
+                                text: JSON.stringify({
+                                    status: 'Already logged in',
+                                    ...loginStatus,
+                                }),
+                            },
+                        ],
+                    };
+                }
+            }
+            const text = await new Promise((r) => {
+                authManager.acquireTokenByDeviceCode(r);
+            });
+            return {
+                content: [
+                    {
+                        type: 'text',
+                        text,
+                    },
+                ],
+            };
+        }
+        catch (error) {
+            return {
+                content: [
+                    {
+                        type: 'text',
+                        text: JSON.stringify({ error: `Authentication failed: ${error.message}` }),
+                    },
+                ],
+            };
+        }
+    });
+    server.tool('logout', {}, async () => {
+        try {
+            await authManager.logout();
+            return {
+                content: [
+                    {
+                        type: 'text',
+                        text: JSON.stringify({ message: 'Logged out successfully' }),
+                    },
+                ],
+            };
+        }
+        catch (error) {
+            return {
+                content: [
+                    {
+                        type: 'text',
+                        text: JSON.stringify({ error: 'Logout failed' }),
+                    },
+                ],
+            };
+        }
+    });
+    server.tool('verify-login', async () => {
+        const testResult = await authManager.testLogin();
+        return {
+            content: [
+                {
+                    type: 'text',
+                    text: JSON.stringify(testResult),
+                },
+            ],
+        };
+    });
+}

package/dist/auth.js

@@ -0,0 +1,219 @@
+import { PublicClientApplication } from '@azure/msal-node';
+import keytar from 'keytar';
+import { fileURLToPath } from 'url';
+import path from 'path';
+import fs from 'fs';
+import logger from './logger.js';
+const endpoints = await import('./endpoints.json', {
+    assert: { type: 'json' },
+});
+const SERVICE_NAME = 'ms-365-mcp-server';
+const TOKEN_CACHE_ACCOUNT = 'msal-token-cache';
+const FALLBACK_DIR = path.dirname(fileURLToPath(import.meta.url));
+const FALLBACK_PATH = path.join(FALLBACK_DIR, '..', '.token-cache.json');
+const DEFAULT_CONFIG = {
+    auth: {
+        clientId: '084a3e9f-a9f4-43f7-89f9-d229cf97853e',
+        authority: 'https://login.microsoftonline.com/common',
+    },
+};
+const SCOPE_HIERARCHY = {
+    'Mail.ReadWrite': ['Mail.Read', 'Mail.Send'],
+    'Calendars.ReadWrite': ['Calendars.Read'],
+    'Files.ReadWrite': ['Files.Read'],
+    'Tasks.ReadWrite': ['Tasks.Read'],
+    'Contacts.ReadWrite': ['Contacts.Read'],
+};
+function buildScopesFromEndpoints() {
+    const scopesSet = new Set();
+    endpoints.default.forEach((endpoint) => {
+        if (endpoint.scopes && Array.isArray(endpoint.scopes)) {
+            endpoint.scopes.forEach((scope) => scopesSet.add(scope));
+        }
+    });
+    Object.entries(SCOPE_HIERARCHY).forEach(([higherScope, lowerScopes]) => {
+        if (lowerScopes.every((scope) => scopesSet.has(scope))) {
+            lowerScopes.forEach((scope) => scopesSet.delete(scope));
+            scopesSet.add(higherScope);
+        }
+    });
+    return Array.from(scopesSet);
+}
+class AuthManager {
+    constructor(config = DEFAULT_CONFIG, scopes = buildScopesFromEndpoints()) {
+        logger.info(`And scopes are ${scopes.join(', ')}`, scopes);
+        this.config = config;
+        this.scopes = scopes;
+        this.msalApp = new PublicClientApplication(this.config);
+        this.accessToken = null;
+        this.tokenExpiry = null;
+    }
+    async loadTokenCache() {
+        try {
+            let cacheData;
+            try {
+                const cachedData = await keytar.getPassword(SERVICE_NAME, TOKEN_CACHE_ACCOUNT);
+                if (cachedData) {
+                    cacheData = cachedData;
+                }
+            }
+            catch (keytarError) {
+                logger.warn(`Keychain access failed, falling back to file storage: ${keytarError.message}`);
+            }
+            if (!cacheData && fs.existsSync(FALLBACK_PATH)) {
+                cacheData = fs.readFileSync(FALLBACK_PATH, 'utf8');
+            }
+            if (cacheData) {
+                this.msalApp.getTokenCache().deserialize(cacheData);
+            }
+        }
+        catch (error) {
+            logger.error(`Error loading token cache: ${error.message}`);
+        }
+    }
+    async saveTokenCache() {
+        try {
+            const cacheData = this.msalApp.getTokenCache().serialize();
+            try {
+                await keytar.setPassword(SERVICE_NAME, TOKEN_CACHE_ACCOUNT, cacheData);
+            }
+            catch (keytarError) {
+                logger.warn(`Keychain save failed, falling back to file storage: ${keytarError.message}`);
+                fs.writeFileSync(FALLBACK_PATH, cacheData);
+            }
+        }
+        catch (error) {
+            logger.error(`Error saving token cache: ${error.message}`);
+        }
+    }
+    async getToken(forceRefresh = false) {
+        if (this.accessToken && this.tokenExpiry && this.tokenExpiry > Date.now() && !forceRefresh) {
+            return this.accessToken;
+        }
+        const accounts = await this.msalApp.getTokenCache().getAllAccounts();
+        if (accounts.length > 0) {
+            const silentRequest = {
+                account: accounts[0],
+                scopes: this.scopes,
+            };
+            try {
+                const response = await this.msalApp.acquireTokenSilent(silentRequest);
+                this.accessToken = response.accessToken;
+                this.tokenExpiry = response.expiresOn ? new Date(response.expiresOn).getTime() : null;
+                return this.accessToken;
+            }
+            catch (error) {
+                logger.info('Silent token acquisition failed, using device code flow');
+            }
+        }
+        throw new Error('No valid token found');
+    }
+    async acquireTokenByDeviceCode(hack) {
+        const deviceCodeRequest = {
+            scopes: this.scopes,
+            deviceCodeCallback: (response) => {
+                const text = ['\n', response.message, '\n'].join('');
+                if (hack) {
+                    hack(text + 'After login run the "verify login" command');
+                }
+                else {
+                    console.log(text);
+                }
+                logger.info('Device code login initiated');
+            },
+        };
+        try {
+            logger.info('Requesting device code...');
+            const response = await this.msalApp.acquireTokenByDeviceCode(deviceCodeRequest);
+            logger.info('Device code login successful');
+            this.accessToken = response?.accessToken || null;
+            this.tokenExpiry = response?.expiresOn ? new Date(response.expiresOn).getTime() : null;
+            await this.saveTokenCache();
+            return this.accessToken;
+        }
+        catch (error) {
+            logger.error(`Error in device code flow: ${error.message}`);
+            throw error;
+        }
+    }
+    async testLogin() {
+        try {
+            logger.info('Testing login...');
+            const token = await this.getToken();
+            if (!token) {
+                logger.error('Login test failed - no token received');
+                return {
+                    success: false,
+                    message: 'Login failed - no token received',
+                };
+            }
+            logger.info('Token retrieved successfully, testing Graph API access...');
+            try {
+                const response = await fetch('https://graph.microsoft.com/v1.0/me', {
+                    headers: {
+                        Authorization: `Bearer ${token}`,
+                    },
+                });
+                if (response.ok) {
+                    const userData = await response.json();
+                    logger.info('Graph API user data fetch successful');
+                    return {
+                        success: true,
+                        message: 'Login successful',
+                        userData: {
+                            displayName: userData.displayName,
+                            userPrincipalName: userData.userPrincipalName,
+                        },
+                    };
+                }
+                else {
+                    const errorText = await response.text();
+                    logger.error(`Graph API user data fetch failed: ${response.status} - ${errorText}`);
+                    return {
+                        success: false,
+                        message: `Login successful but Graph API access failed: ${response.status}`,
+                    };
+                }
+            }
+            catch (graphError) {
+                logger.error(`Error fetching user data: ${graphError.message}`);
+                return {
+                    success: false,
+                    message: `Login successful but Graph API access failed: ${graphError.message}`,
+                };
+            }
+        }
+        catch (error) {
+            logger.error(`Login test failed: ${error.message}`);
+            return {
+                success: false,
+                message: `Login failed: ${error.message}`,
+            };
+        }
+    }
+    async logout() {
+        try {
+            const accounts = await this.msalApp.getTokenCache().getAllAccounts();
+            for (const account of accounts) {
+                await this.msalApp.getTokenCache().removeAccount(account);
+            }
+            this.accessToken = null;
+            this.tokenExpiry = null;
+            try {
+                await keytar.deletePassword(SERVICE_NAME, TOKEN_CACHE_ACCOUNT);
+            }
+            catch (keytarError) {
+                logger.warn(`Keychain deletion failed: ${keytarError.message}`);
+            }
+            if (fs.existsSync(FALLBACK_PATH)) {
+                fs.unlinkSync(FALLBACK_PATH);
+            }
+            return true;
+        }
+        catch (error) {
+            logger.error(`Error during logout: ${error.message}`);
+            throw error;
+        }
+    }
+}
+export default AuthManager;

package/dist/cli.js

@@ -0,0 +1,21 @@
+import { Command } from 'commander';
+import { readFileSync } from 'fs';
+import path from 'path';
+import { fileURLToPath } from 'url';
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const packageJsonPath = path.join(__dirname, '..', 'package.json');
+const packageJson = JSON.parse(readFileSync(packageJsonPath, 'utf8'));
+const version = packageJson.version;
+const program = new Command();
+program
+    .name('ms-365-mcp-server')
+    .description('Microsoft 365 MCP Server')
+    .version(version)
+    .option('-v', 'Enable verbose logging')
+    .option('--login', 'Login using device code flow')
+    .option('--logout', 'Log out and clear saved credentials')
+    .option('--verify-login', 'Verify login without starting the server');
+export function parseArgs() {
+    program.parse();
+    return program.opts();
+}