npm - @softeria/ms-365-mcp-server - Versions diffs - 0.6.2 → 0.8.0 - Mend

@softeria/ms-365-mcp-server 0.6.2 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md +40 -3
package/bin/modules/simplified-openapi.mjs +154 -0
package/dist/auth.js +11 -1
package/dist/cli.js +2 -1
package/dist/generated/client.js +1704 -1629
package/dist/oauth-provider.js +48 -0
package/dist/server.js +21 -3
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -67,18 +67,54 @@ integration method.
 > ⚠️ You must authenticate before using tools.
-1. **MCP client login**:
+The server supports two authentication methods:
+#### 1. Device Code Flow (Default)
+For interactive authentication via device code:
+- **MCP client login**:
     - Call the `login` tool (auto-checks existing token)
     - If needed, get URL+code, visit in browser
     - Use `verify-login` tool to confirm
-2. **Optional CLI login**:
+- **CLI login**:
    ```bash
    npx @softeria/ms-365-mcp-server --login
    ```
-   Follow the URL and code prompt in the terminal.
+  Follow the URL and code prompt in the terminal.
 Tokens are cached securely in your OS credential store (fallback to file).
+#### 2. OAuth Authorization Code Flow (HTTP mode only)
+When running with `--http`, the server **requires** OAuth authentication:
+```bash
+npx @softeria/ms-365-mcp-server --http 3000
+```
+This mode:
+- Advertises OAuth capabilities to MCP clients
+- Provides OAuth endpoints at `/auth/*` (authorize, token, metadata)
+- **Requires** `Authorization: Bearer <token>` for all MCP requests
+- Validates tokens with Microsoft Graph API
+- **Disables** login/logout tools by default (use `--enable-auth-tools` to enable them)
+MCP clients will automatically handle the OAuth flow when they see the advertised capabilities. For manual testing:
+```bash
+curl -X POST http://localhost:3000/mcp \
+  -H "Authorization: Bearer YOUR_MICROSOFT_ACCESS_TOKEN" \
+  -H "Content-Type: application/json" \
+  -d '{"jsonrpc": "2.0", "method": "initialize", "params": {"protocolVersion": "1.0.0", "capabilities": {}}, "id": 1}'
+```
+> **Note**: HTTP mode requires authentication. For unauthenticated testing, use stdio mode with device code flow.
+>
+> **Authentication Tools**: In HTTP mode, login/logout tools are disabled by default since OAuth handles authentication.
+> Use `--enable-auth-tools` if you need them available.
 ## CLI Options
 The following options can be used when running ms-365-mcp-server directly from the command line:
@@ -98,6 +134,7 @@ When running as an MCP server, the following options can be used:
 --read-only       Start server in read-only mode, disabling write operations
 --http [port]     Use Streamable HTTP transport instead of stdio (optionally specify port, default: 3000)
                   Starts Express.js server with MCP endpoint at /mcp
+--enable-auth-tools Enable login/logout tools when using HTTP mode (disabled by default in HTTP mode)
 ```
 Environment variables:

package/bin/modules/simplified-openapi.mjs CHANGED Viewed

@@ -31,6 +31,7 @@ export function createAndSaveSimplifiedOpenAPI(endpointsFile, openapiFile, opena
   if (openApiSpec.components && openApiSpec.components.schemas) {
     removeODataTypeRecursively(openApiSpec.components.schemas);
+    flattenComplexSchemasRecursively(openApiSpec.components.schemas);
   }
   fs.writeFileSync(openapiTrimmedFile, yaml.dump(openApiSpec));
@@ -83,3 +84,156 @@ function removeODataTypeRecursively(obj) {
     }
   });
 }
+function flattenComplexSchemasRecursively(schemas) {
+  console.log('Flattening complex schemas for better client compatibility...');
+  let flattenedCount = 0;
+  Object.keys(schemas).forEach((schemaName) => {
+    const schema = schemas[schemaName];
+    if (schema.allOf && Array.isArray(schema.allOf) && schema.allOf.length <= 5) {
+      try {
+        const flattened = { type: 'object', properties: {} };
+        const required = new Set();
+        for (const subSchema of schema.allOf) {
+          if (subSchema.$ref && subSchema.$ref.startsWith('#/components/schemas/')) {
+            const refName = subSchema.$ref.replace('#/components/schemas/', '');
+            if (schemas[refName] && schemas[refName].properties) {
+              Object.assign(flattened.properties, schemas[refName].properties);
+              if (schemas[refName].required) {
+                schemas[refName].required.forEach((req) => required.add(req));
+              }
+            }
+          } else if (subSchema.properties) {
+            Object.assign(flattened.properties, subSchema.properties);
+            if (subSchema.required) {
+              subSchema.required.forEach((req) => required.add(req));
+            }
+          }
+          Object.keys(subSchema).forEach((key) => {
+            if (!['allOf', 'properties', 'required', '$ref'].includes(key) && !flattened[key]) {
+              flattened[key] = subSchema[key];
+            }
+          });
+        }
+        if (schema.properties) {
+          Object.assign(flattened.properties, schema.properties);
+        }
+        if (schema.required) {
+          schema.required.forEach((req) => required.add(req));
+        }
+        Object.keys(schema).forEach((key) => {
+          if (!['allOf', 'properties', 'required'].includes(key) && !flattened[key]) {
+            flattened[key] = schema[key];
+          }
+        });
+        if (required.size > 0) {
+          flattened.required = Array.from(required);
+        }
+        schemas[schemaName] = flattened;
+        flattenedCount++;
+      } catch (error) {
+        console.warn(`Warning: Could not flatten schema ${schemaName}:`, error.message);
+      }
+    }
+    if (schema.anyOf && Array.isArray(schema.anyOf) && schema.anyOf.length > 2) {
+      console.log(`Simplifying anyOf in ${schemaName} (${schema.anyOf.length} -> 1 option)`);
+      const simplified = { ...schema.anyOf[0] };
+      simplified.nullable = true;
+      simplified.description = `Simplified from ${schema.anyOf.length} anyOf options`;
+      schemas[schemaName] = simplified;
+      flattenedCount++;
+    }
+    if (schema.oneOf && Array.isArray(schema.oneOf) && schema.oneOf.length > 2) {
+      console.log(`Simplifying oneOf in ${schemaName} (${schema.oneOf.length} -> 1 option)`);
+      const simplified = { ...schema.oneOf[0] };
+      simplified.nullable = true;
+      simplified.description = `Simplified from ${schema.oneOf.length} oneOf options`;
+      schemas[schemaName] = simplified;
+      flattenedCount++;
+    }
+    if (schema.properties && Object.keys(schema.properties).length > 25) {
+      console.log(
+        `Reducing properties in ${schemaName} (${Object.keys(schema.properties).length} -> 25)`
+      );
+      const priorityProperties = {};
+      const allKeys = Object.keys(schema.properties);
+      if (schema.required) {
+        schema.required.forEach((key) => {
+          if (schema.properties[key]) {
+            priorityProperties[key] = schema.properties[key];
+          }
+        });
+      }
+      const remainingSlots = 25 - Object.keys(priorityProperties).length;
+      allKeys.slice(0, remainingSlots).forEach((key) => {
+        if (!priorityProperties[key]) {
+          priorityProperties[key] = schema.properties[key];
+        }
+      });
+      schema.properties = priorityProperties;
+      schema.description =
+        `${schema.description || ''} [Simplified: showing ${Object.keys(priorityProperties).length} of ${allKeys.length} properties]`.trim();
+      flattenedCount++;
+    }
+    if (schema.properties) {
+      simplifyNestedPropertiesRecursively(schema.properties, 0, 4);
+    }
+  });
+  console.log(`Flattened ${flattenedCount} complex schemas`);
+}
+function simplifyNestedPropertiesRecursively(properties, currentDepth, maxDepth) {
+  if (currentDepth >= maxDepth) {
+    return;
+  }
+  Object.keys(properties).forEach((key) => {
+    const prop = properties[key];
+    if (prop && typeof prop === 'object') {
+      if (currentDepth === maxDepth - 1 && prop.properties) {
+        console.log(`Flattening nested property at depth ${currentDepth}: ${key}`);
+        prop.type = 'object';
+        prop.description = `${prop.description || ''} [Simplified: nested object]`.trim();
+        delete prop.properties;
+        delete prop.additionalProperties;
+      } else if (prop.properties) {
+        simplifyNestedPropertiesRecursively(prop.properties, currentDepth + 1, maxDepth);
+      }
+      if (prop.anyOf && Array.isArray(prop.anyOf) && prop.anyOf.length > 2) {
+        prop.type = prop.anyOf[0].type || 'object';
+        prop.nullable = true;
+        prop.description =
+          `${prop.description || ''} [Simplified from ${prop.anyOf.length} options]`.trim();
+        delete prop.anyOf;
+      }
+      if (prop.oneOf && Array.isArray(prop.oneOf) && prop.oneOf.length > 2) {
+        prop.type = prop.oneOf[0].type || 'object';
+        prop.nullable = true;
+        prop.description =
+          `${prop.description || ''} [Simplified from ${prop.oneOf.length} options]`.trim();
+        delete prop.oneOf;
+      }
+    }
+  });
+}

package/dist/auth.js CHANGED Viewed

@@ -47,6 +47,8 @@ class AuthManager {
         this.msalApp = new PublicClientApplication(this.config);
         this.accessToken = null;
         this.tokenExpiry = null;
+        this.oauthToken = null;
+        this.isOAuthMode = false;
     }
     async loadTokenCache() {
         try {
@@ -86,7 +88,14 @@ class AuthManager {
             logger.error(`Error saving token cache: ${error.message}`);
         }
     }
+    async setOAuthToken(token) {
+        this.oauthToken = token;
+        this.isOAuthMode = true;
+    }
     async getToken(forceRefresh = false) {
+        if (this.isOAuthMode && this.oauthToken) {
+            return this.oauthToken;
+        }
         if (this.accessToken && this.tokenExpiry && this.tokenExpiry > Date.now() && !forceRefresh) {
             return this.accessToken;
         }
@@ -103,7 +112,8 @@ class AuthManager {
                 return this.accessToken;
             }
             catch (error) {
-                logger.info('Silent token acquisition failed, using device code flow');
+                logger.error('Silent token acquisition failed');
+                throw new Error('Silent token acquisition failed');
             }
         }
         throw new Error('No valid token found');

package/dist/cli.js CHANGED Viewed

@@ -16,7 +16,8 @@ program
     .option('--logout', 'Log out and clear saved credentials')
     .option('--verify-login', 'Verify login without starting the server')
     .option('--read-only', 'Start server in read-only mode, disabling write operations')
-    .option('--http [port]', 'Use Streamable HTTP transport instead of stdio (optionally specify port, default: 3000)');
+    .option('--http [port]', 'Use Streamable HTTP transport instead of stdio (optionally specify port, default: 3000)')
+    .option('--enable-auth-tools', 'Enable login/logout tools when using HTTP mode (disabled by default in HTTP mode)');
 export function parseArgs() {
     program.parse();
     const options = program.opts();