@softeria/ms-365-mcp-server 0.79.1 → 0.79.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/graph-tools.js +10 -3
- package/dist/logger.js +3 -2
- package/dist/server.js +18 -6
- package/package.json +1 -1
- package/logs/error.log +0 -0
- package/logs/mcp-server.log +0 -11
package/dist/graph-tools.js
CHANGED
|
@@ -214,7 +214,9 @@ async function executeGraphTool(tool, config, graphClient, params, authManager)
|
|
|
214
214
|
let allItems = combinedResponse.value || [];
|
|
215
215
|
let nextLink = combinedResponse["@odata.nextLink"];
|
|
216
216
|
let pageCount = 1;
|
|
217
|
-
|
|
217
|
+
const maxPages = 100;
|
|
218
|
+
const maxItems = 1e4;
|
|
219
|
+
while (nextLink && pageCount < maxPages && allItems.length < maxItems) {
|
|
218
220
|
logger.info(`Fetching page ${pageCount + 1} from: ${nextLink}`);
|
|
219
221
|
const url = new URL(nextLink);
|
|
220
222
|
const nextPath = url.pathname.replace("/v1.0", "");
|
|
@@ -236,8 +238,13 @@ async function executeGraphTool(tool, config, graphClient, params, authManager)
|
|
|
236
238
|
break;
|
|
237
239
|
}
|
|
238
240
|
}
|
|
239
|
-
if (pageCount >=
|
|
240
|
-
logger.warn(`Reached maximum page limit (
|
|
241
|
+
if (pageCount >= maxPages) {
|
|
242
|
+
logger.warn(`Reached maximum page limit (${maxPages}) for pagination`);
|
|
243
|
+
}
|
|
244
|
+
if (allItems.length >= maxItems) {
|
|
245
|
+
logger.warn(
|
|
246
|
+
`Reached maximum item limit (${maxItems}) for pagination \u2014 truncated at ${allItems.length} items`
|
|
247
|
+
);
|
|
241
248
|
}
|
|
242
249
|
combinedResponse.value = allItems;
|
|
243
250
|
if (combinedResponse["@odata.count"]) {
|
package/dist/logger.js
CHANGED
|
@@ -2,10 +2,11 @@ import winston from "winston";
|
|
|
2
2
|
import path from "path";
|
|
3
3
|
import { fileURLToPath } from "url";
|
|
4
4
|
import fs from "fs";
|
|
5
|
+
import os from "os";
|
|
5
6
|
const __dirname = path.dirname(fileURLToPath(import.meta.url));
|
|
6
|
-
const logsDir = path.join(
|
|
7
|
+
const logsDir = process.env.MS365_MCP_LOG_DIR || path.join(os.homedir(), ".ms-365-mcp-server", "logs");
|
|
7
8
|
if (!fs.existsSync(logsDir)) {
|
|
8
|
-
fs.mkdirSync(logsDir);
|
|
9
|
+
fs.mkdirSync(logsDir, { recursive: true, mode: 448 });
|
|
9
10
|
}
|
|
10
11
|
const logger = winston.createLogger({
|
|
11
12
|
level: process.env.LOG_LEVEL || "info",
|
package/dist/server.js
CHANGED
|
@@ -225,18 +225,30 @@ class MicrosoftGraphServer {
|
|
|
225
225
|
if (clientCodeChallenge && state) {
|
|
226
226
|
const serverCodeVerifier = crypto.randomBytes(32).toString("base64url");
|
|
227
227
|
const serverCodeChallenge = crypto.createHash("sha256").update(serverCodeVerifier).digest("base64url");
|
|
228
|
+
const now = Date.now();
|
|
229
|
+
const maxAge = 10 * 60 * 1e3;
|
|
230
|
+
const maxEntries = 1e3;
|
|
231
|
+
for (const [key, value] of this.pkceStore) {
|
|
232
|
+
if (now - value.createdAt > maxAge) {
|
|
233
|
+
this.pkceStore.delete(key);
|
|
234
|
+
}
|
|
235
|
+
}
|
|
236
|
+
if (this.pkceStore.size >= maxEntries) {
|
|
237
|
+
logger.warn(
|
|
238
|
+
`PKCE store at capacity (${maxEntries} entries) \u2014 rejecting new authorization request`
|
|
239
|
+
);
|
|
240
|
+
res.status(503).json({
|
|
241
|
+
error: "server_busy",
|
|
242
|
+
error_description: "Too many pending authorization requests. Try again later."
|
|
243
|
+
});
|
|
244
|
+
return;
|
|
245
|
+
}
|
|
228
246
|
this.pkceStore.set(state, {
|
|
229
247
|
clientCodeChallenge,
|
|
230
248
|
clientCodeChallengeMethod: clientCodeChallengeMethod || "S256",
|
|
231
249
|
serverCodeVerifier,
|
|
232
250
|
createdAt: Date.now()
|
|
233
251
|
});
|
|
234
|
-
const now = Date.now();
|
|
235
|
-
for (const [key, value] of this.pkceStore) {
|
|
236
|
-
if (now - value.createdAt > 10 * 60 * 1e3) {
|
|
237
|
-
this.pkceStore.delete(key);
|
|
238
|
-
}
|
|
239
|
-
}
|
|
240
252
|
microsoftAuthUrl.searchParams.set("code_challenge", serverCodeChallenge);
|
|
241
253
|
microsoftAuthUrl.searchParams.set("code_challenge_method", "S256");
|
|
242
254
|
logger.info("Two-leg PKCE: stored client challenge, generated server challenge", {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@softeria/ms-365-mcp-server",
|
|
3
|
-
"version": "0.79.
|
|
3
|
+
"version": "0.79.3",
|
|
4
4
|
"description": " A Model Context Protocol (MCP) server for interacting with Microsoft 365 and Office services through the Graph API",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.js",
|
package/logs/error.log
DELETED
|
File without changes
|
package/logs/mcp-server.log
DELETED
|
@@ -1,11 +0,0 @@
|
|
|
1
|
-
2026-04-14 21:33:26 INFO: [GRAPH CLIENT] Final URL being sent to Microsoft: https://graph.microsoft.com/v1.0/me
|
|
2
|
-
2026-04-14 21:33:26 INFO: [GRAPH CLIENT] Final URL being sent to Microsoft: https://graph.microsoft.com/v1.0/me
|
|
3
|
-
2026-04-14 21:33:26 INFO: [GRAPH CLIENT] Final URL being sent to Microsoft: https://graph.microsoft.com/v1.0/me
|
|
4
|
-
2026-04-14 21:33:26 INFO: [GRAPH CLIENT] Final URL being sent to Microsoft: https://graph.microsoft.com/v1.0/me/messages
|
|
5
|
-
2026-04-14 21:33:26 INFO: [GRAPH CLIENT] Final URL being sent to Microsoft: https://graph.microsoft.com/v1.0/me/calendar
|
|
6
|
-
2026-04-14 21:33:27 INFO: [GRAPH CLIENT] Final URL being sent to Microsoft: https://graph.microsoft.com/v1.0/me/photo/$value
|
|
7
|
-
2026-04-14 21:33:28 INFO: Using environment variables for secrets
|
|
8
|
-
2026-04-14 21:33:28 INFO: Using environment variables for secrets
|
|
9
|
-
2026-04-14 21:33:28 INFO: Using environment variables for secrets
|
|
10
|
-
2026-04-14 21:33:28 INFO: Using environment variables for secrets
|
|
11
|
-
2026-04-14 21:33:28 INFO: Using environment variables for secrets
|