gmcp 0.1.0

package/dist/shared/chunk-n2k9eesp.js

@@ -0,0 +1,169 @@
+// src/auth.ts
+import { google } from "googleapis";
+
+// src/types.ts
+import { z } from "zod";
+var OAuth2CredentialsSchema = z.object({
+  installed: z.object({
+    client_id: z.string().min(1, "client_id is required"),
+    project_id: z.string().min(1, "project_id is required"),
+    auth_uri: z.string().url("auth_uri must be a valid URL"),
+    token_uri: z.string().url("token_uri must be a valid URL"),
+    auth_provider_x509_cert_url: z.string().url("auth_provider_x509_cert_url must be a valid URL"),
+    client_secret: z.string().min(1, "client_secret is required"),
+    redirect_uris: z.array(z.string().url("redirect_uris must contain valid URLs"))
+  })
+});
+var StoredTokensSchema = z.object({
+  access_token: z.string().min(1, "access_token is required"),
+  refresh_token: z.string().min(1, "refresh_token is required"),
+  scope: z.string().min(1, "scope is required"),
+  token_type: z.string().min(1, "token_type is required"),
+  expiry_date: z.number().int().positive("expiry_date must be a positive integer")
+});
+var DEFAULT_GMAIL_SCOPE = "https://www.googleapis.com/auth/gmail.readonly";
+var GMAIL_SCOPE_MAP = {
+  "gmail.readonly": DEFAULT_GMAIL_SCOPE,
+  "gmail.modify": "https://www.googleapis.com/auth/gmail.modify",
+  "gmail.send": "https://www.googleapis.com/auth/gmail.send",
+  "gmail.labels": "https://www.googleapis.com/auth/gmail.labels",
+  "gmail.metadata": "https://www.googleapis.com/auth/gmail.metadata",
+  "gmail.compose": "https://www.googleapis.com/auth/gmail.compose",
+  "gmail.insert": "https://www.googleapis.com/auth/gmail.insert",
+  "gmail.settings.basic": "https://www.googleapis.com/auth/gmail.settings.basic",
+  "gmail.settings.sharing": "https://www.googleapis.com/auth/gmail.settings.sharing"
+};
+var DEFAULT_CALENDAR_SCOPE = "https://www.googleapis.com/auth/calendar.readonly";
+var CALENDAR_SCOPE_MAP = {
+  "calendar.readonly": DEFAULT_CALENDAR_SCOPE,
+  calendar: "https://www.googleapis.com/auth/calendar",
+  "calendar.events": "https://www.googleapis.com/auth/calendar.events",
+  "calendar.events.readonly": "https://www.googleapis.com/auth/calendar.events.readonly",
+  "calendar.settings.readonly": "https://www.googleapis.com/auth/calendar.settings.readonly",
+  "calendar.calendarlist.readonly": "https://www.googleapis.com/auth/calendar.calendarlist.readonly",
+  "calendar.calendarlist": "https://www.googleapis.com/auth/calendar.calendarlist"
+};
+function parseScopes(scopesEnv) {
+  if (!scopesEnv) {
+    return [DEFAULT_GMAIL_SCOPE];
+  }
+  return scopesEnv.split(",").map((scope) => {
+    const trimmed = scope.trim();
+    if (GMAIL_SCOPE_MAP[trimmed]) {
+      return GMAIL_SCOPE_MAP[trimmed];
+    }
+    if (CALENDAR_SCOPE_MAP[trimmed]) {
+      return CALENDAR_SCOPE_MAP[trimmed];
+    }
+    return trimmed;
+  });
+}
+function getHeader(headers, name) {
+  if (!headers) {
+    return "";
+  }
+  const header = headers.find((h) => h.name?.toLowerCase() === name.toLowerCase());
+  return header?.value || "";
+}
+
+// src/auth.ts
+async function loadCredentials(path) {
+  try {
+    const file = Bun.file(path);
+    const content = await file.text();
+    const parsed = JSON.parse(content);
+    return OAuth2CredentialsSchema.parse(parsed);
+  } catch (error) {
+    throw new Error(`Failed to load credentials from ${path}: ${error}`);
+  }
+}
+async function loadTokens(path, logger) {
+  try {
+    const file = Bun.file(path);
+    const exists = await file.exists();
+    if (!exists) {
+      return null;
+    }
+    const content = await file.text();
+    const parsed = JSON.parse(content);
+    return StoredTokensSchema.parse(parsed);
+  } catch (error) {
+    logger?.warn({
+      path,
+      errorType: error instanceof Error ? error.constructor.name : typeof error,
+      error: error instanceof Error ? error.message : String(error)
+    }, "Failed to load tokens");
+    return null;
+  }
+}
+async function saveTokens(path, tokens) {
+  try {
+    await Bun.write(path, JSON.stringify(tokens, null, 2));
+  } catch (error) {
+    throw new Error(`Failed to save tokens to ${path}: ${error}`);
+  }
+}
+function createOAuth2Client(credentials) {
+  const { client_id, client_secret, redirect_uris } = credentials.installed;
+  return new google.auth.OAuth2(client_id, client_secret, redirect_uris[0]);
+}
+function getAuthUrl(oauth2Client, scopes) {
+  return oauth2Client.generateAuthUrl({
+    access_type: "offline",
+    scope: scopes,
+    prompt: "consent"
+  });
+}
+async function getTokensFromCode(oauth2Client, code) {
+  const { tokens } = await oauth2Client.getToken(code);
+  if (!(tokens.access_token && tokens.refresh_token)) {
+    throw new Error("Failed to obtain access_token or refresh_token");
+  }
+  return {
+    access_token: tokens.access_token,
+    refresh_token: tokens.refresh_token,
+    scope: tokens.scope || "",
+    token_type: tokens.token_type || "Bearer",
+    expiry_date: tokens.expiry_date || Date.now() + 3600 * 1000
+  };
+}
+async function createAuthenticatedClient(credentialsPath, tokenPath, logger) {
+  const credentials = await loadCredentials(credentialsPath);
+  const oauth2Client = createOAuth2Client(credentials);
+  const tokens = await loadTokens(tokenPath, logger);
+  if (!tokens) {
+    throw new Error(`No tokens found at ${tokenPath}. Please run 'bun run auth' to authenticate first.`);
+  }
+  oauth2Client.setCredentials(tokens);
+  oauth2Client.on("tokens", async (newTokens) => {
+    const updatedTokens = {
+      ...tokens,
+      access_token: newTokens.access_token || tokens.access_token,
+      expiry_date: newTokens.expiry_date || tokens.expiry_date
+    };
+    if (newTokens.refresh_token) {
+      updatedTokens.refresh_token = newTokens.refresh_token;
+    }
+    logger?.info({
+      expiry_date: updatedTokens.expiry_date,
+      has_refresh_token: !!updatedTokens.refresh_token
+    }, "Tokens refreshed");
+    await saveTokens(tokenPath, updatedTokens);
+  });
+  return oauth2Client;
+}
+function getEnvConfig() {
+  const credentialsPath = process.env.GOOGLE_CREDENTIALS_PATH;
+  const tokenPath = process.env.GOOGLE_TOKEN_PATH;
+  const scopesEnv = process.env.GOOGLE_SCOPES;
+  if (!credentialsPath) {
+    throw new Error("GOOGLE_CREDENTIALS_PATH environment variable is required");
+  }
+  if (!tokenPath) {
+    throw new Error("GOOGLE_TOKEN_PATH environment variable is required");
+  }
+  const scopes = parseScopes(scopesEnv);
+  return { credentialsPath, tokenPath, scopes };
+}
+
+export { getHeader, loadCredentials, saveTokens, createOAuth2Client, getAuthUrl, getTokensFromCode, createAuthenticatedClient, getEnvConfig };

package/package.json

@@ -0,0 +1,63 @@
+{
+  "name": "gmcp",
+  "version": "0.1.0",
+  "description": "GMCP Server for Google Workspace with OAuth2 authentication",
+  "module": "src/index.ts",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "type": "module",
+  "bin": {
+    "gmcp": "dist/index.js",
+    "gmcp-auth": "dist/auth-cli.js"
+  },
+  "files": [
+    "dist"
+  ],
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "scripts": {
+    "start": "bun run src/index.ts",
+    "auth": "bun run src/auth-cli.ts",
+    "build": "bunup",
+    "prepublishOnly": "bun run build",
+    "prepare": "lefthook install"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/johnie/gmcp.git"
+  },
+  "author": "Johnie Hjelm",
+  "license": "MIT",
+  "keywords": [
+    "mcp",
+    "gmail",
+    "calendar",
+    "google",
+    "oauth2",
+    "anthropic"
+  ],
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.25.3",
+    "googleapis": "^170.1.0",
+    "json2md": "^2.0.3",
+    "pino": "^9.7.0",
+    "pino-pretty": "^13.0.0",
+    "zod": "^4.3.6"
+  },
+  "devDependencies": {
+    "@biomejs/biome": "2.3.12",
+    "@types/bun": "latest",
+    "@types/json2md": "^1.5.4",
+    "bunup": "^0.16.20",
+    "lefthook": "^2.0.15",
+    "ultracite": "7.0.12",
+    "vitest": "^4.0.18"
+  },
+  "peerDependencies": {
+    "typescript": "^5"
+  }
+}