m365connector 0.3.3 → 0.3.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "m365connector",
3
- "version": "0.3.3",
3
+ "version": "0.3.5",
4
4
  "description": "MCP server for M365 Connector browser extension",
5
5
  "type": "module",
6
6
  "main": "src/index.js",
package/src/index.js CHANGED
@@ -1,5 +1,6 @@
1
1
  import crypto from "node:crypto";
2
2
  import fs from "node:fs";
3
+ import os from "node:os";
3
4
  import path from "node:path";
4
5
  import { fileURLToPath, pathToFileURL } from "node:url";
5
6
  import { Server } from "@modelcontextprotocol/sdk/server/index.js";
@@ -65,6 +66,126 @@ function createReadHandleCache() {
65
66
  return cache;
66
67
  }
67
68
 
69
+ const TEMP_FILE_TTL_MS = 30 * 60 * 1000;
70
+
71
+ function createTempFileManager(logger) {
72
+ const rootDir = path.join(os.tmpdir(), "m365c-open");
73
+
74
+ // Validate shared root: reject symlinks, non-directories, or foreign-owned dirs
75
+ try {
76
+ const rootStat = fs.lstatSync(rootDir);
77
+ if (rootStat.isSymbolicLink()) {
78
+ fs.unlinkSync(rootDir);
79
+ logger.warn("[m365connector] removed symlink at temp root:", rootDir);
80
+ } else if (rootStat.isFile()) {
81
+ fs.unlinkSync(rootDir);
82
+ logger.warn("[m365connector] removed regular file at temp root:", rootDir);
83
+ } else if (!rootStat.isDirectory()) {
84
+ throw new Error(`Unsafe temp root type at ${rootDir} (not a directory, symlink, or file)`);
85
+ } else {
86
+ // Verify directory ownership on POSIX
87
+ const uid = typeof process.getuid === "function" ? process.getuid() : null;
88
+ if (uid != null && rootStat.uid !== uid) {
89
+ throw new Error(`Unsafe temp root owner at ${rootDir} (owned by uid ${rootStat.uid}, expected ${uid})`);
90
+ }
91
+ }
92
+ } catch (err) {
93
+ if (err.code !== "ENOENT") {
94
+ throw err;
95
+ }
96
+ }
97
+
98
+ // Create shared root for stale file sweeps across processes
99
+ try {
100
+ fs.mkdirSync(rootDir, { recursive: true, mode: 0o700 });
101
+ } catch {
102
+ // Root may be owned by another user; sweep will be skipped below
103
+ }
104
+
105
+ // Sweep stale files/dirs from previous crashed processes on startup
106
+ try {
107
+ for (const entry of fs.readdirSync(rootDir)) {
108
+ const entryPath = path.join(rootDir, entry);
109
+ try {
110
+ const stat = fs.statSync(entryPath);
111
+ if (Date.now() - stat.mtimeMs > TEMP_FILE_TTL_MS) {
112
+ if (stat.isDirectory()) {
113
+ for (const f of fs.readdirSync(entryPath)) {
114
+ try { fs.unlinkSync(path.join(entryPath, f)); } catch {}
115
+ }
116
+ fs.rmdirSync(entryPath);
117
+ } else {
118
+ fs.unlinkSync(entryPath);
119
+ }
120
+ }
121
+ } catch (err) {
122
+ logger.warn("[m365connector] failed to sweep stale temp entry:", entryPath, err.message);
123
+ }
124
+ }
125
+ } catch (err) {
126
+ logger.warn("[m365connector] failed to read temp root for cleanup:", err.message);
127
+ }
128
+
129
+ // Create process-owned subdirectory — immune to pre-creation attacks
130
+ const baseDir = fs.mkdtempSync(path.join(rootDir, "proc-"));
131
+ fs.chmodSync(baseDir, 0o700);
132
+
133
+ const tracked = new Map(); // filePath → expiresAt
134
+
135
+ const interval = setInterval(() => {
136
+ const now = Date.now();
137
+ for (const [filePath, expiresAt] of tracked.entries()) {
138
+ if (expiresAt < now) {
139
+ tracked.delete(filePath);
140
+ fs.unlink(filePath, (err) => {
141
+ if (err && err.code !== "ENOENT") {
142
+ logger.warn("[m365connector] failed to delete temp file:", filePath, err.message);
143
+ }
144
+ });
145
+ }
146
+ }
147
+ }, 60_000);
148
+ interval.unref();
149
+
150
+ function ensureDir() {
151
+ try {
152
+ fs.mkdirSync(baseDir, { recursive: true, mode: 0o700 });
153
+ fs.chmodSync(baseDir, 0o700);
154
+ } catch (err) {
155
+ logger.warn("[m365connector] failed to ensure temp directory:", err.message);
156
+ throw err;
157
+ }
158
+ }
159
+
160
+ return {
161
+ write(content) {
162
+ ensureDir();
163
+ const fileName = `${crypto.randomUUID()}.txt`;
164
+ const filePath = path.join(baseDir, fileName);
165
+ fs.writeFileSync(filePath, content, { encoding: "utf-8", mode: 0o600, flag: "wx" });
166
+ tracked.set(filePath, Date.now() + TEMP_FILE_TTL_MS);
167
+ return filePath;
168
+ },
169
+ cleanup() {
170
+ clearInterval(interval);
171
+ for (const filePath of tracked.keys()) {
172
+ try {
173
+ fs.unlinkSync(filePath);
174
+ } catch (err) {
175
+ if (err.code !== "ENOENT") {
176
+ logger.warn("[m365connector] failed to delete temp file:", filePath, err.message);
177
+ }
178
+ }
179
+ }
180
+ tracked.clear();
181
+ // Remove the per-process directory itself
182
+ try {
183
+ fs.rmdirSync(baseDir);
184
+ } catch {}
185
+ }
186
+ };
187
+ }
188
+
68
189
  async function loadToolModules(toolRegistry, context) {
69
190
  const toolsDir = path.resolve(__dirname, "tools");
70
191
  const files = fs
@@ -171,6 +292,7 @@ async function main() {
171
292
  };
172
293
 
173
294
  const readHandleCache = createReadHandleCache();
295
+ const tempFiles = createTempFileManager(stderrLogger);
174
296
 
175
297
  const ws = new WsServer({
176
298
  host: "127.0.0.1",
@@ -180,7 +302,7 @@ async function main() {
180
302
  await ws.start();
181
303
 
182
304
  const toolRegistry = new ToolRegistry();
183
- const toolContext = { ws, readHandleCache };
305
+ const toolContext = { ws, readHandleCache, tempFiles };
184
306
  await loadToolModules(toolRegistry, toolContext);
185
307
 
186
308
  const sessions = new Map();
@@ -288,6 +410,8 @@ async function main() {
288
410
  stderrLogger.warn("[m365connector] failed to stop WebSocket server:", err);
289
411
  }
290
412
 
413
+ tempFiles.cleanup();
414
+
291
415
  await new Promise((resolve) => {
292
416
  httpServer.close(() => resolve());
293
417
  });
@@ -50,7 +50,7 @@ const SEARCH_TOOL = {
50
50
  const OPEN_TOOL = {
51
51
  name: "open",
52
52
  description:
53
- "Open and read best-effort content for a prior search result using its read handle. Returns completeness metadata: full, partial, or snippet.",
53
+ "Open and read content for a prior search result. Returns a summary with metadata. Small content is returned inline in the 'content' field. Large content is saved to a local temp file — use the returned file_path with your file-reading tool to access the content.",
54
54
  inputSchema: {
55
55
  type: "object",
56
56
  properties: {
@@ -333,10 +333,72 @@ export function registerTools(registry, context) {
333
333
  const wsResult = await context.ws.sendRequest(
334
334
  "open",
335
335
  { conversation_id: conversationId, context: readContext, fullContent: Boolean(args.fullContent) },
336
- { timeoutMs: 60000 }
336
+ { timeoutMs: args.fullContent ? 90000 : 60000 }
337
337
  );
338
338
 
339
- return asObject(wsResult);
339
+ const result = asObject(wsResult);
340
+ if (!Object.hasOwn(result, "content")) {
341
+ throw new Error("Extension response missing content for this item.");
342
+ }
343
+ const content = typeof result.content === "string"
344
+ ? result.content
345
+ : (result.content != null ? JSON.stringify(result.content, null, 2) : "");
346
+ const contentBytes = Buffer.byteLength(content, "utf-8");
347
+
348
+ const FILE_THRESHOLD = 4096;
349
+ const useFile = contentBytes > FILE_THRESHOLD;
350
+
351
+ const summary = {
352
+ type: readContext.type || result.type || "",
353
+ title: readContext.title || result.title || "",
354
+ url: readContext.url || result.url || "",
355
+ snippet: readContext.snippet || "",
356
+ completeness: result.completeness || "unknown"
357
+ };
358
+
359
+ if (useFile) {
360
+ summary.file_path = context.tempFiles.write(content);
361
+ summary.file_size_bytes = contentBytes;
362
+ } else {
363
+ summary.content = content;
364
+ }
365
+
366
+ // Carry over key metadata from readContext and result.metadata
367
+ // Email _readContext has no metadata object; fields may be at readContext top level.
368
+ // Content reader returns result.metadata with additional fields.
369
+ const meta = { ...asObject(readContext.metadata), ...asObject(result.metadata) };
370
+ if (readContext.type === "email") {
371
+ const from = meta.from || readContext.from;
372
+ // Graph returns toRecipients (array of strings or {emailAddress} objects) and receivedDateTime
373
+ const rawTo = meta.toRecipients || meta.to || readContext.to;
374
+ const to = Array.isArray(rawTo)
375
+ ? rawTo.map((r) => (typeof r === "string" ? r : (r?.emailAddress?.address || r?.emailAddress?.name || String(r)))).join(", ")
376
+ : rawTo;
377
+ const subject = meta.subject || readContext.subject;
378
+ const date = meta.receivedDateTime || meta.date || readContext.date;
379
+ if (from) summary.from = from;
380
+ if (to) summary.to = to;
381
+ if (subject) summary.subject = subject;
382
+ if (date) summary.date = date;
383
+ } else if (readContext.type === "file") {
384
+ if (meta.author) summary.author = meta.author;
385
+ if (meta.fileType) summary.fileType = meta.fileType;
386
+ } else if (readContext.type === "chat") {
387
+ if (meta.from) summary.from = meta.from;
388
+ if (meta.teamName) summary.teamName = meta.teamName;
389
+ if (meta.channelName) summary.channelName = meta.channelName;
390
+ } else if (readContext.type === "event") {
391
+ if (meta.location) summary.location = meta.location;
392
+ if (meta.startTime) summary.startTime = meta.startTime;
393
+ if (meta.endTime) summary.endTime = meta.endTime;
394
+ if (meta.organizer) summary.organizer = meta.organizer;
395
+ }
396
+
397
+ if (result.warning) {
398
+ summary.warning = result.warning;
399
+ }
400
+
401
+ return summary;
340
402
  });
341
403
 
342
404
  registry.addTool(WHOAMI_TOOL, async (args) => {
package/src/ws-server.js CHANGED
@@ -44,7 +44,7 @@ export class WsServer {
44
44
  this.wss.once("error", reject);
45
45
  });
46
46
 
47
- this.logger.error(`[m365connector/ws] listening on ws://${this.host}:${this.port}`);
47
+ this.logger.info(`[m365connector/ws] listening on ws://${this.host}:${this.port}`);
48
48
  }
49
49
 
50
50
  async stop() {
@@ -96,6 +96,7 @@ export class WsServer {
96
96
 
97
97
  return new Promise((resolve, reject) => {
98
98
  const timeout = setTimeout(() => {
99
+ this.logger.warn(`[m365connector/ws] request timed out: type=${type} id=${id}`);
99
100
  this.pending.delete(id);
100
101
  reject(new Error(`WebSocket request timed out after ${timeoutMs}ms`));
101
102
  }, timeoutMs);
@@ -130,7 +131,7 @@ export class WsServer {
130
131
  if (this.client && this.client.readyState === WebSocket.OPEN) {
131
132
  // MV3 service workers can die silently without sending a close frame.
132
133
  // When the extension reconnects, replace the stale connection.
133
- this.logger.error("[m365connector/ws] replacing existing connection with new one");
134
+ this.logger.info("[m365connector/ws] replacing existing connection with new one");
134
135
  try { this.client.terminate(); } catch (_e) { /* ignored */ }
135
136
  this.handleClose(this.client);
136
137
  }
@@ -147,14 +148,14 @@ export class WsServer {
147
148
  });
148
149
 
149
150
  socket.on("close", (code, reason) => {
150
- this.logger.error(`[m365connector/ws] socket close: code=${code}, reason=${String(reason)}`);
151
+ this.logger.info(`[m365connector/ws] socket close: code=${code}, reason=${String(reason)}`);
151
152
  this.handleClose(socket);
152
153
  });
153
154
 
154
155
  socket.on("error", (err) => {
155
156
  this.logger.warn("[m365connector/ws] client socket error:", err.message);
156
157
  });
157
- this.logger.error("[m365connector/ws] extension connected");
158
+ this.logger.info("[m365connector/ws] extension connected");
158
159
  }
159
160
 
160
161
  async handleMessage(socket, rawData) {
@@ -197,6 +198,6 @@ export class WsServer {
197
198
  this.pending.delete(id);
198
199
  }
199
200
 
200
- this.logger.error("[m365connector/ws] extension disconnected");
201
+ this.logger.info("[m365connector/ws] extension disconnected");
201
202
  }
202
203
  }