msoutlook-mcp 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +134 -0
- package/dist/api/calendar.d.ts +90 -0
- package/dist/api/calendar.d.ts.map +1 -0
- package/dist/api/calendar.js +102 -0
- package/dist/api/calendar.js.map +1 -0
- package/dist/api/client.d.ts +14 -0
- package/dist/api/client.d.ts.map +1 -0
- package/dist/api/client.js +93 -0
- package/dist/api/client.js.map +1 -0
- package/dist/api/contacts.d.ts +43 -0
- package/dist/api/contacts.d.ts.map +1 -0
- package/dist/api/contacts.js +45 -0
- package/dist/api/contacts.js.map +1 -0
- package/dist/api/mail.d.ts +90 -0
- package/dist/api/mail.d.ts.map +1 -0
- package/dist/api/mail.js +148 -0
- package/dist/api/mail.js.map +1 -0
- package/dist/api/people.d.ts +28 -0
- package/dist/api/people.d.ts.map +1 -0
- package/dist/api/people.js +16 -0
- package/dist/api/people.js.map +1 -0
- package/dist/auth/browser-login.d.ts +26 -0
- package/dist/auth/browser-login.d.ts.map +1 -0
- package/dist/auth/browser-login.js +398 -0
- package/dist/auth/browser-login.js.map +1 -0
- package/dist/auth/index.d.ts +34 -0
- package/dist/auth/index.d.ts.map +1 -0
- package/dist/auth/index.js +89 -0
- package/dist/auth/index.js.map +1 -0
- package/dist/auth/session-store.d.ts +38 -0
- package/dist/auth/session-store.d.ts.map +1 -0
- package/dist/auth/session-store.js +163 -0
- package/dist/auth/session-store.js.map +1 -0
- package/dist/auth/token-extractor.d.ts +46 -0
- package/dist/auth/token-extractor.d.ts.map +1 -0
- package/dist/auth/token-extractor.js +126 -0
- package/dist/auth/token-extractor.js.map +1 -0
- package/dist/auth/token-refresh.d.ts +23 -0
- package/dist/auth/token-refresh.d.ts.map +1 -0
- package/dist/auth/token-refresh.js +133 -0
- package/dist/auth/token-refresh.js.map +1 -0
- package/dist/browser/cookie-import.d.ts +30 -0
- package/dist/browser/cookie-import.d.ts.map +1 -0
- package/dist/browser/cookie-import.js +446 -0
- package/dist/browser/cookie-import.js.map +1 -0
- package/dist/constants.d.ts +27 -0
- package/dist/constants.d.ts.map +1 -0
- package/dist/constants.js +39 -0
- package/dist/constants.js.map +1 -0
- package/dist/index.d.ts +11 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +23 -0
- package/dist/index.js.map +1 -0
- package/dist/server.d.ts +6 -0
- package/dist/server.d.ts.map +1 -0
- package/dist/server.js +20 -0
- package/dist/server.js.map +1 -0
- package/dist/tools/auth-tools.d.ts +6 -0
- package/dist/tools/auth-tools.d.ts.map +1 -0
- package/dist/tools/auth-tools.js +116 -0
- package/dist/tools/auth-tools.js.map +1 -0
- package/dist/tools/calendar-tools.d.ts +6 -0
- package/dist/tools/calendar-tools.d.ts.map +1 -0
- package/dist/tools/calendar-tools.js +168 -0
- package/dist/tools/calendar-tools.js.map +1 -0
- package/dist/tools/contact-tools.d.ts +6 -0
- package/dist/tools/contact-tools.d.ts.map +1 -0
- package/dist/tools/contact-tools.js +105 -0
- package/dist/tools/contact-tools.js.map +1 -0
- package/dist/tools/mail-tools.d.ts +6 -0
- package/dist/tools/mail-tools.d.ts.map +1 -0
- package/dist/tools/mail-tools.js +196 -0
- package/dist/tools/mail-tools.js.map +1 -0
- package/dist/utils/http.d.ts +15 -0
- package/dist/utils/http.d.ts.map +1 -0
- package/dist/utils/http.js +48 -0
- package/dist/utils/http.js.map +1 -0
- package/dist/utils/logger.d.ts +10 -0
- package/dist/utils/logger.d.ts.map +1 -0
- package/dist/utils/logger.js +21 -0
- package/dist/utils/logger.js.map +1 -0
- package/package.json +53 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"browser-login.js","sourceRoot":"","sources":["../../src/auth/browser-login.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,QAAQ,EAAuB,MAAM,YAAY,CAAC;AAC3D,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAC5D,OAAO,EACL,oBAAoB,EACpB,iBAAiB,EACjB,eAAe,EACf,YAAY,GAEb,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,6BAA6B,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AACzF,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAErE,gFAAgF;AAChF,kBAAkB;AAClB,gFAAgF;AAEhF,iFAAiF;AACjF,MAAM,aAAa,GAAG;IACpB,2BAA2B;IAC3B,gBAAgB;IAChB,qBAAqB;CACtB,CAAC;AAEF;;;;;;GAMG;AACH,SAAS,qBAAqB;IAC5B,OAAO,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,CACnC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CACnE,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,iBAAiB;IACxB,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACrE,IAAI,QAAQ,IAAI,QAAQ,KAAK,UAAU,IAAI,QAAQ,KAAK,SAAS;QAAE,OAAO,QAAQ,CAAC;IAEnF,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAClC,MAAM,QAAQ,GAAG,sBAAsB,EAAE,CAAC;QAC1C,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,KAAK,CAAC,mCAAmC,QAAQ,EAAE,CAAC,CAAC;YAC5D,OAAO,QAAQ,CAAC;QAClB,CAAC;QACD,OAAO,QAAQ,CAAC,CAAC,uCAAuC;IAC1D,CAAC;IAED,OAAO,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC;AAC5D,CAAC;AAED;;;GAGG;AACH,SAAS,sBAAsB;IAC7B,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CACzB,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,EACtB,oFAAoF,CACrF,CAAC;QACF,MAAM,IAAI,GAAG,QAAQ,CAAC,8BAA8B,SAAS,GAAG,EAAE;YAChE,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAuF,CAAC;QACpH,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC;QACvC,MAAM,YAAY,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,kBAAkB,KAAK,OAAO,CAAC,CAAC;QAC1E,MAAM,QAAQ,GAAG,CAAC,YAAY,EAAE,gBAAgB,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;QAEtE,IAAI,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC;YAAE,OAAO,QAAQ,CAAC;QACzF,IAAI,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAAE,OAAO,QAAQ,CAAC;QACvF,uFAAuF;QACvF,OAAO,SAAS,CAAC;IACnB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC;AAED,gFAAgF;AAChF,8CAA8C;AAC9C,gFAAgF;AAEhF,SAAS,yBAAyB,CAAC,UAAkB;IACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC;IACxD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO;IAErC,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;QAC7C,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAC1C,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACnC,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,qCAAqC;gBAC3D,OAAO,CAAC,+BAA+B;YACzC,CAAC;YAAC,MAAM,CAAC;gBACP,sCAAsC;YACxC,CAAC;QACH,CAAC;QACD,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QACxB,MAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,SAAS;IACX,CAAC;AACH,CAAC;AAED,gFAAgF;AAChF,iBAAiB;AACjB,gFAAgF;AAEhF,SAAS,sBAAsB;IAC7B,MAAM,GAAG,GAAG,oBAAoB,EAAE,CAAC;IACnC,OAAO,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;AAC9D,CAAC;AAED,KAAK,UAAU,qBAAqB,CAAC,OAAuB;IAC1D,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,YAAY,EAAE,CAAC;IAC3C,iBAAiB,CAAC,KAAK,CAAC,CAAC;IAEzB,MAAM,EAAE,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;IACrC,IAAI,CAAC,EAAE,EAAE,CAAC;QACR,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,MAAM,GAAG,6BAA6B,CAAC,EAAE,CAAC,CAAC;IACjD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;QAC/D,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,KAAK,GAAe;QACxB,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,cAAc,EAAE,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE;QAC/C,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,EAAE,OAAO,EAAE;QACpD,YAAY,EAAE,MAAM,CAAC,YAAY;QACjC,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,GAAG,EAAE,MAAM,CAAC,GAAG;QACf,WAAW,EAAE,IAAI,CAAC,GAAG,EAAE;KACxB,CAAC;IACF,eAAe,CAAC,KAAK,CAAC,CAAC;IACvB,OAAO,MAAM,CAAC,GAAG,IAAI,SAAS,CAAC;AACjC,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,aAAa,CAAC,UAAkB,EAAE,QAAiB,EAAE,OAAe;IACjF,yBAAyB,CAAC,UAAU,CAAC,CAAC;IAEtC,MAAM,MAAM,GAAG,GAAG,EAAE,CAAC,QAAQ,CAAC,uBAAuB,CAAC,UAAU,EAAE;QAChE,QAAQ;QACR,OAAO;QACP,QAAQ,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE;QACtC,eAAe,EAAE,KAAK;KACvB,CAAC,CAAC;IAEH,IAAI,CAAC;QACH,OAAO,MAAM,MAAM,EAAE,CAAC;IACxB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,IAAI,GAAG,CAAC,QAAQ,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;YACtE,MAAM,CAAC,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACnE,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC;YACxD,IAAI,CAAC;gBAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAAC,CAAC;YAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;YACvD,OAAO,MAAM,EAAE,CAAC;QAClB,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,KAAK,UAAU,cAAc,CAAC,OAAuB,EAAE,SAAiB;IACtE,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,MAAM,OAAO,CAAC,OAAO,EAAE,CAAC;IAE3D,+EAA+E;IAC/E,IAAI,iBAAiB,GAAG,KAAK,CAAC;IAC9B,MAAM,YAAY,GAAG,CAAC,KAA4B,EAAE,EAAE;QACpD,IAAI,KAAK,KAAK,IAAI,CAAC,SAAS,EAAE,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACnF,iBAAiB,GAAG,IAAI,CAAC;QAC3B,CAAC;IACH,CAAC,CAAC;IACF,IAAI,CAAC,EAAE,CAAC,gBAAgB,EAAE,YAAY,CAAC,CAAC;IAExC,IAAI,CAAC;QACH,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAE5D,sEAAsE;QACtE,yDAAyD;QACzD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,EAAE,CAAC;YAC7B,IAAI,iBAAiB;gBAAE,OAAO,KAAK,CAAC;YACpC,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;QACjC,CAAC;QACD,IAAI,iBAAiB;YAAE,OAAO,KAAK,CAAC;QAEpC,0EAA0E;QAC1E,MAAM,IAAI,CAAC,eAAe,CAAC,qBAAqB,EAAE,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC;QAC1E,OAAO,IAAI,CAAC;IACd,CAAC;YAAS,CAAC;QACT,IAAI,CAAC,GAAG,CAAC,gBAAgB,EAAE,YAAY,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC;AAED,gFAAgF;AAChF,+DAA+D;AAC/D,gFAAgF;AAEhF;;;;;;;;GAQG;AACH,KAAK,UAAU,iBAAiB,CAC9B,OAAuB,EACvB,SAAS,GAAG,MAAM;IAElB,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;IAChC,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAC;IAExB,MAAM,CAAC,KAAK,CAAC,uCAAuC,CAAC,CAAC;IACtD,MAAM,QAAQ,GAAG,KAAK,CAAC;IACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;IAExC,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,EAAE,CAAC;QAC7B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,qBAAqB,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC;QAE5E,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,CAAC,KAAK,CAAC,8BAA8B,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,QAAQ,GAAG,SAAS,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;YACxG,OAAO,IAAI,CAAC;QACd,CAAC;QACD,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IACtC,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC1C,OAAO,KAAK,CAAC;AACf,CAAC;AAED,gFAAgF;AAChF,2BAA2B;AAC3B,gFAAgF;AAEhF,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,MAAM,CAAC,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAEtD,MAAM,UAAU,GAAG,oBAAoB,EAAE,CAAC;IAC1C,MAAM,OAAO,GAAG,iBAAiB,EAAE,CAAC;IACpC,IAAI,OAAO,GAA0B,IAAI,CAAC;IAE1C,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;QAEzD,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC3D,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,CAAC,KAAK,CAAC,gEAAgE,CAAC,CAAC;YAC/E,OAAO,IAAI,CAAC;QACd,CAAC;QAED,oEAAoE;QACpE,uEAAuE;QACvE,MAAM,WAAW,GAAG,MAAM,iBAAiB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC7D,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,CAAC,KAAK,CAAC,qEAAqE,CAAC,CAAC;YACpF,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACjD,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QACtB,MAAM,CAAC,IAAI,CAAC,6BAA6B,GAAG,GAAG,CAAC,CAAC;QACjD,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC;IACzC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QACxF,OAAO,IAAI,CAAC;IACd,CAAC;YAAS,CAAC;QACT,MAAM,OAAO,EAAE,KAAK,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IACzC,CAAC;AACH,CAAC;AAED,gFAAgF;AAChF,0BAA0B;AAC1B,gFAAgF;AAEhF,8HAA8H;AAC9H,KAAK,UAAU,WAAW,CAAC,IAA+B,EAAE,KAA8C;IACxG,MAAM,MAAM,GAAG;QACb,OAAO,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,uCAAuC,EAAG,EAAE,EAAE,SAAS,EAAE;QACnH,MAAM,EAAG,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,wBAAwB,EAAI,MAAM,EAAE,oCAAoC,EAAE,EAAE,EAAE,SAAS,EAAE;QACtH,IAAI,EAAK,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,WAAW,EAAkB,MAAM,EAAE,uCAAuC,EAAE,EAAE,EAAE,SAAS,EAAE;QAC1H,KAAK,EAAI,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,EAAE,sBAAsB,EAAO,MAAM,EAAE,mBAAmB,EAAkB,EAAE,EAAE,SAAS,EAAE;KACvH,CAAC;IACF,MAAM,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IACxB,IAAI,CAAC;QACH,MAAM,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,EAAE;YAClD,MAAM,QAAQ,GAAG,QAAQ,CAAC,cAAc,CAAC,uBAAuB,CAAC,CAAC;YAClE,IAAI,QAAQ;gBAAE,QAAQ,CAAC,MAAM,EAAE,CAAC;YAChC,MAAM,OAAO,GAAG,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;YAC9C,OAAO,CAAC,EAAE,GAAG,uBAAuB,CAAC;YACrC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,UAAU,EAAE,iBAAiB,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,iCAAiC,EAAE,CAAC,CAAC;YACjO,OAAO,CAAC,SAAS,GAAG,6MAA6M,EAAE,0GAA0G,IAAI,kFAAkF,KAAK,yEAAyE,MAAM,YAAY,CAAC;YACpgB,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QACrC,CAAC,EAAE,CAAC,CAAC,CAAC;IACR,CAAC;IAAC,MAAM,CAAC,CAAC,uBAAuB,CAAC,CAAC;AACrC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,iBAAiB,GAAG,KAAK;IACzD,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;IAExD,MAAM,UAAU,GAAG,oBAAoB,EAAE,CAAC;IAC1C,MAAM,OAAO,GAAG,iBAAiB,EAAE,CAAC;IACpC,IAAI,OAAO,GAA0B,IAAI,CAAC;IAC1C,IAAI,aAAa,GAAG,KAAK,CAAC;IAE1B,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,aAAa,CAAC,UAAU,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;QAC1D,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,aAAa,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAErD,mEAAmE;QACnE,IAAI,iBAAiB,EAAE,CAAC;YACtB,MAAM,OAAO,CAAC,YAAY,EAAE,CAAC;YAC7B,MAAM,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC9D,CAAC;QAED,sEAAsE;QACtE,2EAA2E;QAC3E,MAAM,sBAAsB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAE/C,MAAM,aAAa,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;QACtE,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;QAEhC,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,iEAAiE;YACjE,MAAM,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;YACrE,IAAI,IAAI,EAAE,CAAC;gBACT,MAAM,IAAI,CAAC,eAAe,CAAC,qBAAqB,EAAE,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC,CAAC;YACnF,CAAC;QACH,CAAC;QAED,8DAA8D;QAC9D,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,WAAW,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;YACnC,MAAM,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;YAC/B,MAAM,WAAW,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACpC,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACjD,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,IAAI,IAAI;gBAAE,MAAM,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAC3C,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAChC,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,4BAA4B;QAC/D,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,2BAA2B,GAAG,qBAAqB,CAAC,CAAC;QACjE,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IAC3C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,CAAC,KAAK,CAAC,qEAAqE,CAAC,CAAC;QACtF,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QACxF,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;YAAS,CAAC;QACT,IAAI,OAAO,IAAI,CAAC,aAAa,EAAE,CAAC;YAC9B,MAAM,OAAO,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;AACH,CAAC;AAYD,gFAAgF;AAChF,mBAAmB;AACnB,gFAAgF;AAEhF;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,QAAQ,GAAG,KAAK;IACjD,IAAI,QAAQ,EAAE,CAAC;QACb,YAAY,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;IAC7E,CAAC;IAED,IAAI,CAAC,QAAQ,IAAI,sBAAsB,EAAE,EAAE,CAAC;QAC1C,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;QACrC,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAC1B,MAAM,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;IAC5E,CAAC;SAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CAAC,4EAA4E,CAAC,CAAC;IAC5F,CAAC;IAED,6EAA6E;IAC7E,oFAAoF;IACpF,OAAO,WAAW,CAAC,QAAQ,CAAC,CAAC;AAC/B,CAAC;AAED,gFAAgF;AAChF,sBAAsB;AACtB,gFAAgF;AAEhF,MAAM,CAAC,KAAK,UAAU,oBAAoB;IACxC,OAAO,CAAC,MAAM,aAAa,EAAE,CAAC,KAAK,IAAI,CAAC;AAC1C,CAAC"}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Auth module — token access, validation, and refresh.
|
|
3
|
+
*
|
|
4
|
+
* Provides `getOwaToken()` and `getGraphToken()` which callers should use
|
|
5
|
+
* instead of reading the cache directly. These functions handle refresh automatically.
|
|
6
|
+
*/
|
|
7
|
+
export { browserLogin, headlessTokenRefresh, type LoginResult } from './browser-login.js';
|
|
8
|
+
export { clearSession, hasSessionState, isSessionLikelyExpired, readTokenCache } from './session-store.js';
|
|
9
|
+
/**
|
|
10
|
+
* Get a valid OWA access token, refreshing automatically if needed.
|
|
11
|
+
* Returns null if not authenticated or refresh fails.
|
|
12
|
+
*/
|
|
13
|
+
export declare function getOwaToken(): Promise<string | null>;
|
|
14
|
+
/**
|
|
15
|
+
* Get a valid Graph access token, refreshing automatically if needed.
|
|
16
|
+
* Falls back to OWA token if Graph token unavailable (some endpoints accept either).
|
|
17
|
+
*/
|
|
18
|
+
export declare function getGraphToken(): Promise<string | null>;
|
|
19
|
+
/**
|
|
20
|
+
* Check if the user is currently authenticated.
|
|
21
|
+
*/
|
|
22
|
+
export declare function isAuthenticated(): boolean;
|
|
23
|
+
/**
|
|
24
|
+
* Get auth status details for diagnostics.
|
|
25
|
+
*/
|
|
26
|
+
export declare function getAuthStatus(): {
|
|
27
|
+
authenticated: boolean;
|
|
28
|
+
upn?: string;
|
|
29
|
+
tenantId?: string;
|
|
30
|
+
owaTokenExpiry?: string;
|
|
31
|
+
owaTokenMinutesRemaining?: number;
|
|
32
|
+
graphTokenExpiry?: string;
|
|
33
|
+
};
|
|
34
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAQH,OAAO,EAAE,YAAY,EAAE,oBAAoB,EAAE,KAAK,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAC1F,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,sBAAsB,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAM3G;;;GAGG;AACH,wBAAsB,WAAW,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAwB1D;AAED;;;GAGG;AACH,wBAAsB,aAAa,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAgB5D;AAED;;GAEG;AACH,wBAAgB,eAAe,IAAI,OAAO,CAKzC;AAED;;GAEG;AACH,wBAAgB,aAAa,IAAI;IAC/B,aAAa,EAAE,OAAO,CAAC;IACvB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,wBAAwB,CAAC,EAAE,MAAM,CAAC;IAClC,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,CAaA"}
|
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Auth module — token access, validation, and refresh.
|
|
3
|
+
*
|
|
4
|
+
* Provides `getOwaToken()` and `getGraphToken()` which callers should use
|
|
5
|
+
* instead of reading the cache directly. These functions handle refresh automatically.
|
|
6
|
+
*/
|
|
7
|
+
import { logger } from '../utils/logger.js';
|
|
8
|
+
import { TOKEN_REFRESH_BUFFER_MS } from '../constants.js';
|
|
9
|
+
import { readTokenCache } from './session-store.js';
|
|
10
|
+
import { refreshOwaToken, refreshGraphToken } from './token-refresh.js';
|
|
11
|
+
import { headlessTokenRefresh } from './browser-login.js';
|
|
12
|
+
export { browserLogin, headlessTokenRefresh } from './browser-login.js';
|
|
13
|
+
export { clearSession, hasSessionState, isSessionLikelyExpired, readTokenCache } from './session-store.js';
|
|
14
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
15
|
+
// Token Access
|
|
16
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
17
|
+
/**
|
|
18
|
+
* Get a valid OWA access token, refreshing automatically if needed.
|
|
19
|
+
* Returns null if not authenticated or refresh fails.
|
|
20
|
+
*/
|
|
21
|
+
export async function getOwaToken() {
|
|
22
|
+
const cache = readTokenCache();
|
|
23
|
+
if (!cache)
|
|
24
|
+
return null;
|
|
25
|
+
// Check if still valid with buffer
|
|
26
|
+
if (cache.owaTokenExpiry - TOKEN_REFRESH_BUFFER_MS > Date.now()) {
|
|
27
|
+
return cache.owaToken;
|
|
28
|
+
}
|
|
29
|
+
logger.debug('OWA token expiring soon, refreshing...');
|
|
30
|
+
// Try HTTP refresh first (fast, no browser)
|
|
31
|
+
const httpRefreshed = await refreshOwaToken();
|
|
32
|
+
if (httpRefreshed)
|
|
33
|
+
return httpRefreshed;
|
|
34
|
+
// Fall back to headless browser refresh
|
|
35
|
+
logger.info('HTTP refresh failed, attempting headless browser refresh...');
|
|
36
|
+
const browserRefreshed = await headlessTokenRefresh();
|
|
37
|
+
if (browserRefreshed) {
|
|
38
|
+
return readTokenCache()?.owaToken ?? null;
|
|
39
|
+
}
|
|
40
|
+
logger.warn('All refresh methods failed. Run outlook_login to re-authenticate.');
|
|
41
|
+
return null;
|
|
42
|
+
}
|
|
43
|
+
/**
|
|
44
|
+
* Get a valid Graph access token, refreshing automatically if needed.
|
|
45
|
+
* Falls back to OWA token if Graph token unavailable (some endpoints accept either).
|
|
46
|
+
*/
|
|
47
|
+
export async function getGraphToken() {
|
|
48
|
+
const cache = readTokenCache();
|
|
49
|
+
if (!cache)
|
|
50
|
+
return null;
|
|
51
|
+
// Check if Graph token is valid
|
|
52
|
+
if (cache.graphToken && cache.graphTokenExpiry && cache.graphTokenExpiry - TOKEN_REFRESH_BUFFER_MS > Date.now()) {
|
|
53
|
+
return cache.graphToken;
|
|
54
|
+
}
|
|
55
|
+
logger.debug('Graph token expiring soon or missing, refreshing...');
|
|
56
|
+
const refreshed = await refreshGraphToken();
|
|
57
|
+
if (refreshed)
|
|
58
|
+
return refreshed;
|
|
59
|
+
logger.warn('Graph token refresh failed');
|
|
60
|
+
return null;
|
|
61
|
+
}
|
|
62
|
+
/**
|
|
63
|
+
* Check if the user is currently authenticated.
|
|
64
|
+
*/
|
|
65
|
+
export function isAuthenticated() {
|
|
66
|
+
const cache = readTokenCache();
|
|
67
|
+
if (!cache)
|
|
68
|
+
return false;
|
|
69
|
+
// Has a valid refresh token (refresh tokens last ~90 days)
|
|
70
|
+
return !!cache.refreshToken;
|
|
71
|
+
}
|
|
72
|
+
/**
|
|
73
|
+
* Get auth status details for diagnostics.
|
|
74
|
+
*/
|
|
75
|
+
export function getAuthStatus() {
|
|
76
|
+
const cache = readTokenCache();
|
|
77
|
+
if (!cache)
|
|
78
|
+
return { authenticated: false };
|
|
79
|
+
const now = Date.now();
|
|
80
|
+
return {
|
|
81
|
+
authenticated: true,
|
|
82
|
+
upn: cache.upn,
|
|
83
|
+
tenantId: cache.tenantId,
|
|
84
|
+
owaTokenExpiry: new Date(cache.owaTokenExpiry).toISOString(),
|
|
85
|
+
owaTokenMinutesRemaining: Math.max(0, Math.round((cache.owaTokenExpiry - now) / 60_000)),
|
|
86
|
+
graphTokenExpiry: cache.graphTokenExpiry ? new Date(cache.graphTokenExpiry).toISOString() : undefined,
|
|
87
|
+
};
|
|
88
|
+
}
|
|
89
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,uBAAuB,EAAE,MAAM,iBAAiB,CAAC;AAC1D,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACxE,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAE1D,OAAO,EAAE,YAAY,EAAE,oBAAoB,EAAoB,MAAM,oBAAoB,CAAC;AAC1F,OAAO,EAAE,YAAY,EAAE,eAAe,EAAE,sBAAsB,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAE3G,gFAAgF;AAChF,eAAe;AACf,gFAAgF;AAEhF;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IAExB,mCAAmC;IACnC,IAAI,KAAK,CAAC,cAAc,GAAG,uBAAuB,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAChE,OAAO,KAAK,CAAC,QAAQ,CAAC;IACxB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;IAEvD,4CAA4C;IAC5C,MAAM,aAAa,GAAG,MAAM,eAAe,EAAE,CAAC;IAC9C,IAAI,aAAa;QAAE,OAAO,aAAa,CAAC;IAExC,wCAAwC;IACxC,MAAM,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;IAC3E,MAAM,gBAAgB,GAAG,MAAM,oBAAoB,EAAE,CAAC;IACtD,IAAI,gBAAgB,EAAE,CAAC;QACrB,OAAO,cAAc,EAAE,EAAE,QAAQ,IAAI,IAAI,CAAC;IAC5C,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;IACjF,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IAExB,gCAAgC;IAChC,IAAI,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,gBAAgB,IAAI,KAAK,CAAC,gBAAgB,GAAG,uBAAuB,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAChH,OAAO,KAAK,CAAC,UAAU,CAAC;IAC1B,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,qDAAqD,CAAC,CAAC;IAEpE,MAAM,SAAS,GAAG,MAAM,iBAAiB,EAAE,CAAC;IAC5C,IAAI,SAAS;QAAE,OAAO,SAAS,CAAC;IAEhC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;IAC1C,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe;IAC7B,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,IAAI,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IACzB,2DAA2D;IAC3D,OAAO,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa;IAQ3B,MAAM,KAAK,GAAG,cAAc,EAAE,CAAC;IAC/B,IAAI,CAAC,KAAK;QAAE,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;IAE5C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,OAAO;QACL,aAAa,EAAE,IAAI;QACnB,GAAG,EAAE,KAAK,CAAC,GAAG;QACd,QAAQ,EAAE,KAAK,CAAC,QAAQ;QACxB,cAAc,EAAE,IAAI,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC,WAAW,EAAE;QAC5D,wBAAwB,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,cAAc,GAAG,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC;QACxF,gBAAgB,EAAE,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS;KACtG,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Secure session state storage.
|
|
3
|
+
*
|
|
4
|
+
* Stores Playwright session state (localStorage, cookies) and cached tokens
|
|
5
|
+
* in ~/.msoutlook-mcp-server/ (macOS/Linux) or %APPDATA%\msoutlook-mcp-server\ (Windows).
|
|
6
|
+
*
|
|
7
|
+
* Mirrors the storage approach from msteams-mcp:
|
|
8
|
+
* - scryptSync key derivation (hostname:username — machine-specific, memory-hard)
|
|
9
|
+
* - AES-256-GCM encryption at rest
|
|
10
|
+
* - JSON envelope {iv, content, tag, version} for future-proof migration
|
|
11
|
+
* - isEncrypted() check auto-migrates any legacy plaintext files
|
|
12
|
+
*/
|
|
13
|
+
export interface TokenCache {
|
|
14
|
+
owaToken: string;
|
|
15
|
+
owaTokenExpiry: number;
|
|
16
|
+
graphToken?: string;
|
|
17
|
+
graphTokenExpiry?: number;
|
|
18
|
+
refreshToken: string;
|
|
19
|
+
tenantId?: string;
|
|
20
|
+
upn?: string;
|
|
21
|
+
extractedAt: number;
|
|
22
|
+
}
|
|
23
|
+
export declare const CONFIG_DIR: string;
|
|
24
|
+
export declare function getSessionStatePath(): string;
|
|
25
|
+
export declare function getTokenCachePath(): string;
|
|
26
|
+
export declare function getBrowserProfileDir(): string;
|
|
27
|
+
export declare function writeSessionState(state: unknown): void;
|
|
28
|
+
export declare function readSessionState(): unknown | null;
|
|
29
|
+
export declare function hasSessionState(): boolean;
|
|
30
|
+
/** Returns the age of the session state file in hours, or null if it doesn't exist. */
|
|
31
|
+
export declare function getSessionAge(): number | null;
|
|
32
|
+
/** Returns true if the session state is missing or older than SESSION_EXPIRY_HOURS. */
|
|
33
|
+
export declare function isSessionLikelyExpired(): boolean;
|
|
34
|
+
export declare function writeTokenCache(cache: TokenCache): void;
|
|
35
|
+
export declare function readTokenCache(): TokenCache | null;
|
|
36
|
+
export declare function clearTokenCache(): void;
|
|
37
|
+
export declare function clearSession(): void;
|
|
38
|
+
//# sourceMappingURL=session-store.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session-store.d.ts","sourceRoot":"","sources":["../../src/auth/session-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAYH,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;CACrB;AA+BD,eAAO,MAAM,UAAU,QAAiB,CAAC;AAYzC,wBAAgB,mBAAmB,IAAI,MAAM,CAAkD;AAC/F,wBAAgB,iBAAiB,IAAI,MAAM,CAAkD;AAC7F,wBAAgB,oBAAoB,IAAI,MAAM,CAA8C;AAiF5F,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,OAAO,GAAG,IAAI,CAA+C;AACtG,wBAAgB,gBAAgB,IAAI,OAAO,GAAG,IAAI,CAAmD;AACrG,wBAAgB,eAAe,IAAI,OAAO,CAA2D;AAErG,uFAAuF;AACvF,wBAAgB,aAAa,IAAI,MAAM,GAAG,IAAI,CAI7C;AAED,uFAAuF;AACvF,wBAAgB,sBAAsB,IAAI,OAAO,CAGhD;AAMD,wBAAgB,eAAe,CAAC,KAAK,EAAE,UAAU,GAAG,IAAI,CAA6C;AACrG,wBAAgB,cAAc,IAAI,UAAU,GAAG,IAAI,CAA6D;AAChH,wBAAgB,eAAe,IAAI,IAAI,CAGtC;AAMD,wBAAgB,YAAY,IAAI,IAAI,CAEnC"}
|
|
@@ -0,0 +1,163 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Secure session state storage.
|
|
3
|
+
*
|
|
4
|
+
* Stores Playwright session state (localStorage, cookies) and cached tokens
|
|
5
|
+
* in ~/.msoutlook-mcp-server/ (macOS/Linux) or %APPDATA%\msoutlook-mcp-server\ (Windows).
|
|
6
|
+
*
|
|
7
|
+
* Mirrors the storage approach from msteams-mcp:
|
|
8
|
+
* - scryptSync key derivation (hostname:username — machine-specific, memory-hard)
|
|
9
|
+
* - AES-256-GCM encryption at rest
|
|
10
|
+
* - JSON envelope {iv, content, tag, version} for future-proof migration
|
|
11
|
+
* - isEncrypted() check auto-migrates any legacy plaintext files
|
|
12
|
+
*/
|
|
13
|
+
import { scryptSync, createCipheriv, createDecipheriv, randomBytes } from 'node:crypto';
|
|
14
|
+
import { existsSync, mkdirSync, readFileSync, writeFileSync, rmSync, statSync } from 'node:fs';
|
|
15
|
+
import { homedir, hostname, userInfo } from 'node:os';
|
|
16
|
+
import { join } from 'node:path';
|
|
17
|
+
import { logger } from '../utils/logger.js';
|
|
18
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
19
|
+
// Config directory (platform-aware, mirrors msteams-mcp)
|
|
20
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
21
|
+
function getHomeDirSafe() {
|
|
22
|
+
try {
|
|
23
|
+
return homedir();
|
|
24
|
+
}
|
|
25
|
+
catch {
|
|
26
|
+
return null;
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
function getConfigDir() {
|
|
30
|
+
const home = getHomeDirSafe();
|
|
31
|
+
if (process.platform === 'win32') {
|
|
32
|
+
const appData = process.env.APPDATA ?? (home ? join(home, 'AppData', 'Roaming') : null);
|
|
33
|
+
if (appData)
|
|
34
|
+
return join(appData, 'msoutlook-mcp-server');
|
|
35
|
+
}
|
|
36
|
+
if (home)
|
|
37
|
+
return join(home, '.msoutlook-mcp-server');
|
|
38
|
+
// Fallback: alongside the dist directory
|
|
39
|
+
return join(process.cwd(), 'msoutlook-mcp-server-data');
|
|
40
|
+
}
|
|
41
|
+
export const CONFIG_DIR = getConfigDir();
|
|
42
|
+
const SESSION_STATE_FILE = 'session-state.json';
|
|
43
|
+
const TOKEN_CACHE_FILE = 'token-cache.json';
|
|
44
|
+
const BROWSER_PROFILE = 'browser-profile';
|
|
45
|
+
/** Session considered stale after this many hours (matches msteams-mcp). */
|
|
46
|
+
const SESSION_EXPIRY_HOURS = 12;
|
|
47
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
48
|
+
// Paths
|
|
49
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
50
|
+
export function getSessionStatePath() { return join(CONFIG_DIR, SESSION_STATE_FILE); }
|
|
51
|
+
export function getTokenCachePath() { return join(CONFIG_DIR, TOKEN_CACHE_FILE); }
|
|
52
|
+
export function getBrowserProfileDir() { return join(CONFIG_DIR, BROWSER_PROFILE); }
|
|
53
|
+
function ensureConfigDir() {
|
|
54
|
+
if (!existsSync(CONFIG_DIR))
|
|
55
|
+
mkdirSync(CONFIG_DIR, { recursive: true, mode: 0o700 });
|
|
56
|
+
}
|
|
57
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
58
|
+
// Encryption — AES-256-GCM with scrypt-derived machine key (mirrors msteams-mcp)
|
|
59
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
60
|
+
const SALT = 'msoutlook-mcp-credential-salt-v1';
|
|
61
|
+
function deriveKey() {
|
|
62
|
+
let machineId;
|
|
63
|
+
try {
|
|
64
|
+
machineId = `${hostname()}:${userInfo().username}`;
|
|
65
|
+
}
|
|
66
|
+
catch {
|
|
67
|
+
machineId = CONFIG_DIR; // safe fallback
|
|
68
|
+
}
|
|
69
|
+
return scryptSync(machineId, SALT, 32);
|
|
70
|
+
}
|
|
71
|
+
function encryptJson(plaintext) {
|
|
72
|
+
const key = deriveKey();
|
|
73
|
+
const iv = randomBytes(16);
|
|
74
|
+
const cipher = createCipheriv('aes-256-gcm', key, iv);
|
|
75
|
+
let content = cipher.update(plaintext, 'utf8', 'hex');
|
|
76
|
+
content += cipher.final('hex');
|
|
77
|
+
return { iv: iv.toString('hex'), content, tag: cipher.getAuthTag().toString('hex'), version: 1 };
|
|
78
|
+
}
|
|
79
|
+
function decryptEnvelope(env) {
|
|
80
|
+
if (env.version !== 1)
|
|
81
|
+
throw new Error(`Unsupported encryption version: ${env.version}`);
|
|
82
|
+
const key = deriveKey();
|
|
83
|
+
const iv = Buffer.from(env.iv, 'hex');
|
|
84
|
+
const tag = Buffer.from(env.tag, 'hex');
|
|
85
|
+
const decipher = createDecipheriv('aes-256-gcm', key, iv);
|
|
86
|
+
decipher.setAuthTag(tag);
|
|
87
|
+
let out = decipher.update(env.content, 'hex', 'utf8');
|
|
88
|
+
out += decipher.final('utf8');
|
|
89
|
+
return out;
|
|
90
|
+
}
|
|
91
|
+
function isEncryptedEnvelope(v) {
|
|
92
|
+
if (!v || typeof v !== 'object')
|
|
93
|
+
return false;
|
|
94
|
+
const o = v;
|
|
95
|
+
return typeof o.iv === 'string' && typeof o.content === 'string'
|
|
96
|
+
&& typeof o.tag === 'string' && o.version === 1;
|
|
97
|
+
}
|
|
98
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
99
|
+
// Generic read/write helpers
|
|
100
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
101
|
+
function writeSecure(filePath, data) {
|
|
102
|
+
ensureConfigDir();
|
|
103
|
+
const envelope = encryptJson(JSON.stringify(data));
|
|
104
|
+
writeFileSync(filePath, JSON.stringify(envelope, null, 2), { mode: 0o600, encoding: 'utf8' });
|
|
105
|
+
}
|
|
106
|
+
function readSecure(filePath) {
|
|
107
|
+
if (!existsSync(filePath))
|
|
108
|
+
return null;
|
|
109
|
+
try {
|
|
110
|
+
const parsed = JSON.parse(readFileSync(filePath, 'utf8'));
|
|
111
|
+
if (isEncryptedEnvelope(parsed)) {
|
|
112
|
+
return JSON.parse(decryptEnvelope(parsed));
|
|
113
|
+
}
|
|
114
|
+
// Legacy plaintext — migrate to encrypted in place
|
|
115
|
+
logger.debug(`Migrating plaintext file to encrypted: ${filePath}`);
|
|
116
|
+
writeSecure(filePath, parsed);
|
|
117
|
+
return parsed;
|
|
118
|
+
}
|
|
119
|
+
catch (err) {
|
|
120
|
+
logger.warn(`Failed to read ${filePath}`, err instanceof Error ? err.message : String(err));
|
|
121
|
+
return null;
|
|
122
|
+
}
|
|
123
|
+
}
|
|
124
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
125
|
+
// Session State (Playwright storageState)
|
|
126
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
127
|
+
export function writeSessionState(state) { writeSecure(getSessionStatePath(), state); }
|
|
128
|
+
export function readSessionState() { return readSecure(getSessionStatePath()); }
|
|
129
|
+
export function hasSessionState() { return existsSync(getSessionStatePath()); }
|
|
130
|
+
/** Returns the age of the session state file in hours, or null if it doesn't exist. */
|
|
131
|
+
export function getSessionAge() {
|
|
132
|
+
const p = getSessionStatePath();
|
|
133
|
+
if (!existsSync(p))
|
|
134
|
+
return null;
|
|
135
|
+
return (Date.now() - statSync(p).mtimeMs) / (1000 * 60 * 60);
|
|
136
|
+
}
|
|
137
|
+
/** Returns true if the session state is missing or older than SESSION_EXPIRY_HOURS. */
|
|
138
|
+
export function isSessionLikelyExpired() {
|
|
139
|
+
const age = getSessionAge();
|
|
140
|
+
return age === null || age > SESSION_EXPIRY_HOURS;
|
|
141
|
+
}
|
|
142
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
143
|
+
// Token Cache
|
|
144
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
145
|
+
export function writeTokenCache(cache) { writeSecure(getTokenCachePath(), cache); }
|
|
146
|
+
export function readTokenCache() { return readSecure(getTokenCachePath()); }
|
|
147
|
+
export function clearTokenCache() {
|
|
148
|
+
const p = getTokenCachePath();
|
|
149
|
+
if (existsSync(p)) {
|
|
150
|
+
try {
|
|
151
|
+
rmSync(p);
|
|
152
|
+
}
|
|
153
|
+
catch { /* ignore */ }
|
|
154
|
+
}
|
|
155
|
+
}
|
|
156
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
157
|
+
// Full session clear
|
|
158
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
159
|
+
export function clearSession() {
|
|
160
|
+
if (existsSync(CONFIG_DIR))
|
|
161
|
+
rmSync(CONFIG_DIR, { recursive: true, force: true });
|
|
162
|
+
}
|
|
163
|
+
//# sourceMappingURL=session-store.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session-store.js","sourceRoot":"","sources":["../../src/auth/session-store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,gBAAgB,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AACxF,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC/F,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACtD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAwB5C,gFAAgF;AAChF,yDAAyD;AACzD,gFAAgF;AAEhF,SAAS,cAAc;IACrB,IAAI,CAAC;QAAC,OAAO,OAAO,EAAE,CAAC;IAAC,CAAC;IAAC,MAAM,CAAC;QAAC,OAAO,IAAI,CAAC;IAAC,CAAC;AAClD,CAAC;AAED,SAAS,YAAY;IACnB,MAAM,IAAI,GAAG,cAAc,EAAE,CAAC;IAE9B,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QACjC,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACxF,IAAI,OAAO;YAAE,OAAO,IAAI,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;IAC5D,CAAC;IAED,IAAI,IAAI;QAAE,OAAO,IAAI,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC;IAErD,yCAAyC;IACzC,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,2BAA2B,CAAC,CAAC;AAC1D,CAAC;AAED,MAAM,CAAC,MAAM,UAAU,GAAG,YAAY,EAAE,CAAC;AACzC,MAAM,kBAAkB,GAAG,oBAAoB,CAAC;AAChD,MAAM,gBAAgB,GAAK,kBAAkB,CAAC;AAC9C,MAAM,eAAe,GAAM,iBAAiB,CAAC;AAE7C,4EAA4E;AAC5E,MAAM,oBAAoB,GAAG,EAAE,CAAC;AAEhC,gFAAgF;AAChF,QAAQ;AACR,gFAAgF;AAEhF,MAAM,UAAU,mBAAmB,KAAc,OAAO,IAAI,CAAC,UAAU,EAAE,kBAAkB,CAAC,CAAC,CAAC,CAAC;AAC/F,MAAM,UAAU,iBAAiB,KAAgB,OAAO,IAAI,CAAC,UAAU,EAAE,gBAAgB,CAAC,CAAC,CAAC,CAAC;AAC7F,MAAM,UAAU,oBAAoB,KAAa,OAAO,IAAI,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC;AAE5F,SAAS,eAAe;IACtB,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC;QAAE,SAAS,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;AACvF,CAAC;AAED,gFAAgF;AAChF,iFAAiF;AACjF,gFAAgF;AAEhF,MAAM,IAAI,GAAG,kCAAkC,CAAC;AAEhD,SAAS,SAAS;IAChB,IAAI,SAAiB,CAAC;IACtB,IAAI,CAAC;QACH,SAAS,GAAG,GAAG,QAAQ,EAAE,IAAI,QAAQ,EAAE,CAAC,QAAQ,EAAE,CAAC;IACrD,CAAC;IAAC,MAAM,CAAC;QACP,SAAS,GAAG,UAAU,CAAC,CAAC,gBAAgB;IAC1C,CAAC;IACD,OAAO,UAAU,CAAC,SAAS,EAAE,IAAI,EAAE,EAAE,CAAW,CAAC;AACnD,CAAC;AAED,SAAS,WAAW,CAAC,SAAiB;IACpC,MAAM,GAAG,GAAG,SAAS,EAAE,CAAC;IACxB,MAAM,EAAE,GAAI,WAAW,CAAC,EAAE,CAAC,CAAC;IAC5B,MAAM,MAAM,GAAG,cAAc,CAAC,aAAa,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IACtD,IAAI,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IACtD,OAAO,IAAI,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAC/B,OAAO,EAAE,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACnG,CAAC;AAED,SAAS,eAAe,CAAC,GAAsB;IAC7C,IAAI,GAAG,CAAC,OAAO,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;IACzF,MAAM,GAAG,GAAG,SAAS,EAAE,CAAC;IACxB,MAAM,EAAE,GAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IACxC,MAAM,QAAQ,GAAG,gBAAgB,CAAC,aAAa,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAC1D,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IACzB,IAAI,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;IACtD,GAAG,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC9B,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,mBAAmB,CAAC,CAAU;IACrC,IAAI,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC9C,MAAM,CAAC,GAAG,CAA4B,CAAC;IACvC,OAAO,OAAO,CAAC,CAAC,EAAE,KAAK,QAAQ,IAAI,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ;WACzD,OAAO,CAAC,CAAC,GAAG,KAAK,QAAQ,IAAI,CAAC,CAAC,OAAO,KAAK,CAAC,CAAC;AACtD,CAAC;AAED,gFAAgF;AAChF,6BAA6B;AAC7B,gFAAgF;AAEhF,SAAS,WAAW,CAAC,QAAgB,EAAE,IAAa;IAClD,eAAe,EAAE,CAAC;IAClB,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IACnD,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;AAChG,CAAC;AAED,SAAS,UAAU,CAAI,QAAgB;IACrC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IACvC,IAAI,CAAC;QACH,MAAM,MAAM,GAAY,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC;QACnE,IAAI,mBAAmB,CAAC,MAAM,CAAC,EAAE,CAAC;YAChC,OAAO,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,MAAM,CAAC,CAAM,CAAC;QAClD,CAAC;QACD,mDAAmD;QACnD,MAAM,CAAC,KAAK,CAAC,0CAA0C,QAAQ,EAAE,CAAC,CAAC;QACnE,WAAW,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC9B,OAAO,MAAW,CAAC;IACrB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,CAAC,IAAI,CAAC,kBAAkB,QAAQ,EAAE,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAC5F,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,gFAAgF;AAChF,0CAA0C;AAC1C,gFAAgF;AAEhF,MAAM,UAAU,iBAAiB,CAAC,KAAc,IAAU,WAAW,CAAC,mBAAmB,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;AACtG,MAAM,UAAU,gBAAgB,KAA0B,OAAO,UAAU,CAAC,mBAAmB,EAAE,CAAC,CAAC,CAAC,CAAC;AACrG,MAAM,UAAU,eAAe,KAA2B,OAAO,UAAU,CAAC,mBAAmB,EAAE,CAAC,CAAC,CAAC,CAAC;AAErG,uFAAuF;AACvF,MAAM,UAAU,aAAa;IAC3B,MAAM,CAAC,GAAG,mBAAmB,EAAE,CAAC;IAChC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAChC,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;AAC/D,CAAC;AAED,uFAAuF;AACvF,MAAM,UAAU,sBAAsB;IACpC,MAAM,GAAG,GAAG,aAAa,EAAE,CAAC;IAC5B,OAAO,GAAG,KAAK,IAAI,IAAI,GAAG,GAAG,oBAAoB,CAAC;AACpD,CAAC;AAED,gFAAgF;AAChF,cAAc;AACd,gFAAgF;AAEhF,MAAM,UAAU,eAAe,CAAC,KAAiB,IAAU,WAAW,CAAC,iBAAiB,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC;AACrG,MAAM,UAAU,cAAc,KAA6B,OAAO,UAAU,CAAa,iBAAiB,EAAE,CAAC,CAAC,CAAC,CAAC;AAChH,MAAM,UAAU,eAAe;IAC7B,MAAM,CAAC,GAAG,iBAAiB,EAAE,CAAC;IAC9B,IAAI,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;QAAC,IAAI,CAAC;YAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC;IAAC,CAAC;AAClE,CAAC;AAED,gFAAgF;AAChF,qBAAqB;AACrB,gFAAgF;AAEhF,MAAM,UAAU,YAAY;IAC1B,IAAI,UAAU,CAAC,UAAU,CAAC;QAAE,MAAM,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;AACnF,CAAC"}
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Extract MSAL tokens from Outlook Web App's localStorage.
|
|
3
|
+
*
|
|
4
|
+
* OWA uses MSAL v3 and stores access tokens, refresh tokens, and ID tokens
|
|
5
|
+
* in localStorage under keys like:
|
|
6
|
+
* msal.3|{accountId}|login.windows.net|accesstoken|{clientId}|{tenantId}|{scopes}
|
|
7
|
+
* msal.3|{accountId}|login.windows.net|refreshtoken|{clientId}|||
|
|
8
|
+
*
|
|
9
|
+
* This mirrors how msteams-mcp extracts Teams tokens, adapted for OWA.
|
|
10
|
+
*/
|
|
11
|
+
export interface ExtractedTokens {
|
|
12
|
+
owaToken: string;
|
|
13
|
+
owaTokenExpiry: Date;
|
|
14
|
+
graphToken?: string;
|
|
15
|
+
graphTokenExpiry?: Date;
|
|
16
|
+
refreshToken: string;
|
|
17
|
+
tenantId?: string;
|
|
18
|
+
upn?: string;
|
|
19
|
+
}
|
|
20
|
+
/**
|
|
21
|
+
* Extract all MSAL tokens from the Playwright storageState localStorage array.
|
|
22
|
+
*
|
|
23
|
+
* @param localStorage Array of {name, value} entries from Playwright storageState
|
|
24
|
+
*/
|
|
25
|
+
export declare function extractTokensFromLocalStorage(localStorage: Array<{
|
|
26
|
+
name: string;
|
|
27
|
+
value: string;
|
|
28
|
+
}>): ExtractedTokens | null;
|
|
29
|
+
/** Shape of the relevant parts of a Playwright storageState. */
|
|
30
|
+
export interface StorageState {
|
|
31
|
+
origins?: Array<{
|
|
32
|
+
origin: string;
|
|
33
|
+
localStorage: Array<{
|
|
34
|
+
name: string;
|
|
35
|
+
value: string;
|
|
36
|
+
}>;
|
|
37
|
+
}>;
|
|
38
|
+
}
|
|
39
|
+
/**
|
|
40
|
+
* Get the localStorage array from a Playwright storageState for the OWA origin.
|
|
41
|
+
*/
|
|
42
|
+
export declare function getOwaLocalStorage(state: StorageState): Array<{
|
|
43
|
+
name: string;
|
|
44
|
+
value: string;
|
|
45
|
+
}> | null;
|
|
46
|
+
//# sourceMappingURL=token-extractor.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-extractor.d.ts","sourceRoot":"","sources":["../../src/auth/token-extractor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AASH,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,IAAI,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gBAAgB,CAAC,EAAE,IAAI,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAoDD;;;;GAIG;AACH,wBAAgB,6BAA6B,CAC3C,YAAY,EAAE,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,GACnD,eAAe,GAAG,IAAI,CA2ExB;AAED,gEAAgE;AAChE,MAAM,WAAW,YAAY;IAC3B,OAAO,CAAC,EAAE,KAAK,CAAC;QACd,MAAM,EAAE,MAAM,CAAC;QACf,YAAY,EAAE,KAAK,CAAC;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KACtD,CAAC,CAAC;CACJ;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAChC,KAAK,EAAE,YAAY,GAClB,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,GAAG,IAAI,CAG/C"}
|
|
@@ -0,0 +1,126 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Extract MSAL tokens from Outlook Web App's localStorage.
|
|
3
|
+
*
|
|
4
|
+
* OWA uses MSAL v3 and stores access tokens, refresh tokens, and ID tokens
|
|
5
|
+
* in localStorage under keys like:
|
|
6
|
+
* msal.3|{accountId}|login.windows.net|accesstoken|{clientId}|{tenantId}|{scopes}
|
|
7
|
+
* msal.3|{accountId}|login.windows.net|refreshtoken|{clientId}|||
|
|
8
|
+
*
|
|
9
|
+
* This mirrors how msteams-mcp extracts Teams tokens, adapted for OWA.
|
|
10
|
+
*/
|
|
11
|
+
import { logger } from '../utils/logger.js';
|
|
12
|
+
import { OWA_CLIENT_ID } from '../constants.js';
|
|
13
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
14
|
+
// JWT utilities
|
|
15
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
16
|
+
function decodeJwtPayload(token) {
|
|
17
|
+
try {
|
|
18
|
+
const parts = token.split('.');
|
|
19
|
+
if (parts.length < 2)
|
|
20
|
+
return null;
|
|
21
|
+
// Handle base64url encoding
|
|
22
|
+
const b64 = parts[1].replace(/-/g, '+').replace(/_/g, '/');
|
|
23
|
+
const padded = b64 + '='.repeat((4 - (b64.length % 4)) % 4);
|
|
24
|
+
return JSON.parse(Buffer.from(padded, 'base64').toString('utf8'));
|
|
25
|
+
}
|
|
26
|
+
catch {
|
|
27
|
+
return null;
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
function getJwtExpiry(token) {
|
|
31
|
+
const payload = decodeJwtPayload(token);
|
|
32
|
+
if (!payload?.exp || typeof payload.exp !== 'number')
|
|
33
|
+
return null;
|
|
34
|
+
return new Date(payload.exp * 1000);
|
|
35
|
+
}
|
|
36
|
+
function isJwt(value) {
|
|
37
|
+
return typeof value === 'string' && value.startsWith('ey');
|
|
38
|
+
}
|
|
39
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
40
|
+
// Extraction from Playwright storageState localStorage entries
|
|
41
|
+
// ─────────────────────────────────────────────────────────────────────────────
|
|
42
|
+
/**
|
|
43
|
+
* Extract all MSAL tokens from the Playwright storageState localStorage array.
|
|
44
|
+
*
|
|
45
|
+
* @param localStorage Array of {name, value} entries from Playwright storageState
|
|
46
|
+
*/
|
|
47
|
+
export function extractTokensFromLocalStorage(localStorage) {
|
|
48
|
+
let bestOwaToken = null;
|
|
49
|
+
let bestGraphToken = null;
|
|
50
|
+
let refreshToken = null;
|
|
51
|
+
let tenantId;
|
|
52
|
+
let upn;
|
|
53
|
+
for (const item of localStorage) {
|
|
54
|
+
const key = item.name;
|
|
55
|
+
if (!key.startsWith('msal.'))
|
|
56
|
+
continue;
|
|
57
|
+
let entry;
|
|
58
|
+
try {
|
|
59
|
+
entry = JSON.parse(item.value);
|
|
60
|
+
}
|
|
61
|
+
catch {
|
|
62
|
+
continue;
|
|
63
|
+
}
|
|
64
|
+
if (!entry.secret)
|
|
65
|
+
continue;
|
|
66
|
+
// ── Refresh Token ─────────────────────────────────────────────────────
|
|
67
|
+
if (key.includes('refreshtoken') && entry.clientId === OWA_CLIENT_ID) {
|
|
68
|
+
refreshToken = entry.secret;
|
|
69
|
+
continue;
|
|
70
|
+
}
|
|
71
|
+
// ── Access Tokens ─────────────────────────────────────────────────────
|
|
72
|
+
if (!key.includes('accesstoken'))
|
|
73
|
+
continue;
|
|
74
|
+
if (!isJwt(entry.secret))
|
|
75
|
+
continue;
|
|
76
|
+
const expiry = getJwtExpiry(entry.secret);
|
|
77
|
+
if (!expiry)
|
|
78
|
+
continue;
|
|
79
|
+
if (expiry.getTime() <= Date.now())
|
|
80
|
+
continue; // skip expired
|
|
81
|
+
// Extract UPN and tenant from any token
|
|
82
|
+
if (!upn) {
|
|
83
|
+
const payload = decodeJwtPayload(entry.secret);
|
|
84
|
+
if (payload) {
|
|
85
|
+
upn = payload.upn ?? payload.preferred_username;
|
|
86
|
+
tenantId = tenantId ?? payload.tid;
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
// OWA token — scope contains outlook.office.com
|
|
90
|
+
if (entry.target?.includes('outlook.office.com')) {
|
|
91
|
+
if (!bestOwaToken || expiry > bestOwaToken.expiry) {
|
|
92
|
+
bestOwaToken = { token: entry.secret, expiry };
|
|
93
|
+
}
|
|
94
|
+
}
|
|
95
|
+
// Graph token — scope contains graph.microsoft.com
|
|
96
|
+
if (entry.target?.includes('graph.microsoft.com')) {
|
|
97
|
+
if (!bestGraphToken || expiry > bestGraphToken.expiry) {
|
|
98
|
+
bestGraphToken = { token: entry.secret, expiry };
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
}
|
|
102
|
+
if (!bestOwaToken || !refreshToken) {
|
|
103
|
+
logger.debug('Token extraction failed', {
|
|
104
|
+
hasOwaToken: !!bestOwaToken,
|
|
105
|
+
hasRefreshToken: !!refreshToken,
|
|
106
|
+
});
|
|
107
|
+
return null;
|
|
108
|
+
}
|
|
109
|
+
return {
|
|
110
|
+
owaToken: bestOwaToken.token,
|
|
111
|
+
owaTokenExpiry: bestOwaToken.expiry,
|
|
112
|
+
graphToken: bestGraphToken?.token,
|
|
113
|
+
graphTokenExpiry: bestGraphToken?.expiry,
|
|
114
|
+
refreshToken,
|
|
115
|
+
tenantId,
|
|
116
|
+
upn,
|
|
117
|
+
};
|
|
118
|
+
}
|
|
119
|
+
/**
|
|
120
|
+
* Get the localStorage array from a Playwright storageState for the OWA origin.
|
|
121
|
+
*/
|
|
122
|
+
export function getOwaLocalStorage(state) {
|
|
123
|
+
const owaOrigin = state.origins?.find(o => o.origin.includes('outlook.office.com'));
|
|
124
|
+
return owaOrigin?.localStorage ?? null;
|
|
125
|
+
}
|
|
126
|
+
//# sourceMappingURL=token-extractor.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-extractor.js","sourceRoot":"","sources":["../../src/auth/token-extractor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAmChD,gFAAgF;AAChF,gBAAgB;AAChB,gFAAgF;AAEhF,SAAS,gBAAgB,CAAC,KAAa;IACrC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QAClC,4BAA4B;QAC5B,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAC3D,MAAM,MAAM,GAAG,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC5D,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAe,CAAC;IAClF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,YAAY,CAAC,KAAa;IACjC,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACxC,IAAI,CAAC,OAAO,EAAE,GAAG,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAClE,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;AACtC,CAAC;AAED,SAAS,KAAK,CAAC,KAAa;IAC1B,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;AAC7D,CAAC;AAED,gFAAgF;AAChF,+DAA+D;AAC/D,gFAAgF;AAEhF;;;;GAIG;AACH,MAAM,UAAU,6BAA6B,CAC3C,YAAoD;IAEpD,IAAI,YAAY,GAA2C,IAAI,CAAC;IAChE,IAAI,cAAc,GAA2C,IAAI,CAAC;IAClE,IAAI,YAAY,GAAkB,IAAI,CAAC;IACvC,IAAI,QAA4B,CAAC;IACjC,IAAI,GAAuB,CAAC;IAE5B,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;QAChC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC;QACtB,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC;YAAE,SAAS;QAEvC,IAAI,KAAgB,CAAC;QACrB,IAAI,CAAC;YACH,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAc,CAAC;QAC9C,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,MAAM;YAAE,SAAS;QAE5B,yEAAyE;QACzE,IAAI,GAAG,CAAC,QAAQ,CAAC,cAAc,CAAC,IAAI,KAAK,CAAC,QAAQ,KAAK,aAAa,EAAE,CAAC;YACrE,YAAY,GAAG,KAAK,CAAC,MAAM,CAAC;YAC5B,SAAS;QACX,CAAC;QAED,yEAAyE;QACzE,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC;YAAE,SAAS;QAC3C,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC;YAAE,SAAS;QAEnC,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC1C,IAAI,CAAC,MAAM;YAAE,SAAS;QACtB,IAAI,MAAM,CAAC,OAAO,EAAE,IAAI,IAAI,CAAC,GAAG,EAAE;YAAE,SAAS,CAAC,eAAe;QAE7D,wCAAwC;QACxC,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YAC/C,IAAI,OAAO,EAAE,CAAC;gBACZ,GAAG,GAAG,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,kBAAkB,CAAC;gBAChD,QAAQ,GAAG,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC;YACrC,CAAC;QACH,CAAC;QAED,gDAAgD;QAChD,IAAI,KAAK,CAAC,MAAM,EAAE,QAAQ,CAAC,oBAAoB,CAAC,EAAE,CAAC;YACjD,IAAI,CAAC,YAAY,IAAI,MAAM,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC;gBAClD,YAAY,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC;YACjD,CAAC;QACH,CAAC;QAED,mDAAmD;QACnD,IAAI,KAAK,CAAC,MAAM,EAAE,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;YAClD,IAAI,CAAC,cAAc,IAAI,MAAM,GAAG,cAAc,CAAC,MAAM,EAAE,CAAC;gBACtD,cAAc,GAAG,EAAE,KAAK,EAAE,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC;YACnD,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,CAAC,YAAY,IAAI,CAAC,YAAY,EAAE,CAAC;QACnC,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE;YACtC,WAAW,EAAE,CAAC,CAAC,YAAY;YAC3B,eAAe,EAAE,CAAC,CAAC,YAAY;SAChC,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,YAAY,CAAC,KAAK;QAC5B,cAAc,EAAE,YAAY,CAAC,MAAM;QACnC,UAAU,EAAE,cAAc,EAAE,KAAK;QACjC,gBAAgB,EAAE,cAAc,EAAE,MAAM;QACxC,YAAY;QACZ,QAAQ;QACR,GAAG;KACJ,CAAC;AACJ,CAAC;AAUD;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAChC,KAAmB;IAEnB,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC,CAAC;IACpF,OAAO,SAAS,EAAE,YAAY,IAAI,IAAI,CAAC;AACzC,CAAC"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* HTTP-based token refresh.
|
|
3
|
+
*
|
|
4
|
+
* Uses the OWA first-party client ID (public SPA — no client secret needed) to
|
|
5
|
+
* exchange a cached refresh token for new access tokens via the standard
|
|
6
|
+
* OAuth2 token endpoint.
|
|
7
|
+
*
|
|
8
|
+
* Key detail (from msteams-mcp): the Origin header is REQUIRED for SPA
|
|
9
|
+
* client IDs. Azure AD validates that refresh token grants from SPA clients
|
|
10
|
+
* include a cross-origin Origin header matching a registered redirect URI.
|
|
11
|
+
* Without it Azure AD returns AADSTS9002327.
|
|
12
|
+
*/
|
|
13
|
+
/**
|
|
14
|
+
* Refresh the OWA access token via HTTP.
|
|
15
|
+
* Returns the new access token on success, null on failure.
|
|
16
|
+
* Prevents concurrent refresh races with module-level guard.
|
|
17
|
+
*/
|
|
18
|
+
export declare function refreshOwaToken(): Promise<string | null>;
|
|
19
|
+
/**
|
|
20
|
+
* Refresh the Graph access token via HTTP.
|
|
21
|
+
*/
|
|
22
|
+
export declare function refreshGraphToken(): Promise<string | null>;
|
|
23
|
+
//# sourceMappingURL=token-refresh.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-refresh.d.ts","sourceRoot":"","sources":["../../src/auth/token-refresh.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AA+EH;;;;GAIG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CA+B9D;AAED;;GAEG;AACH,wBAAsB,iBAAiB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAyBhE"}
|