powerautomate-mcp 0.7.1 → 0.7.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js CHANGED
@@ -1006,6 +1006,11 @@ async function createWamAuthProvider(config, silentOnly = false) {
1006
1006
  "No cached credentials available. Run 'powerautomate-mcp --setup' first to authenticate."
1007
1007
  );
1008
1008
  }
1009
+ if (currentAccount) {
1010
+ throw new AuthenticationError(
1011
+ `Silent token acquisition failed for scopes: ${mutableScopes.join(", ")}. Resource may not be registered in the app registration. Re-run --setup to update permissions.`
1012
+ );
1013
+ }
1009
1014
  try {
1010
1015
  const result = await pca.acquireTokenInteractive({
1011
1016
  scopes: mutableScopes,
@@ -1036,6 +1041,19 @@ async function createWamAuthProvider(config, silentOnly = false) {
1036
1041
  const result = await acquireToken(SCOPES.FLOW);
1037
1042
  return result.accessToken;
1038
1043
  },
1044
+ async tryGetTokenForResourceSilent(resource) {
1045
+ try {
1046
+ validateHttpsUrl(resource, "Token resource");
1047
+ const url = new URL(resource);
1048
+ if (!isAllowedTokenDomain(url.hostname)) return null;
1049
+ if (!currentAccount) return null;
1050
+ const scopes = [`${resource}/.default`];
1051
+ const result = await pca.acquireTokenSilent({ scopes, account: currentAccount });
1052
+ return result.accessToken;
1053
+ } catch {
1054
+ return null;
1055
+ }
1056
+ },
1039
1057
  async getTokenForResource(resource) {
1040
1058
  validateHttpsUrl(resource, "Token resource");
1041
1059
  const url = new URL(resource);
@@ -14800,6 +14818,11 @@ async function createDeviceCodeAuthProvider(config, silentOnly = false) {
14800
14818
  "No cached credentials available. Run 'powerautomate-mcp --setup' first to authenticate."
14801
14819
  );
14802
14820
  }
14821
+ if (currentAccount) {
14822
+ throw new AuthenticationError(
14823
+ `Silent token acquisition failed for scopes: ${mutableScopes.join(", ")}. Resource may not be registered in the app registration. Re-run --setup to update permissions.`
14824
+ );
14825
+ }
14803
14826
  try {
14804
14827
  logger.info("Starting device code authentication flow");
14805
14828
  const deviceCodeRequest = {
@@ -14847,6 +14870,26 @@ async function createDeviceCodeAuthProvider(config, silentOnly = false) {
14847
14870
  const result = await acquireToken(scopes);
14848
14871
  return result.accessToken;
14849
14872
  },
14873
+ async tryGetTokenForResourceSilent(resource) {
14874
+ try {
14875
+ validateHttpsUrl(resource, "Token resource");
14876
+ const url = new URL(resource);
14877
+ if (!isAllowedTokenDomain(url.hostname)) {
14878
+ return null;
14879
+ }
14880
+ if (!currentAccount) {
14881
+ return null;
14882
+ }
14883
+ const scopes = [`${resource}/.default`];
14884
+ const result = await pca.acquireTokenSilent({
14885
+ scopes,
14886
+ account: currentAccount
14887
+ });
14888
+ return result.accessToken;
14889
+ } catch {
14890
+ return null;
14891
+ }
14892
+ },
14850
14893
  async logout() {
14851
14894
  if (currentAccount) {
14852
14895
  const cache = pca.getTokenCache();
@@ -14941,6 +14984,18 @@ var REQUIRED_RESOURCE_ACCESS = [
14941
14984
  { id: "d05743e4-fb24-4dff-8a33-0f6c73c964bd", type: "Scope" }
14942
14985
  ]
14943
14986
  },
14987
+ {
14988
+ resourceAppId: "475226c6-020e-4fb2-8a90-7a972cbfc1d4",
14989
+ resourceAccess: [
14990
+ { id: "a4c50e78-6978-4ce3-b1c0-965c1f9b1128", type: "Scope" }
14991
+ ]
14992
+ },
14993
+ {
14994
+ resourceAppId: "0e0bf3cc-3078-4fd4-9ef3-cb6dc0245b10",
14995
+ resourceAccess: [
14996
+ { id: "4ae1bf56-f562-4747-b7bc-2fa0874ed46f", type: "Scope" }
14997
+ ]
14998
+ },
14944
14999
  {
14945
15000
  resourceAppId: "00000007-0000-0000-c000-000000000000",
14946
15001
  resourceAccess: [
@@ -15247,15 +15302,15 @@ async function runSetupWizard() {
15247
15302
  print(` ${icons.check} ${c.green}Signed in${c.reset}`);
15248
15303
  }
15249
15304
  const additionalResources = [
15250
- "https://api.bap.microsoft.com",
15251
- "https://service.powerapps.com"
15305
+ { url: "https://service.powerapps.com", label: "PowerApps (connections)" },
15306
+ { url: "https://api.bap.microsoft.com", label: "Admin API (environments)" }
15252
15307
  ];
15253
- for (const resource of additionalResources) {
15254
- try {
15255
- await authProvider.getTokenForResource(resource);
15256
- print(` ${icons.check} ${c.dim}Authorized ${resource.replace("https://", "")}${c.reset}`);
15257
- } catch {
15258
- print(` ${c.dim}${icons.warn} Could not authorize ${resource.replace("https://", "")} (admin tools may be limited)${c.reset}`);
15308
+ for (const { url, label } of additionalResources) {
15309
+ const token = authProvider.tryGetTokenForResourceSilent ? await authProvider.tryGetTokenForResourceSilent(url) : null;
15310
+ if (token) {
15311
+ print(` ${icons.check} ${c.dim}${label}: authorized${c.reset}`);
15312
+ } else {
15313
+ print(` ${c.dim}${icons.info || "-"} ${label}: will be authorized via admin consent (Step 3)${c.reset}`);
15259
15314
  }
15260
15315
  }
15261
15316
  } catch (error) {