mcp-sharepoint-us 2.0.0__py3-none-any.whl

mcp_sharepoint/__init__.py

@@ -0,0 +1,535 @@
+"""
+SharePoint MCP Server with Modern Azure AD Authentication
+"""
+import os
+import logging
+import asyncio
+from functools import wraps
+from typing import Optional
+import base64
+import mimetypes
+
+from mcp.server import Server
+from mcp.types import Resource, Tool, TextContent, ImageContent, EmbeddedResource
+from pydantic import AnyUrl
+import mcp.server.stdio
+
+from office365.sharepoint.files.file import File
+from office365.sharepoint.folders.folder import Folder
+from office365.sharepoint.client_context import ClientContext
+
+from .auth import create_sharepoint_context
+
+# Setup logging
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+# Initialize MCP server
+app = Server("mcp-sharepoint")
+
+# Global SharePoint context
+ctx: Optional[ClientContext] = None
+
+
+def ensure_context(func):
+    """Decorator to ensure SharePoint context is available"""
+    @wraps(func)
+    async def wrapper(*args, **kwargs):
+        global ctx
+        if ctx is None:
+            try:
+                ctx = create_sharepoint_context()
+                logger.info("SharePoint context initialized successfully")
+            except Exception as e:
+                logger.error(f"Failed to initialize SharePoint context: {e}")
+                raise RuntimeError(
+                    f"SharePoint authentication failed: {e}. "
+                    "Please check your environment variables and ensure:\n"
+                    "1. SHP_TENANT_ID is set correctly\n"
+                    "2. Your Azure AD app has the correct API permissions\n"
+                    "3. If using a new tenant, make sure you're using modern auth (MSAL)"
+                )
+        return await func(*args, **kwargs)
+    return wrapper
+
+
+def get_document_library_path() -> str:
+    """Get the document library path from environment"""
+    return os.getenv("SHP_DOC_LIBRARY", "Shared Documents")
+
+
+@app.list_resources()
+async def list_resources() -> list[Resource]:
+    """List available SharePoint resources"""
+    return [
+        Resource(
+            uri=AnyUrl(f"sharepoint:///{get_document_library_path()}"),
+            name=f"SharePoint Document Library: {get_document_library_path()}",
+            mimeType="application/vnd.sharepoint.folder",
+            description="Main SharePoint document library configured for this server"
+        )
+    ]
+
+
+@app.list_tools()
+async def list_tools() -> list[Tool]:
+    """List available SharePoint tools"""
+    return [
+        Tool(
+            name="List_SharePoint_Folders",
+            description="List all folders in a specified directory or root of the document library",
+            inputSchema={
+                "type": "object",
+                "properties": {
+                    "folder_path": {
+                        "type": "string",
+                        "description": "Path to the folder (relative to document library root). Leave empty for root.",
+                        "default": ""
+                    }
+                }
+            }
+        ),
+        Tool(
+            name="List_SharePoint_Documents",
+            description="List all documents in a specified folder with metadata",
+            inputSchema={
+                "type": "object",
+                "properties": {
+                    "folder_path": {
+                        "type": "string",
+                        "description": "Path to the folder containing documents",
+                        "default": ""
+                    }
+                },
+                "required": []
+            }
+        ),
+        Tool(
+            name="Get_Document_Content",
+            description="Get the content of a document (supports text extraction from PDF, Word, Excel, and text files)",
+            inputSchema={
+                "type": "object",
+                "properties": {
+                    "file_path": {
+                        "type": "string",
+                        "description": "Path to the file (relative to document library root)"
+                    }
+                },
+                "required": ["file_path"]
+            }
+        ),
+        Tool(
+            name="Upload_Document",
+            description="Upload a new document to SharePoint",
+            inputSchema={
+                "type": "object",
+                "properties": {
+                    "folder_path": {
+                        "type": "string",
+                        "description": "Destination folder path"
+                    },
+                    "file_name": {
+                        "type": "string",
+                        "description": "Name of the file to create"
+                    },
+                    "content": {
+                        "type": "string",
+                        "description": "File content (text or base64 encoded for binary files)"
+                    },
+                    "is_binary": {
+                        "type": "boolean",
+                        "description": "Whether the content is base64 encoded binary",
+                        "default": False
+                    }
+                },
+                "required": ["folder_path", "file_name", "content"]
+            }
+        ),
+        Tool(
+            name="Update_Document",
+            description="Update the content of an existing document",
+            inputSchema={
+                "type": "object",
+                "properties": {
+                    "file_path": {
+                        "type": "string",
+                        "description": "Path to the file to update"
+                    },
+                    "content": {
+                        "type": "string",
+                        "description": "New file content"
+                    },
+                    "is_binary": {
+                        "type": "boolean",
+                        "description": "Whether the content is base64 encoded binary",
+                        "default": False
+                    }
+                },
+                "required": ["file_path", "content"]
+            }
+        ),
+        Tool(
+            name="Delete_Document",
+            description="Delete a document from SharePoint",
+            inputSchema={
+                "type": "object",
+                "properties": {
+                    "file_path": {
+                        "type": "string",
+                        "description": "Path to the file to delete"
+                    }
+                },
+                "required": ["file_path"]
+            }
+        ),
+        Tool(
+            name="Create_Folder",
+            description="Create a new folder in SharePoint",
+            inputSchema={
+                "type": "object",
+                "properties": {
+                    "folder_path": {
+                        "type": "string",
+                        "description": "Path where to create the folder"
+                    },
+                    "folder_name": {
+                        "type": "string",
+                        "description": "Name of the new folder"
+                    }
+                },
+                "required": ["folder_path", "folder_name"]
+            }
+        ),
+        Tool(
+            name="Delete_Folder",
+            description="Delete an empty folder from SharePoint",
+            inputSchema={
+                "type": "object",
+                "properties": {
+                    "folder_path": {
+                        "type": "string",
+                        "description": "Path to the folder to delete"
+                    }
+                },
+                "required": ["folder_path"]
+            }
+        ),
+        Tool(
+            name="Get_SharePoint_Tree",
+            description="Get a recursive tree view of SharePoint folder structure",
+            inputSchema={
+                "type": "object",
+                "properties": {
+                    "folder_path": {
+                        "type": "string",
+                        "description": "Starting folder path (leave empty for root)",
+                        "default": ""
+                    },
+                    "max_depth": {
+                        "type": "integer",
+                        "description": "Maximum depth to traverse",
+                        "default": 5
+                    }
+                },
+                "required": []
+            }
+        ),
+        Tool(
+            name="Test_Connection",
+            description="Test the SharePoint connection and authentication",
+            inputSchema={
+                "type": "object",
+                "properties": {},
+                "required": []
+            }
+        )
+    ]
+
+
+@app.call_tool()
+@ensure_context
+async def call_tool(name: str, arguments: dict) -> list[TextContent]:
+    """Handle tool execution"""
+    
+    try:
+        if name == "Test_Connection":
+            return await test_connection()
+        elif name == "List_SharePoint_Folders":
+            return await list_folders(arguments.get("folder_path", ""))
+        elif name == "List_SharePoint_Documents":
+            return await list_documents(arguments.get("folder_path", ""))
+        elif name == "Get_Document_Content":
+            return await get_document_content(arguments["file_path"])
+        elif name == "Upload_Document":
+            return await upload_document(
+                arguments["folder_path"],
+                arguments["file_name"],
+                arguments["content"],
+                arguments.get("is_binary", False)
+            )
+        elif name == "Update_Document":
+            return await update_document(
+                arguments["file_path"],
+                arguments["content"],
+                arguments.get("is_binary", False)
+            )
+        elif name == "Delete_Document":
+            return await delete_document(arguments["file_path"])
+        elif name == "Create_Folder":
+            return await create_folder(arguments["folder_path"], arguments["folder_name"])
+        elif name == "Delete_Folder":
+            return await delete_folder(arguments["folder_path"])
+        elif name == "Get_SharePoint_Tree":
+            return await get_tree(
+                arguments.get("folder_path", ""),
+                arguments.get("max_depth", 5)
+            )
+        else:
+            raise ValueError(f"Unknown tool: {name}")
+            
+    except Exception as e:
+        logger.error(f"Tool '{name}' failed: {e}")
+        return [TextContent(
+            type="text",
+            text=f"Error executing {name}: {str(e)}"
+        )]
+
+
+async def test_connection() -> list[TextContent]:
+    """Test SharePoint connection"""
+    try:
+        web = ctx.web.get().execute_query()
+        auth_method = os.getenv("SHP_AUTH_METHOD", "msal")
+        
+        return [TextContent(
+            type="text",
+            text=f"✓ Successfully connected to SharePoint!\n\n"
+                 f"Site Title: {web.title}\n"
+                 f"Site URL: {web.url}\n"
+                 f"Authentication Method: {auth_method.upper()}\n"
+                 f"Tenant ID: {os.getenv('SHP_TENANT_ID')}\n\n"
+                 f"Connection is working correctly with modern Azure AD authentication."
+        )]
+    except Exception as e:
+        return [TextContent(
+            type="text",
+            text=f"✗ Connection failed: {str(e)}\n\n"
+                 f"This usually means:\n"
+                 f"1. Your credentials are incorrect\n"
+                 f"2. Your app doesn't have proper SharePoint permissions\n"
+                 f"3. You're using legacy auth on a new tenant (set SHP_AUTH_METHOD=msal)"
+        )]
+
+
+async def list_folders(folder_path: str = "") -> list[TextContent]:
+    """List folders in specified path"""
+    try:
+        doc_lib = get_document_library_path()
+        full_path = f"{doc_lib}/{folder_path}" if folder_path else doc_lib
+        
+        folder = ctx.web.get_folder_by_server_relative_path(full_path)
+        folders = folder.folders.get().execute_query()
+        
+        folder_list = []
+        for f in folders:
+            folder_list.append(f"📁 {f.name}")
+        
+        result = f"Folders in '{full_path}':\n\n" + "\n".join(folder_list) if folder_list else f"No folders found in '{full_path}'"
+        
+        return [TextContent(type="text", text=result)]
+        
+    except Exception as e:
+        return [TextContent(type="text", text=f"Error listing folders: {str(e)}")]
+
+
+async def list_documents(folder_path: str = "") -> list[TextContent]:
+    """List documents in specified folder"""
+    try:
+        doc_lib = get_document_library_path()
+        full_path = f"{doc_lib}/{folder_path}" if folder_path else doc_lib
+        
+        folder = ctx.web.get_folder_by_server_relative_path(full_path)
+        files = folder.files.get().execute_query()
+        
+        file_list = []
+        for f in files:
+            size_kb = f.length / 1024
+            file_list.append(f"📄 {f.name} ({size_kb:.2f} KB)")
+        
+        result = f"Documents in '{full_path}':\n\n" + "\n".join(file_list) if file_list else f"No documents found in '{full_path}'"
+        
+        return [TextContent(type="text", text=result)]
+        
+    except Exception as e:
+        return [TextContent(type="text", text=f"Error listing documents: {str(e)}")]
+
+
+async def get_document_content(file_path: str) -> list[TextContent]:
+    """Get document content"""
+    try:
+        doc_lib = get_document_library_path()
+        full_path = f"{doc_lib}/{file_path}"
+        
+        file = ctx.web.get_file_by_server_relative_path(full_path)
+        content = file.read()
+        
+        # Determine if binary based on file extension
+        ext = os.path.splitext(file_path)[1].lower()
+        text_extensions = {'.txt', '.md', '.json', '.xml', '.html', '.csv', '.log'}
+        
+        if ext in text_extensions:
+            # Text file
+            text_content = content.decode('utf-8')
+            return [TextContent(type="text", text=text_content)]
+        else:
+            # Binary file - return base64
+            b64_content = base64.b64encode(content).decode('utf-8')
+            return [TextContent(
+                type="text",
+                text=f"Binary file (base64 encoded):\n\n{b64_content[:200]}...\n\n"
+                     f"Full content length: {len(b64_content)} characters"
+            )]
+            
+    except Exception as e:
+        return [TextContent(type="text", text=f"Error reading document: {str(e)}")]
+
+
+async def upload_document(folder_path: str, file_name: str, content: str, is_binary: bool = False) -> list[TextContent]:
+    """Upload a document"""
+    try:
+        doc_lib = get_document_library_path()
+        full_path = f"{doc_lib}/{folder_path}" if folder_path else doc_lib
+        
+        folder = ctx.web.get_folder_by_server_relative_path(full_path)
+        
+        if is_binary:
+            file_content = base64.b64decode(content)
+        else:
+            file_content = content.encode('utf-8')
+        
+        uploaded_file = folder.upload_file(file_name, file_content).execute_query()
+        
+        return [TextContent(
+            type="text",
+            text=f"✓ Successfully uploaded '{file_name}' to '{full_path}'"
+        )]
+        
+    except Exception as e:
+        return [TextContent(type="text", text=f"Error uploading document: {str(e)}")]
+
+
+async def update_document(file_path: str, content: str, is_binary: bool = False) -> list[TextContent]:
+    """Update a document"""
+    try:
+        doc_lib = get_document_library_path()
+        full_path = f"{doc_lib}/{file_path}"
+        
+        if is_binary:
+            file_content = base64.b64decode(content)
+        else:
+            file_content = content.encode('utf-8')
+        
+        file = ctx.web.get_file_by_server_relative_path(full_path)
+        file.write(file_content).execute_query()
+        
+        return [TextContent(
+            type="text",
+            text=f"✓ Successfully updated '{file_path}'"
+        )]
+        
+    except Exception as e:
+        return [TextContent(type="text", text=f"Error updating document: {str(e)}")]
+
+
+async def delete_document(file_path: str) -> list[TextContent]:
+    """Delete a document"""
+    try:
+        doc_lib = get_document_library_path()
+        full_path = f"{doc_lib}/{file_path}"
+        
+        file = ctx.web.get_file_by_server_relative_path(full_path)
+        file.delete_object().execute_query()
+        
+        return [TextContent(
+            type="text",
+            text=f"✓ Successfully deleted '{file_path}'"
+        )]
+        
+    except Exception as e:
+        return [TextContent(type="text", text=f"Error deleting document: {str(e)}")]
+
+
+async def create_folder(folder_path: str, folder_name: str) -> list[TextContent]:
+    """Create a folder"""
+    try:
+        doc_lib = get_document_library_path()
+        full_path = f"{doc_lib}/{folder_path}" if folder_path else doc_lib
+        
+        parent_folder = ctx.web.get_folder_by_server_relative_path(full_path)
+        new_folder = parent_folder.folders.add(folder_name).execute_query()
+        
+        return [TextContent(
+            type="text",
+            text=f"✓ Successfully created folder '{folder_name}' in '{full_path}'"
+        )]
+        
+    except Exception as e:
+        return [TextContent(type="text", text=f"Error creating folder: {str(e)}")]
+
+
+async def delete_folder(folder_path: str) -> list[TextContent]:
+    """Delete a folder"""
+    try:
+        doc_lib = get_document_library_path()
+        full_path = f"{doc_lib}/{folder_path}"
+        
+        folder = ctx.web.get_folder_by_server_relative_path(full_path)
+        folder.delete_object().execute_query()
+        
+        return [TextContent(
+            type="text",
+            text=f"✓ Successfully deleted folder '{folder_path}'"
+        )]
+        
+    except Exception as e:
+        return [TextContent(type="text", text=f"Error deleting folder: {str(e)}")]
+
+
+async def get_tree(folder_path: str = "", max_depth: int = 5, current_depth: int = 0) -> list[TextContent]:
+    """Get folder tree structure"""
+    if current_depth >= max_depth:
+        return [TextContent(type="text", text="Max depth reached")]
+    
+    try:
+        doc_lib = get_document_library_path()
+        full_path = f"{doc_lib}/{folder_path}" if folder_path else doc_lib
+        
+        folder = ctx.web.get_folder_by_server_relative_path(full_path)
+        folders = folder.folders.get().execute_query()
+        
+        indent = "  " * current_depth
+        tree_lines = [f"{indent}📁 {folder_path or 'Root'}"]
+        
+        for f in folders:
+            sub_path = f"{folder_path}/{f.name}" if folder_path else f.name
+            sub_tree = await get_tree(sub_path, max_depth, current_depth + 1)
+            tree_lines.append(sub_tree[0].text)
+        
+        return [TextContent(type="text", text="\n".join(tree_lines))]
+        
+    except Exception as e:
+        return [TextContent(type="text", text=f"Error getting tree: {str(e)}")]
+
+
+async def main():
+    """Main entry point"""
+    async with mcp.server.stdio.stdio_server() as (read_stream, write_stream):
+        await app.run(
+            read_stream,
+            write_stream,
+            app.create_initialization_options()
+        )
+
+
+if __name__ == "__main__":
+    asyncio.run(main())

mcp_sharepoint/__main__.py

@@ -0,0 +1,8 @@
+"""
+Entry point for mcp-sharepoint module
+"""
+import asyncio
+from . import main
+
+if __name__ == "__main__":
+    asyncio.run(main())

mcp_sharepoint/auth.py

@@ -0,0 +1,234 @@
+"""
+Authentication module for SharePoint MCP Server
+Supports modern Azure AD authentication methods
+"""
+import os
+import logging
+from typing import Optional
+from office365.sharepoint.client_context import ClientContext
+from office365.runtime.auth.client_credential import ClientCredential
+import msal
+
+logger = logging.getLogger(__name__)
+
+
+class SharePointAuthenticator:
+    """
+    Handles authentication to SharePoint using modern Azure AD methods.
+    Supports multiple authentication flows for compatibility with new tenants.
+    """
+    
+    def __init__(
+        self,
+        site_url: str,
+        client_id: str,
+        client_secret: str,
+        tenant_id: str,
+        cert_path: Optional[str] = None,
+        cert_thumbprint: Optional[str] = None,
+    ):
+        """
+        Initialize SharePoint authenticator.
+        
+        Args:
+            site_url: SharePoint site URL
+            client_id: Azure AD application client ID
+            client_secret: Azure AD application client secret
+            tenant_id: Azure AD tenant ID
+            cert_path: Optional path to certificate file for cert-based auth
+            cert_thumbprint: Optional certificate thumbprint
+        """
+        self.site_url = site_url.rstrip("/")
+        self.client_id = client_id
+        self.client_secret = client_secret
+        self.tenant_id = tenant_id
+        self.cert_path = cert_path
+        self.cert_thumbprint = cert_thumbprint
+        
+    def get_context_with_msal(self) -> ClientContext:
+        """
+        Get ClientContext using MSAL for modern Azure AD authentication.
+        This is the recommended method for new tenants.
+        
+        Returns:
+            Authenticated ClientContext
+        """
+        def acquire_token():
+            """Acquire token using MSAL"""
+            authority_url = f'https://login.microsoftonline.com/{self.tenant_id}'
+            
+            app = msal.ConfidentialClientApplication(
+                authority=authority_url,
+                client_id=self.client_id,
+                client_credential=self.client_secret
+            )
+            
+            # SharePoint requires the site-specific scope
+            scopes = [f"{self.site_url}/.default"]
+            
+            result = app.acquire_token_for_client(scopes=scopes)
+            
+            if "access_token" not in result:
+                error_desc = result.get("error_description", "Unknown error")
+                raise ValueError(f"Failed to acquire token: {error_desc}")
+            
+            return result
+        
+        ctx = ClientContext(self.site_url).with_access_token(acquire_token)
+        logger.info("Successfully authenticated using MSAL (Modern Azure AD)")
+        return ctx
+    
+    def get_context_with_certificate(self) -> ClientContext:
+        """
+        Get ClientContext using certificate-based authentication.
+        This is an alternative modern authentication method.
+        
+        Returns:
+            Authenticated ClientContext
+        
+        Raises:
+            ValueError: If certificate credentials are not provided
+        """
+        if not self.cert_path or not self.cert_thumbprint:
+            raise ValueError(
+                "Certificate path and thumbprint are required for cert-based auth"
+            )
+        
+        ctx = ClientContext(self.site_url).with_client_certificate(
+            tenant=self.tenant_id,
+            client_id=self.client_id,
+            thumbprint=self.cert_thumbprint,
+            cert_path=self.cert_path
+        )
+        
+        logger.info("Successfully authenticated using certificate")
+        return ctx
+    
+    def get_context_legacy(self) -> ClientContext:
+        """
+        Get ClientContext using legacy ACS authentication (deprecated).
+        This method is included for backwards compatibility but may not work
+        with new tenants where ACS app-only is disabled.
+        
+        Returns:
+            Authenticated ClientContext
+        """
+        logger.warning(
+            "Using legacy ACS authentication. This may fail on new tenants. "
+            "Consider using MSAL or certificate-based auth instead."
+        )
+        
+        credentials = ClientCredential(self.client_id, self.client_secret)
+        ctx = ClientContext(self.site_url).with_credentials(credentials)
+        
+        return ctx
+    
+    def get_context(self, auth_method: str = "msal") -> ClientContext:
+        """
+        Get authenticated ClientContext using the specified method.
+        
+        Args:
+            auth_method: Authentication method to use.
+                        Options: "msal" (default), "certificate", "legacy"
+        
+        Returns:
+            Authenticated ClientContext
+        
+        Raises:
+            ValueError: If invalid auth method specified
+        """
+        auth_methods = {
+            "msal": self.get_context_with_msal,
+            "certificate": self.get_context_with_certificate,
+            "legacy": self.get_context_legacy
+        }
+        
+        if auth_method not in auth_methods:
+            raise ValueError(
+                f"Invalid auth method: {auth_method}. "
+                f"Must be one of: {', '.join(auth_methods.keys())}"
+            )
+        
+        try:
+            return auth_methods[auth_method]()
+        except Exception as e:
+            logger.error(f"Authentication failed with method '{auth_method}': {e}")
+            raise
+
+
+def create_sharepoint_context() -> ClientContext:
+    """
+    Factory function to create SharePoint context from environment variables.
+    Tries modern authentication methods first, falls back to legacy if needed.
+    
+    Environment variables required:
+        - SHP_SITE_URL: SharePoint site URL
+        - SHP_ID_APP: Azure AD application client ID
+        - SHP_ID_APP_SECRET: Azure AD application client secret
+        - SHP_TENANT_ID: Azure AD tenant ID
+        
+    Optional environment variables:
+        - SHP_AUTH_METHOD: Authentication method (msal, certificate, legacy)
+        - SHP_CERT_PATH: Path to certificate file
+        - SHP_CERT_THUMBPRINT: Certificate thumbprint
+    
+    Returns:
+        Authenticated ClientContext
+    
+    Raises:
+        ValueError: If required environment variables are missing
+    """
+    # Get required environment variables
+    site_url = os.getenv("SHP_SITE_URL")
+    client_id = os.getenv("SHP_ID_APP")
+    client_secret = os.getenv("SHP_ID_APP_SECRET")
+    tenant_id = os.getenv("SHP_TENANT_ID")
+    
+    # Validate required variables
+    missing_vars = []
+    if not site_url:
+        missing_vars.append("SHP_SITE_URL")
+    if not client_id:
+        missing_vars.append("SHP_ID_APP")
+    if not client_secret:
+        missing_vars.append("SHP_ID_APP_SECRET")
+    if not tenant_id:
+        missing_vars.append("SHP_TENANT_ID")
+    
+    if missing_vars:
+        raise ValueError(
+            f"Missing required environment variables: {', '.join(missing_vars)}"
+        )
+    
+    # Get optional environment variables
+    auth_method = os.getenv("SHP_AUTH_METHOD", "msal")
+    cert_path = os.getenv("SHP_CERT_PATH")
+    cert_thumbprint = os.getenv("SHP_CERT_THUMBPRINT")
+    
+    # Create authenticator
+    authenticator = SharePointAuthenticator(
+        site_url=site_url,
+        client_id=client_id,
+        client_secret=client_secret,
+        tenant_id=tenant_id,
+        cert_path=cert_path,
+        cert_thumbprint=cert_thumbprint
+    )
+    
+    # Try to authenticate
+    try:
+        ctx = authenticator.get_context(auth_method=auth_method)
+        logger.info(f"Successfully created SharePoint context using {auth_method} auth")
+        return ctx
+    except Exception as e:
+        logger.error(f"Failed to create SharePoint context: {e}")
+        
+        # If MSAL failed and we haven't tried legacy, suggest it
+        if auth_method == "msal":
+            logger.info(
+                "MSAL authentication failed. If you're using an older tenant, "
+                "you can try setting SHP_AUTH_METHOD=legacy, but note that "
+                "legacy ACS authentication is deprecated and may not work on new tenants."
+            )
+        
+        raise

mcp_sharepoint_us-2.0.0.dist-info/METADATA

@@ -0,0 +1,359 @@
+Metadata-Version: 2.4
+Name: mcp-sharepoint-us
+Version: 2.0.0
+Summary: SharePoint MCP Server with Modern Azure AD Authentication
+License: MIT
+Project-URL: Homepage, https://github.com/mdev26/mcp-sharepoint
+Project-URL: Repository, https://github.com/mdev26/mcp-sharepoint
+Project-URL: Bug Tracker, https://github.com/mdev26/mcp-sharepoint/issues
+Keywords: mcp,sharepoint,microsoft,azure,office365,msal
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: mcp>=1.0.0
+Requires-Dist: office365-rest-python-client>=2.5.0
+Requires-Dist: msal>=1.24.0
+Requires-Dist: python-dotenv>=1.0.0
+Requires-Dist: pydantic>=2.0.0
+Provides-Extra: dev
+Requires-Dist: pytest>=7.0.0; extra == "dev"
+Requires-Dist: pytest-asyncio>=0.21.0; extra == "dev"
+Requires-Dist: black>=23.0.0; extra == "dev"
+Requires-Dist: ruff>=0.1.0; extra == "dev"
+Dynamic: license-file
+
+# SharePoint MCP Server - Updated with Modern Authentication
+
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
+
+A comprehensive MCP Server for seamless integration with Microsoft SharePoint, **now with modern Azure AD authentication support** to work with new tenants.
+
+## 🆕 What's New in v2.0
+
+This is an updated fork of the original [mcp-sharepoint](https://github.com/Sofias-ai/mcp-sharepoint) that fixes the `Acquire app-only access token failed` error by implementing modern Azure AD authentication methods.
+
+### Key Updates
+
+- ✅ **Modern MSAL Authentication**: Uses Microsoft Authentication Library (MSAL) for Azure AD
+- ✅ **Multiple Auth Methods**: Supports MSAL, certificate-based, and legacy authentication
+- ✅ **New Tenant Compatible**: Works out-of-the-box with new Microsoft 365 tenants
+- ✅ **Better Error Messages**: Clear guidance when authentication fails
+- ✅ **Tenant ID Required**: Properly implements Azure AD app-only authentication
+
+## 🔧 The Problem This Fixes
+
+The original mcp-sharepoint used the deprecated ACS (Azure Access Control Service) authentication method with `with_client_credentials()`. This fails on new tenants with:
+
+```
+ValueError: Acquire app-only access token failed
+```
+
+**Why this happens:**
+- Microsoft disabled ACS app-only authentication by default for new tenants
+- The old method doesn't include tenant ID in the authentication flow
+- Modern Azure AD authentication requires MSAL or certificate-based auth
+
+**This update solves it by:**
+- Using MSAL (Microsoft Authentication Library) by default
+- Properly passing tenant ID to Azure AD
+- Supporting multiple modern authentication methods
+- Falling back gracefully with helpful error messages
+
+## 📋 Prerequisites
+
+### Azure AD App Registration
+
+You need to register an application in Azure AD with the following:
+
+1. **Go to Azure Portal** → Azure Active Directory → App registrations
+2. **Create new registration**:
+   - Name: "SharePoint MCP Server" (or your choice)
+   - Supported account types: "Accounts in this organizational directory only"
+   - Redirect URI: Not needed for app-only auth
+
+3. **Configure API Permissions**:
+   - Click "API permissions" → "Add a permission"
+   - Choose "SharePoint" → "Application permissions"
+   - Add these permissions:
+     - `Sites.Read.All` (for read operations)
+     - `Sites.ReadWrite.All` (for write operations)
+   - **Important**: Click "Grant admin consent" for your organization
+
+4. **Create Client Secret**:
+   - Go to "Certificates & secrets"
+   - Click "New client secret"
+   - Choose expiration (recommend 24 months)
+   - **Save the secret value immediately** (you won't see it again)
+
+5. **Note these values**:
+   - Application (client) ID
+   - Directory (tenant) ID
+   - Client secret value
+
+### Required Information
+
+You'll need:
+- **Tenant ID**: Your Azure AD tenant ID (GUID)
+- **Client ID**: Your Azure AD application ID (GUID)
+- **Client Secret**: The secret value you created
+- **Site URL**: Your SharePoint site URL (e.g., `https://contoso.sharepoint.com/sites/yoursite`)
+
+## 🚀 Installation
+
+### From Source (Recommended for this fork)
+
+```bash
+# Clone this repository
+git clone https://github.com/your-username/mcp-sharepoint-updated.git
+cd mcp-sharepoint-updated
+
+# Install in development mode
+pip install -e .
+```
+
+### Using uv (Alternative)
+
+```bash
+uv pip install -e .
+```
+
+## ⚙️ Configuration
+
+### Environment Variables
+
+Create a `.env` file or set these environment variables:
+
+```bash
+# Required - Modern Authentication
+SHP_TENANT_ID=your-tenant-id-guid
+SHP_ID_APP=your-client-id-guid
+SHP_ID_APP_SECRET=your-client-secret
+SHP_SITE_URL=https://your-tenant.sharepoint.com/sites/your-site
+
+# Optional
+SHP_DOC_LIBRARY=Shared Documents
+SHP_AUTH_METHOD=msal  # Options: msal (default), certificate, legacy
+
+# For certificate-based authentication (optional)
+# SHP_CERT_PATH=/path/to/certificate.pem
+# SHP_CERT_THUMBPRINT=your-cert-thumbprint
+```
+
+### Authentication Methods
+
+The server supports three authentication methods:
+
+#### 1. MSAL (Recommended - Default)
+Modern Azure AD authentication using MSAL. Works with new tenants.
+```bash
+SHP_AUTH_METHOD=msal
+```
+
+#### 2. Certificate-Based
+For organizations requiring certificate authentication.
+```bash
+SHP_AUTH_METHOD=certificate
+SHP_CERT_PATH=/path/to/cert.pem
+SHP_CERT_THUMBPRINT=your-thumbprint
+```
+
+#### 3. Legacy (Deprecated)
+Old ACS authentication. Only use if you have an older tenant with ACS enabled.
+```bash
+SHP_AUTH_METHOD=legacy
+```
+
+## 🔌 Claude Desktop Integration
+
+### Windows
+Edit: `%APPDATA%\Claude\claude_desktop_config.json`
+
+### macOS
+Edit: `~/Library/Application Support/Claude/claude_desktop_config.json`
+
+### Configuration
+
+```json
+{
+  "mcpServers": {
+    "sharepoint": {
+      "command": "python",
+      "args": ["-m", "mcp_sharepoint"],
+      "env": {
+        "SHP_TENANT_ID": "your-tenant-id",
+        "SHP_ID_APP": "your-client-id",
+        "SHP_ID_APP_SECRET": "your-client-secret",
+        "SHP_SITE_URL": "https://your-tenant.sharepoint.com/sites/your-site",
+        "SHP_DOC_LIBRARY": "Shared Documents",
+        "SHP_AUTH_METHOD": "msal"
+      }
+    }
+  }
+}
+```
+
+### Using uvx (Alternative)
+
+```json
+{
+  "mcpServers": {
+    "sharepoint": {
+      "command": "uvx",
+      "args": ["mcp-sharepoint"],
+      "env": {
+        "SHP_TENANT_ID": "your-tenant-id",
+        "SHP_ID_APP": "your-client-id",
+        "SHP_ID_APP_SECRET": "your-client-secret",
+        "SHP_SITE_URL": "https://your-tenant.sharepoint.com/sites/your-site",
+        "SHP_AUTH_METHOD": "msal"
+      }
+    }
+  }
+}
+```
+
+## 🧪 Testing the Connection
+
+After installation, you can test the connection:
+
+```bash
+# Set your environment variables first
+export SHP_TENANT_ID=your-tenant-id
+export SHP_ID_APP=your-client-id
+export SHP_ID_APP_SECRET=your-secret
+export SHP_SITE_URL=https://your-site.sharepoint.com/sites/yoursite
+
+# Run the server
+python -m mcp_sharepoint
+```
+
+In Claude Desktop, you can use the "Test_Connection" tool to verify everything is working.
+
+## 🛠️ Available Tools
+
+The server provides these tools for SharePoint operations:
+
+### Document Management
+- `List_SharePoint_Documents` - List all documents in a folder
+- `Get_Document_Content` - Read document content
+- `Upload_Document` - Upload new documents
+- `Update_Document` - Update existing documents
+- `Delete_Document` - Delete documents
+
+### Folder Management
+- `List_SharePoint_Folders` - List folders in a directory
+- `Create_Folder` - Create new folders
+- `Delete_Folder` - Delete empty folders
+- `Get_SharePoint_Tree` - Get recursive folder structure
+
+### Utilities
+- `Test_Connection` - Test authentication and connection
+
+## 🔍 Troubleshooting
+
+### "Acquire app-only access token failed"
+
+**This is the error we're fixing!** If you still see this:
+
+1. **Check you're using MSAL**:
+   ```bash
+   SHP_AUTH_METHOD=msal  # Make sure this is set
+   ```
+
+2. **Verify tenant ID is correct**:
+   - Go to Azure Portal → Azure Active Directory → Overview
+   - Copy the "Tenant ID" GUID
+   - Ensure it matches `SHP_TENANT_ID`
+
+3. **Check API permissions**:
+   - Azure Portal → Your App → API permissions
+   - Ensure SharePoint permissions are granted
+   - Click "Grant admin consent"
+
+4. **Wait for permission propagation**:
+   - After granting permissions, wait 5-10 minutes
+   - Try again
+
+### "Authentication failed"
+
+1. **Verify credentials**:
+   - Client ID is correct (from App registrations → Overview)
+   - Client secret is correct and not expired
+   - Tenant ID is correct
+
+2. **Check site URL**:
+   - Must be exact SharePoint site URL
+   - Should NOT end with a slash
+   - Example: `https://contoso.sharepoint.com/sites/marketing`
+
+3. **Verify network access**:
+   - Ensure you can reach `login.microsoftonline.com` on port 443
+   - Check firewall/proxy settings
+
+### "Access denied" / "403 Forbidden"
+
+1. **Check SharePoint permissions**:
+   - API permissions must be **Application** permissions, not Delegated
+   - Need `Sites.Read.All` or `Sites.ReadWrite.All`
+   - Admin consent must be granted
+
+2. **Verify site access**:
+   - The app must have access to the specific SharePoint site
+   - May need to grant site permissions separately
+
+## 📚 Migration from Original mcp-sharepoint
+
+If you're migrating from the original version:
+
+1. **Add new environment variable**:
+   ```bash
+   SHP_TENANT_ID=your-tenant-id  # This is new!
+   ```
+
+2. **Optional: Set auth method explicitly**:
+   ```bash
+   SHP_AUTH_METHOD=msal  # Explicitly use modern auth
+   ```
+
+3. **Update your Claude Desktop config**:
+   - Add `SHP_TENANT_ID` to the env section
+   - Optionally add `SHP_AUTH_METHOD: "msal"`
+
+4. **Restart Claude Desktop** to load the new configuration
+
+## 🤝 Contributing
+
+Contributions are welcome! Please feel free to submit a Pull Request.
+
+## 📄 License
+
+This project is licensed under the MIT License - see the LICENSE file for details.
+
+## 🙏 Acknowledgments
+
+- Original [mcp-sharepoint](https://github.com/Sofias-ai/mcp-sharepoint) by sofias tech
+- [Office365-REST-Python-Client](https://github.com/vgrem/Office365-REST-Python-Client) library
+- Microsoft Authentication Library (MSAL) for Python
+
+## 📞 Support
+
+If you encounter issues:
+
+1. Check the [Troubleshooting](#-troubleshooting) section
+2. Review [Azure AD App Setup](#azure-ad-app-registration)
+3. Open an issue with:
+   - Error message (sanitize any secrets!)
+   - Your environment (Python version, OS)
+   - Authentication method being used
+   - Whether it's a new or existing tenant
+
+---
+
+**Note**: This is an updated version that solves the authentication issues with new Microsoft 365 tenants. The original version can be found at [Sofias-ai/mcp-sharepoint](https://github.com/Sofias-ai/mcp-sharepoint).

mcp_sharepoint_us-2.0.0.dist-info/RECORD

@@ -0,0 +1,9 @@
+mcp_sharepoint/__init__.py,sha256=qmZseIbfu-kd0SsT6400uXbuwDCszDly4C5VlGKuMIw,19762
+mcp_sharepoint/__main__.py,sha256=HAV6LtLss9FL5CdMcp3ssbaDe-i669Vsc90sqXCB7Mk,140
+mcp_sharepoint/auth.py,sha256=ihQmvPViAA5jwNNFZt3c0yAfScTADiQM1VmYpTM1EHI,8383
+mcp_sharepoint_us-2.0.0.dist-info/licenses/LICENSE,sha256=SRM8juGH4GjIqnl5rrp-P-S5mW5h2mINOPx5-wOZG6s,1112
+mcp_sharepoint_us-2.0.0.dist-info/METADATA,sha256=0DE6DJCXlI3riuwQ6gZyQbr0e8s91ZLUt9hEGvipQGA,11370
+mcp_sharepoint_us-2.0.0.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+mcp_sharepoint_us-2.0.0.dist-info/entry_points.txt,sha256=B5hvvayyuKrvH1DvZtsnZC4oWAh-agQfUByY0LvxUgk,55
+mcp_sharepoint_us-2.0.0.dist-info/top_level.txt,sha256=R6mRoWe61lz4kUSKGV6S2XVbE7825xfC_J-ouZIYpuo,15
+mcp_sharepoint_us-2.0.0.dist-info/RECORD,,

mcp_sharepoint_us-2.0.0.dist-info/WHEEL

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: setuptools (80.10.2)
+Root-Is-Purelib: true
+Tag: py3-none-any
+

mcp_sharepoint_us-2.0.0.dist-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+mcp-sharepoint = mcp_sharepoint:main

mcp_sharepoint_us-2.0.0.dist-info/licenses/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 SharePoint MCP Server Contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

mcp_sharepoint_us-2.0.0.dist-info/top_level.txt

@@ -0,0 +1 @@
+mcp_sharepoint