mcp-sharepoint-us 2.0.10__py3-none-any.whl → 2.0.12__py3-none-any.whl

mcp_sharepoint/__init__.py

@@ -19,6 +19,7 @@ from office365.sharepoint.folders.folder import Folder
 from office365.sharepoint.client_context import ClientContext
 
 from .auth import create_sharepoint_context
+from .graph_api import GraphAPIClient
 
 # Setup logging
 logging.basicConfig(level=logging.INFO)
@@ -27,19 +28,70 @@ logger = logging.getLogger(__name__)
 # Initialize MCP server
 app = Server("mcp-sharepoint")
 
-# Global SharePoint context
+# Global SharePoint context, Graph API client, and authenticator
 ctx: Optional[ClientContext] = None
+graph_client: Optional[GraphAPIClient] = None
+authenticator = None
 
 
 def ensure_context(func):
-    """Decorator to ensure SharePoint context is available"""
+    """Decorator to ensure SharePoint context and Graph API client are available"""
     @wraps(func)
     async def wrapper(*args, **kwargs):
-        global ctx
+        global ctx, graph_client, authenticator
         if ctx is None:
             try:
                 ctx = create_sharepoint_context()
                 logger.info("SharePoint context initialized successfully")
+
+                # Get site URL for Graph client
+                site_url = os.getenv("SHP_SITE_URL")
+
+                # Create Graph API client
+                # The token callback will use the same MSAL authenticator internally
+                def token_callback():
+                    """Simple token callback that gets a fresh token using MSAL"""
+                    from .auth import SharePointAuthenticator
+                    from urllib.parse import urlparse
+
+                    site_url = os.getenv("SHP_SITE_URL")
+                    client_id = os.getenv("SHP_ID_APP")
+                    client_secret = os.getenv("SHP_ID_APP_SECRET")
+                    tenant_id = os.getenv("SHP_TENANT_ID")
+                    cloud = "government" if ".sharepoint.us" in site_url else "commercial"
+
+                    import msal
+                    from office365.runtime.auth.token_response import TokenResponse
+
+                    # Build authority URL
+                    if cloud in ("government", "us"):
+                        authority_url = f"https://login.microsoftonline.us/{tenant_id}"
+                    else:
+                        authority_url = f"https://login.microsoftonline.com/{tenant_id}"
+
+                    # Create MSAL app
+                    msal_app = msal.ConfidentialClientApplication(
+                        authority=authority_url,
+                        client_id=client_id,
+                        client_credential=client_secret,
+                        validate_authority=False if cloud in ("government", "us") else True
+                    )
+
+                    # Get scope
+                    parsed = urlparse(site_url)
+                    sharepoint_root = f"{parsed.scheme}://{parsed.netloc}"
+                    scopes = [f"{sharepoint_root}/.default"]
+
+                    # Acquire token
+                    result = msal_app.acquire_token_for_client(scopes=scopes)
+                    return TokenResponse.from_json(result)
+
+                graph_client = GraphAPIClient(
+                    site_url=site_url,
+                    token_callback=token_callback
+                )
+                logger.info("Graph API client initialized successfully")
+
             except Exception as e:
                 logger.error(f"Failed to initialize SharePoint context: {e}")
                 raise RuntimeError(
@@ -324,44 +376,85 @@ async def test_connection() -> list[TextContent]:
 
 async def list_folders(folder_path: str = "") -> list[TextContent]:
     """List folders in specified path"""
+    doc_lib = get_document_library_path()
+    full_path = f"{doc_lib}/{folder_path}" if folder_path else doc_lib
+
     try:
-        doc_lib = get_document_library_path()
-        full_path = f"{doc_lib}/{folder_path}" if folder_path else doc_lib
-        
+        # Try SharePoint REST API first
         folder = ctx.web.get_folder_by_server_relative_path(full_path)
         folders = folder.folders.get().execute_query()
-        
+
         folder_list = []
         for f in folders:
             folder_list.append(f"📁 {f.name}")
-        
+
         result = f"Folders in '{full_path}':\n\n" + "\n".join(folder_list) if folder_list else f"No folders found in '{full_path}'"
-        
         return [TextContent(type="text", text=result)]
-        
+
     except Exception as e:
+        error_msg = str(e).lower()
+
+        # Check if it's an app-only token error
+        if "unsupported app only token" in error_msg or "401" in error_msg:
+            logger.warning(f"SharePoint REST API failed with app-only token error, falling back to Graph API")
+
+            try:
+                # Fallback to Graph API
+                folders = await asyncio.to_thread(graph_client.list_folders, folder_path)
+
+                folder_list = [f"📁 {f['name']}" for f in folders]
+
+                result = f"Folders in '{full_path}' (via Graph API):\n\n" + "\n".join(folder_list) if folder_list else f"No folders found in '{full_path}'"
+                return [TextContent(type="text", text=result)]
+
+            except Exception as graph_error:
+                return [TextContent(type="text", text=f"Error with both APIs - REST: {e}, Graph: {graph_error}")]
+
+        # Other errors
         return [TextContent(type="text", text=f"Error listing folders: {str(e)}")]
 
 
 async def list_documents(folder_path: str = "") -> list[TextContent]:
     """List documents in specified folder"""
+    doc_lib = get_document_library_path()
+    full_path = f"{doc_lib}/{folder_path}" if folder_path else doc_lib
+
     try:
-        doc_lib = get_document_library_path()
-        full_path = f"{doc_lib}/{folder_path}" if folder_path else doc_lib
-        
+        # Try SharePoint REST API first
         folder = ctx.web.get_folder_by_server_relative_path(full_path)
         files = folder.files.get().execute_query()
-        
+
         file_list = []
         for f in files:
             size_kb = f.length / 1024
             file_list.append(f"📄 {f.name} ({size_kb:.2f} KB)")
-        
+
         result = f"Documents in '{full_path}':\n\n" + "\n".join(file_list) if file_list else f"No documents found in '{full_path}'"
-        
         return [TextContent(type="text", text=result)]
-        
+
     except Exception as e:
+        error_msg = str(e).lower()
+
+        # Check if it's an app-only token error
+        if "unsupported app only token" in error_msg or "401" in error_msg:
+            logger.warning(f"SharePoint REST API failed with app-only token error, falling back to Graph API")
+
+            try:
+                # Fallback to Graph API
+                files = await asyncio.to_thread(graph_client.list_documents, folder_path)
+
+                file_list = []
+                for f in files:
+                    size_kb = f['size'] / 1024
+                    file_list.append(f"📄 {f['name']} ({size_kb:.2f} KB)")
+
+                result = f"Documents in '{full_path}' (via Graph API):\n\n" + "\n".join(file_list) if file_list else f"No documents found in '{full_path}'"
+                return [TextContent(type="text", text=result)]
+
+            except Exception as graph_error:
+                return [TextContent(type="text", text=f"Error with both APIs - REST: {e}, Graph: {graph_error}")]
+
+        # Other errors
         return [TextContent(type="text", text=f"Error listing documents: {str(e)}")]
 
 

mcp_sharepoint/auth.py

@@ -30,8 +30,9 @@ def _patch_datetime_bug():
         # Store the original __init__
         original_init = authentication_context.AuthenticationContext.__init__
 
-        def patched_init(self, url):
-            original_init(self, url)
+        def patched_init(self, *args, **kwargs):
+            # Call original init with all arguments
+            original_init(self, *args, **kwargs)
             # Make token_expires timezone-aware to prevent comparison errors
             if hasattr(self, '_token_expires') and self._token_expires is not None:
                 if self._token_expires.tzinfo is None:

mcp_sharepoint/graph_api.py

@@ -0,0 +1,289 @@
+"""
+Microsoft Graph API implementation for SharePoint operations
+Used as a fallback when SharePoint REST API doesn't support app-only tokens
+"""
+import os
+import logging
+import asyncio
+from typing import Optional, Dict, Any, List
+from urllib.parse import urlparse, quote
+import requests
+
+logger = logging.getLogger(__name__)
+
+
+class GraphAPIClient:
+    """
+    Microsoft Graph API client for SharePoint operations.
+    Fallback for when SharePoint REST API doesn't support app-only authentication.
+    """
+
+    def __init__(self, site_url: str, token_callback):
+        """
+        Initialize Graph API client.
+
+        Args:
+            site_url: SharePoint site URL (e.g., https://tenant.sharepoint.us/sites/SiteName)
+            token_callback: Function that returns access token
+        """
+        self.site_url = site_url.rstrip("/")
+        self.token_callback = token_callback
+        self._site_id = None
+
+        # Determine Graph API endpoint based on cloud
+        if ".sharepoint.us" in site_url:
+            self.graph_endpoint = "https://graph.microsoft.us/v1.0"
+            logger.info("Using Microsoft Graph US Government endpoint")
+        else:
+            self.graph_endpoint = "https://graph.microsoft.com/v1.0"
+            logger.info("Using Microsoft Graph Commercial endpoint")
+
+    def _get_headers(self) -> Dict[str, str]:
+        """Get authorization headers with access token."""
+        token_obj = self.token_callback()
+        # Handle both TokenResponse objects and plain strings
+        if hasattr(token_obj, 'accessToken'):
+            token = token_obj.accessToken
+        else:
+            token = str(token_obj)
+
+        return {
+            "Authorization": f"Bearer {token}",
+            "Accept": "application/json",
+        }
+
+    def _get_site_id(self) -> str:
+        """
+        Get the site ID from the site URL.
+        Caches the result for reuse.
+        """
+        if self._site_id:
+            return self._site_id
+
+        parsed = urlparse(self.site_url)
+        hostname = parsed.netloc
+        path = parsed.path.strip("/")
+
+        # For root site: https://tenant.sharepoint.us
+        if not path or path == "sites":
+            url = f"{self.graph_endpoint}/sites/{hostname}"
+        # For subsite: https://tenant.sharepoint.us/sites/SiteName
+        else:
+            url = f"{self.graph_endpoint}/sites/{hostname}:/{path}"
+
+        response = requests.get(url, headers=self._get_headers())
+        response.raise_for_status()
+
+        self._site_id = response.json()["id"]
+        logger.info(f"Retrieved site ID: {self._site_id}")
+        return self._site_id
+
+    def _get_drive_id(self) -> str:
+        """Get the default document library drive ID."""
+        site_id = self._get_site_id()
+        url = f"{self.graph_endpoint}/sites/{site_id}/drive"
+
+        response = requests.get(url, headers=self._get_headers())
+        response.raise_for_status()
+
+        drive_id = response.json()["id"]
+        logger.info(f"Retrieved drive ID: {drive_id}")
+        return drive_id
+
+    def list_folders(self, folder_path: str = "") -> List[Dict[str, Any]]:
+        """
+        List folders in the specified path.
+
+        Args:
+            folder_path: Relative path from document library root
+
+        Returns:
+            List of folder objects with name, id, webUrl
+        """
+        site_id = self._get_site_id()
+        drive_id = self._get_drive_id()
+
+        if folder_path:
+            # URL encode the path
+            encoded_path = quote(folder_path)
+            url = f"{self.graph_endpoint}/sites/{site_id}/drives/{drive_id}/root:/{encoded_path}:/children"
+        else:
+            url = f"{self.graph_endpoint}/sites/{site_id}/drives/{drive_id}/root/children"
+
+        response = requests.get(url, headers=self._get_headers())
+        response.raise_for_status()
+
+        items = response.json().get("value", [])
+        # Filter to only folders
+        folders = [
+            {
+                "name": item["name"],
+                "id": item["id"],
+                "webUrl": item.get("webUrl", ""),
+            }
+            for item in items
+            if "folder" in item
+        ]
+
+        logger.info(f"Found {len(folders)} folders in '{folder_path}'")
+        return folders
+
+    def list_documents(self, folder_path: str = "") -> List[Dict[str, Any]]:
+        """
+        List documents in the specified folder.
+
+        Args:
+            folder_path: Relative path from document library root
+
+        Returns:
+            List of file objects with name, id, size, webUrl
+        """
+        site_id = self._get_site_id()
+        drive_id = self._get_drive_id()
+
+        if folder_path:
+            encoded_path = quote(folder_path)
+            url = f"{self.graph_endpoint}/sites/{site_id}/drives/{drive_id}/root:/{encoded_path}:/children"
+        else:
+            url = f"{self.graph_endpoint}/sites/{site_id}/drives/{drive_id}/root/children"
+
+        response = requests.get(url, headers=self._get_headers())
+        response.raise_for_status()
+
+        items = response.json().get("value", [])
+        # Filter to only files
+        files = [
+            {
+                "name": item["name"],
+                "id": item["id"],
+                "size": item.get("size", 0),
+                "webUrl": item.get("webUrl", ""),
+            }
+            for item in items
+            if "file" in item
+        ]
+
+        logger.info(f"Found {len(files)} files in '{folder_path}'")
+        return files
+
+    def get_file_content(self, file_path: str) -> bytes:
+        """
+        Get the content of a file.
+
+        Args:
+            file_path: Relative path to the file
+
+        Returns:
+            File content as bytes
+        """
+        site_id = self._get_site_id()
+        drive_id = self._get_drive_id()
+
+        encoded_path = quote(file_path)
+        url = f"{self.graph_endpoint}/sites/{site_id}/drives/{drive_id}/root:/{encoded_path}:/content"
+
+        response = requests.get(url, headers=self._get_headers())
+        response.raise_for_status()
+
+        logger.info(f"Retrieved content for '{file_path}' ({len(response.content)} bytes)")
+        return response.content
+
+    def upload_file(self, folder_path: str, file_name: str, content: bytes) -> Dict[str, Any]:
+        """
+        Upload a file to SharePoint.
+
+        Args:
+            folder_path: Destination folder path
+            file_name: Name of the file
+            content: File content as bytes
+
+        Returns:
+            File metadata
+        """
+        site_id = self._get_site_id()
+        drive_id = self._get_drive_id()
+
+        if folder_path:
+            full_path = f"{folder_path}/{file_name}"
+        else:
+            full_path = file_name
+
+        encoded_path = quote(full_path)
+        url = f"{self.graph_endpoint}/sites/{site_id}/drives/{drive_id}/root:/{encoded_path}:/content"
+
+        headers = self._get_headers()
+        headers["Content-Type"] = "application/octet-stream"
+
+        response = requests.put(url, headers=headers, data=content)
+        response.raise_for_status()
+
+        logger.info(f"Uploaded '{file_name}' to '{folder_path}'")
+        return response.json()
+
+    def delete_file(self, file_path: str) -> None:
+        """
+        Delete a file.
+
+        Args:
+            file_path: Relative path to the file
+        """
+        site_id = self._get_site_id()
+        drive_id = self._get_drive_id()
+
+        encoded_path = quote(file_path)
+        url = f"{self.graph_endpoint}/sites/{site_id}/drives/{drive_id}/root:/{encoded_path}"
+
+        response = requests.delete(url, headers=self._get_headers())
+        response.raise_for_status()
+
+        logger.info(f"Deleted '{file_path}'")
+
+    def create_folder(self, parent_path: str, folder_name: str) -> Dict[str, Any]:
+        """
+        Create a new folder.
+
+        Args:
+            parent_path: Path to parent folder
+            folder_name: Name of the new folder
+
+        Returns:
+            Folder metadata
+        """
+        site_id = self._get_site_id()
+        drive_id = self._get_drive_id()
+
+        if parent_path:
+            encoded_path = quote(parent_path)
+            url = f"{self.graph_endpoint}/sites/{site_id}/drives/{drive_id}/root:/{encoded_path}:/children"
+        else:
+            url = f"{self.graph_endpoint}/sites/{site_id}/drives/{drive_id}/root/children"
+
+        payload = {
+            "name": folder_name,
+            "folder": {},
+            "@microsoft.graph.conflictBehavior": "fail"
+        }
+
+        response = requests.post(url, headers=self._get_headers(), json=payload)
+        response.raise_for_status()
+
+        logger.info(f"Created folder '{folder_name}' in '{parent_path}'")
+        return response.json()
+
+    def delete_folder(self, folder_path: str) -> None:
+        """
+        Delete a folder.
+
+        Args:
+            folder_path: Relative path to the folder
+        """
+        site_id = self._get_site_id()
+        drive_id = self._get_drive_id()
+
+        encoded_path = quote(folder_path)
+        url = f"{self.graph_endpoint}/sites/{site_id}/drives/{drive_id}/root:/{encoded_path}"
+
+        response = requests.delete(url, headers=self._get_headers())
+        response.raise_for_status()
+
+        logger.info(f"Deleted folder '{folder_path}'")

{mcp_sharepoint_us-2.0.10.dist-info → mcp_sharepoint_us-2.0.12.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mcp-sharepoint-us
-Version: 2.0.10
+Version: 2.0.12
 Summary: SharePoint MCP Server with Modern Azure AD Authentication
 License: MIT
 Project-URL: Homepage, https://github.com/mdev26/mcp-sharepoint-us
@@ -22,6 +22,7 @@ Requires-Dist: office365-rest-python-client>=2.5.0
 Requires-Dist: msal>=1.24.0
 Requires-Dist: python-dotenv>=1.0.0
 Requires-Dist: pydantic>=2.0.0
+Requires-Dist: requests>=2.31.0
 Provides-Extra: dev
 Requires-Dist: pytest>=7.0.0; extra == "dev"
 Requires-Dist: pytest-asyncio>=0.21.0; extra == "dev"

mcp_sharepoint_us-2.0.12.dist-info/RECORD

@@ -0,0 +1,10 @@
+mcp_sharepoint/__init__.py,sha256=bPS8QLq2U83JjAIr76_cEwQfZkv92K8MMWR7hbuo-9s,24298
+mcp_sharepoint/__main__.py,sha256=4iVDdDZx4rQ4Zo-x0RaCrT-NKeGObIz_ks3YF8di2nA,132
+mcp_sharepoint/auth.py,sha256=Tve5y-m1WwL6eTVpofeDv3zFSIDhwo1s26gJSy3F_1s,14729
+mcp_sharepoint/graph_api.py,sha256=63ZCx4G5BqimkYcYbibJtRYiU2UhsjN8nXp-qzPGBfA,9273
+mcp_sharepoint_us-2.0.12.dist-info/licenses/LICENSE,sha256=SRM8juGH4GjIqnl5rrp-P-S5mW5h2mINOPx5-wOZG6s,1112
+mcp_sharepoint_us-2.0.12.dist-info/METADATA,sha256=UP72g9PzIBBNJFY_Se2ECqiuocwUhj8aiwEu7ur1yY0,11413
+mcp_sharepoint_us-2.0.12.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+mcp_sharepoint_us-2.0.12.dist-info/entry_points.txt,sha256=UZOa_7OLI41rmsErbvnSz9RahPMGQVcqZUFMphOcjbY,57
+mcp_sharepoint_us-2.0.12.dist-info/top_level.txt,sha256=R6mRoWe61lz4kUSKGV6S2XVbE7825xfC_J-ouZIYpuo,15
+mcp_sharepoint_us-2.0.12.dist-info/RECORD,,

mcp_sharepoint_us-2.0.10.dist-info/RECORD

@@ -1,9 +0,0 @@
-mcp_sharepoint/__init__.py,sha256=h13i3__OCM4wXMWMGcmCulcMcOhjhXbBuQ4p-SepCUo,20013
-mcp_sharepoint/__main__.py,sha256=4iVDdDZx4rQ4Zo-x0RaCrT-NKeGObIz_ks3YF8di2nA,132
-mcp_sharepoint/auth.py,sha256=boN1frfUnu4H1zbb-LOWSeyX8_9GnCW_eiS78Gv6VyM,14653
-mcp_sharepoint_us-2.0.10.dist-info/licenses/LICENSE,sha256=SRM8juGH4GjIqnl5rrp-P-S5mW5h2mINOPx5-wOZG6s,1112
-mcp_sharepoint_us-2.0.10.dist-info/METADATA,sha256=knhH2uJm6LEYKHiatWGpgE-7OA4ybWp33BtWC9-fFpk,11380
-mcp_sharepoint_us-2.0.10.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
-mcp_sharepoint_us-2.0.10.dist-info/entry_points.txt,sha256=UZOa_7OLI41rmsErbvnSz9RahPMGQVcqZUFMphOcjbY,57
-mcp_sharepoint_us-2.0.10.dist-info/top_level.txt,sha256=R6mRoWe61lz4kUSKGV6S2XVbE7825xfC_J-ouZIYpuo,15
-mcp_sharepoint_us-2.0.10.dist-info/RECORD,,