UNPKG

cakemail-mcp-server

Version:

Enterprise MCP server for Cakemail API integration with Claude AI - includes comprehensive template management, list management, sub-account management, BEEeditor visual email design, and advanced analytics

github.com/zoyth/cakemail-mcp-server

zoyth/cakemail-mcp-server

200 lines (155 loc) 6.28 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
# Authentication Token Management Enhancement This document outlines the comprehensive improvements made to the Cakemail MCP Server's authentication token management system. ## Problems Addressed ### 1. **No tools to check token status** **Before**: No way to inspect token validity, expiry, or refresh status **After**: New `cakemail_get_token_status` tool provides detailed token information ### 2. **No way to manually refresh tokens** **Before**: Token refresh only happened automatically and couldn't be triggered manually **After**: New `cakemail_refresh_token` tool allows manual token refresh with force option ### 3. **Token expiry handling could be more robust** **Before**: Basic token refresh with limited error handling **After**: Comprehensive token management with automatic refresh, fallback authentication, and detailed error handling ## New Authentication Tools ### 🔍 `cakemail_get_token_status` Get comprehensive information about the current authentication token. **Returns:** - Token validity status - Expiry date and time until expiry - Refresh token availability - Token type information ```json { "hasToken": true, "isExpired": false, "expiresAt": "2025-06-19T15:30:00.000Z", "timeUntilExpiryMinutes": 45, "needsRefresh": false, "tokenType": "Bearer", "hasRefreshToken": true } ``` ### 🔄 `cakemail_refresh_token` Manually refresh the authentication token with optional force parameter. **Parameters:** - `force` (boolean, optional): Force refresh even if token is still valid **Returns:** - Success/failure status - Previous and new expiry times - Error details if refresh fails ### ✅ `cakemail_validate_token` Validate the current token by making a test API call. **Returns:** - Token validity confirmation - Account information (if valid) - Error details (if invalid) ### 🔐 `cakemail_get_token_scopes` Get information about token permissions and available accounts. **Returns:** - Available account IDs - Inferred permissions - Scope information ## Enhanced BaseApiClient Features ### Automatic Token Management - **Smart Token Refresh**: Automatically refreshes tokens 5 minutes before expiry - **Fallback Authentication**: Falls back to password authentication if refresh fails - **Token Validation**: Ensures valid token before every API request ### Robust Error Handling - **Exponential Backoff**: Retry authentication with increasing delays - **Invalid Token Detection**: Automatically clears invalid refresh tokens - **Detailed Error Messages**: Comprehensive error reporting for debugging ### Enhanced Security - **Token Expiry Buffer**: 1-minute safety buffer for token expiry - **Secure Token Storage**: Tokens are not exposed in debug logs - **Scope Management**: Proper scope handling for token requests ## Implementation Details ### Token Status Checking ```typescript public getTokenStatus(): { hasToken: boolean; isExpired: boolean; expiresAt: Date | null; timeUntilExpiry: number | null; needsRefresh: boolean; tokenType: string | null; hasRefreshToken: boolean; } ``` ### Enhanced Authentication Flow 1. **Check Token Status**: Verify if current token is valid and not near expiry 2. **Smart Refresh**: Use refresh token if available and valid 3. **Fallback Authentication**: Use password authentication if refresh fails 4. **Retry Logic**: Implement exponential backoff for failed attempts 5. **Error Handling**: Provide detailed error information for debugging ### Request-Level Token Management Every API request now: 1. Calls `ensureValidToken()` before execution 2. Automatically refreshes expired tokens 3. Falls back to full authentication if needed 4. Provides detailed error reporting ## Usage Examples ### Check Token Status ```javascript // Get detailed token information const status = await cakemail_get_token_status(); console.log(`Token expires in ${status.timeUntilExpiryMinutes} minutes`); ``` ### Manual Token Refresh ```javascript // Refresh token if needed const result = await cakemail_refresh_token(); // Force refresh regardless of expiry const forceResult = await cakemail_refresh_token({ force: true }); ``` ### Token Validation ```javascript // Validate current token const validation = await cakemail_validate_token(); if (validation.isValid) { console.log('Token is valid for account:', validation.accountInfo.id); } ``` ### Get Token Permissions ```javascript // Check available permissions const scopes = await cakemail_get_token_scopes(); console.log('Available accounts:', scopes.accounts); console.log('Permissions:', scopes.permissions); ``` ## Benefits ### For Developers - **Better Debugging**: Detailed token status information - **Manual Control**: Ability to force token refresh when needed - **Error Transparency**: Clear error messages and status codes ### For Operations - **Improved Reliability**: Automatic token management prevents authentication failures - **Better Monitoring**: Token status can be checked programmatically - **Reduced Downtime**: Fallback authentication ensures continuous operation ### For Security - **Token Lifecycle Management**: Proper handling of token expiry and refresh - **Scope Awareness**: Understanding of token permissions and limitations - **Secure Defaults**: Conservative token handling with safety buffers ## Migration Notes ### Existing Code Compatibility - All existing API calls continue to work without changes - Token management is handled transparently - No breaking changes to existing functionality ### New Capabilities - Four new authentication tools are now available - Enhanced debugging and monitoring capabilities - Improved error handling and recovery ## Configuration No additional configuration is required. The enhanced token management works with existing Cakemail API credentials: ```javascript const api = new CakemailAPI({ username: 'your-email@example.com', password: 'your-password', debug: true // Enable for detailed token management logs }); ``` ## Testing Run the authentication test suite to verify the implementation: ```bash node tests/auth-test.js ``` This comprehensive enhancement makes the Cakemail MCP Server's authentication system much more robust, transparent, and developer-friendly while maintaining full backward compatibility.