brandon/nextcloud-mcp-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
feature/helm-chart-multi-user-basic-support
nextcloud-mcp-server/third_party/astrolabe/appinfo/routes.php
T
Chris Coutinho 65c3f099fa feat(astrolabe): implement app password provisioning for multi-user background sync 
Adds complete app password provisioning workflow for multi-user BasicAuth
deployments, allowing users to independently enable background sync by
generating and storing Nextcloud app passwords.

**New Components:**

Backend (PHP):
- CredentialsController: Validates and stores app passwords
  * Validates app password format and authenticity via OCS API
  * Stores encrypted passwords in oc_preferences
  * Provides status and credential management endpoints
- AstrolabeAdminSettings: Admin configuration page for MCP server URL
- AstrolabeAdminSettingsListener: Event listener for admin section
- Updated McpTokenStorage: Added background sync credential methods

Frontend:
- personalSettings.js: Form handling for app password entry
  * AJAX submission with error handling
  * Shows success/error notifications
  * Triggers page reload after successful save
- settings.css: Styling for settings pages
- Updated personal.php template: Two-option UI
  * Option 1: OAuth refresh token (future, not yet available)
  * Option 2: App password (works today, recommended)
  * Shows "Active" badge when provisioned
  * Displays credential type and provisioned timestamp

Routes:
- POST /api/v1/background-sync/credentials - Store app password
- GET /api/v1/background-sync/status - Get provisioning status
- DELETE /api/v1/background-sync/credentials - Revoke credentials
- GET /api/v1/background-sync/credentials/{userId} - Admin only

**Testing:**
- test_astrolabe_settings_buttons.py: Integration test for UI buttons

**Workflow:**
1. User generates app password in Nextcloud Security settings
2. User navigates to Astrolabe personal settings
3. User enters app password in "Option 2: App Password" form
4. Backend validates password via OCS API call
5. Password stored encrypted in oc_preferences
6. Page reloads showing "Active" badge with credential details
7. MCP server can now use stored password for background operations

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-22 19:39:13 +01:00

101 lines
2.0 KiB
PHP
Raw Permalink Blame History

<?php
declare(strict_types=1);
/**
* Routes configuration for MCP Server UI app.
*
* Defines URL routes for OAuth flow and form handlers.
*/
return [
'routes' => [
// OAuth routes
[
'name' => 'oauth#initiateOAuth',
'url' => '/oauth/authorize',
'verb' => 'GET',
],
[
'name' => 'oauth#oauthCallback',
'url' => '/oauth/callback',
'verb' => 'GET',
],
[
'name' => 'oauth#disconnect',
'url' => '/oauth/disconnect',
'verb' => 'POST',
],
// API routes (form handlers)
[
'name' => 'api#revokeAccess',
'url' => '/api/revoke',
'verb' => 'POST',
],
// Background sync credentials routes
[
'name' => 'credentials#storeAppPassword',
'url' => '/api/v1/background-sync/credentials',
'verb' => 'POST',
],
[
'name' => 'credentials#getCredentials',
'url' => '/api/v1/background-sync/credentials/{userId}',
'verb' => 'GET',
],
[
'name' => 'credentials#deleteCredentials',
'url' => '/api/v1/background-sync/credentials',
'verb' => 'DELETE',
],
[
'name' => 'credentials#getStatus',
'url' => '/api/v1/background-sync/status',
'verb' => 'GET',
],
// Vector search API routes
[
'name' => 'api#search',
'url' => '/api/search',
'verb' => 'GET',
],
[
'name' => 'api#vectorStatus',
'url' => '/api/vector-status',
'verb' => 'GET',
],
[
'name' => 'api#chunkContext',
'url' => '/api/chunk-context',
'verb' => 'GET',
],
// Admin settings routes
[
'name' => 'api#saveSearchSettings',
'url' => '/api/admin/search-settings',
'verb' => 'POST',
],
// Webhook management routes (admin only)
[
'name' => 'api#getWebhookPresets',
'url' => '/api/admin/webhooks/presets',
'verb' => 'GET',
],
[
'name' => 'api#enableWebhookPreset',
'url' => '/api/admin/webhooks/presets/{presetId}/enable',
'verb' => 'POST',
],
[
'name' => 'api#disableWebhookPreset',
'url' => '/api/admin/webhooks/presets/{presetId}/disable',
'verb' => 'POST',
],
],
];
Reference in New Issue View Git Blame Copy Permalink