autoreply 0.3.2

autoreply: Model Context Protocol server for Bluesky profile and post search functionality
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190

use crate::auth::{LoginManager, LoginRequest};
use crate::cli::LoginCommand;
use crate::error::AppError;
use crate::mcp::{ContentItem, McpResponse, ServerContext, ToolResult};
use serde_json::{json, Value};

pub async fn handle_login(id: Option<Value>, args: Value, context: &ServerContext) -> McpResponse {
    match handle_login_impl(args, context).await {
        Ok(result) => McpResponse::success(id, serde_json::to_value(result).unwrap()),
        Err(e) => McpResponse::error(id, e.error_code(), &e.message()),
    }
}

async fn handle_login_impl(args: Value, context: &ServerContext) -> Result<ToolResult, AppError> {
    let mut command: LoginCommand = serde_json::from_value(args)
        .map_err(|e| AppError::InvalidInput(format!("Invalid arguments: {}", e)))?;

    let manager = LoginManager::new()?;

    // Check if we need elicitation for missing fields
    let needs_handle = command.handle.is_none();
    let needs_password = command.password.is_none();

    // If client supports elicitation and we're missing fields, use it
    if context.supports_elicitation() {
        // Elicit handle if missing
        if needs_handle {
            let schema = json!({
                "type": "object",
                "properties": {
                    "handle": {
                        "type": "string",
                        "description": "Your BlueSky handle (e.g., user.bsky.social)"
                    }
                },
                "required": ["handle"]
            });

            match context
                .request_elicitation("Please provide your BlueSky handle".to_string(), schema)
                .await
            {
                Ok(response) => {
                    if response.action == "accept" {
                        if let Some(content) = response.content {
                            if let Some(handle) = content.get("handle").and_then(|v| v.as_str()) {
                                command.handle = Some(handle.to_string());
                            }
                        }
                    } else {
                        return Ok(ToolResult::text("Login cancelled"));
                    }
                }
                Err(e) => {
                    tracing::warn!("Elicitation failed despite client support: {}", e);
                    return Ok(create_elicitation_unavailable_error(context, "handle"));
                }
            }
        }

        // Elicit password if missing and not using OAuth
        if needs_password && command.handle.is_some() {
            let handle = command.handle.as_ref().unwrap();
            let schema = json!({
                "type": "object",
                "properties": {
                    "password": {
                        "type": "string",
                        "description": "BlueSky app password (create at https://bsky.app/settings/app-passwords)"
                    }
                },
                "required": ["password"]
            });

            let message = format!(
                "Please provide a BlueSky app password for @{} (NOT your main password).\n\n\
                Create an app password at: https://bsky.app/settings/app-passwords\n\n\
                Alternatively, cancel and use OAuth authentication instead.",
                handle
            );

            match context.request_elicitation(message, schema).await {
                Ok(response) => match response.action.as_str() {
                    "accept" => {
                        if let Some(content) = response.content {
                            if let Some(password) = content.get("password").and_then(|v| v.as_str())
                            {
                                command.password = Some(password.to_string());
                            }
                        }
                    }
                    "cancel" => {
                        return Ok(ToolResult::text(format!(
                                "Login cancelled. To use OAuth, call login with handle={} and omit the password parameter.",
                                handle
                            )));
                    }
                    _ => {
                        return Ok(ToolResult::text("Login declined"));
                    }
                },
                Err(e) => {
                    tracing::warn!("Password elicitation failed: {}", e);
                    return Ok(create_password_elicitation_unavailable_error(
                        context, handle,
                    ));
                }
            }
        }
    } else if needs_handle || needs_password {
        // Client doesn't support elicitation - return error with guidance
        let field = if needs_handle { "handle" } else { "password" };
        return Ok(create_elicitation_unavailable_error(context, field));
    }

    let request = LoginRequest {
        payload: command,
        interactive: true,
    };

    let outcome = manager.execute(request).await?;

    if let Some(elicitation) = outcome.elicitation {
        // This shouldn't happen anymore since we handle elicitation above
        // But keep for backward compatibility with CLI mode
        let mut content = Vec::new();
        if !outcome.message.is_empty() {
            content.push(ContentItem::text(outcome.message));
        }
        content.push(ContentItem::input_text(
            elicitation.message,
            json!({
                "prompt_id": elicitation.prompt_id,
                "field": elicitation.field,
            }),
        ));
        return Ok(ToolResult::from_items(content));
    }

    Ok(ToolResult::text(outcome.message))
}

/// Create error message when elicitation is unavailable
fn create_elicitation_unavailable_error(context: &ServerContext, field: &str) -> ToolResult {
    let client_name = context.get_client_name();

    let message = format!(
        r#"# Login requires {} - but **{} does not support interactive prompts** (MCP elicitation). To complete login, please:

1. **Use OAuth (recommended):** Call login with your handle:
   {{"handle": "your.handle.bsky.social"}}

2. **Or provide credentials up-front:** Call login with both handle and password:
   {{"handle": "your.handle.bsky.social", "password": "your-app-password"}}

**Security Note:** Do NOT use your main BlueSky password. Create an app password at:
https://bsky.app/settings/app-passwords
"#,
        field, client_name
    );

    ToolResult::text(message)
}

/// Create password-specific error message when elicitation is unavailable
fn create_password_elicitation_unavailable_error(
    context: &ServerContext,
    handle: &str,
) -> ToolResult {
    let client_name = context.get_client_name();

    let message = format!(
        r#"# Login via app password failed: **{} does not support interactive prompts** (MCP elicitation). Please choose one of these options:

1. **Use OAuth (strongly recommended):** Call login with your handle:
   {{"handle": "{}"}}

2. **Provide app password up-front:** Call login with password:
   {{"handle": "{}", "password": "your-app-password"}}

**IMPORTANT Security Warning:**
- Do NOT use your main BlueSky account password
- Create an app password at: https://bsky.app/settings/app-passwords
- OAuth is the most secure option and is strongly preferred
"#,
        client_name, handle, handle
    );

    ToolResult::text(message)
}