Nextcloud MCP Server

Personal.php•7.67 KiB

<?php declare(strict_types=1); namespace OCA\Astrolabe\Settings; use OCA\Astrolabe\AppInfo\Application; use OCA\Astrolabe\Service\McpServerClient; use OCA\Astrolabe\Service\McpTokenStorage; use OCP\AppFramework\Http\TemplateResponse; use OCP\AppFramework\Services\IInitialState; use OCP\IURLGenerator; use OCP\IUserSession; use OCP\Settings\ISettings; /** * Personal settings panel for Astrolabe. * * Displays semantic search status, background indexing access, * and provides controls for managing content indexing. * * Uses OAuth PKCE flow - each user must authorize background access. */ class Personal implements ISettings { private $client; private $userSession; private $initialState; private $tokenStorage; private $urlGenerator; public function __construct( McpServerClient $client, IUserSession $userSession, IInitialState $initialState, McpTokenStorage $tokenStorage, IURLGenerator $urlGenerator, ) { $this->client = $client; $this->userSession = $userSession; $this->initialState = $initialState; $this->tokenStorage = $tokenStorage; $this->urlGenerator = $urlGenerator; } /** * @return TemplateResponse */ public function getForm(): TemplateResponse { $user = $this->userSession->getUser(); if (!$user) { return new TemplateResponse(Application::APP_ID, 'settings/error', [ 'error' => 'User not authenticated' ], TemplateResponse::RENDER_AS_BLANK); } $userId = $user->getUID(); // Fetch server status to determine auth mode $serverStatus = $this->client->getStatus(); // Check for server connection error if (isset($serverStatus['error'])) { return new TemplateResponse( Application::APP_ID, 'settings/error', [ 'error' => 'Cannot connect to MCP server', 'details' => $serverStatus['error'], 'server_url' => $this->client->getPublicServerUrl(), ], TemplateResponse::RENDER_AS_BLANK ); } // Get auth mode from server (defaults to oauth if not specified) $authMode = $serverStatus['auth_mode'] ?? 'oauth'; $supportsAppPasswords = $serverStatus['supports_app_passwords'] ?? false; // Check if user has MCP OAuth token $token = $this->tokenStorage->getUserToken($userId); // For multi_user_basic mode with app password support (hybrid mode) // User needs BOTH: // 1. OAuth token for Astrolabe→MCP API calls (stored in McpTokenStorage) // 2. App password for MCP→Nextcloud background sync if ($authMode === 'multi_user_basic' && $supportsAppPasswords) { // Check both credentials $hasOAuthToken = ($token !== null && !$this->tokenStorage->isExpired($token)); // In hybrid mode, check specifically for app password (not general background access) // because MCP server needs the app password for background sync $hasAppPassword = ($this->tokenStorage->getBackgroundSyncPassword($userId) !== null); $backgroundSyncType = $this->tokenStorage->getBackgroundSyncType($userId); $backgroundSyncProvisionedAt = $this->tokenStorage->getBackgroundSyncProvisionedAt($userId); // OAuth URL for Astrolabe's own OAuth controller (NOT MCP server's browser OAuth) $oauthUrl = $this->urlGenerator->linkToRoute('astrolabe.oauth.initiateOAuth'); // Consolidated template parameters (camelCase convention) $parameters = [ 'userId' => $userId, 'serverUrl' => $this->client->getPublicServerUrl(), 'serverStatus' => $serverStatus, 'authMode' => $authMode, 'supportsAppPasswords' => $supportsAppPasswords, 'session' => null, // No session in hybrid mode 'vectorSyncEnabled' => $serverStatus['vector_sync_enabled'] ?? false, // OAuth token status (for Astrolabe→MCP API calls) 'hasOAuthToken' => $hasOAuthToken, 'oauthUrl' => $oauthUrl, // App password status (for MCP→Nextcloud background sync) 'hasBackgroundAccess' => $hasAppPassword, 'backgroundAccessGranted' => $hasAppPassword, // Legacy alias 'backgroundSyncType' => $backgroundSyncType, 'backgroundSyncProvisionedAt' => $backgroundSyncProvisionedAt, 'requesttoken' => \OCP\Util::callRegister(), ]; return new TemplateResponse( Application::APP_ID, 'settings/personal', $parameters, TemplateResponse::RENDER_AS_BLANK ); } // For OAuth modes, if no token or token is expired, show OAuth authorization UI elseif (!$token || $this->tokenStorage->isExpired($token)) { $oauthUrl = $this->urlGenerator->linkToRoute('astrolabe.oauth.initiateOAuth'); return new TemplateResponse( Application::APP_ID, 'settings/oauth-required', [ 'oauth_url' => $oauthUrl, 'server_url' => $this->client->getPublicServerUrl(), 'has_expired' => ($token !== null), // true if token exists but expired ], TemplateResponse::RENDER_AS_BLANK ); } // User has valid token - fetch data from MCP server $accessToken = $token['access_token']; // Fetch server status (public endpoint, no token needed) $serverStatus = $this->client->getStatus(); // Fetch user session data (requires token) $userSession = $this->client->getUserSession($userId, $accessToken); // Check for server connection error if (isset($serverStatus['error'])) { return new TemplateResponse( Application::APP_ID, 'settings/error', [ 'error' => 'Cannot connect to MCP server', 'details' => $serverStatus['error'], 'server_url' => $this->client->getPublicServerUrl(), ], TemplateResponse::RENDER_AS_BLANK ); } // Check for authentication error (invalid/expired token) if (isset($userSession['error'])) { // Token might be invalid - delete it and show OAuth UI $this->tokenStorage->deleteUserToken($userId); $oauthUrl = $this->urlGenerator->linkToRoute('astrolabe.oauth.initiateOAuth'); return new TemplateResponse( Application::APP_ID, 'settings/oauth-required', [ 'oauth_url' => $oauthUrl, 'server_url' => $this->client->getPublicServerUrl(), 'has_expired' => true, 'error_message' => 'Your session has expired. Please sign in again.', ], TemplateResponse::RENDER_AS_BLANK ); } // Check background sync credential status $hasBackgroundAccess = $this->tokenStorage->hasBackgroundSyncAccess($userId); $backgroundSyncType = $this->tokenStorage->getBackgroundSyncType($userId); $backgroundSyncProvisionedAt = $this->tokenStorage->getBackgroundSyncProvisionedAt($userId); // OAuth URL for standard OAuth mode (in case user needs to re-authorize) $oauthUrl = $this->urlGenerator->linkToRoute('astrolabe.oauth.initiateOAuth'); // Provide initial state for Vue.js frontend (if needed) $this->initialState->provideInitialState('user-data', [ 'userId' => $userId, 'serverStatus' => $serverStatus, 'session' => $userSession, ]); // Consolidated template parameters (camelCase convention) $parameters = [ 'userId' => $userId, 'serverUrl' => $this->client->getPublicServerUrl(), 'serverStatus' => $serverStatus, 'session' => $userSession, 'vectorSyncEnabled' => $serverStatus['vector_sync_enabled'] ?? false, // OAuth status 'hasOAuthToken' => true, 'oauthUrl' => $oauthUrl, // Background sync status 'hasBackgroundAccess' => $hasBackgroundAccess, 'backgroundAccessGranted' => $userSession['background_access_granted'] ?? false, // Legacy 'backgroundSyncType' => $backgroundSyncType, 'backgroundSyncProvisionedAt' => $backgroundSyncProvisionedAt, 'requesttoken' => \OCP\Util::callRegister(), ]; return new TemplateResponse( Application::APP_ID, 'settings/personal', $parameters, TemplateResponse::RENDER_AS_BLANK ); } /** * @return string The section ID */ public function getSection(): string { return 'astrolabe'; } /** * @return int Priority (lower = higher up) */ public function getPriority(): int { return 50; } }

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/cbcoutinho/nextcloud-mcp-server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

Personal.php•7.67 KiB