Spaces:

Agents-MCP-Hackathon
/

ReMind

Sleeping

App Files Files Community

ReMind / src /tools /gmail_mcp_client.py

GhostDragon01

Add application file

368277b 8 months ago

raw

history blame contribute delete

16.8 kB

	# src/tools/gmail_mcp_client.py

	import base64
	import os
	from typing import List, Optional, Dict, Any

	from google.auth.transport.requests import Request
	from google_auth_oauthlib.flow import InstalledAppFlow
	from google.oauth2.credentials import Credentials
	from googleapiclient.discovery import build

	# If modifying these SCOPES, delete the token file to re-authenticate.
	SCOPES = ["https://www.googleapis.com/auth/gmail.modify"]

	# OAuth2 credentials from environment variables
	GOOGLE_CLIENT_ID = os.getenv("GOOGLE_CLIENT_ID")
	GOOGLE_CLIENT_SECRET = os.getenv("GOOGLE_CLIENT_SECRET")
	GOOGLE_REFRESH_TOKEN = os.getenv("GOOGLE_REFRESH_TOKEN")
	GOOGLE_ACCESS_TOKEN = os.getenv("GOOGLE_ACCESS_TOKEN")

	# Allowed email addresses and domains for security
	ALLOWED_SENDERS = ["habib.adoum01@gmail.com", "news@alphasignal.ai"]


	def _get_gmail_service():
	"""
	Authenticate (or refresh) and return a Gmail API service instance using environment variables.
	"""
	try:
	# Check if we have the required environment variables
	if not GOOGLE_CLIENT_ID or not GOOGLE_CLIENT_SECRET:
	raise ValueError(
	"Missing required environment variables: GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET. "
	"Please set these environment variables with your OAuth 2.0 credentials."
	)

	creds = None

	# Try to create credentials from environment variables
	if GOOGLE_ACCESS_TOKEN and GOOGLE_REFRESH_TOKEN:
	print("Creating credentials from environment variables...")
	creds = Credentials(
	token=GOOGLE_ACCESS_TOKEN,
	refresh_token=GOOGLE_REFRESH_TOKEN,
	token_uri="https://oauth2.googleapis.com/token",
	client_id=GOOGLE_CLIENT_ID,
	client_secret=GOOGLE_CLIENT_SECRET,
	scopes=SCOPES,
	)
	elif GOOGLE_REFRESH_TOKEN:
	print("Creating credentials from refresh token...")
	creds = Credentials(
	token=None,
	refresh_token=GOOGLE_REFRESH_TOKEN,
	token_uri="https://oauth2.googleapis.com/token",
	client_id=GOOGLE_CLIENT_ID,
	client_secret=GOOGLE_CLIENT_SECRET,
	scopes=SCOPES,
	)

	# If no valid credentials from environment variables, try to refresh or start OAuth flow
	if not creds or not creds.valid:
	if creds and creds.refresh_token:
	print("Refreshing Gmail credentials using refresh token...")
	try:
	creds.refresh(Request())
	print("Gmail credentials refreshed successfully.")
	except Exception as e:
	print(f"Failed to refresh credentials: {e}")
	creds = None # Force OAuth flow

	if not creds or not creds.valid:
	# For deployment environments, we can't run interactive OAuth flow
	# User must provide refresh token via environment variable
	if os.getenv("DEPLOYMENT_ENV") == "production":
	raise ValueError(
	"No valid credentials found in production environment. "
	"Please set GOOGLE_REFRESH_TOKEN environment variable with a valid refresh token. "
	"Run the setup script locally first to obtain the refresh token."
	)

	# For local development, create OAuth client info from environment variables
	client_config = {
	"installed": {
	"client_id": GOOGLE_CLIENT_ID,
	"client_secret": GOOGLE_CLIENT_SECRET,
	"auth_uri": "https://accounts.google.com/o/oauth2/auth",
	"token_uri": "https://oauth2.googleapis.com/token",
	"redirect_uris": ["http://localhost:3000"],
	}
	}

	print("Starting Gmail OAuth flow...")
	flow = InstalledAppFlow.from_client_config(client_config, SCOPES)
	# Use port 3000 to match the redirect URI in your OAuth config
	creds = flow.run_local_server(port=3000, open_browser=True)

	# Print the refresh token for the user to set as environment variable
	print("\n" + "=" * 60)
	print("IMPORTANT: Save this refresh token as an environment variable:")
	print(f"GOOGLE_REFRESH_TOKEN={creds.refresh_token}")
	print("Set this in your .env file or deployment environment.")
	print("=" * 60 + "\n")

	# Build the Gmail API client
	print("Gmail API service initialized successfully.")
	return build("gmail", "v1", credentials=creds)

	except Exception as e:
	print(f"Error initializing Gmail service: {str(e)}")
	raise


	def setup_gmail_credentials():
	"""
	Helper function to setup Gmail credentials and get the refresh token.
	Run this once locally to get the refresh token for your environment variables.
	"""
	print("Setting up Gmail credentials...")
	print("Make sure you have set GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET environment variables.")

	if not GOOGLE_CLIENT_ID or not GOOGLE_CLIENT_SECRET:
	print("Error: Missing GOOGLE_CLIENT_ID or GOOGLE_CLIENT_SECRET environment variables.")
	print("\nTo get these values:")
	print("1. Go to https://console.cloud.google.com/apis/credentials")
	print("2. Create OAuth 2.0 Client IDs (Application type: Desktop application)")
	print("3. Download the JSON file and extract client_id and client_secret")
	print("4. Set them as environment variables:")
	print(" export GOOGLE_CLIENT_ID='your_client_id_here'")
	print(" export GOOGLE_CLIENT_SECRET='your_client_secret_here'")
	return None

	client_config = {
	"installed": {
	"client_id": GOOGLE_CLIENT_ID,
	"client_secret": GOOGLE_CLIENT_SECRET,
	"auth_uri": "https://accounts.google.com/o/oauth2/auth",
	"token_uri": "https://oauth2.googleapis.com/token",
	"redirect_uris": ["http://localhost:3000"],
	}
	}

	flow = InstalledAppFlow.from_client_config(client_config, SCOPES)
	creds = flow.run_local_server(port=3000, open_browser=True)

	print("\n" + "=" * 80)
	print("SUCCESS! Gmail credentials obtained.")
	print("\nAdd these to your environment variables (.env file or deployment platform):")
	print(f"GOOGLE_CLIENT_ID={GOOGLE_CLIENT_ID}")
	print(f"GOOGLE_CLIENT_SECRET={GOOGLE_CLIENT_SECRET}")
	print(f"GOOGLE_REFRESH_TOKEN={creds.refresh_token}")
	if creds.token:
	print(f"GOOGLE_ACCESS_TOKEN={creds.token}")
	print("\nFor deployment (like Hugging Face Spaces), you only need:")
	print("- GOOGLE_CLIENT_ID")
	print("- GOOGLE_CLIENT_SECRET")
	print("- GOOGLE_REFRESH_TOKEN")
	print("- DEPLOYMENT_ENV=production")
	print("=" * 80)

	return creds


	def _is_allowed_sender(email_dict: Dict[str, Any]) -> bool:
	"""
	Check if the email is from an allowed sender.
	"""
	try:
	headers = email_dict.get("payload", {}).get("headers", [])
	for header in headers:
	if header.get("name") == "From":
	from_address = header.get("value", "").lower()
	for allowed in ALLOWED_SENDERS:
	if allowed.lower() in from_address:
	return True
	return False
	except Exception as e:
	print(f"Error checking sender permissions: {str(e)}")
	return False


	def _extract_email_info(email_dict: Dict[str, Any]) -> Dict[str, str]:
	"""
	Extract relevant information from an email dictionary with error handling.
	"""
	try:
	headers = email_dict.get("payload", {}).get("headers", [])
	subject = ""
	sender = ""
	date = ""

	for header in headers:
	name = header.get("name", "")
	value = header.get("value", "")
	if name == "Subject":
	subject = value
	elif name == "From":
	sender = value
	elif name == "Date":
	date = value

	result = {
	"id": email_dict.get("id", ""),
	"subject": subject,
	"sender": sender,
	"date": date,
	"snippet": email_dict.get("snippet", ""),
	}

	print(f"Extracted email info: {subject} from {sender}")
	return result

	except Exception as e:
	error_msg = f"Error parsing email: {str(e)}"
	print(error_msg)
	return {
	"id": email_dict.get("id", ""),
	"subject": "Error parsing subject",
	"sender": "Error parsing sender",
	"date": "Error parsing date",
	"snippet": error_msg,
	}


	def get_recent_emails(max_results: int = 10) -> List[Dict[str, str]]:
	"""
	Get the most recent emails from allowed senders only.

	Args:
	max_results: Maximum number of emails to return (default 10, max 50).

	Returns:
	List of email dictionaries with id, subject, sender, date, and snippet.
	Returns empty list if no emails found or on error.
	"""
	try:
	# Limit max_results to prevent token overflow
	max_results = min(max_results, 50)
	print(f"Fetching up to {max_results} recent emails from allowed senders...")

	service = _get_gmail_service()

	# Build query for allowed senders
	query_parts = []
	for sender in ALLOWED_SENDERS:
	query_parts.append(f"from:{sender}")
	query = " OR ".join(query_parts)

	print(f"Using Gmail query: {query}")

	# Get message list
	response = service.users().messages().list(userId="me", q=query, maxResults=max_results).execute()

	messages = response.get("messages", [])
	print(f"Found {len(messages)} messages from allowed senders.")

	if not messages:
	print("No emails found from allowed senders.")
	return []

	email_list = []

	for i, message in enumerate(messages):
	try:
	print(f"Processing email {i + 1}/{len(messages)}: {message['id']}")

	# Get message metadata only to save tokens
	msg = service.users().messages().get(userId="me", id=message["id"], format="metadata").execute()

	# Extract and filter
	if _is_allowed_sender(msg):
	email_info = _extract_email_info(msg)
	email_list.append(email_info)
	else:
	print(f"Email {message['id']} not from allowed sender, skipping.")

	except Exception as e:
	print(f"Error processing message {message.get('id', 'unknown')}: {str(e)}")
	continue

	print(f"Successfully processed {len(email_list)} emails.")
	return email_list

	except Exception as e:
	error_msg = f"Failed to get recent emails: {str(e)}"
	print(error_msg)
	return [{"error": error_msg}]


	def search_emails_simple(query: str, max_results: int = 10) -> List[Dict[str, str]]:
	"""
	Search for emails with a simple query, automatically filtered to allowed senders.

	Args:
	query: Simple search term (e.g. "AI", "newsletter"). Complex Gmail operators not needed.
	max_results: Maximum number of emails to return (default 10, max 50).

	Returns:
	List of email dictionaries with basic info, or empty list if none found.
	"""
	try:
	max_results = min(max_results, 50)
	print(f"Searching for emails containing '{query}' from allowed senders...")

	service = _get_gmail_service()

	# Build query with sender filtering
	sender_filter = " OR ".join([f"from:{sender}" for sender in ALLOWED_SENDERS])
	full_query = f"({sender_filter}) AND ({query})"

	print(f"Using Gmail search query: {full_query}")

	response = service.users().messages().list(userId="me", q=full_query, maxResults=max_results).execute()

	messages = response.get("messages", [])
	result_count = response.get("resultSizeEstimate", 0)

	print(f"Search found {result_count} total results, processing {len(messages)} messages...")

	if not messages:
	print("No emails found matching the search criteria.")
	return []

	email_list = []

	for i, message in enumerate(messages):
	try:
	print(f"Processing search result {i + 1}/{len(messages)}: {message['id']}")

	msg = service.users().messages().get(userId="me", id=message["id"], format="metadata").execute()

	if _is_allowed_sender(msg):
	email_info = _extract_email_info(msg)
	email_list.append(email_info)

	except Exception as e:
	print(f"Error processing search result {message.get('id', 'unknown')}: {str(e)}")
	continue

	print(f"Search completed: found {len(email_list)} relevant emails.")
	return email_list

	except Exception as e:
	error_msg = f"Email search failed: {str(e)}"
	print(error_msg)
	return [{"error": error_msg}]


	def read_email_content(message_id: str) -> Dict[str, Any]:
	"""
	Read the full content of a specific email by ID, with security filtering.

	Args:
	message_id: The Gmail message ID (from search or recent emails list).

	Returns:
	Dictionary with email content including subject, sender, date, and body.
	Returns error dict if email not accessible or not from allowed sender.
	"""
	try:
	print(f"Reading email content for message ID: {message_id}")

	service = _get_gmail_service()
	message = service.users().messages().get(userId="me", id=message_id, format="full").execute()

	# Security check: only return emails from allowed senders
	if not _is_allowed_sender(message):
	error_msg = f"Access denied: Email {message_id} not from allowed sender"
	print(error_msg)
	return {"error": error_msg, "allowed_senders": ALLOWED_SENDERS}

	# Extract basic info
	email_info = _extract_email_info(message)

	# Try to extract body content
	body_text = ""
	try:
	payload = message.get("payload", {})
	if "parts" in payload:
	# Multipart message
	for part in payload["parts"]:
	if part.get("mimeType") == "text/plain":
	body_data = part.get("body", {}).get("data", "")
	if body_data:
	body_text = base64.urlsafe_b64decode(body_data).decode("utf-8")
	break
	else:
	# Simple message
	body_data = payload.get("body", {}).get("data", "")
	if body_data:
	body_text = base64.urlsafe_b64decode(body_data).decode("utf-8")

	except Exception as e:
	print(f"Could not extract email body: {str(e)}")
	body_text = "Error extracting email body"

	# Limit body text to prevent token overflow
	if len(body_text) > 2000:
	body_text = body_text[:2000] + "... [content truncated]"
	print("Email body truncated to prevent token overflow")

	result = {**email_info, "body": body_text}

	print(f"Successfully read email: {email_info['subject']}")
	return result

	except Exception as e:
	error_msg = f"Failed to read email {message_id}: {str(e)}"
	print(error_msg)
	return {"error": error_msg}


	# Legacy functions for backward compatibility
	def send_email(
	to: List[str],
	subject: str,
	body: str,
	html_body: Optional[str] = None,
	cc: Optional[List[str]] = None,
	bcc: Optional[List[str]] = None,
	) -> Dict[str, Any]:
	"""Send email - currently not implemented for security"""
	return {"error": "Email sending not implemented for security reasons"}


	def search_emails(query: str, max_results: int = 10) -> Dict[str, Any]:
	"""Legacy search function - use search_emails_simple instead"""
	results = search_emails_simple(query, max_results)
	return {"messages": [{"id": r["id"]} for r in results if "id" in r], "resultSizeEstimate": len(results)}


	def read_email(message_id: str, format: str = "full") -> Dict[str, Any]:
	"""Legacy read function - use read_email_content instead"""
	return read_email_content(message_id)