BasedHardware · snyfer · Apr 20, 2026 · Apr 20, 2026 · greptile-apps · Apr 20, 2026
diff --git a/plugins/omi-ms365-app/.env.example b/plugins/omi-ms365-app/.env.example
@@ -0,0 +1,15 @@
+# Microsoft Azure App Registration
+MICROSOFT_CLIENT_ID=your-client-id-here
+MICROSOFT_CLIENT_SECRET=your-client-secret-here
+MICROSOFT_TENANT_ID=common
+MICROSOFT_REDIRECT_URI=http://localhost:8080/auth/microsoft/callback
+
+# App config
+APP_BASE_URL=http://localhost:8080
+SESSION_SECRET=generate-a-strong-random-string-here
+
+# Redis (optional; falls back to in-memory store if empty)
+REDIS_URL=
+
+# Logging
+LOG_LEVEL=INFO
diff --git a/plugins/omi-ms365-app/.gitignore b/plugins/omi-ms365-app/.gitignore
@@ -0,0 +1,16 @@
+.env
+.env.*
+!.env.example
+venv/
+__pycache__/
+*.pyc
+*.pyo
+.DS_Store
+.pytest_cache/
+.mypy_cache/
+.ruff_cache/
+dist/
+build/
+*.egg-info/
+.idea/
+.vscode/
diff --git a/plugins/omi-ms365-app/Procfile b/plugins/omi-ms365-app/Procfile
@@ -0,0 +1 @@
+web: uvicorn main:app --host 0.0.0.0 --port $PORT
diff --git a/plugins/omi-ms365-app/README.md b/plugins/omi-ms365-app/README.md
@@ -0,0 +1,186 @@
+# Microsoft 365 Omi Integration
+
+Full-featured Microsoft 365 integration for Omi — bringing Outlook Mail, Outlook
+Calendar, Microsoft Teams chats and meetings, SharePoint and OneDrive into
+Omi's chat and conversation capabilities.
+
+## Features
+
+- **Outlook Mail** — list, search, read, send
+- **Outlook Calendar** — list upcoming events, create events (optionally as Teams meetings), find free slots
+- **Microsoft Teams** — list chats, send chat messages, list teams, create standalone online meetings
+- **OneDrive / SharePoint** — list recent files, search, upload text files, read file content
+- **Profile** — `Who am I?` / `/me`
+- **OAuth 2.0** with Microsoft Entra ID (MSAL), token caching in Redis (fallback: in-memory)
+- **Multi-tenant by default** (configurable)
+- **Throttling-aware Graph client** with exponential backoff
+- **Automatic manifest** — served at `/.well-known/omi-tools.json`
+
+## Setup
+
+### 1. Microsoft Azure App Registration
+
+1. Go to [Azure Portal](https://portal.azure.com) → **Microsoft Entra ID** → **App registrations** → **+ New registration**
+2. Configure:
+   - **Name**: `Omi Microsoft 365`
+   - **Account types**: *Accounts in any organizational directory and personal Microsoft accounts* (multi-tenant)
+   - **Redirect URI**: Web → `http://localhost:8080/auth/microsoft/callback` (adjust after deploy)
+3. After creation, note the **Application (client) ID** and **Directory (tenant) ID** (`common` for multi-tenant).
+4. Under **Certificates & secrets** → **+ New client secret** → save the **value** (not the id).
+5. Under **API permissions** → **+ Add a permission** → **Microsoft Graph** → **Delegated** → add:
+
+```
+offline_access
+User.Read
+MailboxSettings.Read
+Mail.Read
+Mail.Send
+Mail.ReadWrite
+Calendars.ReadWrite
+Chat.ReadWrite
+ChannelMessage.Send
+OnlineMeetings.ReadWrite
+Team.ReadBasic.All
+Files.ReadWrite.All
+Sites.Read.All
+People.Read
+Contacts.Read
+```
+
+Click **Grant admin consent** if you are a tenant admin; otherwise users consent on first sign-in.
+
+### 2. Deploy
+
+This app is a vanilla FastAPI service. Any PaaS that supports Python + Redis works (Railway, Render, Fly, Heroku-style).
+
+**Railway** (matches sibling apps in this repo):
+
+1. Create a new project on [Railway](https://railway.app/)
+2. Deploy from this folder (`plugins/omi-ms365-app`)
+3. Add a **Redis** service
+4. Set environment variables (see `.env.example`):
+
+   ```
+   MICROSOFT_CLIENT_ID=...
+   MICROSOFT_CLIENT_SECRET=...
+   MICROSOFT_TENANT_ID=common
+   MICROSOFT_REDIRECT_URI=https://your-app.up.railway.app/auth/microsoft/callback
+   APP_BASE_URL=https://your-app.up.railway.app
+   SESSION_SECRET=<random 32+ char string>
+   ```
+
+5. Railway auto-installs `requirements.txt` and starts via `railway.toml`.
+6. After deploy, update Azure → **Authentication** with the final redirect URI.
+
+### 3. Register with Omi
+
+Create or update your Omi app and set:
+
+| Field | Value |
+|---|---|
+| **Setup URL** | `https://your-app.up.railway.app/setup/ms365?uid={{uid}}` |
+| **Setup Completed URL** | `https://your-app.up.railway.app/setup_check?uid={{uid}}` |
+| **Chat Tools Manifest URL** | `https://your-app.up.railway.app/.well-known/omi-tools.json` |
+
+The manifest auto-populates absolute endpoint URLs based on `APP_BASE_URL`.
+
+## Local development
+
+```bash
+python3 -m venv venv
+source venv/bin/activate
+pip install -r requirements.txt
+
+cp .env.example .env
+# fill MICROSOFT_CLIENT_ID, MICROSOFT_CLIENT_SECRET, SESSION_SECRET
+
+uvicorn main:app --reload --port 8080
+```
+
+Open `http://localhost:8080/setup/ms365?uid=test-user` to walk the OAuth flow.
+
+Verify a tool:
+
+```bash
+curl -X POST http://localhost:8080/tools/get_me \
+  -H "Content-Type: application/json" \
+  -d '{"uid":"test-user","args":{}}'
+```
+
+## API endpoints
+
+### Chat tools (POST `/tools/{tool_name}`)
+
+| Tool | Description |
+|---|---|
+| `get_me` | Current user profile |
+| `list_mail` | List recent mail |
+| `search_mail` | Full-text search mail |
+| `read_mail` | Read a single message |
+| `send_mail` | Send a message |
+| `list_calendar_events` | List upcoming events |
+| `create_calendar_event` | Create event (optionally a Teams meeting) |
+| `find_free_slots` | Find free slots across attendees |
+| `list_chats` | List Teams chats |
+| `send_chat_message` | Send a Teams chat message |
+| `list_teams` | List Teams the user is a member of |
+| `create_online_meeting` | Create a standalone Teams meeting |
+| `list_recent_files` | Recent OneDrive / SharePoint files |
+| `search_files` | Search files across OneDrive / SharePoint |
+| `upload_text_file` | Upload a text file |
+| `read_file_content` | Read a file's content |
+
+### OAuth & setup (GET)
+
+| Endpoint | Purpose |
+|---|---|
+| `/setup/ms365?uid=...` | Start OAuth flow |
+| `/auth/microsoft/callback` | OAuth redirect target |
+| `/setup_check?uid=...` | Return `{is_setup_completed: bool}` for Omi |
+| `/.well-known/omi-tools.json` | Tool manifest Omi consumes |
+| `/webhook/memory` | Memory webhook (no-op placeholder) |
+
+## Required environment variables
+
+| Variable | Purpose |
+|---|---|
+| `MICROSOFT_CLIENT_ID` | Azure App Registration client id |
+| `MICROSOFT_CLIENT_SECRET` | Azure App Registration client secret |
+| `MICROSOFT_TENANT_ID` | `common` for multi-tenant, or a specific tenant id |
+| `MICROSOFT_REDIRECT_URI` | Must match Azure redirect URI exactly |
+| `APP_BASE_URL` | Public base URL of this service |
+| `SESSION_SECRET` | Random string used to sign OAuth state |
+| `REDIS_URL` | Optional — Redis connection URL for token persistence |
+| `LOG_LEVEL` | `INFO`, `DEBUG`, etc. |
+
+## Project layout
+
+```
+omi-ms365-app/
+├── main.py              # FastAPI app + tool dispatch
+├── config.py            # Settings + Graph scope list
+├── omi-tools.json       # Tool manifest Omi reads
+├── services/
+│   ├── auth.py          # Microsoft OAuth + MSAL
+│   ├── storage.py       # Redis / in-memory token store
+│   ├── graph_client.py  # Throttling-aware Graph HTTP client
+│   ├── profile.py
+│   ├── mail.py
+│   ├── calendar.py
+│   ├── teams.py
+│   └── sharepoint.py
+├── requirements.txt
+├── Procfile
+├── railway.toml
+└── .env.example
+```
+
+## Extending
+
+1. Add a function in `services/<area>.py` with signature `async def foo(user_id: str, ...)`.
+2. Register it in `_TOOLS` in `main.py`.
+3. Add its declaration to `omi-tools.json`.
+
+## License
+
+MIT.
diff --git a/plugins/omi-ms365-app/config.py b/plugins/omi-ms365-app/config.py
@@ -0,0 +1,53 @@
+"""Application configuration loaded from environment variables."""
+from functools import lru_cache
+
+from pydantic_settings import BaseSettings, SettingsConfigDict
+
+
+# Minimal Graph scope set for a full MS365 integration.
+# Adjust in Azure Portal + here in parallel.
+GRAPH_SCOPES: list[str] = [
+    "offline_access",
+    "User.Read",
+    "MailboxSettings.Read",
+    # Mail
+    "Mail.Read",
+    "Mail.Send",
+    "Mail.ReadWrite",
+    # Calendar
+    "Calendars.ReadWrite",
+    # Teams / Chats / Meetings
+    "Chat.ReadWrite",
+    "ChannelMessage.Send",
+    "OnlineMeetings.ReadWrite",
+    "Team.ReadBasic.All",
+    # Files / SharePoint / OneDrive
+    "Files.ReadWrite.All",
+    "Sites.Read.All",
+    # Contacts / People
+    "People.Read",
+    "Contacts.Read",
+]
+
+
+class Settings(BaseSettings):
+    model_config = SettingsConfigDict(env_file=".env", extra="ignore")
+
+    microsoft_client_id: str
+    microsoft_client_secret: str
+    microsoft_tenant_id: str = "common"
+    microsoft_redirect_uri: str = "http://localhost:8080/auth/microsoft/callback"
+
+    app_base_url: str = "http://localhost:8080"
+    session_secret: str
+    redis_url: str | None = None
+    log_level: str = "INFO"
+
+    @property
+    def authority(self) -> str:
+        return f"https://login.microsoftonline.com/{self.microsoft_tenant_id}"
+
+
+@lru_cache
+def get_settings() -> Settings:
+    return Settings()  # type: ignore[call-arg]
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		web: uvicorn main:app --host 0.0.0.0 --port $PORT