# SharePoint Connector for SaaS Applications

Enterprise-grade SharePoint integration for SaaS applications. Features secure OAuth 2.0, multi-tenant isolation, automatic text extraction, and AI-powered document chat (RAG) using local or cloud LLMs.

## Quick Start - Local Development

### 1. Install Dependencies
```bash
python3 -m venv venv
source venv/bin/activate  # Windows: .\venv\Scripts\activate
pip install -r requirements.txt

2. Start Required Services (Docker)
You need local instances of DynamoDB (for configurations/sessions) and PostgreSQL with pgvector (for document embeddings).

# Start DynamoDB Local
docker run -p 8000:8000 amazon/dynamodb-local

# Start PostgreSQL with pgvector
docker run -d --name postgres-vector -e POSTGRES_PASSWORD=postgres -e POSTGRES_DB=sharepoint_vectors -p 5432:5432 pgvector/pgvector:pg16

3. Start Ollama (For AI & Embeddings)
Ensure Ollama is installed (ollama.ai) and pull the necessary models:
ollama pull llama3.2
ollama pull nomic-embed-text

4. Configure Environment Variables
Create a .env file in the root directory. Here are the core variables you need:
# --- CORE APP ---
AS BEFORE!

# --- TOOTHFAIRYAI AGENT INTEGRATION (NEW, ALL FIELDS REQUIRED) ---
TOOTHFAIRYAI_API_KEY=your_api_key_here
TOOTHFAIRYAI_WORKSPACE_ID=your_workspace_uuid_here
TOOTHFAIRYAI_API_URL=[https://api.toothfairyai.com](https://api.toothfairyai.com)
NGROK_URL=[https://your-url.ngrok-free.app](https://your-url.ngrok-free.app)

5. Run the Application
python app_dev.py

Open http://localhost:5001 in your browser. Enter your Azure Client ID, Client Secret, and Tenant ID in the UI to connect your SharePoint account.

Azure App Registration Setup
To connect to SharePoint, you must register an app in the Azure Portal:

Go to Azure Active Directory -> App registrations -> New registration.

Set Supported account types to Multi-tenant.

Set Redirect URI to http://localhost:5001/sharepoint/callback (update for production).

Save your Application (client) ID and Directory (tenant) ID.

Under Certificates & secrets, create a new client secret and copy the Value.

Under API permissions, add Delegated permissions for Microsoft Graph: User.Read, Sites.Read.All, Files.Read.All, offline_access.

Production Deployment (AWS ECS)
For production, the app is designed to run on AWS ECS Fargate.

Database: Use a managed AWS DynamoDB table and an RDS PostgreSQL instance.

Environment: Run python app.py instead of app_dev.py.

Security: Assign an IAM Task Role to the ECS container with strict DynamoDB permissions. Store the FLASK_SECRET_KEY in AWS Secrets Manager.

Routing: Place the ECS service behind an Application Load Balancer (ALB) configured with HTTPS.