r_cal 0.2.0 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3197ee3a981b8c987ffc5aaf6e2676a91e602359562e7143ed9158d712e43711
-  data.tar.gz: 26d484aa6eb13877e489215f353c6f035d208e054201643ca346aa19ba8c74fd
+  metadata.gz: 4d4cff3f1a013f82eff5da8efdac73b13a54a635114548761e5cfc1e2fb7a640
+  data.tar.gz: ce3a5dc855b2cb920d9b0c1049d90e4f816ea6dc9e2ba38e2641a401d661fee3
 SHA512:
-  metadata.gz: 507cdd4df0c1ac7c015632e230a34230bc3925c824e4398b25127ba8077f30595e842318d6d5dbafe4ed2f1090c68ad4eeea7f262162d54ee25592295da3da56
-  data.tar.gz: 36b299e87193a9fae11871056449ff89d552e8cbec669ebce391cd133591473300ff0d8968b9ceae09555bcc4fca2ef87ff5b4c0ff6e67ffbe98a105f1bc5d42
+  metadata.gz: 34284778d797f4ab14c4d61d11bb165b92e79a1afec75e8d1a8ce31ce65d4312901d252b18e1a014e8f92ba603c30947d00b062df5ba14196e01c40e1d10c43c
+  data.tar.gz: 41a75ef2f8135fe1d7294d4dfb056eb09d89e316739525ea19f744e79b7db6282b316fe88c43abaeaa1c0aaef137cb9e8d82e6bd67e420e564bc6fb4d278a039

data/CHANGELOG.md

@@ -0,0 +1,43 @@
+# Changelog
+
+## [Unreleased]
+
+## [0.2.1] - 2026-02-26
+
+### Fixed
+
+- Improved auth flow: replaced deprecated OOB OAuth with loopback (with headless fallback), unified token storage, fixed auto-refresh for stored tokens, and improved error handling ([#12])
+
+## [0.2.0] - 2026-02-26
+
+### Added
+
+- Ability to specify or change an event's color when adding or editing ([#4])
+- Recurring event support ([#5])
+- Ability to mark events as "free" for scheduling/planning purposes ([#6])
+- Basic CI workflow
+
+### Fixed
+
+- Time parsing now uses the user's local timezone instead of system timezone (UTC), which caused events to appear hours off for non-UTC users ([#1])
+
+## [0.1.1] - 2026-02-26
+
+### Fixed
+
+- `--days` flag and date range arguments causing "no implicit conversion of Date into String" error ([#3])
+
+## [0.1.0] - 2026-02-06
+
+### Added
+
+- Initial release
+- Google Calendar CLI with natural language date parsing (via Chronic)
+- Event management: create (`add`, `quick`), edit, and view (`agenda`) events
+- ICS file import with calendar selection
+- Predicate filtering (`--must-be`, `--must-not-be`) for recurring, declined, all-day, one-on-one, and more
+- Multiple calendar support
+- Duration parsing (`30m`, `1h30m`, `1.5h`)
+- Calendar listing
+- OAuth 2.0 authentication via `rcal init`
+- XDG Base Directory compliant configuration

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    r_cal (0.1.1)
+    r_cal (0.2.0)
       chronic (~> 0.10)
       chronic_duration (~> 0.10)
       cli-kit (~> 5.2.0)
@@ -210,7 +210,7 @@ CHECKSUMS
   prism (1.9.0) sha256=7b530c6a9f92c24300014919c9dcbc055bf4cdf51ec30aed099b06cd6674ef85
   pstore (0.2.0) sha256=d6e5c7e8e22392235e88bbe82959059ba768a797b5bd0ebf5ac80a3311ce74a8
   public_suffix (7.0.2) sha256=9114090c8e4e7135c1fd0e7acfea33afaab38101884320c65aaa0ffb8e26a857
-  r_cal (0.1.1)
+  r_cal (0.2.0)
   racc (1.8.1) sha256=4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f
   rainbow (3.1.1) sha256=039491aa3a89f42efa1d6dec2fc4e62ede96eb6acd95e52f1ad581182b79bc6a
   rake (13.3.1) sha256=8c9e89d09f66a26a01264e7e3480ec0607f0c497a861ef16063604b1b08eb19c

data/lib/rcal/adapters/auth/base.rb

@@ -10,6 +10,10 @@ module Rcal
           raise NotImplementedError, "#{self.class} must implement #load_credentials"
         end
 
+        def load_client_credentials
+          raise NotImplementedError, "#{self.class} must implement #load_client_credentials"
+        end
+
         def authenticated?
           raise NotImplementedError, "#{self.class} must implement #authenticated?"
         end
@@ -21,6 +25,14 @@ module Rcal
         def clear_credentials
           raise NotImplementedError, "#{self.class} must implement #clear_credentials"
         end
+
+        def token_path
+          raise NotImplementedError, "#{self.class} must implement #token_path"
+        end
+
+        def client_credentials_path
+          raise NotImplementedError, "#{self.class} must implement #client_credentials_path"
+        end
       end
     end
   end

data/lib/rcal/adapters/auth/google.rb

@@ -1,4 +1,5 @@
 require "json"
+require "yaml"
 require "fileutils"
 require_relative "base"
 
@@ -6,33 +7,43 @@ module Rcal
   module Adapters
     module Auth
       class Google < Base
-        def self.default_token_path
-          base = ENV.fetch("XDG_DATA_HOME") { File.join(ENV.fetch("HOME"), ".local", "share") }
-          File.join(base, "rcal", "tokens.json")
-        end
+        SCOPES = [
+          "https://www.googleapis.com/auth/calendar.readonly",
+          "https://www.googleapis.com/auth/calendar.events"
+        ].freeze
+
+        TOKEN_FILENAME = "google_tokens.yaml"
+        CLIENT_CREDENTIALS_FILENAME = "client_credentials.json"
+        LEGACY_TOKEN_FILENAME = "tokens.json"
 
-        def initialize(token_path: self.class.default_token_path)
-          @token_path = token_path
+        def initialize(data_dir:)
+          @data_dir = data_dir
         end
 
         def store_credentials(credentials)
           ensure_directory_exists
 
           token_data = {
+            "client_id" => credentials.client_id,
             "access_token" => credentials.access_token,
             "refresh_token" => credentials.refresh_token,
-            "expires_at" => credentials.expires_at.to_i
+            "scope" => Array(credentials.scope),
+            "expiration_time_millis" => (credentials.expires_at.to_i * 1000)
           }
 
-          File.write(@token_path, JSON.generate(token_data))
-          File.chmod(0o600, @token_path)
+          yaml_data = {"default" => JSON.generate(token_data)}
+          File.write(token_path, YAML.dump(yaml_data))
+          File.chmod(0o600, token_path)
         end
 
         def load_credentials
-          return nil unless File.exist?(@token_path)
+          return nil unless File.exist?(token_path)
 
-          JSON.parse(File.read(@token_path))
-        rescue JSON::ParserError
+          yaml_data = YAML.safe_load_file(token_path)
+          return nil unless yaml_data&.key?("default")
+
+          JSON.parse(yaml_data["default"])
+        rescue JSON::ParserError, Psych::SyntaxError
           nil
         end
 
@@ -40,6 +51,9 @@ module Rcal
           creds = load_credentials
           return false if creds.nil?
 
+          client_creds = load_client_credentials
+          return false if client_creds.nil?
+
           # Need at least a refresh token to be considered authenticated
           # (we can refresh expired access tokens)
           !creds["refresh_token"].nil? && !creds["refresh_token"].empty?
@@ -49,21 +63,43 @@ module Rcal
           creds = load_credentials
           return true if creds.nil?
 
-          expires_at = creds["expires_at"]
-          return true if expires_at.nil?
+          expiration = creds["expiration_time_millis"]
+          return true if expiration.nil?
 
-          Time.at(expires_at) <= Time.now
+          Time.at(expiration / 1000) <= Time.now
         end
 
         def clear_credentials
-          FileUtils.rm_f(@token_path)
+          FileUtils.rm_f(token_path)
+          # Clean up legacy token file if it exists from a previous version
+          FileUtils.rm_f(legacy_token_path)
+        end
+
+        def load_client_credentials
+          creds_file = client_credentials_path
+          return nil unless File.exist?(creds_file)
+
+          JSON.parse(File.read(creds_file))
+        rescue JSON::ParserError
+          nil
+        end
+
+        def token_path
+          File.join(@data_dir, TOKEN_FILENAME)
+        end
+
+        def client_credentials_path
+          File.join(@data_dir, CLIENT_CREDENTIALS_FILENAME)
         end
 
         private
 
+        def legacy_token_path
+          File.join(@data_dir, LEGACY_TOKEN_FILENAME)
+        end
+
         def ensure_directory_exists
-          dir = File.dirname(@token_path)
-          FileUtils.mkdir_p(dir) unless File.directory?(dir)
+          FileUtils.mkdir_p(@data_dir) unless File.directory?(@data_dir)
         end
       end
     end

data/lib/rcal/adapters/calendar/google.rb

@@ -1,5 +1,6 @@
 require "time"
 require "google/apis/calendar_v3"
+require "signet"
 require_relative "base"
 require_relative "../../models/calendar"
 require_relative "../../models/event"
@@ -8,65 +9,89 @@ module Rcal
   module Adapters
     module Calendar
       class Google < Base
+        AUTH_ERROR_MESSAGE = "Authentication expired or revoked. Run 'rcal init' to re-authenticate."
+
         def initialize(service:)
           @service = service
         end
 
         def list_calendars
-          response = @service.list_calendar_lists
-          items = response.items || []
+          with_auth_handling do
+            response = @service.list_calendar_lists
+            items = response.items || []
 
-          items.map { |cal| build_calendar(cal) }
+            items.map { |cal| build_calendar(cal) }
+          end
         end
 
         def get_calendar(calendar_id:)
-          google_calendar = @service.get_calendar(calendar_id)
-          build_calendar(google_calendar)
+          with_auth_handling do
+            google_calendar = @service.get_calendar(calendar_id)
+            build_calendar(google_calendar)
+          end
         end
 
         def list_events(calendar_id:, time_min:, time_max:)
-          response = @service.list_events(
-            calendar_id,
-            time_min: time_min.iso8601,
-            time_max: time_max.iso8601,
-            single_events: true,
-            order_by: "startTime"
-          )
+          with_auth_handling do
+            response = @service.list_events(
+              calendar_id,
+              time_min: time_min.iso8601,
+              time_max: time_max.iso8601,
+              single_events: true,
+              order_by: "startTime"
+            )
 
-          items = response.items || []
+            items = response.items || []
 
-          items.map { |evt| build_event(evt, calendar_id: calendar_id) }
+            items.map { |evt| build_event(evt, calendar_id: calendar_id) }
+          end
         end
 
         def get_event(calendar_id:, event_id:)
-          google_event = @service.get_event(calendar_id, event_id)
-          build_event(google_event, calendar_id: calendar_id)
+          with_auth_handling do
+            google_event = @service.get_event(calendar_id, event_id)
+            build_event(google_event, calendar_id: calendar_id)
+          end
         end
 
         def create_event(calendar_id:, event:)
-          google_event = build_google_event(event)
-          response = @service.insert_event(calendar_id, google_event)
-          build_event(response, calendar_id: calendar_id)
+          with_auth_handling do
+            google_event = build_google_event(event)
+            response = @service.insert_event(calendar_id, google_event)
+            build_event(response, calendar_id: calendar_id)
+          end
         end
 
         def update_event(calendar_id:, event_id:, event:)
-          google_event = build_google_event(event)
-          response = @service.update_event(calendar_id, event_id, google_event)
-          build_event(response, calendar_id: calendar_id)
+          with_auth_handling do
+            google_event = build_google_event(event)
+            response = @service.update_event(calendar_id, event_id, google_event)
+            build_event(response, calendar_id: calendar_id)
+          end
         end
 
         def delete_event(calendar_id:, event_id:)
-          @service.delete_event(calendar_id, event_id)
-          true
+          with_auth_handling do
+            @service.delete_event(calendar_id, event_id)
+            true
+          end
         end
 
         def quick_add(calendar_id:, text:)
-          response = @service.quick_add_event(calendar_id, text)
-          build_event(response, calendar_id: calendar_id)
+          with_auth_handling do
+            response = @service.quick_add_event(calendar_id, text)
+            build_event(response, calendar_id: calendar_id)
+          end
         end
 
         private
 
+        def with_auth_handling
+          yield
+        rescue ::Google::Apis::AuthorizationError, Signet::AuthorizationError
+          raise CLI::Kit::Abort, AUTH_ERROR_MESSAGE
+        end
+
         def build_calendar(google_calendar)
           Rcal::Calendar.new(
             id: google_calendar.id,

data/lib/rcal/auth.rb

@@ -24,6 +24,18 @@ module Rcal
         adapter.clear_credentials
       end
 
+      def load_client_credentials
+        adapter.load_client_credentials
+      end
+
+      def token_path
+        adapter.token_path
+      end
+
+      def client_credentials_path
+        adapter.client_credentials_path
+      end
+
       def adapter
         @adapter ||= default_adapter
       end
@@ -38,7 +50,7 @@ module Rcal
 
       def default_adapter
         Adapters::Auth::Google.new(
-          token_path: File.join(Configuration.data_dir, "tokens.json")
+          data_dir: Configuration.data_dir
         )
       end
     end

data/lib/rcal/calendar_service.rb

@@ -2,6 +2,7 @@ require "json"
 require "yaml"
 require "google/apis/calendar_v3"
 require "googleauth"
+require "googleauth/stores/file_token_store"
 require_relative "adapters/calendar/google"
 require_relative "auth"
 require_relative "config"
@@ -67,40 +68,29 @@ module Rcal
         service
       end
 
+      # Load credentials via UserAuthorizer so refreshed tokens are
+      # automatically persisted back to google_tokens.yaml via the
+      # on_refresh callback (see UserAuthorizer#monitor_credentials).
       def load_credentials
-        client_creds = load_client_credentials
-        token_data = load_google_token_data
+        client_creds = Auth.load_client_credentials
+        return nil if client_creds.nil?
 
-        return nil if client_creds.nil? || token_data.nil?
-
-        Google::Auth::UserRefreshCredentials.new(
-          client_id: client_creds["client_id"],
-          client_secret: client_creds["client_secret"],
-          access_token: token_data["access_token"],
-          refresh_token: token_data["refresh_token"],
-          expires_at: token_data["expiration_time_millis"] ? Time.at(token_data["expiration_time_millis"] / 1000) : nil
+        token_store = Google::Auth::Stores::FileTokenStore.new(
+          file: Auth.token_path
         )
-      end
 
-      def load_client_credentials
-        creds_file = File.join(Configuration.data_dir, "client_credentials.json")
-        return nil unless File.exist?(creds_file)
-
-        JSON.parse(File.read(creds_file))
-      rescue JSON::ParserError
-        nil
-      end
-
-      def load_google_token_data
-        token_file = File.join(Configuration.data_dir, "google_tokens.yaml")
-        return nil unless File.exist?(token_file)
+        client_id = Google::Auth::ClientId.new(
+          client_creds["client_id"],
+          client_creds["client_secret"]
+        )
 
-        yaml_data = YAML.safe_load_file(token_file)
-        return nil unless yaml_data&.key?("default")
+        authorizer = Google::Auth::UserAuthorizer.new(
+          client_id,
+          Adapters::Auth::Google::SCOPES,
+          token_store
+        )
 
-        JSON.parse(yaml_data["default"])
-      rescue JSON::ParserError, Psych::SyntaxError
-        nil
+        authorizer.get_credentials("default")
       end
     end
   end

data/lib/rcal/commands/init.rb

@@ -1,18 +1,17 @@
 require "json"
+require "socket"
+require "uri"
 require "rcal"
 require "googleauth"
 require "googleauth/stores/file_token_store"
 require_relative "../auth"
+require_relative "../adapters/auth/google"
 
 module Rcal
   module Commands
     class Init < Rcal::Command
-      SCOPES = [
-        "https://www.googleapis.com/auth/calendar.readonly",
-        "https://www.googleapis.com/auth/calendar.events"
-      ].freeze
-
-      OOB_URI = "urn:ietf:wg:oauth:2.0:oob".freeze
+      CALLBACK_PATH = "/oauth2callback"
+      LISTEN_ADDRESS = "127.0.0.1"
 
       def self.help
         <<~HELP
@@ -104,51 +103,178 @@ module Rcal
         client_id_obj = Google::Auth::ClientId.new(client_id, client_secret)
 
         token_store = Google::Auth::Stores::FileTokenStore.new(
-          file: File.join(Rcal::Configuration.data_dir, "google_tokens.yaml")
+          file: Auth.token_path
         )
 
+        redirect_uri = start_loopback_server
+
         authorizer = Google::Auth::UserAuthorizer.new(
           client_id_obj,
-          SCOPES,
-          token_store
+          Adapters::Auth::Google::SCOPES,
+          token_store,
+          callback_uri: redirect_uri
         )
 
         # Check if we already have credentials
         credentials = authorizer.get_credentials("default")
-        return authorizer if credentials
+        if credentials
+          stop_loopback_server
+          return authorizer
+        end
 
         # Need to perform OAuth flow
-        url = authorizer.get_authorization_url(base_url: OOB_URI)
+        url = authorizer.get_authorization_url(base_url: redirect_uri)
 
         puts CLI::UI.fmt("{{bold:Open this URL in your browser to authorize rcal:}}")
         puts ""
         puts url
         puts ""
 
-        # Open browser automatically if possible
-        open_browser(url)
+        code = obtain_authorization_code(url)
 
-        puts CLI::UI.fmt("{{bold:Enter the authorization code:}}")
-        code = CLI::UI.ask("")
+        if code.nil? || code.empty?
+          stop_loopback_server
+          raise CLI::Kit::Abort, "No authorization code received."
+        end
 
         authorizer.get_and_store_credentials_from_code(
           user_id: "default",
           code: code,
-          base_url: OOB_URI
+          base_url: redirect_uri
         )
 
         authorizer
+      ensure
+        stop_loopback_server
+      end
+
+      def start_loopback_server
+        @server = TCPServer.new(LISTEN_ADDRESS, 0)
+        port = @server.addr[1]
+        "http://#{LISTEN_ADDRESS}:#{port}"
+      end
+
+      def stop_loopback_server
+        @server&.close
+        @server = nil
+      rescue IOError
+        @server = nil
+      end
+
+      def obtain_authorization_code(url)
+        browser_opened = open_browser(url)
+
+        if browser_opened
+          obtain_code_via_loopback
+        else
+          obtain_code_via_manual_entry
+        end
+      end
+
+      # Wait for Google to redirect back to our loopback server and
+      # extract the authorization code from the request.
+      def obtain_code_via_loopback
+        puts CLI::UI.fmt("{{info:Waiting for authorization in your browser...}}")
+
+        client = @server.accept
+        request_line = client.gets
+
+        # Parse the code from the GET request
+        code = extract_code_from_request(request_line)
+
+        if code
+          client.print "HTTP/1.1 200 OK\r\n"
+          client.print "Content-Type: text/html\r\n"
+          client.print "\r\n"
+          client.print success_html
+        else
+          error = extract_error_from_request(request_line)
+          client.print "HTTP/1.1 200 OK\r\n"
+          client.print "Content-Type: text/html\r\n"
+          client.print "\r\n"
+          client.print failure_html(error)
+        end
+
+        client.close
+        code
+      end
+
+      # For headless environments: ask the user to paste the redirect URL
+      # from their browser's address bar after authorizing.
+      def obtain_code_via_manual_entry
+        puts ""
+        puts CLI::UI.fmt("{{bold:After authorizing, your browser will redirect to a localhost URL.}}")
+        puts CLI::UI.fmt("{{bold:Copy the full URL from your browser's address bar and paste it here:}}")
+        response = CLI::UI.ask("")
+
+        # The user may paste a full URL or just the code
+        if response.include?("code=")
+          uri = URI.parse(response)
+          params = URI.decode_www_form(uri.query || "")
+          params.assoc("code")&.last
+        else
+          response.strip
+        end
+      rescue URI::InvalidURIError
+        # If the URL can't be parsed, try treating the whole thing as a code
+        response&.strip
+      end
+
+      def extract_code_from_request(request_line)
+        return nil unless request_line
+
+        path = request_line.split(" ")[1]
+        return nil unless path
+
+        uri = URI.parse("http://localhost#{path}")
+        params = URI.decode_www_form(uri.query || "")
+        params.assoc("code")&.last
+      rescue URI::InvalidURIError
+        nil
+      end
+
+      def extract_error_from_request(request_line)
+        return "Unknown error" unless request_line
+
+        path = request_line.split(" ")[1]
+        return "Unknown error" unless path
+
+        uri = URI.parse("http://localhost#{path}")
+        params = URI.decode_www_form(uri.query || "")
+        params.assoc("error")&.last || "Unknown error"
+      rescue URI::InvalidURIError
+        "Unknown error"
+      end
+
+      def success_html
+        <<~HTML
+          <html><body>
+            <h1>Authorization successful!</h1>
+            <p>You can close this window and return to rcal.</p>
+          </body></html>
+        HTML
+      end
+
+      def failure_html(error)
+        <<~HTML
+          <html><body>
+            <h1>Authorization failed</h1>
+            <p>Error: #{error}</p>
+            <p>Please try again with <code>rcal init</code>.</p>
+          </body></html>
+        HTML
       end
 
       def open_browser(url)
         require "launchy"
         Launchy.open(url)
+        true
       rescue LoadError, StandardError
-        # Launchy not available or failed, user will need to copy URL manually
+        false
       end
 
       def store_client_credentials(client_id, client_secret)
-        credentials_file = File.join(Rcal::Configuration.data_dir, "client_credentials.json")
+        credentials_file = Auth.client_credentials_path
         data = {"client_id" => client_id, "client_secret" => client_secret}
         File.write(credentials_file, JSON.generate(data))
         File.chmod(0o600, credentials_file)

data/lib/rcal/recurrence_builder.rb

@@ -104,7 +104,7 @@ module Rcal
         # Google Calendar accepts both; we use the date-only form for simplicity.
         date = Date.parse(until_date.to_s)
         date.strftime("%Y%m%dT235959Z")
-      rescue Date::Error, ArgumentError
+      rescue ArgumentError
         raise Rcal::Error,
           "Could not parse until date: #{until_date}. Use a date like '2024-12-31'."
       end

data/lib/rcal/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Rcal
-  VERSION = "0.2.0"
+  VERSION = "0.2.1"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: r_cal
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.1
 platform: ruby
 authors:
 - Drew Bragg
@@ -257,6 +257,7 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- CHANGELOG.md
 - Gemfile
 - Gemfile.lock
 - LICENSE