gog-cli 0.2.1__py3-none-any.whl

gog_cli/__init__.py

@@ -0,0 +1,5 @@
+"""gog-cli package."""
+
+__all__ = ["__version__"]
+
+__version__ = "0.2.1"

gog_cli/api.py

@@ -0,0 +1,143 @@
+"""GOG API client and TokenStore protocol."""
+
+from __future__ import annotations
+
+from datetime import UTC, datetime
+from typing import Protocol
+
+import requests
+
+from gog_cli import log
+from gog_cli.errors import AuthError, NetworkError
+
+_log = log.get_logger(__name__)
+
+_CLIENT_ID = "46899977096215655"
+_CLIENT_SECRET = "9d85c43b1482497dbbce61f6e4aa173a433796eeae2ca8c5f6129f2dc4de46d9"  # noqa: S105 - Public GOG Galaxy OAuth client credential.
+_TOKEN_URL = "https://auth.gog.com/token"  # noqa: S105 - URL constant, not a secret.
+
+_OWNED_GAMES_URL = "https://embed.gog.com/user/data/games"
+_LIBRARY_URL = "https://embed.gog.com/account/getFilteredProducts"
+_PRODUCT_URL = "https://api.gog.com/products/{product_id}"
+# Unofficial public catalog search endpoint — no authentication required.
+_CATALOG_SEARCH_URL = "https://catalog.gog.com/v1/catalog"
+
+
+class TokenStore(Protocol):
+    def load_tokens(self) -> dict:
+        """Return stored tokens: {"access_token": str, "refresh_token": str, "expires_at": str}"""
+        ...
+
+    def save_tokens(self, tokens: dict) -> None:
+        """Persist updated tokens after a refresh."""
+        ...
+
+
+class GogApiClient:
+    def __init__(self, token_store: TokenStore) -> None:
+        self._token_store = token_store
+        self._session = requests.Session()
+
+    def _access_token(self) -> str:
+        return self._token_store.load_tokens()["access_token"]
+
+    def _auth_headers(self) -> dict[str, str]:
+        return {"Authorization": f"Bearer {self._access_token()}"}
+
+    def _refresh_tokens(self) -> None:
+        tokens = self._token_store.load_tokens()
+        try:
+            resp = self._session.get(
+                _TOKEN_URL,
+                params={
+                    "client_id": _CLIENT_ID,
+                    "client_secret": _CLIENT_SECRET,
+                    "grant_type": "refresh_token",
+                    "refresh_token": tokens["refresh_token"],
+                },
+                timeout=30,
+            )
+            resp.raise_for_status()
+        except requests.HTTPError as exc:
+            raise AuthError(f"token refresh failed: {exc}") from exc
+        except (requests.ConnectionError, requests.Timeout) as exc:
+            raise AuthError(f"token refresh network error: {exc}") from exc
+
+        data = resp.json()
+        expires_at = datetime.fromtimestamp(
+            datetime.now(tz=UTC).timestamp() + data["expires_in"],
+            tz=UTC,
+        ).replace(microsecond=0).isoformat().replace("+00:00", "Z")
+        self._token_store.save_tokens(
+            {
+                **tokens,
+                "access_token": data["access_token"],
+                "refresh_token": data["refresh_token"],
+                "expires_at": expires_at,
+            }
+        )
+
+    def _get(self, url: str, **kwargs: object) -> requests.Response:
+        try:
+            resp = self._session.get(url, headers=self._auth_headers(), timeout=30, **kwargs)
+        except (requests.ConnectionError, requests.Timeout, ConnectionError) as exc:
+            raise NetworkError(f"network error: {exc}") from exc
+
+        if resp.status_code == 401:
+            self._refresh_tokens()
+            try:
+                resp = self._session.get(
+                    url, headers=self._auth_headers(), timeout=30, **kwargs
+                )
+            except (requests.ConnectionError, requests.Timeout, ConnectionError) as exc:
+                raise NetworkError(f"network error: {exc}") from exc
+            if resp.status_code == 401:
+                raise AuthError("authentication failed after token refresh")
+
+        if not resp.ok:
+            raise NetworkError(f"HTTP {resp.status_code}: {log.redact(url)}")
+
+        return resp
+
+    def get_owned_ids(self) -> list[int]:
+        resp = self._get(_OWNED_GAMES_URL)
+        return resp.json()["owned"]
+
+    def get_library_page(self, page: int) -> dict:
+        resp = self._get(_LIBRARY_URL, params={"mediaType": 1, "page": page})
+        return resp.json()
+
+    def get_product_downloads(self, product_id: int) -> dict:
+        url = _PRODUCT_URL.format(product_id=product_id)
+        resp = self._get(url, params={"expand": "downloads"})
+        return resp.json()
+
+    def resolve_downlink_url(self, downlink_url: str) -> tuple[str, str]:
+        resp = self._get(downlink_url)
+        data = resp.json()
+        return data["downlink"], data.get("checksum", "")
+
+
+def search_catalog(query: str, *, page: int = 1) -> dict:
+    """Search the public GOG catalog without authentication.
+
+    Uses an unofficial reverse-engineered endpoint; no stability guarantees.
+    """
+    try:
+        resp = requests.get(
+            _CATALOG_SEARCH_URL,
+            params={
+                "search": query,
+                "limit": 48,
+                "page": page,
+                "order": "desc:relevance",
+                "productType": "in:game",
+            },
+            timeout=30,
+        )
+        resp.raise_for_status()
+    except requests.HTTPError as exc:
+        raise NetworkError(f"catalog search failed: {exc}") from exc
+    except (requests.ConnectionError, requests.Timeout, ConnectionError) as exc:
+        raise NetworkError(f"catalog search network error: {exc}") from exc
+    return resp.json()

gog_cli/aria2c.py

@@ -0,0 +1,136 @@
+"""Delegated downloader via aria2c."""
+
+from __future__ import annotations
+
+import contextlib
+import logging
+import os
+import shutil
+import subprocess
+import tempfile
+from pathlib import Path
+
+from gog_cli.downloader import DownloadResult, _md5_file
+from gog_cli.errors import UsageError
+
+
+def find_aria2c() -> Path | None:
+    """Return path to aria2c binary or None if not found."""
+    found = shutil.which("aria2c")
+    return Path(found) if found else None
+
+
+def check_aria2c(required: bool = True) -> Path:
+    """Return aria2c path or raise UsageError if not found and required=True."""
+    path = find_aria2c()
+    if path is None and required:
+        raise UsageError(
+            "aria2c is not installed or not on PATH. Install it or use --downloader direct."
+        )
+    if path is None:
+        raise UsageError("aria2c not found")
+    return path
+
+
+def download_via_aria2c(
+    url: str,
+    dest: Path,
+    *,
+    headers: dict[str, str] | None = None,
+    expected_size: int | None = None,
+    expected_md5: str | None = None,
+    aria2c_path: Path | None = None,
+    logger: logging.Logger | None = None,
+) -> DownloadResult:
+    log = logger or logging.getLogger(__name__)
+
+    aria2_control = Path(str(dest) + ".aria2")
+    if dest.exists() and not aria2_control.exists():
+        return DownloadResult(status="skipped", path=dest, expected_size=expected_size)
+
+    binary = aria2c_path or check_aria2c()
+    dest.parent.mkdir(parents=True, exist_ok=True)
+
+    # Write URL to a temp file so it doesn't appear in process listings.
+    # The file is written with restrictive permissions before content is added.
+    fd, input_file = tempfile.mkstemp(prefix="gog-aria2c-", suffix=".txt")
+    try:
+        os.chmod(input_file, 0o600)
+        with os.fdopen(fd, "w") as fh:
+            fh.write(url + "\n")
+
+        cmd = [
+            str(binary),
+            "--input-file",
+            input_file,
+            "--dir",
+            str(dest.parent),
+            "--out",
+            dest.name,
+            "--auto-file-renaming=false",
+            "--continue=true",
+            "--split=4",
+            "--max-connection-per-server=4",
+        ]
+
+        # Headers appear in process args — unavoidable with aria2c's CLI interface.
+        if headers:
+            for key, value in headers.items():
+                cmd += ["--header", f"{key}: {value}"]
+
+        log.debug("running aria2c for %s", dest.name)
+        result = subprocess.run(  # noqa: S603
+            cmd,
+        )
+
+        if result.returncode != 0:
+            return DownloadResult(
+                status="failed",
+                expected_size=expected_size,
+                failure_code="aria2c_error",
+                failure_message=f"aria2c exited with code {result.returncode}",
+            )
+
+    finally:
+        with contextlib.suppress(FileNotFoundError):
+            os.unlink(input_file)
+
+    if not dest.exists():
+        return DownloadResult(
+            status="failed",
+            expected_size=expected_size,
+            failure_code="aria2c_error",
+            failure_message="aria2c reported success but output file is missing",
+        )
+
+    actual_size = dest.stat().st_size
+
+    if expected_size is not None and actual_size != expected_size:
+        return DownloadResult(
+            status="failed",
+            path=dest,
+            expected_size=expected_size,
+            failure_code="size_mismatch",
+            failure_message=f"Expected {expected_size} bytes, got {actual_size}",
+        )
+
+    checksum_verified = False
+    if expected_md5 is not None:
+        actual_md5 = _md5_file(dest)
+        if actual_md5 != expected_md5.lower():
+            return DownloadResult(
+                status="failed",
+                path=dest,
+                expected_size=expected_size,
+                failure_code="checksum_mismatch",
+                failure_message="MD5 checksum did not match expected value",
+            )
+        checksum_verified = True
+
+    return DownloadResult(
+        status="verified",
+        path=dest,
+        bytes_downloaded=actual_size,
+        expected_size=expected_size,
+        checksum_verified=checksum_verified,
+    )

gog_cli/auth.py

@@ -0,0 +1,217 @@
+"""Auth commands and FileTokenStore implementation."""
+
+from __future__ import annotations
+
+import argparse
+import os
+import sys
+from datetime import UTC, datetime
+from urllib.parse import parse_qs, urlparse
+
+import requests
+
+from gog_cli import log
+from gog_cli.api import _CLIENT_ID, _CLIENT_SECRET, _TOKEN_URL
+from gog_cli.errors import AuthError, ExitCode, FilesystemError, UsageError
+from gog_cli.state import (
+    AppPaths,
+    StateFileCorruptError,
+    StateFileMissingError,
+    read_json_file,
+    resolve_app_paths,
+    write_json_file_atomic,
+)
+
+_log = log.get_logger(__name__)
+
+_REDIRECT_URI = "https://embed.gog.com/on_login_success?origin=client"
+_USER_DATA_URL = "https://embed.gog.com/userData.json"
+_LOGIN_URL = (
+    "https://auth.gog.com/auth"
+    "?client_id=46899977096215655"
+    "&redirect_uri=https%3A%2F%2Fembed.gog.com%2Fon_login_success%3Forigin%3Dclient"
+    "&response_type=code"
+    "&layout=client2"
+)
+
+
+class FileTokenStore:
+    """Implements TokenStore Protocol using session.json + optional OS keyring."""
+
+    def __init__(self, paths: AppPaths) -> None:
+        self._paths = paths
+        self._keyring_checked = False
+        self._keyring_refresh_token: str | None = None
+
+    def load_tokens(self) -> dict:
+        try:
+            tokens = read_json_file(self._paths.session_state)
+        except StateFileMissingError:
+            raise AuthError("Not logged in. Run: gog auth login") from None
+        except StateFileCorruptError as exc:
+            raise AuthError(f"Session file is corrupt: {exc}") from exc
+        if not self._keyring_checked:
+            self._keyring_refresh_token = _try_load_keyring()
+            self._keyring_checked = True
+        if self._keyring_refresh_token:
+            tokens["refresh_token"] = self._keyring_refresh_token
+        return tokens
+
+    def save_tokens(self, tokens: dict) -> None:
+        try:
+            write_json_file_atomic(self._paths.session_state, tokens)
+            os.chmod(self._paths.session_state, 0o600)
+        except OSError as exc:
+            raise FilesystemError(f"Failed to write session: {exc}") from exc
+        self._keyring_checked = True
+        self._keyring_refresh_token = tokens.get("refresh_token") or None
+        _try_save_keyring(tokens.get("refresh_token", ""))
+
+
+def _try_save_keyring(refresh_token: str) -> None:
+    try:
+        import keyring  # noqa: PLC0415
+        keyring.set_password("gog-cli", "refresh_token", refresh_token)
+    except Exception:  # noqa: BLE001
+        _log.warning("keyring write failed — using file-only token storage")
+
+
+def _try_load_keyring() -> str | None:
+    try:
+        import keyring  # noqa: PLC0415
+
+        return keyring.get_password("gog-cli", "refresh_token")
+    except Exception:  # noqa: BLE001
+        _log.warning("keyring read failed — using file token storage")
+        return None
+
+
+def _try_delete_keyring() -> None:
+    try:
+        import keyring  # noqa: PLC0415
+        keyring.delete_password("gog-cli", "refresh_token")
+    except Exception:  # noqa: BLE001
+        _log.debug("keyring delete failed or token was already absent")
+
+
+def _extract_code(pasted: str) -> str:
+    """Return code= value from a redirect URL, or the raw string if no URL scheme."""
+    pasted = pasted.strip()
+    if not pasted:
+        raise UsageError("No input provided")
+    if pasted.startswith("http"):
+        params = parse_qs(urlparse(pasted).query)
+        codes = params.get("code")
+        if not codes:
+            raise UsageError("No 'code' parameter found in the pasted URL")
+        return codes[0]
+    return pasted
+
+
+def _exchange_code(code: str) -> dict:
+    try:
+        resp = requests.get(
+            _TOKEN_URL,
+            params={
+                "client_id": _CLIENT_ID,
+                "client_secret": _CLIENT_SECRET,
+                "grant_type": "authorization_code",
+                "code": code,
+                "redirect_uri": _REDIRECT_URI,
+            },
+            timeout=30,
+        )
+        resp.raise_for_status()
+    except requests.HTTPError as exc:
+        raise AuthError(f"Token exchange failed: {exc}") from exc
+    except (requests.ConnectionError, requests.Timeout) as exc:
+        raise AuthError(f"Token exchange network error: {exc}") from exc
+    return resp.json()
+
+
+def _fetch_username(access_token: str) -> str:
+    try:
+        resp = requests.get(
+            _USER_DATA_URL,
+            headers={"Authorization": f"Bearer {access_token}"},
+            timeout=30,
+        )
+        resp.raise_for_status()
+    except (requests.HTTPError, requests.ConnectionError, requests.Timeout) as exc:
+        raise AuthError(f"Failed to fetch user info: {exc}") from exc
+    return resp.json().get("username", "")
+
+
+def handle_auth_login(_args: argparse.Namespace) -> int:
+    paths = resolve_app_paths()
+    print(f"\nOpen this URL in your browser and log in:\n\n  {_LOGIN_URL}\n")
+    print("After logging in, paste the full redirect URL (or just the code value):")
+    print("> ", end="", flush=True)
+    try:
+        pasted = sys.stdin.readline()
+    except (EOFError, KeyboardInterrupt) as exc:
+        raise UsageError("Login cancelled") from exc
+
+    code = _extract_code(pasted)
+    token_data = _exchange_code(code)
+
+    access_token = token_data["access_token"]
+    refresh_token = token_data["refresh_token"]
+    expires_in = int(token_data.get("expires_in", 3600))
+    user_id = str(token_data.get("user_id", ""))
+
+    expires_at = datetime.fromtimestamp(
+        datetime.now(tz=UTC).timestamp() + expires_in,
+        tz=UTC,
+    ).replace(microsecond=0).isoformat().replace("+00:00", "Z")
+
+    username = _fetch_username(access_token)
+
+    store = FileTokenStore(paths)
+    store.save_tokens(
+        {
+            "access_token": access_token,
+            "refresh_token": refresh_token,
+            "expires_at": expires_at,
+            "user_id": user_id,
+            "username": username,
+        }
+    )
+
+    print(f"Logged in as {username}.")
+    return ExitCode.SUCCESS
+
+
+def handle_auth_status(_args: argparse.Namespace) -> int:
+    paths = resolve_app_paths()
+    store = FileTokenStore(paths)
+    try:
+        tokens = store.load_tokens()
+    except AuthError as exc:
+        print(str(exc), file=sys.stderr)
+        return ExitCode.AUTH
+
+    expires_at_str = tokens.get("expires_at", "")
+    try:
+        expires_at = datetime.fromisoformat(expires_at_str.replace("Z", "+00:00"))
+    except (ValueError, AttributeError):
+        expires_at = None
+
+    if expires_at is not None and datetime.now(tz=UTC) > expires_at:
+        print("Token expired. Run: gog auth login", file=sys.stderr)
+        return ExitCode.AUTH
+
+    username = tokens.get("username", "unknown")
+    print(f"Logged in as {username}. Token expires {expires_at_str}.")
+    return ExitCode.SUCCESS
+
+
+def handle_auth_logout(_args: argparse.Namespace) -> int:
+    paths = resolve_app_paths()
+    try:
+        paths.session_state.unlink(missing_ok=True)
+    except OSError as exc:
+        raise FilesystemError(f"Failed to remove session: {exc}") from exc
+    _try_delete_keyring()
+    print("Logged out.")
+    return ExitCode.SUCCESS

gog_cli/backup.py

@@ -0,0 +1,197 @@
+"""Backup planning and game selection."""
+
+from __future__ import annotations
+
+import shutil
+from dataclasses import dataclass, field
+from pathlib import Path
+from typing import Literal
+
+from gog_cli.errors import UsageError
+from gog_cli.layout import BackupLayout, sanitize_filename
+
+ActionType = Literal["download", "skip", "verify", "conflict"]
+
+
+@dataclass
+class FileSpec:
+    """A file to be downloaded as part of a backup."""
+
+    source_id: str
+    role: str
+    platform: str | None
+    language: str | None
+    version: str | None
+    expected_size: int | None
+    expected_md5: str | None
+    downlink_url: str
+    checksum_url: str | None
+    filename: str | None = None
+
+
+@dataclass
+class PlannedFile:
+    """One file in a backup plan."""
+
+    spec: FileSpec
+    dest: Path
+    action: ActionType
+    skip_reason: str | None = None
+
+
+@dataclass
+class BackupPlan:
+    """Full plan for a backup run."""
+
+    destination: Path
+    games: list[str]
+    planned: list[PlannedFile]
+    disk_required_bytes: int
+    disk_free_bytes: int | None = None
+    orphaned_local_files: list[Path] = field(default_factory=list)
+    warnings: list[str] = field(default_factory=list)
+
+    @property
+    def downloads(self) -> list[PlannedFile]:
+        return [p for p in self.planned if p.action == "download"]
+
+    @property
+    def skips(self) -> list[PlannedFile]:
+        return [p for p in self.planned if p.action == "skip"]
+
+
+_ROLE_DIR = {
+    "installer": "installers",
+    "patch": "patches",
+    "extra": "extras",
+    "language_pack": "language-packs",
+    "manual": "manuals",
+}
+
+
+def _role_dir(layout: BackupLayout, game_dir: Path, role: str) -> Path:
+    subdir = _ROLE_DIR.get(role, "other")
+    return game_dir / subdir
+
+
+def plan_backup(
+    destination: Path,
+    games: list[dict],
+    downloads: dict[str, list[FileSpec]],
+    layout: BackupLayout,
+    *,
+    platforms: list[str] | None = None,
+    languages: list[str] | None = None,
+    file_roles: list[str] | None = None,
+) -> BackupPlan:
+    planned: list[PlannedFile] = []
+    product_ids: list[str] = []
+    game_dirs: list[Path] = []
+    disk_required_bytes = 0
+
+    for game in games:
+        product_id = _game_product_id(game)
+        slug = sanitize_filename(game.get("slug") or product_id)
+        game_dir = layout.game_dir(slug)
+        product_ids.append(product_id)
+        game_dirs.append(game_dir)
+
+        specs = downloads.get(product_id, [])
+        for spec in specs:
+            dest_dir = _role_dir(layout, game_dir, spec.role)
+            dest = dest_dir / sanitize_filename(spec.filename or spec.source_id)
+
+            if platforms and spec.platform and spec.platform not in platforms:
+                planned.append(PlannedFile(
+                    spec=spec, dest=dest, action="skip", skip_reason="platform_not_selected"
+                ))
+                continue
+            if languages and spec.language and spec.language not in languages:
+                planned.append(PlannedFile(
+                    spec=spec, dest=dest, action="skip", skip_reason="language_not_selected"
+                ))
+                continue
+            if file_roles and spec.role not in file_roles:
+                planned.append(PlannedFile(
+                    spec=spec, dest=dest, action="skip", skip_reason="role_not_selected"
+                ))
+                continue
+
+            if dest.exists():
+                planned.append(
+                    PlannedFile(spec=spec, dest=dest, action="skip", skip_reason="already_exists")
+                )
+            else:
+                planned.append(PlannedFile(spec=spec, dest=dest, action="download"))
+                if spec.expected_size:
+                    disk_required_bytes += spec.expected_size
+
+    planned_dests = {pf.dest for pf in planned}
+    orphaned_local_files: list[Path] = []
+    for game_dir in game_dirs:
+        if not game_dir.exists():
+            continue
+        for path in game_dir.rglob("*"):
+            if not path.is_file():
+                continue
+            if path.name == "manifest.json" or path.suffix == ".tmp":
+                continue
+            if path not in planned_dests:
+                orphaned_local_files.append(path)
+
+    disk_free_bytes: int | None = None
+    if destination.exists():
+        disk_free_bytes = shutil.disk_usage(destination).free
+
+    return BackupPlan(
+        destination=destination,
+        games=product_ids,
+        planned=planned,
+        disk_required_bytes=disk_required_bytes,
+        disk_free_bytes=disk_free_bytes,
+        orphaned_local_files=orphaned_local_files,
+    )
+
+
+def _game_product_id(game: dict) -> str:
+    return str(game.get("product_id", game.get("id", "")))
+
+
+def _match_game(game: dict, selector: str) -> bool:
+    if _game_product_id(game) == selector:
+        return True
+    if game.get("slug", "") == selector:
+        return True
+    return (game.get("title", "") or "").lower() == selector.lower()
+
+
+def select_games(
+    library: list[dict],
+    *,
+    game_selectors: list[str] | None = None,
+    exclude: list[str] | None = None,
+    all_games: bool = False,
+) -> list[dict]:
+    if all_games and game_selectors:
+        raise UsageError("--all and --game cannot be used together")
+
+    if all_games:
+        selected = list(library)
+    elif game_selectors:
+        selected = []
+        for selector in game_selectors:
+            matches = [g for g in library if _match_game(g, selector)]
+            if not matches:
+                raise UsageError(f"No game found matching {selector!r}")
+            if len(matches) > 1:
+                titles = ", ".join(str(g.get("title", g.get("id"))) for g in matches)
+                raise UsageError(f"Selector {selector!r} matches multiple games: {titles}")
+            selected.append(matches[0])
+    else:
+        selected = []
+
+    if exclude:
+        for selector in exclude:
+            selected = [g for g in selected if not _match_game(g, selector)]
+
+    return selected