gogkeep 0.1.0__tar.gz

gogkeep-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Evgeny Yakimov
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

gogkeep-0.1.0/PKG-INFO

@@ -0,0 +1,17 @@
+Metadata-Version: 2.4
+Name: gogkeep
+Version: 0.1.0
+Summary: CLI interface for Google Keep matching gog style
+Author-email: John <john@example.com>
+Requires-Python: >=3.12
+License-File: LICENSE
+Requires-Dist: gkeepapi
+Requires-Dist: gpsoauth
+Requires-Dist: click
+Requires-Dist: tabulate
+Requires-Dist: keyring
+Requires-Dist: keyrings.alt
+Requires-Dist: keyring-pass
+Requires-Dist: cryptography
+Requires-Dist: websockets>=16.0
+Dynamic: license-file

gogkeep-0.1.0/README.md

@@ -0,0 +1,72 @@
+# gogkeep
+
+Google Keep CLI matching the style and interface of [gogcli](https://github.com/steipete/gogcli).
+
+## Installation
+
+```bash
+pip install .
+```
+
+Or for `pipx`:
+```bash
+pipx install .
+```
+
+## Authentication (Master Token Auth workflow)
+
+Google Keep API access via `gkeepapi` requires a Master Token. To obtain it, use the `login` command:
+
+```bash
+gogkeep login --account your-email@gmail.com
+```
+
+Follow the instructions:
+1. Visit [https://accounts.google.com/EmbeddedSetup](https://accounts.google.com/EmbeddedSetup) in your browser.
+2. Log in to your Google account.
+3. Open Developer Tools (F12) -> Application/Storage -> Cookies.
+4. Find the `oauth_token` cookie (it starts with `oauth2_4/`).
+5. Copy its value and paste it into the prompt.
+
+The Master Token will be saved to `REDACTED_CREDS_DIR/google_oauth_master_token` for future use.
+
+## Usage
+
+### Root Flags
+- `-a, --account EMAIL`: Set the account email (also can be set via `GOG_ACCOUNT` env var).
+- `-j, --json`: Output as JSON.
+- `-p, --plain`: Output as tab-separated values.
+- `-n, --dry-run`: Do not make changes (mostly for `create` and `delete`).
+
+### Commands
+
+#### List Notes
+```bash
+gogkeep list --account your-email@gmail.com
+```
+
+#### Get Note
+```bash
+gogkeep get <note_id> --account your-email@gmail.com
+```
+
+#### Search Notes
+```bash
+gogkeep search "query text" --account your-email@gmail.com
+```
+
+#### Create Note
+```bash
+gogkeep create --title "My Title" --text "My body text" --account your-email@gmail.com
+```
+
+#### Delete Note
+```bash
+gogkeep delete <note_id> --account your-email@gmail.com
+```
+
+#### Download Attachment
+```bash
+gogkeep attachment <attachment_name> --out local_filename.jpg --account your-email@gmail.com
+```
+Attachment names are in the format `notes/<note_id>/attachments/<attachment_id>`.

gogkeep-0.1.0/pyproject.toml

@@ -0,0 +1,40 @@
+[build-system]
+requires = ["setuptools>=61.0"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "gogkeep"
+version = "0.1.0"
+description = "CLI interface for Google Keep matching gog style"
+authors = [{ name = "John", email = "john@example.com" }]
+dependencies = [
+    "gkeepapi",
+    "gpsoauth",
+    "click",
+    "tabulate",
+    "keyring",
+    "keyrings.alt",
+    "keyring-pass",
+    "cryptography",
+    "websockets>=16.0",
+]
+requires-python = ">=3.12"
+
+[project.scripts]
+gogkeep = "gogkeep.cli:main"
+
+[tool.setuptools.packages.find]
+where = ["src"]
+
+[tool.ruff]
+line-length = 120
+target-version = "py312"
+
+[tool.ruff.lint]
+extend-select = ["I", "UP", "B", "SIM", "N", "RUF"]
+
+[dependency-groups]
+dev = [
+    "pytest>=9.0.3",
+    "ruff>=0.15.10",
+]

gogkeep-0.1.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

gogkeep-0.1.0/src/gogkeep/__init__.py

@@ -0,0 +1 @@
+# gogkeep package

gogkeep-0.1.0/src/gogkeep/__main__.py

@@ -0,0 +1,4 @@
+from .cli import main
+
+if __name__ == "__main__":
+    main()

gogkeep-0.1.0/src/gogkeep/auth.py

@@ -0,0 +1,75 @@
+import click
+import gpsoauth
+
+from .store import get_token, set_default_account, set_token
+
+
+def get_master_token(email: str):
+    try:
+        return get_token("default", email)
+    except KeyError:
+        return None
+
+
+def save_master_token(email: str, token: str):
+    set_token("default", email, token)
+    set_default_account(email, "default")
+
+
+def login_flow(email: str | None = None):
+    from .cdp_auth import find_chrome, get_auth_info_via_browser
+
+    click.echo("--- Google Keep Authentication (Master Token Auth workflow) ---")
+
+    oauth_token = None
+    discovered_email = None
+    chrome_path = find_chrome()
+
+    if chrome_path:
+        click.echo(f"Found compatible browser: {chrome_path}")
+        if click.confirm("Attempt to automate token extraction via browser?"):
+            click.echo("Launching browser... Please log in to your Google account.")
+            discovered_email, oauth_token = get_auth_info_via_browser()
+            if oauth_token:
+                click.echo("Successfully extracted token from browser.")
+                if discovered_email:
+                    click.echo(f"Detected account: {discovered_email}")
+                    email = discovered_email
+            else:
+                click.echo("Failed to extract token automatically.")
+
+    if not oauth_token:
+        click.echo("Manual fallback initialization...")
+        if not email:
+            email = click.prompt("Enter your Google account email")
+        click.echo(f"Account: {email}")
+        click.echo("1. Visit https://accounts.google.com/EmbeddedSetup in your browser.")
+        click.echo("2. Log in to your Google account.")
+        click.echo("3. Open Developer Tools (F12) -> Application/Storage -> Cookies.")
+        click.echo("4. Find the 'oauth_token' cookie (starts with 'oauth2_4/').")
+        click.echo("5. Copy its value.")
+        oauth_token = click.prompt("Enter the 'oauth_token' (oauth2_4/...)")
+
+    # Final check for email if discovery + manual both missed it
+    if not email:
+        email = click.prompt("Enter the email address associated with this token")
+
+    # Use the specific android_id from the gist, some token exchanges require this exact string format or it throws BadAuthentication.
+    android_id = "0123456789abcdef"
+
+    click.echo(f"Exchanging token for Master Token (using android_id: {android_id})...")
+
+    try:
+        response = gpsoauth.exchange_token(email, oauth_token, android_id)
+        if "Token" in response:
+            master_token = response["Token"]
+            save_master_token(email, master_token)
+            click.echo(f"Successfully saved Master Token in keyring for {email}")
+            return master_token
+        else:
+            click.echo("Failed to exchange token. Response from Google:")
+            click.echo(response)
+            return None
+    except Exception as e:
+        click.echo(f"An error occurred: {e}")
+        return None

gogkeep-0.1.0/src/gogkeep/cdp_auth.py

@@ -0,0 +1,199 @@
+import asyncio
+import http.client
+import json
+import os
+import shutil
+import subprocess
+import tempfile
+import time
+
+import websockets
+from websockets.exceptions import ConnectionClosed
+
+
+def find_chrome() -> str | None:
+    """Find a compatible Chrome or Chromium binary."""
+    for bin_name in ["google-chrome", "chromium-browser", "chromium", "chrome"]:
+        path = shutil.which(bin_name)
+        if path:
+            return path
+    return None
+
+
+def is_port_open(port: int) -> bool:
+    import socket
+
+    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
+        s.settimeout(0.1)
+        return s.connect_ex(("localhost", port)) == 0
+
+
+def get_websocket_url(port: int) -> str | None:
+    try:
+        conn = http.client.HTTPConnection("localhost", port)
+        conn.request("GET", "/json")
+        resp = conn.getresponse()
+        if resp.status == 200:
+            data = json.loads(resp.read().decode())
+            best_target = None
+            for item in data:
+                if item.get("type") == "page" and "webSocketDebuggerUrl" in item:
+                    url = item.get("url", "")
+                    title = item.get("title", "")
+                    if "accounts.google.com" in url or "google" in title.lower():
+                        return item["webSocketDebuggerUrl"]
+                    best_target = item["webSocketDebuggerUrl"]
+            return best_target
+    except Exception:
+        pass
+    return None
+
+
+async def watch_auth_info(ws_url: str) -> tuple[str | None, str | None]:
+    print(f"[*] Attaching to CDP: {ws_url}")
+    try:
+        async with websockets.connect(ws_url, ping_interval=None) as ws:
+            next_id = 1
+
+            async def call_cdp(method: str, params: dict | None = None) -> dict:
+                nonlocal next_id
+                req_id = next_id
+                next_id += 1
+                msg = {"id": req_id, "method": method}
+                if params:
+                    msg["params"] = params
+                await ws.send(json.dumps(msg))
+
+                # Consume messages until we find our response
+                while True:
+                    resp_str = await ws.recv()
+                    resp = json.loads(resp_str)
+                    if resp.get("id") == req_id:
+                        return resp
+
+            await call_cdp("Runtime.enable")
+            await call_cdp("Storage.enable")
+            print("[*] CDP domains enabled (Runtime, Storage)")
+
+            email = None
+            token = None
+            start_time = time.time()
+
+            while (time.time() - start_time) < 600:  # 10 minute timeout
+                try:
+                    # 0. Get current URL
+                    await call_cdp("Runtime.evaluate", {"expression": "window.location.href"})
+
+                    # 1. Get cookies (Storage)
+                    storage_resp = await call_cdp("Storage.getCookies")
+
+                    all_cookies = []
+                    all_cookies.extend(storage_resp.get("result", {}).get("cookies", []))
+
+                    found_names = set()
+                    for c in all_cookies:
+                        found_names.add(c["name"])
+                        if c["name"] == "oauth_token":
+                            token = c["value"]
+                        if c["name"] == "Email" and not email:
+                            email = c["value"]
+
+                    # 2. Extract email from AF_initDataCallback (High reliability)
+                    if not email:
+                        js = """
+                        (function() {
+                            const scripts = Array.from(document.querySelectorAll('script'));
+                            for (const s of scripts) {
+                                if (s.innerText.includes('AF_initDataCallback')) {
+                                    try {
+                                        let match = s.innerText.match(/AF_initDataCallback\\(([\\s\\S]*?)\\);?/);
+                                        if (match) {
+                                            let cbData = null;
+                                            const AF_initDataCallback = (obj) => { cbData = obj; };
+                                            eval('AF_initDataCallback(' + match[1] + ')');
+                                            if (cbData && cbData.data && cbData.data[0] && typeof cbData.data[0][0] === 'string' && cbData.data[0][0].includes('@')) {
+                                                return cbData.data[0][0];
+                                            }
+                                        }
+                                    } catch(e) {}
+                                    
+                                    // Fallback to regex
+                                    const emailMatch = s.innerText.match(/[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,}/);
+                                    if (emailMatch) return emailMatch[0];
+                                }
+                            }
+                            return null;
+                        })()
+                        """
+                        email_resp = await call_cdp("Runtime.evaluate", {"expression": js})
+                        res = email_resp.get("result", {}).get("result", {})
+                        if res.get("type") == "string" and res.get("value"):
+                            email = res.get("value")
+                            print(f"[*] Account detected via page data: {email}")
+
+                    if token:
+                        print(f"[!] Success: oauth_token found! (Email: {email or 'Unknown'})")
+                        return email, token
+
+                except ConnectionClosed:
+                    print("[!] Browser connection closed.")
+                    break
+
+                await asyncio.sleep(2)
+
+    except Exception as e:
+        print(f"[!] CDP Error: {e}")
+
+    return None, None
+
+
+def find_free_port() -> int:
+    import socket
+
+    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
+        s.bind(("", 0))
+        return s.getsockname()[1]
+
+
+def get_auth_info_via_browser() -> tuple[str | None, str | None]:
+    chrome_path = find_chrome()
+    if not chrome_path:
+        return None, None
+
+    port = find_free_port()
+    temp_profile_dir = tempfile.mkdtemp(prefix="gogkeep-auth-")
+    url = "https://accounts.google.com/EmbeddedSetup"
+
+    cmd = [
+        chrome_path,
+        f"--remote-debugging-port={port}",
+        f"--user-data-dir={temp_profile_dir}",
+        "--no-first-run",
+        "--no-default-browser-check",
+        url,
+    ]
+
+    proc = subprocess.Popen(cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
+
+    try:
+        ws_url = None
+        for _ in range(20):
+            if is_port_open(port):
+                ws_url = get_websocket_url(port)
+                if ws_url:
+                    break
+            time.sleep(0.5)
+
+        if not ws_url:
+            return None, None
+
+        return asyncio.run(watch_auth_info(ws_url))
+
+    finally:
+        proc.terminate()
+        try:
+            proc.wait(timeout=5)
+        except Exception:
+            proc.kill()
+        if os.path.exists(temp_profile_dir):
+            shutil.rmtree(temp_profile_dir)

gogkeep-0.1.0/src/gogkeep/cli.py

@@ -0,0 +1,307 @@
+import json
+import os
+import sys
+
+import click
+from tabulate import tabulate
+
+from .auth import login_flow
+from .keep import create_note, delete_note, get_keep, get_note, list_notes, search_notes
+
+
+def resolve_account(account):
+    final_account = account or os.getenv("GOGKEEP_ACCOUNT")
+    if not final_account:
+        try:
+            from .store import get_default_account
+
+            final_account = get_default_account("default")
+        except Exception:
+            final_account = None
+    return final_account
+
+
+class RootFlags:
+    def __init__(self, account, output_json=False, plain=False, verbose=False, dry_run=False):
+        self.account = account
+        self.output_json = output_json
+        self.plain = plain
+        self.verbose = verbose
+        self.dry_run = dry_run
+
+
+@click.group()
+@click.option("--account", "-a", help="Account email for Keep API")
+@click.option("--json", "-j", "output_json", is_flag=True, help="Output JSON to stdout")
+@click.option("--plain", "-p", is_flag=True, help="Output stable, parseable text to stdout")
+@click.option("--verbose", "-v", is_flag=True, help="Enable verbose logging")
+@click.option("--dry-run", "-n", is_flag=True, help="Do not make changes")
+@click.pass_context
+def main(ctx, account, output_json, plain, verbose, dry_run):
+    """Google Keep CLI matching gog style."""
+    final_account = resolve_account(account)
+    ctx.obj = RootFlags(final_account, output_json, plain, verbose, dry_run)
+
+
+@main.command()
+@click.pass_obj
+def login(root_flags):
+    """Obtain a Master Token for Keep API access."""
+    login_flow(root_flags.account)
+
+
+def format_date(dt):
+    # Match gogcli's time format if possible.
+    # Usually it's RFC3339-ish.
+    return dt.isoformat()
+
+
+def note_snippet(note):
+    text = getattr(note, "text", "")
+    if not text and hasattr(note, "items"):
+        text = " ".join([f"- {i.text}" for i in note.items[:3]])
+    text = text.replace("\n", " ").strip()
+    if len(text) > 50:
+        text = text[:50] + "..."
+    return text or "(no content)"
+
+
+def print_notes(notes, output_json, plain):
+    if output_json:
+        data = {
+            "notes": [
+                {
+                    "id": n.id,
+                    "name": f"notes/{n.id}",
+                    "title": n.title,
+                    "updated": format_date(n.timestamps.updated),
+                    "created": format_date(n.timestamps.created),
+                    "text": getattr(n, "text", None),
+                    "trashed": n.trashed,
+                }
+                for n in notes
+            ]
+        }
+        click.echo(json.dumps(data, indent=2))
+        return
+
+    if not notes:
+        click.echo("No notes", err=True)
+        return
+
+    table_data = []
+    for n in notes:
+        title = n.title or note_snippet(n)
+        table_data.append([f"notes/{n.id}", title, format_date(n.timestamps.updated)])
+
+    if plain:
+        for row in table_data:
+            click.echo("\t".join(map(str, row)))
+    else:
+        click.echo(tabulate(table_data, headers=["NAME", "TITLE", "UPDATED"], tablefmt="plain", disable_numparse=True))
+
+
+@main.command(name="list")
+@click.option("--max", "limit", default=100, help="Max results")
+@click.pass_obj
+def list_cmd(root_flags, limit):
+    """List notes."""
+    if not root_flags.account:
+        click.echo("Error: --account is required.", err=True)
+        sys.exit(1)
+
+    try:
+        keep = get_keep(root_flags.account)
+        notes = list_notes(keep, max_results=limit)
+        print_notes(notes, root_flags.output_json, root_flags.plain)
+    except Exception as e:
+        click.echo(f"Error: {e}", err=True)
+        sys.exit(1)
+
+
+@main.command()
+@click.argument("query")
+@click.pass_obj
+def search(root_flags, query):
+    """Search notes by text."""
+    if not root_flags.account:
+        click.echo("Error: --account is required.", err=True)
+        sys.exit(1)
+
+    try:
+        keep = get_keep(root_flags.account)
+        notes = search_notes(keep, query)
+        print_notes(notes, root_flags.output_json, root_flags.plain)
+    except Exception as e:
+        click.echo(f"Error: {e}", err=True)
+        sys.exit(1)
+
+
+@main.command()
+@click.argument("note_id")
+@click.pass_obj
+def get(root_flags, note_id):
+    """Get a note's details."""
+    if not root_flags.account:
+        click.echo("Error: --account is required.", err=True)
+        sys.exit(1)
+
+    try:
+        keep = get_keep(root_flags.account)
+        note = get_note(keep, note_id)
+        if not note:
+            click.echo(f"Note not found: {note_id}", err=True)
+            sys.exit(1)
+
+        if root_flags.output_json:
+            click.echo(
+                json.dumps(
+                    {
+                        "id": note.id,
+                        "name": f"notes/{note.id}",
+                        "title": note.title,
+                        "created": format_date(note.timestamps.created),
+                        "updated": format_date(note.timestamps.updated),
+                        "text": getattr(note, "text", None),
+                        "items": [{"text": i.text, "checked": i.checked} for i in note.items]
+                        if hasattr(note, "items")
+                        else None,
+                        "trashed": note.trashed,
+                    },
+                    indent=2,
+                )
+            )
+            return
+
+        click.echo(f"name\tnotes/{note.id}")
+        click.echo(f"title\t{note.title}")
+        click.echo(f"created\t{format_date(note.timestamps.created)}")
+        click.echo(f"updated\t{format_date(note.timestamps.updated)}")
+        click.echo(f"trashed\t{note.trashed}")
+
+        click.echo("")
+        if hasattr(note, "text") and note.text:
+            click.echo(note.text)
+        elif hasattr(note, "items"):
+            for item in note.items:
+                status = "[x]" if item.checked else "[ ]"
+                click.echo(f"{status} {item.text}")
+
+        # Attachments (images, audio, etc)
+        blobs = []
+        if hasattr(note, "images"):
+            blobs.extend(note.images)
+        if hasattr(note, "drawings"):
+            blobs.extend(note.drawings)
+        if hasattr(note, "audio"):
+            blobs.extend(note.audio)
+        if blobs:
+            click.echo("")
+            click.echo(f"attachments\t{len(blobs)}")
+            for b in blobs:
+                click.echo(f"  notes/{note.id}/attachments/{b.id}\t{getattr(b, 'type', 'blob')}")
+    except Exception as e:
+        click.echo(f"Error: {e}", err=True)
+        sys.exit(1)
+
+
+@main.command()
+@click.option("--title", help="Note title")
+@click.option("--text", help="Note body text")
+@click.option("--item", "items", multiple=True, help="List item text (repeatable)")
+@click.pass_obj
+def create(root_flags, title, text, items):
+    """Create a new note."""
+    if not root_flags.account:
+        click.echo("Error: --account is required for login.", err=True)
+        sys.exit(1)
+
+    if not text and not items:
+        click.echo("Error: provide --text or at least one --item", err=True)
+        sys.exit(1)
+
+    try:
+        keep = get_keep(root_flags.account)
+        note = create_note(keep, title or "", text=text, items=items)
+        if root_flags.output_json:
+            click.echo(
+                json.dumps(
+                    {
+                        "id": note.id,
+                        "name": f"notes/{note.id}",
+                        "title": note.title,
+                        "created": format_date(note.timestamps.created),
+                    },
+                    indent=2,
+                )
+            )
+        else:
+            click.echo(f"name\tnotes/{note.id}")
+            click.echo(f"title\t{note.title}")
+            click.echo(f"created\t{format_date(note.timestamps.created)}")
+    except Exception as e:
+        click.echo(f"Error: {e}", err=True)
+        sys.exit(1)
+
+
+@main.command()
+@click.argument("note_id")
+@click.pass_obj
+def delete(root_flags, note_id):
+    """Delete a note."""
+    if not root_flags.account:
+        click.echo("Error: --account is required.", err=True)
+        sys.exit(1)
+
+    try:
+        keep = get_keep(root_flags.account)
+        if delete_note(keep, note_id):
+            if root_flags.output_json:
+                click.echo(json.dumps({"deleted": True, "name": f"notes/{note_id}"}))
+            else:
+                click.echo("deleted\tTrue")
+                click.echo(f"name\tnotes/{note_id}")
+        else:
+            click.echo(f"Error: Note not found: {note_id}", err=True)
+            sys.exit(1)
+    except Exception as e:
+        click.echo(f"Error: {e}", err=True)
+        sys.exit(1)
+
+
+@main.command()
+@click.argument("attachment_name")
+@click.option("--out", help="Output file path")
+@click.pass_obj
+def attachment(root_flags, attachment_name, out):
+    """Download an attachment."""
+    if not root_flags.account:
+        click.echo("Error: --account is required.", err=True)
+        sys.exit(1)
+
+    out_path = out
+    if not out_path:
+        parts = attachment_name.split("/")
+        out_path = parts[-1]
+
+    try:
+        keep = get_keep(root_flags.account)
+        from .keep import download_attachment
+
+        bytes_written = download_attachment(keep, attachment_name, out_path)
+        if bytes_written > 0:
+            if root_flags.output_json:
+                click.echo(json.dumps({"downloaded": True, "path": out_path, "bytes": bytes_written}))
+            else:
+                click.echo(f"path\t{out_path}")
+                click.echo(f"bytes\t{bytes_written}")
+        else:
+            click.echo(f"Error: Attachment not found: {attachment_name}", err=True)
+            sys.exit(1)
+    except Exception as e:
+        click.echo(f"Error: {e}", err=True)
+        sys.exit(1)
+
+
+if __name__ == "__main__":
+    main()

gogkeep-0.1.0/src/gogkeep/keep.py

@@ -0,0 +1,104 @@
+import hashlib
+
+import gkeepapi
+
+from .auth import get_master_token
+
+
+def get_keep(email):
+    master_token = get_master_token(email)
+    if not master_token:
+        raise Exception("No master token found. Run 'gogkeep login' first.")
+
+    # Ensure android_id is consistent with the one used during exchange.
+    android_id = hashlib.md5(email.encode()).hexdigest()[:16]
+
+    keep = gkeepapi.Keep()
+
+    try:
+        # device_id must match the one used to exchange the token.
+        keep.authenticate(email, master_token, device_id=android_id)
+        return keep
+    except gkeepapi.exception.LoginException as e:
+        raise Exception(f"Login failed: {e}. You may need to run 'gogkeep login' again.") from e
+
+
+def list_notes(keep, max_results=100):
+    notes = list(keep.find(trashed=False))[:max_results]
+    return notes
+
+
+def search_notes(keep, query):
+    q = query.lower()
+
+    def search_func(n):
+        if q in n.title.lower():
+            return True
+        if hasattr(n, "text") and q in n.text.lower():
+            return True
+        if hasattr(n, "items"):
+            for item in n.items:
+                if q in item.text.lower():
+                    return True
+        return False
+
+    notes = list(keep.find(func=search_func, trashed=False))
+    return notes
+
+
+def get_note(keep, note_id):
+    # gkeepapi's get() takes an ID.
+    note = keep.get(note_id)
+    return note
+
+
+def create_note(keep, title, text=None, items=None):
+    if text:
+        note = keep.createNote(title, text)
+    elif items:
+        note = keep.createList(title, items)
+    else:
+        note = keep.createNote(title, "")
+    keep.sync()
+    return note
+
+
+def delete_note(keep, note_id):
+    note = keep.get(note_id)
+    if note:
+        note.delete()
+        keep.sync()
+        return True
+    return False
+
+
+def download_attachment(keep, attachment_name, out_path):
+    # attachment_name: notes/<noteId>/attachments/<attachmentId>
+    parts = attachment_name.split("/")
+    if len(parts) < 4:
+        raise Exception("Invalid attachment name format. Expected: notes/<noteId>/attachments/<attachmentId>")
+    note_id = parts[1]
+    attachment_id = parts[3]
+
+    note = keep.get(note_id)
+    if not note:
+        raise Exception(f"Note not found: {note_id}")
+
+    # Search in images, drawings, audio
+    # gkeepapi uses different attributes for different types of blobs
+    blobs = []
+    if hasattr(note, "images"):
+        blobs.extend(note.images)
+    if hasattr(note, "drawings"):
+        blobs.extend(note.drawings)
+    if hasattr(note, "audio"):
+        blobs.extend(note.audio)
+
+    for att in blobs:
+        if att.id == attachment_id:
+            blob = att.get_blob()
+            data = blob.read()
+            with open(out_path, "wb") as f:
+                f.write(data)
+            return len(data)
+    return 0

gogkeep-0.1.0/src/gogkeep/store.py

@@ -0,0 +1,160 @@
+import concurrent.futures
+import contextlib
+import getpass
+import json
+import os
+import platform
+import sys
+
+SERVICE_NAME = "gogkeep"
+
+_backend_cache = None
+
+
+def get_keyring_backend():
+    """Resolve and return the appropriate keyring backend based on platform and env vars."""
+    global _backend_cache
+    if _backend_cache is not None:
+        return _backend_cache
+
+    backend_env = os.environ.get("GOGKEEP_KEYRING_BACKEND", "auto")
+
+    selected_backend = None
+
+    # gogcli logic: Force file backend on linux if no DBus session (common on headless/wsl/docker)
+    dbus_addr = os.environ.get("DBUS_SESSION_BUS_ADDRESS")
+    if platform.system() == "Linux" and backend_env == "auto" and not dbus_addr:
+        backend_env = "file"
+
+    if backend_env == "auto":
+        from keyring.backend import get_all_keyring
+
+        all_backends = sorted(get_all_keyring(), key=lambda x: x.priority, reverse=True)
+
+        candidate = None
+        for be in all_backends:
+            if be.priority >= 1 and "keyrings.alt" not in str(be.__class__):
+                candidate = be
+                break
+
+        if candidate:
+            if platform.system() == "Linux" and "SecretService" in str(candidate.__class__):
+
+                def check_native():
+                    with contextlib.suppress(Exception):
+                        candidate.get_credential("test", "test")
+
+                with concurrent.futures.ThreadPoolExecutor(max_workers=1) as executor:
+                    future = executor.submit(check_native)
+                    try:
+                        future.result(timeout=5)
+                        selected_backend = candidate
+                    except concurrent.futures.TimeoutError:
+                        backend_env = "file"
+            else:
+                selected_backend = candidate
+        else:
+            backend_env = "file"
+
+    if backend_env == "keychain" and platform.system() == "Darwin":
+        from keyring.backends.macOS import Keyring
+
+        selected_backend = Keyring()
+
+    # Isolated Encrypted File Backend Fallback
+    if backend_env == "file" or selected_backend is None:
+        try:
+            from keyrings.alt.file import EncryptedKeyring
+
+            class IsolatedEncryptedKeyring(EncryptedKeyring):
+                @property
+                def file_path(self):
+                    custom_dir = os.environ.get("GOGKEEP_KEYRING_PATH", os.path.expanduser("~/.config/gogkeep"))
+                    os.makedirs(custom_dir, exist_ok=True)
+                    return os.path.join(custom_dir, "crypted_pass.cfg")
+
+                def _get_keyring_key(self):
+                    env_pwd = os.environ.get("GOGKEEP_KEYRING_PASSWORD")
+                    if env_pwd is not None:
+                        return env_pwd
+
+                    if not sys.stdin.isatty():
+                        raise RuntimeError("Not a TTY and GOGKEEP_KEYRING_PASSWORD not set for file backend.")
+
+                    val = getpass.getpass("Password for encrypted keyring: ")
+                    os.environ["GOGKEEP_KEYRING_PASSWORD"] = val
+                    return val
+
+                @property
+                def keyring_key(self):
+                    return self._get_keyring_key()
+
+            selected_backend = IsolatedEncryptedKeyring()
+        except ImportError:
+            from keyring.backends.null import Keyring as NullKeyring
+
+            selected_backend = NullKeyring()
+
+    _backend_cache = selected_backend
+    return selected_backend
+
+
+def set_token(client: str, email: str, token: str, backend_override=None):
+    kr = backend_override or get_keyring_backend()
+    key = f"token:{client}:{email}"
+    kr.set_password(SERVICE_NAME, key, token)
+
+    if platform.system() == "Darwin" and "macOS" in str(kr.__class__):
+        validated = kr.get_password(SERVICE_NAME, key)
+        if not validated:
+            kr.set_password(SERVICE_NAME, key, token)
+
+
+def get_token(client: str, email: str, backend_override=None) -> str | None:
+    kr = backend_override or get_keyring_backend()
+    primary_key = f"token:{client}:{email}"
+    legacy_key = f"token:{email}"
+
+    with contextlib.redirect_stderr(open(os.devnull, "w")):
+        try:
+            data = kr.get_password(SERVICE_NAME, primary_key)
+        except Exception:
+            data = None
+
+        if data is None and client == "default":
+            try:
+                data = kr.get_password(SERVICE_NAME, legacy_key)
+                if data is not None:
+                    kr.set_password(SERVICE_NAME, primary_key, data)
+            except Exception:
+                data = None
+
+    if data is None:
+        raise KeyError("Token not found")
+
+    if isinstance(data, str) and data.startswith("{"):
+        try:
+            return json.loads(data).get("master_token", data)
+        except json.JSONDecodeError:
+            pass
+
+    return data
+
+
+def get_default_account(client: str = "default", backend_override=None) -> str | None:
+    kr = backend_override or get_keyring_backend()
+    with contextlib.redirect_stderr(open(os.devnull, "w")):
+        try:
+            account = kr.get_password(SERVICE_NAME, f"default_account:{client}")
+            if not account:
+                account = kr.get_password(SERVICE_NAME, "default_account")
+            if not account:
+                account = kr.get_password("gogkeep", "last_used")
+        except Exception:
+            return None
+    return account
+
+
+def set_default_account(email: str, client: str = "default", backend_override=None):
+    kr = backend_override or get_keyring_backend()
+    kr.set_password(SERVICE_NAME, f"default_account:{client}", email)

gogkeep-0.1.0/src/gogkeep.egg-info/PKG-INFO

@@ -0,0 +1,17 @@
+Metadata-Version: 2.4
+Name: gogkeep
+Version: 0.1.0
+Summary: CLI interface for Google Keep matching gog style
+Author-email: John <john@example.com>
+Requires-Python: >=3.12
+License-File: LICENSE
+Requires-Dist: gkeepapi
+Requires-Dist: gpsoauth
+Requires-Dist: click
+Requires-Dist: tabulate
+Requires-Dist: keyring
+Requires-Dist: keyrings.alt
+Requires-Dist: keyring-pass
+Requires-Dist: cryptography
+Requires-Dist: websockets>=16.0
+Dynamic: license-file

gogkeep-0.1.0/src/gogkeep.egg-info/SOURCES.txt

@@ -0,0 +1,17 @@
+LICENSE
+README.md
+pyproject.toml
+src/gogkeep/__init__.py
+src/gogkeep/__main__.py
+src/gogkeep/auth.py
+src/gogkeep/cdp_auth.py
+src/gogkeep/cli.py
+src/gogkeep/keep.py
+src/gogkeep/store.py
+src/gogkeep.egg-info/PKG-INFO
+src/gogkeep.egg-info/SOURCES.txt
+src/gogkeep.egg-info/dependency_links.txt
+src/gogkeep.egg-info/entry_points.txt
+src/gogkeep.egg-info/requires.txt
+src/gogkeep.egg-info/top_level.txt
+tests/test_cli.py

gogkeep-0.1.0/src/gogkeep.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

gogkeep-0.1.0/src/gogkeep.egg-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+gogkeep = gogkeep.cli:main

gogkeep-0.1.0/src/gogkeep.egg-info/requires.txt

@@ -0,0 +1,9 @@
+gkeepapi
+gpsoauth
+click
+tabulate
+keyring
+keyrings.alt
+keyring-pass
+cryptography
+websockets>=16.0

gogkeep-0.1.0/src/gogkeep.egg-info/top_level.txt

@@ -0,0 +1 @@
+gogkeep

gogkeep-0.1.0/tests/test_cli.py

@@ -0,0 +1,80 @@
+import unittest
+from unittest.mock import MagicMock, patch
+
+from click.testing import CliRunner
+
+from gogkeep.cli import main
+
+
+class TestCLI(unittest.TestCase):
+    def setUp(self):
+        self.runner = CliRunner()
+
+    @patch("gogkeep.cli.get_keep")
+    @patch("gogkeep.cli.list_notes")
+    def test_list_command(self, mock_list_notes, mock_get_keep):
+        # Mock note object
+        mock_note = MagicMock()
+        mock_note.id = "abc123"
+        mock_note.title = "Test Note"
+        mock_note.timestamps.updated.isoformat.return_value = "2024-01-01T00:00:00Z"
+        mock_note.trashed = False
+
+        mock_list_notes.return_value = [mock_note]
+
+        result = self.runner.invoke(main, ["-a", "test@example.com", "list"])
+
+        self.assertEqual(result.exit_code, 0)
+        self.assertIn("NAME", result.output)
+        self.assertIn("TITLE", result.output)
+        self.assertIn("UPDATED", result.output)
+        self.assertIn("notes/abc123", result.output)
+        self.assertIn("Test Note", result.output)
+
+    @patch("gogkeep.cli.get_keep")
+    @patch("gogkeep.cli.get_note")
+    def test_get_command(self, mock_get_note, mock_get_keep):
+        # Mock note object
+        mock_note = MagicMock()
+        mock_note.id = "abc123"
+        mock_note.title = "Test Note"
+        mock_note.timestamps.created.isoformat.return_value = "2024-01-01T00:00:00Z"
+        mock_note.timestamps.updated.isoformat.return_value = "2024-01-02T00:00:00Z"
+        mock_note.text = "Hello World"
+        mock_note.trashed = False
+        mock_note.images = []
+        mock_note.drawings = []
+        mock_note.audio = []
+
+        mock_get_note.return_value = mock_note
+
+        result = self.runner.invoke(main, ["-a", "test@example.com", "get", "abc123"])
+
+        self.assertEqual(result.exit_code, 0)
+        self.assertIn("name\tnotes/abc123", result.output)
+        self.assertIn("title\tTest Note", result.output)
+        self.assertIn("Hello World", result.output)
+
+    @patch("gogkeep.cli.get_keep")
+    @patch("gogkeep.cli.create_note")
+    def test_create_command(self, mock_create_note, mock_get_keep):
+        # Mock note object
+        mock_note = MagicMock()
+        mock_note.id = "new123"
+        mock_note.title = "New Note"
+        mock_note.timestamps.created.isoformat.return_value = "2024-01-01T00:00:00Z"
+
+        mock_create_note.return_value = mock_note
+
+        result = self.runner.invoke(
+            main, ["-a", "test@example.com", "create", "--title", "New Note", "--text", "content"]
+        )
+
+        self.assertEqual(result.exit_code, 0)
+        self.assertIn("name\tnotes/new123", result.output)
+        self.assertIn("title\tNew Note", result.output)
+        self.assertIn("created\t2024-01-01T00:00:00Z", result.output)
+
+
+if __name__ == "__main__":
+    unittest.main()