skout23/google_calendar_events_quick_scanner.py

## google_calendar_events_quick_scanner.py
# Futures
from __future__ import print_function

# Built-in/Generic Imports
import datetime
import pickle
import os.path
import re

# Libs
from googleapiclient.discovery import build
from google_auth_oauthlib.flow import InstalledAppFlow
from google.auth.transport.requests import Request


# If modifying these scopes, delete the file token.pickle.
SCOPES = ['https://www.googleapis.com/auth/calendar.readonly']


CALENDAR_OWNER = 'possibly_leaked_users_calendar@googledomain.example'

def main():
    """
    Most of the auth portions are ripped from the Python Quickstart guide found at
      - https://developers.google.com/calendar/quickstart/python
      - for this to work, you MUST follow the sample and authorize the token you download
      - next you need to subscribe to CALENDAR_OWNER calednar
      - this searches events in CALENDAR_OWNER cal going back 10 years and 30 days into the future
    """
    creds = None
    # The file token.pickle stores the user's access and refresh tokens, and is
    # created automatically when the authorization flow completes for the first
    # time.
    if os.path.exists('token.pickle'):
        with open('token.pickle', 'rb') as token:
            creds = pickle.load(token)
    # If there are no (valid) credentials available, let the user log in.
    if not creds or not creds.valid:
        if creds and creds.expired and creds.refresh_token:
            creds.refresh(Request())
        else:
            flow = InstalledAppFlow.from_client_secrets_file(
                'credentials.json', SCOPES)
            creds = flow.run_local_server(port=0)
        # Save the credentials for the next run
        with open('token.pickle', 'wb') as token:
            pickle.dump(creds, token)

    service = build('calendar', 'v3', credentials=creds)

    # Set start time (timeMin) of the event search 10 years in the past
    time_start = (datetime.datetime.now() - datetime.timedelta(days=10*365)).isoformat() + 'Z'

    # Set end time (timeMax) of the event search 30 days in the future
    time_next_month = (datetime.datetime.now() + datetime.timedelta(days=30)).isoformat() + 'Z'

    # Set empty page_token to iterate over all possible events in the timeframe
    page_token = None

    # zero out the various hit counters on the regex searches
    # TODO combine these to a single list
    event_count = 0
    code_count = 0
    password_count = 0
    secret_count = 0
    zoom_count = 0

    # Start event list search and pagenate over the list with pageToken until it is empty again
    print('Getting the backlog of events')
    while True:
        events = service.events().list(calendarId=CALENDAR_OWNER,
                                    timeMax=time_next_month,
                                    timeMin=time_start,
                                    maxResults=2500, singleEvents=True,
                                    orderBy='startTime',
                                    pageToken=page_token).execute()

        for event in events['items']:
            start = event['start'].get('dateTime', event['start'].get('date'))
            event_count += 1
            try:
                # TODO possibly build a complete list of events and then list comprehension all these regex searches
                if re.search('code', event['description'], re.IGNORECASE):
                    if re.search('zoom meeting', event['description'], re.IGNORECASE):
                        # we are ignoring hits on Zoom call codes
                        zoom_count += 1
                        continue
                    else:
                        code_count += 1
                        print("CODE found in\t" + start, event['summary'] + "\t" + event['htmlLink'])
                if re.search('password', event['description'], re.IGNORECASE):
                    password_count += 1
                    print("PASSWORD found in\t" + start, event['summary'] + "\t" +  event['htmlLink'])
                if re.search('secret', event['description'], re.IGNORECASE):
                    secret_count += 1
                    print("SECRET found in\t" + start, event['summary'] + "\t" +  event['htmlLink'])
            except KeyError:
                # TODO logger this as INFO
                # print("no summary or description found for %s", event['etag'])
                continue
        page_token = events.get('nextPageToken')
        if not page_token:
            break
    # TODO come up with better stats, and logger these print()'s
    print(f"Events: {event_count}\tZooms: {zoom_count}\tCodes: {code_count}\tPasswords: {password_count}\tSecrets: {secret_count}")
    exit()

if __name__ == '__main__':
    main()
	# Futures
	from __future__ import print_function

	# Built-in/Generic Imports
	import datetime
	import pickle
	import os.path
	import re

	# Libs
	from googleapiclient.discovery import build
	from google_auth_oauthlib.flow import InstalledAppFlow
	from google.auth.transport.requests import Request


	# If modifying these scopes, delete the file token.pickle.
	SCOPES = ['https://www.googleapis.com/auth/calendar.readonly']


	CALENDAR_OWNER = 'possibly_leaked_users_calendar@googledomain.example'

	def main():
	"""
	Most of the auth portions are ripped from the Python Quickstart guide found at
	- https://developers.google.com/calendar/quickstart/python
	- for this to work, you MUST follow the sample and authorize the token you download
	- next you need to subscribe to CALENDAR_OWNER calednar
	- this searches events in CALENDAR_OWNER cal going back 10 years and 30 days into the future
	"""
	creds = None
	# The file token.pickle stores the user's access and refresh tokens, and is
	# created automatically when the authorization flow completes for the first
	# time.
	if os.path.exists('token.pickle'):
	with open('token.pickle', 'rb') as token:
	creds = pickle.load(token)
	# If there are no (valid) credentials available, let the user log in.
	if not creds or not creds.valid:
	if creds and creds.expired and creds.refresh_token:
	creds.refresh(Request())
	else:
	flow = InstalledAppFlow.from_client_secrets_file(
	'credentials.json', SCOPES)
	creds = flow.run_local_server(port=0)
	# Save the credentials for the next run
	with open('token.pickle', 'wb') as token:
	pickle.dump(creds, token)

	service = build('calendar', 'v3', credentials=creds)

	# Set start time (timeMin) of the event search 10 years in the past
	time_start = (datetime.datetime.now() - datetime.timedelta(days=10*365)).isoformat() + 'Z'

	# Set end time (timeMax) of the event search 30 days in the future
	time_next_month = (datetime.datetime.now() + datetime.timedelta(days=30)).isoformat() + 'Z'

	# Set empty page_token to iterate over all possible events in the timeframe
	page_token = None

	# zero out the various hit counters on the regex searches
	# TODO combine these to a single list
	event_count = 0
	code_count = 0
	password_count = 0
	secret_count = 0
	zoom_count = 0

	# Start event list search and pagenate over the list with pageToken until it is empty again
	print('Getting the backlog of events')
	while True:
	events = service.events().list(calendarId=CALENDAR_OWNER,
	timeMax=time_next_month,
	timeMin=time_start,
	maxResults=2500, singleEvents=True,
	orderBy='startTime',
	pageToken=page_token).execute()

	for event in events['items']:
	start = event['start'].get('dateTime', event['start'].get('date'))
	event_count += 1
	try:
	# TODO possibly build a complete list of events and then list comprehension all these regex searches
	if re.search('code', event['description'], re.IGNORECASE):
	if re.search('zoom meeting', event['description'], re.IGNORECASE):
	# we are ignoring hits on Zoom call codes
	zoom_count += 1
	continue
	else:
	code_count += 1
	print("CODE found in\t" + start, event['summary'] + "\t" + event['htmlLink'])
	if re.search('password', event['description'], re.IGNORECASE):
	password_count += 1
	print("PASSWORD found in\t" + start, event['summary'] + "\t" + event['htmlLink'])
	if re.search('secret', event['description'], re.IGNORECASE):
	secret_count += 1
	print("SECRET found in\t" + start, event['summary'] + "\t" + event['htmlLink'])
	except KeyError:
	# TODO logger this as INFO
	# print("no summary or description found for %s", event['etag'])
	continue
	page_token = events.get('nextPageToken')
	if not page_token:
	break
	# TODO come up with better stats, and logger these print()'s
	print(f"Events: {event_count}\tZooms: {zoom_count}\tCodes: {code_count}\tPasswords: {password_count}\tSecrets: {secret_count}")
	exit()

	if __name__ == '__main__':
	main()