lib sources restructuring
This commit is contained in:
Roman Krček
121
src/lib/google/auth/client.ts
Normal file
121
src/lib/google/auth/client.ts
Normal file
@@ -0,0 +1,121 @@
|
||||
import { browser } from '$app/environment';
|
||||
|
||||
// Client-side only functions
|
||||
export const scopes = [
|
||||
'https://www.googleapis.com/auth/gmail.send',
|
||||
'https://www.googleapis.com/auth/userinfo.email',
|
||||
'https://www.googleapis.com/auth/drive.readonly',
|
||||
'https://www.googleapis.com/auth/spreadsheets.readonly'
|
||||
];
|
||||
|
||||
/**
|
||||
* Initialize Google Auth (placeholder for client-side)
|
||||
*/
|
||||
export async function initGoogleAuth(): Promise<void> {
|
||||
if (!browser) return;
|
||||
// Google Auth initialization is handled by the OAuth flow
|
||||
// No initialization needed for our server-side approach
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the Google Auth URL
|
||||
* @returns URL for Google OAuth
|
||||
*/
|
||||
export function getAuthUrl(): string {
|
||||
if (!browser) return '';
|
||||
// This should be obtained from the server
|
||||
return '/auth/google';
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if an access token is valid
|
||||
* @param accessToken - Google access token to validate
|
||||
* @returns True if the token is valid
|
||||
*/
|
||||
export async function isTokenValid(accessToken: string): Promise<boolean> {
|
||||
if (!browser) return false;
|
||||
|
||||
try {
|
||||
const response = await fetch(`https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=${accessToken}`);
|
||||
const data = await response.json();
|
||||
|
||||
if (response.ok && data.expires_in && data.expires_in > 0) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
} catch (error) {
|
||||
console.error('Error validating token:', error);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Refresh an access token using the refresh token
|
||||
* @param refreshToken - Google refresh token
|
||||
* @returns New access token or null if failed
|
||||
*/
|
||||
export async function refreshAccessToken(refreshToken: string): Promise<string | null> {
|
||||
try {
|
||||
const response = await fetch('/private/api/google/auth/refresh', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'Content-Type': 'application/json'
|
||||
},
|
||||
body: JSON.stringify({ refreshToken })
|
||||
});
|
||||
|
||||
if (response.ok) {
|
||||
const data = await response.json();
|
||||
return data.accessToken;
|
||||
}
|
||||
return null;
|
||||
} catch (error) {
|
||||
console.error('Error refreshing token:', error);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get Google user information
|
||||
* @param accessToken - Google access token
|
||||
* @returns User info including email, name, and picture
|
||||
*/
|
||||
export async function getUserInfo(accessToken: string): Promise<{ email: string; name: string; picture: string } | null> {
|
||||
try {
|
||||
const response = await fetch('/private/api/google/auth/userinfo', {
|
||||
headers: {
|
||||
'Authorization': `Bearer ${accessToken}`
|
||||
}
|
||||
});
|
||||
|
||||
if (response.ok) {
|
||||
return await response.json();
|
||||
}
|
||||
return null;
|
||||
} catch (error) {
|
||||
console.error('Error fetching user info:', error);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Revoke a Google access token
|
||||
* @param accessToken - Google access token to revoke
|
||||
* @returns True if revocation was successful
|
||||
*/
|
||||
export async function revokeToken(accessToken: string): Promise<boolean> {
|
||||
try {
|
||||
const response = await fetch('/private/api/google/auth/revoke', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'Content-Type': 'application/json'
|
||||
},
|
||||
body: JSON.stringify({ accessToken })
|
||||
});
|
||||
|
||||
return response.ok;
|
||||
} catch (error) {
|
||||
console.error('Error revoking token:', error);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
57
src/lib/google/auth/server.ts
Normal file
57
src/lib/google/auth/server.ts
Normal file
@@ -0,0 +1,57 @@
|
||||
import { google } from 'googleapis';
|
||||
import { env } from '$env/dynamic/private';
|
||||
|
||||
// Define OAuth scopes for the Google APIs we need to access
|
||||
export const scopes = [
|
||||
'https://www.googleapis.com/auth/gmail.send',
|
||||
'https://www.googleapis.com/auth/userinfo.email',
|
||||
'https://www.googleapis.com/auth/drive.readonly',
|
||||
'https://www.googleapis.com/auth/spreadsheets.readonly'
|
||||
];
|
||||
|
||||
/**
|
||||
* Create a new OAuth2 client instance
|
||||
* @returns Google OAuth2 client
|
||||
*/
|
||||
export function getOAuthClient() {
|
||||
return new google.auth.OAuth2(
|
||||
env.GOOGLE_CLIENT_ID,
|
||||
env.GOOGLE_CLIENT_SECRET,
|
||||
env.GOOGLE_REDIRECT_URI
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a authentication URL for OAuth flow
|
||||
* @returns Auth URL for Google OAuth
|
||||
*/
|
||||
export function createAuthUrl() {
|
||||
return getOAuthClient().generateAuthUrl({
|
||||
access_type: 'offline',
|
||||
prompt: 'consent',
|
||||
scope: scopes,
|
||||
redirect_uri: env.GOOGLE_REDIRECT_URI
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Exchange the authorization code for access and refresh tokens
|
||||
* @param code - Authorization code from OAuth callback
|
||||
* @returns Access and refresh tokens
|
||||
*/
|
||||
export async function exchangeCodeForTokens(code: string) {
|
||||
const { tokens } = await getOAuthClient().getToken(code);
|
||||
if (!tokens.refresh_token) throw new Error('No refresh_token returned');
|
||||
return tokens;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get an authenticated client using a refresh token
|
||||
* @param refreshToken - Refresh token for authentication
|
||||
* @returns Authenticated OAuth2 client
|
||||
*/
|
||||
export function getAuthenticatedClient(refreshToken: string) {
|
||||
const oauth = getOAuthClient();
|
||||
oauth.setCredentials({ refresh_token: refreshToken });
|
||||
return oauth;
|
||||
}
|
||||
Reference in New Issue
Block a user