google signin token verification (#60)

data/lib/repositories/auth_repository_impl.dart

@@ -203,7 +203,7 @@ class AuthRepositoryImpl implements AuthRepository {
   Future<String> validateAppleToken(String identityToken) async {
     final baseURL = await apiEnvironmentRepository.getBaseUrl();
     final url =
-    Uri.parse('http://localhost:8080/api/auth/sign_in_with_apple');
+    Uri.parse('$baseURL/auth/sign_in_with_apple');
     final response = await client.post(
       url,
       headers: {
@@ -227,4 +227,34 @@ class AuthRepositoryImpl implements AuthRepository {
     }
     return email;
   }
+
+  @override
+  Future<bool> validateGoogleToken(String idToken) async {
+    final baseURL = await apiEnvironmentRepository.getBaseUrl();
+    final url = Uri.parse('$baseURL/auth/sign_in_with_google');
+
+    try {
+      final response = await client.post(
+        url,
+        headers: {
+          'Content-Type': 'application/json',
+        },
+        body: jsonEncode({
+          'idToken': idToken,
+        }),
+      );
+
+      if (response.statusCode == 200) {
+        print('Token validated successfully');
+        return true; // Validation succeeded
+      } else {
+        print('Token validation failed: ${response.body}');
+        return false; // Validation failed
+      }
+    } catch (e) {
+      print('Error during token validation: $e');
+      throw Exception('Failed to validate token');
+    }
+  }
+
 }

domain/lib/repositories_abstract/auth_repository.dart

@@ -12,4 +12,5 @@ abstract class AuthRepository {
   Future<String> updatePassword(String newPassword);
   Future<String> syncUser(String? displayName, String email, String? photoUrl);
   Future<String> validateAppleToken(String identityToken);
+  Future<bool> validateGoogleToken(String idToken);
 }

domain/lib/usecases/auth_usecase.dart

@@ -69,6 +69,9 @@ class AuthUseCase {
     String email = await repository.validateAppleToken(identityToken);
     return email;
   }
-
+  Future<bool> validateGoogleToken(String idToken) async {
+    bool response =  await repository.validateGoogleToken(idToken);
+    return response;
+  }
 
 }

lib/presentation/settings/viewModels/login_view_model.dart

@@ -38,8 +38,7 @@ class LoginViewModel extends ChangeNotifier {
 
   void updateButtonState(String email, String password) {
     final isEmailValid = RegExp(r'^[^@]+@[^@]+\.[^@]+').hasMatch(email);
-    _isButtonEnabled =
-        isEmailValid && password.isNotEmpty && password.length >= 6;
+    _isButtonEnabled = isEmailValid && password.isNotEmpty && password.length >= 6;
     notifyListeners();
   }
 
@@ -60,8 +59,7 @@ class LoginViewModel extends ChangeNotifier {
     }
   }
 
-  static String GOOGLE_SIGNIN_CLIENT_ID_WEB =
-      dotenv.env['GOOGLE_SIGNIN_CLIENT_ID_WEB'] ?? "";
+  static String GOOGLE_SIGNIN_CLIENT_ID_WEB = dotenv.env['GOOGLE_SIGNIN_CLIENT_ID_WEB'] ?? "";
 
   bool _isSigningIn = false;
   bool get isSigningIn => _isSigningIn;
@@ -76,21 +74,34 @@ class LoginViewModel extends ChangeNotifier {
       if (kIsWeb) {
         googleSignIn = GoogleSignIn(
           clientId: GOOGLE_SIGNIN_CLIENT_ID_WEB,
-          scopes: <String>['email'],
+          scopes: <String>['email', 'openid', 'profile'],
         );
+        GoogleSignInAccount? _user = await googleSignIn.signIn();
+        await syncUser(_user?.displayName, _user!.email, _user?.photoUrl);
+        notifyListeners();
+        _isSigningIn = true;
       } else {
         googleSignIn = GoogleSignIn(
-          scopes: <String>['email'],
+          scopes: <String>['email', 'openid', 'profile'],
         );
-      }
-      GoogleSignInAccount? _user = await googleSignIn.signIn();
-      if (_user != null) {
-        print('Logged in with Google: ${_user!.email}');
-        await syncUser(_user!.displayName, _user!.email, _user!.photoUrl);
+        GoogleSignInAccount? _user = await googleSignIn.signIn();
+        if (_user == null) {
+          // User canceled the sign-in
+          throw Exception('Sign-in was canceled by the user.');
+        }
+        final GoogleSignInAuthentication auth = await _user.authentication;
+        if (auth.idToken == null) {
+          throw Exception('Unable to retrieve ID token. Please try again.');
+          // You could also notify listeners here if you want to update the UI
+        }
+        final bool isValid = await authUseCase.validateGoogleToken(auth.idToken!);
+        if (!isValid) {
+          throw Exception('Google token validation failed.');
+        }
+        await syncUser(_user.displayName, _user.email, _user.photoUrl);
         notifyListeners();
-        // You could also notify listeners here if you want to update the UI
+        _isSigningIn = true;
       }
-      _isSigningIn = true;
     } catch (error) {
       print('Error during Google Sign-In: $error');
     } finally {
@@ -104,22 +115,20 @@ class LoginViewModel extends ChangeNotifier {
     if (kIsWeb) {
       googleSignIn = GoogleSignIn(
         clientId: GOOGLE_SIGNIN_CLIENT_ID_WEB,
-        scopes: <String>['email'],
+        scopes: <String>['email', 'openid'],
       );
     } else {
       googleSignIn = GoogleSignIn(
-        scopes: <String>['email'],
+        scopes: <String>['email', 'openid'],
       );
     }
 
     await googleSignIn.signOut();
     notifyListeners();
   }
 
-  Future<String> syncUser(
-      String? displayName, String email, String? photoUrl) async {
-    final accessToken =
-        await authUseCase.syncUser(displayName, email, photoUrl);
+  Future<String> syncUser(String? displayName, String email, String? photoUrl) async {
+    final accessToken = await authUseCase.syncUser(displayName, email, photoUrl);
     return accessToken;
   }
 
@@ -135,12 +144,11 @@ class LoginViewModel extends ChangeNotifier {
         ],
         webAuthenticationOptions: WebAuthenticationOptions(
           clientId: 'com.example.swiftcompsignin',
-          redirectUri:
-              kIsWeb //This is where Apple sends the user back after they sign in.
-                  ? Uri.parse('https://compositesai.com/')
-                  : Uri.parse(
-                      'https://flutter-sign-in-with-apple-example.glitch.me/callbacks/sign_in_with_apple',
-                    ),
+          redirectUri: kIsWeb //This is where Apple sends the user back after they sign in.
+              ? Uri.parse('https://compositesai.com/')
+              : Uri.parse(
+                  'https://flutter-sign-in-with-apple-example.glitch.me/callbacks/sign_in_with_apple',
+                ),
         ),
       );
 

pubspec.yaml

@@ -51,6 +51,7 @@ dependencies:
 
 
 
+
 dev_dependencies:
   flutter_test:
     sdk: flutter

web/index.html

@@ -30,6 +30,7 @@
   <link rel="manifest" href="manifest.json">
   <link rel="stylesheet" type="text/css" href="splash/style.css">
   <script type="text/javascript" src="https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js"></script>
+  <script src="https://accounts.google.com/gsi/client" async defer></script>
 </head>
 <body style="position: fixed; inset: 0px; overflow: hidden; padding: 0px; margin: 0px; user-select: none; touch-action: none; font: 14px sans-serif; color: red;">
   <!-- This script installs service_worker.js to provide PWA functionality to