3 files changed, 50 insertions, 47 deletions

diff --git a/src/server/apis/google/CredentialsLoader.ts b/src/server/apis/google/CredentialsLoader.ts
new file mode 100644
index 000000000..e3f4d167b
--- /dev/null
+++ b/src/server/apis/google/CredentialsLoader.ts
@@ -0,0 +1,29 @@
+import { readFile } from "fs";
+
+export namespace GoogleCredentialsLoader {
+
+    export interface InstalledCredentials {
+        client_id: string;
+        project_id: string;
+        auth_uri: string;
+        token_uri: string;
+        auth_provider_x509_cert_url: string;
+        client_secret: string;
+        redirect_uris: string[];
+    }
+
+    export let ProjectCredentials: InstalledCredentials;
+
+    export async function loadCredentials() {
+        ProjectCredentials = await new Promise<InstalledCredentials>(resolve => {
+            readFile(__dirname + '/google_project_credentials.json', function processClientSecrets(err, content) {
+                if (err) {
+                    console.log('Error loading client secret file: ' + err);
+                    return;
+                }
+                resolve(JSON.parse(content.toString()).installed);
+            });
+        });
+    }
+
+}
diff --git a/src/server/apis/google/GoogleApiServerUtils.ts b/src/server/apis/google/GoogleApiServerUtils.ts
index 0f75833ee..20f96f432 100644
--- a/src/server/apis/google/GoogleApiServerUtils.ts
+++ b/src/server/apis/google/GoogleApiServerUtils.ts
@@ -1,11 +1,11 @@
 import { google } from "googleapis";
 import { OAuth2Client, Credentials, OAuth2ClientOptions } from "google-auth-library";
-import { Opt } from "../../../new_fields/Doc";
+import { Opt } from "../../../fields/Doc";
 import { GaxiosResponse } from "gaxios";
 import request = require('request-promise');
-import * as qs from 'query-string';
+import * as qs from "query-string";
 import { Database } from "../../database";
-import { GoogleCredentialsLoader } from "../../credentials/CredentialsLoader";
+import { GoogleCredentialsLoader } from "./CredentialsLoader";
 
 /**
  * Scopes give Google users fine granularity of control
@@ -149,26 +149,6 @@ export namespace GoogleApiServerUtils {
     }
 
     /**
-     * Returns the lengthy string or access token that can be passed into
-     * the headers of an API request or into the constructor of the Photos
-     * client API wrapper.
-     * @param userId the Dash user id of the user requesting his/her associated
-     * access_token
-     * @returns the current access_token associated with the requesting
-     * Dash user. The access_token is valid for only an hour, and
-     * is then refreshed.
-     */
-    export async function retrieveAccessToken(userId: string): Promise<string> {
-        return new Promise(async resolve => {
-            const { credentials } = await retrieveCredentials(userId);
-            if (!credentials) {
-                return resolve();
-            }
-            resolve(credentials.access_token!);
-        });
-    }
-
-    /**
      * Manipulates a mapping such that, in the limit, each Dash user has
      * an associated authenticated OAuth2 client at their disposal. This
      * function ensures that the client's credentials always remain up to date
@@ -217,18 +197,6 @@ export namespace GoogleApiServerUtils {
     }
 
     /**
-     * This is what we return to the server in processNewUser(), after the
-     * worker OAuth2Client has used the user-pasted authentication code
-     * to retrieve an access token and an info token. The avatar is the
-     * URL to the Google-hosted mono-color, single white letter profile 'image'.
-     */
-    export interface GoogleAuthenticationResult {
-        access_token: string;
-        avatar: string;
-        name: string;
-    }
-
-    /**
      * This method receives the authentication code that the
      * user pasted into the overlay in the client side and uses the worker
      * and the authentication code to fetch the full set of credentials that
@@ -245,7 +213,7 @@ export namespace GoogleApiServerUtils {
      * and display basic user information in the overlay on successful authentication. 
      * This can be expanded as needed by adding properties to the interface GoogleAuthenticationResult.
      */
-    export async function processNewUser(userId: string, authenticationCode: string): Promise<GoogleAuthenticationResult> {
+    export async function processNewUser(userId: string, authenticationCode: string): Promise<EnrichedCredentials> {
         const credentials = await new Promise<Credentials>((resolve, reject) => {
             worker.getToken(authenticationCode, async (err, credentials) => {
                 if (err || !credentials) {
@@ -256,13 +224,8 @@ export namespace GoogleApiServerUtils {
             });
         });
         const enriched = injectUserInfo(credentials);
-        await Database.Auxiliary.GoogleAuthenticationToken.Write(userId, enriched);
-        const { given_name, picture } = enriched.userInfo;
-        return {
-            access_token: enriched.access_token!,
-            avatar: picture,
-            name: given_name
-        };
+        await Database.Auxiliary.GoogleAccessToken.Write(userId, enriched);
+        return enriched;
     }
 
     /**
@@ -316,15 +279,15 @@ export namespace GoogleApiServerUtils {
      * @returns the credentials, or undefined if the user has no stored associated credentials,
      * and a flag indicating whether or not they were refreshed during retrieval
      */
-    async function retrieveCredentials(userId: string): Promise<{ credentials: Opt<Credentials>, refreshed: boolean }> {
-        let credentials: Opt<Credentials> = await Database.Auxiliary.GoogleAuthenticationToken.Fetch(userId);
+    export async function retrieveCredentials(userId: string): Promise<{ credentials: Opt<EnrichedCredentials>, refreshed: boolean }> {
+        let credentials = await Database.Auxiliary.GoogleAccessToken.Fetch(userId);
         let refreshed = false;
         if (!credentials) {
             return { credentials: undefined, refreshed };
         }
         // check for token expiry
         if (credentials.expiry_date! <= new Date().getTime()) {
-            credentials = await refreshAccessToken(credentials, userId);
+            credentials = { ...credentials, ...(await refreshAccessToken(credentials, userId)) };
             refreshed = true;
         }
         return { credentials, refreshed };
@@ -355,7 +318,7 @@ export namespace GoogleApiServerUtils {
         });
         // expires_in is in seconds, but we're building the new expiry date in milliseconds
         const expiry_date = new Date().getTime() + (expires_in * 1000);
-        await Database.Auxiliary.GoogleAuthenticationToken.Update(userId, access_token, expiry_date);
+        await Database.Auxiliary.GoogleAccessToken.Update(userId, access_token, expiry_date);
         // update the relevant properties
         credentials.access_token = access_token;
         credentials.expiry_date = expiry_date;
diff --git a/src/server/apis/google/google_project_credentials.json b/src/server/apis/google/google_project_credentials.json
new file mode 100644
index 000000000..955c5a3c1
--- /dev/null
+++ b/src/server/apis/google/google_project_credentials.json
@@ -0,0 +1,11 @@
+{
+    "installed": {
+        "client_id": "343179513178-ud6tvmh275r2fq93u9eesrnc66t6akh9.apps.googleusercontent.com",
+        "project_id": "quickstart-1565056383187",
+        "auth_uri": "https://accounts.google.com/o/oauth2/auth",
+        "token_uri": "https://oauth2.googleapis.com/token",
+        "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
+        "client_secret": "w8KIFSc0MQpmUYHed4qEzn8b",
+        "redirect_uris": ["urn:ietf:wg:oauth:2.0:oob", "http://localhost"]
+    }
+}
\ No newline at end of file