integreat/src/clj/auto_ap/routes/auth.clj

(ns auto-ap.routes.auth
  (:require [auto-ap.datomic.users :as users]
            [buddy.sign.jwt :as jwt]
            [clj-http.client :as http]
            [clj-time.core :as time]
            [compojure.core :refer [GET defroutes]]
            [config.core :refer [env]]))

(def google-client-id "264081895820-0nndcfo3pbtqf30sro82vgq5r27h8736.apps.googleusercontent.com")
(def google-client-secret "OC-WemHurPXYpuIw5cT-B90g")

(defn make-api-token []
  (jwt/sign {:user "API"
             :exp (time/plus (time/now) (time/days 700))
             :user/role "admin"
             :user/name "API"}
            (:jwt-secret env)
            {:alg :hs512}))

(defroutes routes
  (GET "/oauth" {{:strs [code]} :query-params :keys [scheme] :as r {:strs [host]} :headers}
       (try
         (let [auth (-> "https://accounts.google.com/o/oauth2/token"
                        (http/post 
                         {:form-params {"client_id" google-client-id
                                        "client_secret" google-client-secret
                                        "code" code
                                        "redirect_uri" (str (:scheme env) "://" host  "/api/oauth")
                                        "grant_type" "authorization_code"}
                          :as :json})
                        :body)
               _ (println auth)
               token (:access_token auth)
               profile (-> (http/get "https://www.googleapis.com/oauth2/v1/userinfo"
                                     {:headers {"Authorization" (str "Bearer " token)} :as :json})
                           :body
                           (doto println))
               user (users/find-or-insert! {:user/provider "google"
                                            :user/provider-id (:id profile)
                                            :user/role :user-role/none
                                            :user/name (:name profile)})
               ]
           (println "authenticated as user" user)
           
           ;; TODO - these namespaces are not being transmitted/deserialized properly
           (if (and token user)
             {:status 301
              :headers {"Location" (str "/?jwt=" (jwt/sign (doto {:user (:name profile)
                                                                  :exp (time/plus (time/now) (time/days 30))
                                                                  :user/clients (map (fn [c]
                                                                                       (dissoc c :client/bank-accounts ))
                                                                                     (:user/clients user))
                                                                  :user/role (name (:user/role user))
                                                                  :user/name (:name profile)}
                                                             println)
                                                           (:jwt-secret env)
                                                           {:alg :hs512}))}}
             {:status 401
              :body "Couldn't authenticate"}))
         (catch Exception e
           
           {:status 401
            :body (str "Couldn't authenticate "  (.toString e))}))))