3 files changed, 43 insertions, 19 deletions

diff --git a/src/server/ApiManagers/GeneralGoogleManager.ts b/src/server/ApiManagers/GeneralGoogleManager.ts
index e8debfc12..25589ccb5 100644
--- a/src/server/ApiManagers/GeneralGoogleManager.ts
+++ b/src/server/ApiManagers/GeneralGoogleManager.ts
@@ -71,24 +71,20 @@ export default class GeneralGoogleManager extends ApiManager {
             subscription: new RouteSubscriber('googleTasks').add('create'),
             secureHandler: async ({ req, res, user }) => {
                 try {
-                    const { credentials } = await GoogleApiServerUtils.retrieveCredentials(user.id);
-                    const access_token = user.googleToken || credentials?.access_token; // if googleToken expires, we need to renew it.
-
-                    if (!access_token) {
-                        return res.status(401).send('Google access token not found.');
+                    const auth = await GoogleApiServerUtils.retrieveOAuthClient(user);
+            
+                    if (!auth) {
+                        return res.status(401).send('Google credentials missing or invalid.');
                     }
-
-                    const auth = new google.auth.OAuth2();
-                    auth.setCredentials({ access_token: access_token });
-
+            
                     const tasks = google.tasks({ version: 'v1', auth });
-
-                    const { title, notes, due } = req.body;
+            
+                    const { title, notes, due, status, completed } = req.body;
                     const result = await tasks.tasks.insert({
                         tasklist: '@default',
-                        requestBody: { title, notes, due },
+                        requestBody: { title, notes, due, status, completed},
                     });
-
+            
                     res.status(200).send(result.data);
                 } catch (err) {
                     console.error('Google Tasks error:', err);
@@ -102,9 +98,31 @@ export default class GeneralGoogleManager extends ApiManager {
             subscription: '/refreshGoogle',
             secureHandler: async ({ user, req, res }) => {
                 const code = req.query.code as string;
-                _success(res, code);
-                user.googleToken = code;
-                user.save();
+                console.log('/refreshGoogle hit with code:', code);
+
+                try {
+                    const enriched = await GoogleApiServerUtils.processNewUser(user.id, code);
+
+                    if (enriched.refresh_token) {
+                        console.log('Enriched credentials:', enriched);
+
+                        if (enriched.refresh_token) {
+                            user.googleToken = enriched.refresh_token;
+                            await user.save();
+                            console.log('Saved refresh token to user model');
+                        } else {
+                            console.warn('No refresh token returned');
+                        }
+                    }
+
+                    // await user.save();
+                    // _success(res, 'Google account successfully linked!');
+                    res.redirect('/home');
+
+                } catch (err) {
+                    console.error('Failed to process Google code:', err);
+                    res.status(500).send('Error linking Google account');
+                }
 
                 // const response2 = await Networking.PostToServer('/writeGoogleAccessToken', { authenticationCode });
                 // runInAction(() => {
diff --git a/src/server/apis/google/GoogleApiServerUtils.ts b/src/server/apis/google/GoogleApiServerUtils.ts
index 75f904331..56bc79119 100644
--- a/src/server/apis/google/GoogleApiServerUtils.ts
+++ b/src/server/apis/google/GoogleApiServerUtils.ts
@@ -59,6 +59,7 @@ export namespace GoogleApiServerUtils {
      */
     export function processProjectCredentials(): void {
         const { client_secret: clientSecret, client_id: clientId, redirect_uris: redirectUris } = GoogleCredentialsLoader.ProjectCredentials;
+        console.log('Loaded Google redirect URIs:', redirectUris);
         // initialize the global authorization client
         oAuthOptions = {
             clientId,
@@ -191,7 +192,12 @@ export namespace GoogleApiServerUtils {
 
         return oauth2Client.generateAuthUrl({
             access_type: 'offline',
-            scope: ['https://www.googleapis.com/auth/tasks'],
+            scope: [
+                'https://www.googleapis.com/auth/tasks', 
+                'openid',
+                'profile'
+            ],
+            prompt: 'consent', // This ensures we get a refresh token
         });
     }
 
@@ -306,7 +312,7 @@ export namespace GoogleApiServerUtils {
         const headerParameters = { headers: { 'Content-Type': 'application/x-www-form-urlencoded' } };
         const { client_id, client_secret } = GoogleCredentialsLoader.ProjectCredentials;
         const params = new URLSearchParams({
-            refresh_token: credentials.refresh_token!, // AARAV use user.googleToken 
+            refresh_token: credentials.refresh_token!, // AARAV use user.googleToken
             client_id,
             client_secret,
             grant_type: 'refresh_token',
diff --git a/src/server/apis/google/google_project_credentials.json b/src/server/apis/google/google_project_credentials.json
index 738e13647..010f9a626 100644
--- a/src/server/apis/google/google_project_credentials.json
+++ b/src/server/apis/google/google_project_credentials.json
@@ -6,6 +6,6 @@
         "token_uri": "https://oauth2.googleapis.com/token",
         "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
         "client_secret": "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",
-        "redirect_uris": ["urn:ietf:wg:oauth:2.0:oob", "http://localhost"]
+        "redirect_uris": ["http://localhost:1050/refreshGoogle"]
     }
 }
\ No newline at end of file