From 33a4ee39dce3d11856f2ec8d47d3aebba4a54190 Mon Sep 17 00:00:00 2001
From: Satindar Dhillon <satindar@gmail.com>
Date: Fri, 19 Aug 2022 18:53:51 -0700
Subject: [PATCH] check for android source in api mobile sign up route

---
 packages/api/src/routers/auth/google_auth.ts        | 13 +++++++------
 .../src/routers/auth/mobile/mobile_auth_router.ts   | 10 ++++++++--
 packages/api/src/routers/auth/mobile/sign_up.ts     |  3 ++-
 3 files changed, 17 insertions(+), 9 deletions(-)

diff --git a/packages/api/src/routers/auth/google_auth.ts b/packages/api/src/routers/auth/google_auth.ts
index e9b2b37bd..9a8aca56b 100644
--- a/packages/api/src/routers/auth/google_auth.ts
+++ b/packages/api/src/routers/auth/google_auth.ts
@@ -57,22 +57,23 @@ export const validateGoogleUser = async (
   }
 }
 
+const iosClientId = env.google.auth.iosClientId
+const androidClientId = env.google.auth.androidClientId
+
 const googleWebClient = new OAuth2Client(env.google.auth.clientId)
+const googleIOSClient = new OAuth2Client(iosClientId)
+const googleAndroidClient = new OAuth2Client(androidClientId)
 
 export async function decodeGoogleToken(
   idToken: string,
   isAndroid: boolean
 ): Promise<DecodeTokenResult> {
   try {
-    const clientID = isAndroid
-      ? env.google.auth.androidClientId
-      : env.google.auth.iosClientId
-
-    const googleMobileClient = new OAuth2Client(clientID)
+    const googleMobileClient = isAndroid ? googleAndroidClient : googleIOSClient
 
     const loginTicket = await googleMobileClient.verifyIdToken({
       idToken,
-      audience: clientID,
+      audience: isAndroid ? androidClientId : iosClientId,
     })
 
     const email = loginTicket.getPayload()?.email
diff --git a/packages/api/src/routers/auth/mobile/mobile_auth_router.ts b/packages/api/src/routers/auth/mobile/mobile_auth_router.ts
index de1652bf7..50890aaab 100644
--- a/packages/api/src/routers/auth/mobile/mobile_auth_router.ts
+++ b/packages/api/src/routers/auth/mobile/mobile_auth_router.ts
@@ -40,8 +40,14 @@ export function mobileAuthRouter() {
   })
 
   router.post('/sign-up', async (req, res) => {
-    const { token, provider, name } = req.body
-    const payload = await createMobileSignUpResponse(token, provider, name)
+    const { token, provider, name, source } = req.body
+    const isAndroid = source === 'ANDROID'
+    const payload = await createMobileSignUpResponse(
+      isAndroid,
+      token,
+      provider,
+      name
+    )
     res.status(payload.statusCode).json(payload.json)
   })
 
diff --git a/packages/api/src/routers/auth/mobile/sign_up.ts b/packages/api/src/routers/auth/mobile/sign_up.ts
index ef36f481c..fea03ef97 100644
--- a/packages/api/src/routers/auth/mobile/sign_up.ts
+++ b/packages/api/src/routers/auth/mobile/sign_up.ts
@@ -13,13 +13,14 @@ import { hashPassword } from '../../../utils/auth'
 import { createUser } from '../../../services/create_user'
 
 export async function createMobileSignUpResponse(
+  isAndroid: boolean,
   token?: string,
   provider?: AuthProvider,
   name?: string
 ): Promise<JsonResponsePayload> {
   try {
     if (token && provider === 'GOOGLE') {
-      const decodedTokenResult = await decodeGoogleToken(token)
+      const decodedTokenResult = await decodeGoogleToken(token, isAndroid)
       return createSignUpResponsePayload(
         provider,
         decodedTokenResult,