From 34f0b71bd4fc44a14bec1029d899701189a60596 Mon Sep 17 00:00:00 2001
From: Arijit Basu <sayanarijit@gmail.com>
Date: Tue, 25 Jun 2024 16:24:54 +0530
Subject: [PATCH] Support google jwt auth

Ref: https://github.com/stckme/tango/issues/997
---
 apphelpers/socialauth/goog.py | 16 +++++++++++++---
 setup.py                      |  2 +-
 2 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/apphelpers/socialauth/goog.py b/apphelpers/socialauth/goog.py
index d72df01..68b6979 100644
--- a/apphelpers/socialauth/goog.py
+++ b/apphelpers/socialauth/goog.py
@@ -1,5 +1,7 @@
 import os
 
+from google.auth.transport import requests
+from google.oauth2 import id_token
 from requests_oauthlib import OAuth2Session
 
 try:
@@ -11,7 +13,15 @@
     os.environ["OAUTHLIB_INSECURE_TRANSPORT"] = "True"
 
 
-def fetch_info(access_token):
-    session = OAuth2Session(token={"access_token": access_token})
-    userinfo = session.get("https://www.googleapis.com/oauth2/v1/userinfo").json()
+def fetch_info(access_token, jwt=False):
+    if jwt:
+        request = requests.Request()
+        userinfo = id_token.verify_oauth2_token(
+            id_token=access_token, request=request, audience=settings.G_CLIENT_ID
+        )
+    else:
+        session = OAuth2Session(
+            token={"access_token": access_token}, client_id=settings.G_CLIENT_ID
+        )
+        userinfo = session.get("https://www.googleapis.com/oauth2/v1/userinfo").json()
     return userinfo
diff --git a/setup.py b/setup.py
index dfbd5b2..5ed75d1 100644
--- a/setup.py
+++ b/setup.py
@@ -13,7 +13,7 @@
 with open("CHANGELOG.rst") as history_file:
     history = history_file.read()
 
-requirements = ["loguru"]
+requirements = ["loguru", "google-auth"]
 
 setup_requirements = []