after refactor cleanup

DiunaBI.UI.Shared/wwwroot/js/auth.js

@@ -0,0 +1,102 @@
+let googleInitialized = false;
+
+window.initGoogleSignIn = function(clientId) {
+    if (googleInitialized) {
+        console.log("Google Sign-In already initialized");
+        return;
+    }
+
+    console.log("🔐 Initializing Google Sign-In (ID Token flow)");
+    console.log("📋 Received clientId:", clientId);
+    console.log("📋 ClientId type:", typeof clientId);
+    console.log("📋 ClientId length:", clientId ? clientId.length : 0);
+
+    if (!clientId || clientId === '' || clientId === 'null' || clientId === 'undefined') {
+        console.error("❌ Invalid clientId received:", clientId);
+        throw new Error("ClientId is null, empty, or invalid");
+    }
+
+    // Check if Google library is loaded
+    if (typeof google === 'undefined' || !google.accounts || !google.accounts.id) {
+        console.error("❌ Google Sign-In library not loaded yet!");
+        throw new Error("Google Sign-In library not ready");
+    }
+
+    google.accounts.id.initialize({
+        client_id: clientId,
+        callback: handleCredentialResponse,
+        auto_select: false,
+        cancel_on_tap_outside: true
+    });
+
+    googleInitialized = true;
+    console.log("✅ Google Sign-In initialized successfully");
+};
+
+window.requestGoogleSignIn = function() {
+    console.log("🚀 Requesting Google Sign-In...");
+
+    google.accounts.id.prompt();
+};
+
+function handleCredentialResponse(response) {
+    console.log("=== 🎉 Google Credential Response ===");
+    
+    try {
+        if (!response.credential) {
+            throw new Error("No credential in response");
+        }
+        
+        const tokenParts = response.credential.split('.');
+        console.log("📝 ID Token parts:", tokenParts.length); // Should be 3 (JWT)
+        console.log("📏 ID Token length:", response.credential.length);
+        
+        if (tokenParts.length !== 3) {
+            throw new Error("Invalid JWT format - expected 3 parts (header.payload.signature)");
+        }
+        
+        // Dekoduj payload JWT aby wyciągnąć user info
+        const payload = decodeJwtPayload(response.credential);
+        
+        const fullName = payload.name || `${payload.given_name || ''} ${payload.family_name || ''}`.trim();
+        const email = payload.email;
+        const avatarUrl = payload.picture || '';
+        
+        console.log("👤 User info from JWT:", { fullName, email });
+        console.log("📧 Email verified:", payload.email_verified);
+        
+        // Wywołaj Blazor - przekaż ID token JWT (nie access token!)
+        DotNet.invokeMethodAsync('DiunaBI.UI.Shared', 'OnGoogleSignInSuccess', 
+            response.credential,  // <--- To jest ID token JWT dla backendu
+            fullName, 
+            email, 
+            avatarUrl)
+            .then(() => {
+                console.log("✅ Successfully sent ID token to Blazor");
+            })
+            .catch(err => {
+                console.error("❌ Error calling Blazor:", err);
+                DotNet.invokeMethodAsync('DiunaBI.UI.Shared', 'OnGoogleSignInError', err.toString());
+            });
+    } catch (error) {
+        console.error("❌ Error processing Google credential:", error);
+        DotNet.invokeMethodAsync('DiunaBI.UI.Shared', 'OnGoogleSignInError', error.toString());
+    }
+}
+
+function decodeJwtPayload(token) {
+    try {
+        const base64Url = token.split('.')[1];
+        const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
+        const jsonPayload = decodeURIComponent(
+            atob(base64)
+                .split('')
+                .map(c => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2))
+                .join('')
+        );
+        return JSON.parse(jsonPayload);
+    } catch (error) {
+        console.error("Error decoding JWT:", error);
+        throw new Error("Invalid JWT format");
+    }
+}