From 1124ddb4fd25bc7cae6f0ff0303d6a48e2d150a4 Mon Sep 17 00:00:00 2001
From: cebgcontract <99630598+cebgcontract@users.noreply.github.com>
Date: Wed, 9 Nov 2022 14:48:32 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9goolge=20oauth=20idtoken?=
 =?UTF-8?q?=E9=AA=8C=E8=AF=81=E8=A7=84=E5=88=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .env.development                    | 5 +++--
 .env.production                     | 5 +++--
 boundle.sh                          | 4 ++--
 src/controllers/main.controllers.ts | 5 +++--
 4 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/.env.development b/.env.development
index edc3b75..55a90f0 100644
--- a/.env.development
+++ b/.env.development
@@ -1,8 +1,9 @@
 API_PORT=3007
-API_HOST=10.0.1.3
+API_HOST=0.0.0.0
 API_TOKEN_SECRET=sdf(**&*&xx2213
 API_TOKEN_EXPIRESIN=1d
 
 
-GOOGLE_OAUTH_CLIENT="165555585193-glmtnb94s3kkq906hal72ppiuoqpjjc5.apps.googleusercontent.com"
+GOOGLE_OAUTH_CLIENT="53206975661-asnf3qe4bg29p8h981pgf099osvrjbme.apps.googleusercontent.com"
+GOOGLE_OAUTH_CLIENT2="53206975661-ih3r0ubph3rqejdq97b029difbrk2bqj.apps.googleusercontent.com"
 DB_MAIN=mongodb://localhost/wallet-development
\ No newline at end of file
diff --git a/.env.production b/.env.production
index 7c99a8a..9176918 100644
--- a/.env.production
+++ b/.env.production
@@ -1,7 +1,8 @@
 API_PORT=3086
-API_HOST=198.168.100.22
+API_HOST=0.0.0.0
 API_TOKEN_SECRET=sdf(**&*&xx2214
 API_TOKEN_EXPIRESIN=1d
 
-GOOGLE_OAUTH_CLIENT="165555585193-glmtnb94s3kkq906hal72ppiuoqpjjc5.apps.googleusercontent.com"
+GOOGLE_OAUTH_CLIENT="53206975661-asnf3qe4bg29p8h981pgf099osvrjbme.apps.googleusercontent.com"
+GOOGLE_OAUTH_CLIENT2="53206975661-ih3r0ubph3rqejdq97b029difbrk2bqj.apps.googleusercontent.com"
 DB_MAIN=mongodb://127.0.0.1/wallet-production
\ No newline at end of file
diff --git a/boundle.sh b/boundle.sh
index d9674c3..831bf10 100755
--- a/boundle.sh
+++ b/boundle.sh
@@ -1,8 +1,8 @@
 #!/bin/bash
 
-source /etc/profile
+# source /etc/profile
 # npm install --prefer-offline --loglevel info --unsafe-perm=true --allow-root >> boundle.log
-npm run build
+# npm run build
 mkdir tmp
 mv dist tmp/dist
 mv node_modules tmp/node_modules
diff --git a/src/controllers/main.controllers.ts b/src/controllers/main.controllers.ts
index c94addb..a9fe11f 100644
--- a/src/controllers/main.controllers.ts
+++ b/src/controllers/main.controllers.ts
@@ -23,10 +23,11 @@ class MainController extends BaseController {
   async checkGoogleJwt(req, res) {
     const { token } = req.params
     const CLIENT_ID = process.env.GOOGLE_OAUTH_CLIENT
+    const CLIENT_ID2 = process.env.GOOGLE_OAUTH_CLIENT2
     const client = new OAuth2Client(CLIENT_ID)
     const ticket = await client.verifyIdToken({
       idToken: token,
-      audience: CLIENT_ID, // Specify the CLIENT_ID of the app that accesses the backend
+      audience: [CLIENT_ID, CLIENT_ID2], // Specify the CLIENT_ID of the app that accesses the backend
       // Or, if multiple clients access the backend:
       //[CLIENT_ID_1, CLIENT_ID_2, CLIENT_ID_3]
     })
@@ -34,7 +35,7 @@ class MainController extends BaseController {
     if (!(payload.iss === GOOGLE_OAUTH_ISS || payload.iss === GOOGLE_OAUTH_ISS1)) {
       throw new ZError(10, 'id token error')
     }
-    if (payload.aud !== CLIENT_ID) {
+    if (payload.aud !== CLIENT_ID && payload.aud !== CLIENT_ID2) {
       throw new ZError(11, 'client id mismatch')
     }
     const openId = payload.sub