<?php
session_start();
require_once '../config/database.php';
require_once '../includes/auth.php';

// Google OAuth callback handler
if (isset($_GET['code'])) {
    $code = $_GET['code'];
    
    // Exchange code for access token
    $token_url = 'https://oauth2.googleapis.com/token';
    $client_id = '73807454033-o7n4e623mhv335nonlm0r3n34mievdv7.apps.googleusercontent.com';
    $client_secret = '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';
    // Auto-detect environment for redirect URI
    $is_local = (strpos($_SERVER['HTTP_HOST'], 'localhost') !== false || strpos($_SERVER['HTTP_HOST'], '127.0.0.1') !== false);
    $redirect_uri = $is_local ? 
        'http://localhost/optical_slip/auth/google_callback.php' : 
        'https://optislip.com/auth/google_callback.php';
    
    $post_data = [
        'code' => $code,
        'client_id' => $client_id,
        'client_secret' => $client_secret,
        'redirect_uri' => $redirect_uri,
        'grant_type' => 'authorization_code'
    ];
    
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $token_url);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_data));
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    
    $response = curl_exec($ch);
    curl_close($ch);
    
    $token_data = json_decode($response, true);
    
    if (isset($token_data['access_token'])) {
        // Get user info from Google
        $user_info_url = 'https://www.googleapis.com/oauth2/v2/userinfo?access_token=' . $token_data['access_token'];
        
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $user_info_url);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        
        $user_response = curl_exec($ch);
        curl_close($ch);
        
        $user_data = json_decode($user_response, true);
        
        if (isset($user_data['email'])) {
            // Use the authentication function from auth.php
            if (authenticateGoogleUser($user_data)) {
                // Redirect to home on successful authentication
                header('Location: ../home.php');
                exit();
            } else {
                // Authentication failed
                header('Location: ../signin.php?error=google_auth_failed');
                exit();
            }
        }
    }
}

// If we get here, something went wrong
header('Location: ../signin.php?error=google_auth_failed');
exit();
?>

• [F] google_callback.php
  Delete