기능구현중

backend/api/google-group/list.get.ts

@@ -0,0 +1,102 @@
+import { queryOne } from '../../utils/db'
+import { requireAuth } from '../../utils/session'
+
+/**
+ * 구글 그룹 목록 조회
+ * GET /api/google-group/list
+ * 
+ * Cloud Identity Groups API 사용
+ */
+export default defineEventHandler(async (event) => {
+  const session = await requireAuth(event)
+  
+  // 사용자의 Google 토큰 조회
+  const employee = await queryOne<any>(`
+    SELECT google_access_token, google_refresh_token, google_token_expires_at
+    FROM wr_employee_info WHERE employee_id = $1
+  `, [session.employeeId])
+  
+  if (!employee?.google_access_token) {
+    throw createError({ 
+      statusCode: 401, 
+      message: 'Google 계정이 연결되지 않았습니다. 먼저 Google 로그인을 해주세요.' 
+    })
+  }
+  
+  let accessToken = employee.google_access_token
+  
+  // 토큰 만료 확인 및 갱신
+  if (employee.google_token_expires_at && new Date(employee.google_token_expires_at) < new Date()) {
+    accessToken = await refreshGoogleToken(session.employeeId, employee.google_refresh_token)
+  }
+  
+  try {
+    // Cloud Identity Groups API로 그룹 목록 조회
+    const response = await $fetch<any>('https://cloudidentity.googleapis.com/v1/groups:search', {
+      method: 'GET',
+      headers: { 'Authorization': `Bearer ${accessToken}` },
+      query: {
+        query: 'parent == "customers/my_customer" && "cloudidentity.googleapis.com/groups.discussion_forum" in labels',
+        pageSize: 100
+      }
+    })
+    
+    return {
+      groups: (response.groups || []).map((g: any) => ({
+        groupId: g.name?.split('/')[1],
+        groupKey: g.groupKey?.id,
+        displayName: g.displayName,
+        description: g.description,
+        email: g.groupKey?.id
+      }))
+    }
+  } catch (e: any) {
+    console.error('Google Groups API error:', e)
+    
+    // 권한 없음 에러
+    if (e.status === 403) {
+      throw createError({
+        statusCode: 403,
+        message: '구글 그룹 접근 권한이 없습니다. 관리자에게 문의하세요.'
+      })
+    }
+    
+    throw createError({
+      statusCode: 500,
+      message: '구글 그룹 목록을 가져오는데 실패했습니다.'
+    })
+  }
+})
+
+/**
+ * Google 토큰 갱신
+ */
+async function refreshGoogleToken(employeeId: number, refreshToken: string): Promise<string> {
+  const config = useRuntimeConfig()
+  
+  const response = await $fetch<any>('https://oauth2.googleapis.com/token', {
+    method: 'POST',
+    body: new URLSearchParams({
+      client_id: config.googleClientId,
+      client_secret: config.googleClientSecret,
+      refresh_token: refreshToken,
+      grant_type: 'refresh_token'
+    }).toString(),
+    headers: { 'Content-Type': 'application/x-www-form-urlencoded' }
+  })
+  
+  if (response.access_token) {
+    // DB 업데이트
+    const { execute } = await import('../../utils/db')
+    await execute(`
+      UPDATE wr_employee_info 
+      SET google_access_token = $1, 
+          google_token_expires_at = NOW() + INTERVAL '${response.expires_in} seconds'
+      WHERE employee_id = $2
+    `, [response.access_token, employeeId])
+    
+    return response.access_token
+  }
+  
+  throw new Error('토큰 갱신 실패')
+}