/**
 * Google OAuth 시작
 * GET /api/auth/google
 */
export default defineEventHandler(async (event) => {
  const config = useRuntimeConfig()
  
  const clientId = config.googleClientId || process.env.GOOGLE_CLIENT_ID
  const redirectUri = config.googleRedirectUri || process.env.GOOGLE_REDIRECT_URI || 'http://localhost:3000/api/auth/google/callback'
  
  if (!clientId) {
    throw createError({ statusCode: 500, message: 'Google OAuth가 설정되지 않았습니다.' })
  }
  
  const scope = encodeURIComponent('openid email profile')
  const state = Math.random().toString(36).substring(7) // CSRF 방지
  
  // state를 쿠키에 저장
  setCookie(event, 'oauth_state', state, {
    httpOnly: true,
    secure: process.env.NODE_ENV === 'production',
    maxAge: 300 // 5분
  })
  
  const authUrl = `https://accounts.google.com/o/oauth2/v2/auth?` +
    `client_id=${clientId}` +
    `&redirect_uri=${encodeURIComponent(redirectUri)}` +
    `&response_type=code` +
    `&scope=${scope}` +
    `&state=${state}` +
    `&access_type=offline` +
    `&prompt=consent`
  
  return sendRedirect(event, authUrl)
})