from google.oauth2 import id_token
from google.auth.transport import requests as google_requests
from config import GOOGLE_CLIENT_ID

def verify_google_token(token: str) -> dict | None:
    """
    Verify the Google OAuth ID token.
    Returns the user info dict if valid, otherwise None.
    """
    if not GOOGLE_CLIENT_ID:
        return None
    try:
        # Specify the CLIENT_ID of the app that accesses the backend
        idinfo = id_token.verify_oauth2_token(token, google_requests.Request(), GOOGLE_CLIENT_ID)
        return idinfo
    except ValueError:
        # Invalid token
        return None