auth enpoint that just returns nonce for google oauth login

app/org/sailcbi/APIServer/Api/Endpoints/Security/GetPwHashForUser.scala

@@ -42,4 +42,38 @@ class GetPwHashForUser @Inject()(implicit exec: ExecutionContext) extends Inject
 			}
 		}
 	}
+
+	def getNonce(email: String, userType: String = "staff"): Action[AnyContent] = Action.async { request =>
+		Future {
+			println("userType is " + userType)
+			println("email is " + email)
+			val userTypeObj: Option[RequestCacheObject[_]] = userType match {
+				case "staff" => {
+					println("looking up staff")
+					Some(StaffRequestCache)
+				}
+				case "member" => {
+					println("looking up member")
+					Some(MemberRequestCache)
+				}
+				case _ => None
+			}
+			println("headers: " + request.headers)
+			if (userTypeObj.isEmpty) Ok("BAD USER TYPE")
+			else {
+				try {
+					BouncerRequestCache.getPwNonceForUser(ParsedRequest(request), email, userTypeObj.get) match {
+						case None => Ok("NO DATA")
+						case Some(t: String) => Ok(t)
+					}
+				} catch {
+					case e: Exception => {
+						println(e)
+						Ok("NO DATA")
+					}
+				}
+
+			}
+		}
+	}
 }

app/org/sailcbi/APIServer/UserTypes/BouncerRequestCache.scala

@@ -37,6 +37,18 @@ object BouncerRequestCache extends RequestCacheObject[BouncerRequestCache] {
 		}).flatten
 	}
 
+	def getPwNonceForUser(parsedRequest: ParsedRequest, email: String, userType: RequestCacheObject[_])(implicit PA: PermissionsAuthority): Option[String] = {
+		PA.withRequestCacheNoFuture(BouncerRequestCache)(None, parsedRequest, rc => {
+			if (PA.systemParams.allowableUserTypes.contains(userType)) {
+				userType match {
+					case StaffRequestCache => StaffRequestCache.getPwNonceForEmail(rc, email)
+					case MemberRequestCache => None
+					case _ => None
+				}
+			} else None
+		}).flatten
+	}
+
 	override def create(userName: String, serverParams: PropertiesWrapper, dbGateway: DatabaseGateway, redisPool: JedisPool): BouncerRequestCache =
 		new BouncerRequestCache(userName, serverParams, dbGateway, redisPool)
 

app/org/sailcbi/APIServer/UserTypes/StaffRequestCache.scala

@@ -58,4 +58,33 @@ object StaffRequestCache extends RequestCacheObject[StaffRequestCache] {
 		}
 		else None
 	}
+
+	def getPwNonceForEmail(rc: BouncerRequestCache, email: String): Option[String] = {
+		case class Result(email: String, pwHashScheme: String, pwHash: String, nonce: String, locked: Boolean, active: Boolean)
+		val hq = new PreparedQueryForSelect[Result](allowedUserTypes = Set(BouncerRequestCache, RootRequestCache)) {
+			override def mapResultSetRowToCaseObject(rs: ResultSetWrapper): Result =
+				Result(
+					rs.getString(1),
+					rs.getString(2),
+					rs.getString(3),
+					rs.getOptionString(4).getOrElse(EMPTY_NONCE),
+					locked = rs.getOptionBooleanFromChar(5).getOrElse(false),
+					active = rs.getBooleanFromChar(6)
+				)
+
+			override def getQuery: String = "select user_name, pw_hash_scheme, pw_hash, auth_nonce, locked, active from USERS where lower(email) = ?"
+
+			override val params: List[String] = List(email.toLowerCase)
+		}
+
+		val users = rc.executePreparedQueryForSelect(hq)
+
+		if (users.length == 1) {
+			val user = users.head
+			if (user.active && !user.locked) {
+				Some(user.nonce)
+			} else None
+		}
+		else None
+	}
 }

conf/routes-build/src/01_internet

@@ -186,5 +186,6 @@ POST    /auth/crash                     org.sailcbi.APIServer.Api.Endpoints.Cras
 
 POST /auth/create-member                org.sailcbi.APIServer.Api.Endpoints.Security.CreateMember.post()
 GET     /auth/getPwHash                     org.sailcbi.APIServer.Api.Endpoints.Security.GetPwHashForUser.get(userName: String, userType: String ?= "staff")
+GET     /auth/getPwNonce                    org.sailcbi.APIServer.Api.Endpoints.Security.GetPwHashForUser.getNonce(email: String, userType: String ?= "staff")
 # Map static resources from the /public folder to the /assets URL path
 GET     /assets/*file               controllers.Assets.versioned(path="/public", file: Asset)