Port Classroom UI from meetings app with green accent

- Add full AppKit UI (ViewController), Google OAuth, Calendar client, models
- Rebrand copy and URLs for Google Classroom; green palette and sidebar hover
- Add Info.plist, sandbox entitlements, StoreKit config, shared scheme
- Sync AppDelegate appearance with system dark mode
- Keep only asset images referenced in code; remove unused logo imagesets

Made-with: Cursor

Info.plist

@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleDevelopmentRegion</key>
+	<string>$(DEVELOPMENT_LANGUAGE)</string>
+	<key>CFBundleDisplayName</key>
+	<string>$(PRODUCT_NAME)</string>
+	<key>CFBundleExecutable</key>
+	<string>$(EXECUTABLE_NAME)</string>
+	<key>CFBundleIdentifier</key>
+	<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
+	<key>CFBundleInfoDictionaryVersion</key>
+	<string>6.0</string>
+	<key>CFBundleName</key>
+	<string>$(PRODUCT_NAME)</string>
+	<key>CFBundlePackageType</key>
+	<string>APPL</string>
+	<key>CFBundleShortVersionString</key>
+	<string>$(MARKETING_VERSION)</string>
+	<key>CFBundleVersion</key>
+	<string>$(CURRENT_PROJECT_VERSION)</string>
+	<key>LSMinimumSystemVersion</key>
+	<string>$(MACOSX_DEPLOYMENT_TARGET)</string>
+	<key>NSMainStoryboardFile</key>
+	<string>Main</string>
+	<key>NSPrincipalClass</key>
+	<string>NSApplication</string>
+	<key>NSCameraUsageDescription</key>
+	<string>Camera may be used when you open Google Classroom or other sites inside this app.</string>
+	<key>NSMicrophoneUsageDescription</key>
+	<string>Microphone may be used when you open Google Classroom or other sites inside this app.</string>
+	<key>AppLaunchPlaceholderURL</key>
+	<string>https://classroom.google.com/</string>
+	<key>AppShareURL</key>
+	<string>https://classroom.google.com/</string>
+	<key>SupportURL</key>
+	<string>https://support.google.com/classroom</string>
+	<key>MoreAppsURL</key>
+	<string>https://apps.apple.com/mac/search?term=Google%20Classroom</string>
+	<key>PrivacyPolicyURL</key>
+	<string>https://policies.google.com/privacy</string>
+	<key>TermsOfServiceURL</key>
+	<string>https://policies.google.com/terms</string>
+	<key>RateUsURL</key>
+	<string>https://apps.apple.com/mac/search?term=Google%20Classroom</string>
+	<key>CFBundleURLTypes</key>
+	<array>
+		<dict>
+			<key>CFBundleURLName</key>
+			<string>GoogleOAuthRedirect</string>
+			<key>CFBundleURLSchemes</key>
+			<array>
+				<string>classroomapp.oauth</string>
+			</array>
+		</dict>
+	</array>
+</dict>
+</plist>

classroom_app.xcodeproj/project.pbxproj

@@ -178,7 +178,7 @@
 				GCC_WARN_UNUSED_FUNCTION = YES;
 				GCC_WARN_UNUSED_VARIABLE = YES;
 				LOCALIZATION_PREFERS_STRING_CATALOGS = YES;
-				MACOSX_DEPLOYMENT_TARGET = 26.4;
+				MACOSX_DEPLOYMENT_TARGET = 12.0;
 				MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE;
 				MTL_FAST_MATH = YES;
 				ONLY_ACTIVE_ARCH = YES;
@@ -235,7 +235,7 @@
 				GCC_WARN_UNUSED_FUNCTION = YES;
 				GCC_WARN_UNUSED_VARIABLE = YES;
 				LOCALIZATION_PREFERS_STRING_CATALOGS = YES;
-				MACOSX_DEPLOYMENT_TARGET = 26.4;
+				MACOSX_DEPLOYMENT_TARGET = 12.0;
 				MTL_ENABLE_DEBUG_INFO = NO;
 				MTL_FAST_MATH = YES;
 				SDKROOT = macosx;
@@ -248,15 +248,16 @@
 			buildSettings = {
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				ASSETCATALOG_COMPILER_GLOBAL_ACCENT_COLOR_NAME = AccentColor;
+				CODE_SIGN_ENTITLEMENTS = classroom_app/classroom_app.entitlements;
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
 				CURRENT_PROJECT_VERSION = 1;
+				DEVELOPMENT_TEAM = 5AT3P29RBZ;
 				ENABLE_APP_SANDBOX = YES;
 				ENABLE_USER_SELECTED_FILES = readonly;
-				GENERATE_INFOPLIST_FILE = YES;
+				GENERATE_INFOPLIST_FILE = NO;
+				INFOPLIST_FILE = Info.plist;
 				INFOPLIST_KEY_NSHumanReadableCopyright = "";
-				INFOPLIST_KEY_NSMainStoryboardFile = Main;
-				INFOPLIST_KEY_NSPrincipalClass = NSApplication;
 				LD_RUNPATH_SEARCH_PATHS = (
 					"$(inherited)",
 					"@executable_path/../Frameworks",
@@ -279,15 +280,16 @@
 			buildSettings = {
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				ASSETCATALOG_COMPILER_GLOBAL_ACCENT_COLOR_NAME = AccentColor;
+				CODE_SIGN_ENTITLEMENTS = classroom_app/classroom_app.entitlements;
 				CODE_SIGN_STYLE = Automatic;
 				COMBINE_HIDPI_IMAGES = YES;
 				CURRENT_PROJECT_VERSION = 1;
+				DEVELOPMENT_TEAM = 5AT3P29RBZ;
 				ENABLE_APP_SANDBOX = YES;
 				ENABLE_USER_SELECTED_FILES = readonly;
-				GENERATE_INFOPLIST_FILE = YES;
+				GENERATE_INFOPLIST_FILE = NO;
+				INFOPLIST_FILE = Info.plist;
 				INFOPLIST_KEY_NSHumanReadableCopyright = "";
-				INFOPLIST_KEY_NSMainStoryboardFile = Main;
-				INFOPLIST_KEY_NSPrincipalClass = NSApplication;
 				LD_RUNPATH_SEARCH_PATHS = (
 					"$(inherited)",
 					"@executable_path/../Frameworks",

classroom_app.xcodeproj/xcshareddata/xcschemes/classroom_app.xcscheme

@@ -0,0 +1,82 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Scheme
+   LastUpgradeVersion = "2640"
+   version = "1.7">
+   <BuildAction
+      parallelizeBuildables = "YES"
+      buildImplicitDependencies = "YES"
+      buildArchitectures = "Automatic">
+      <BuildActionEntries>
+         <BuildActionEntry
+            buildForTesting = "YES"
+            buildForRunning = "YES"
+            buildForProfiling = "YES"
+            buildForArchiving = "YES"
+            buildForAnalyzing = "YES">
+            <BuildableReference
+               BuildableIdentifier = "primary"
+               BlueprintIdentifier = "1391CA292F8CB08600B3B198"
+               BuildableName = "classroom_app.app"
+               BlueprintName = "classroom_app"
+               ReferencedContainer = "container:classroom_app.xcodeproj">
+            </BuildableReference>
+         </BuildActionEntry>
+      </BuildActionEntries>
+   </BuildAction>
+   <TestAction
+      buildConfiguration = "Debug"
+      selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+      selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+      shouldUseLaunchSchemeArgsEnv = "YES"
+      shouldAutocreateTestPlan = "YES">
+   </TestAction>
+   <LaunchAction
+      buildConfiguration = "Debug"
+      selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+      selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+      launchStyle = "0"
+      useCustomWorkingDirectory = "NO"
+      ignoresPersistentStateOnLaunch = "NO"
+      debugDocumentVersioning = "YES"
+      debugServiceExtension = "internal"
+      allowLocationSimulation = "YES"
+      queueDebuggingEnableBacktraceRecording = "Yes">
+      <BuildableProductRunnable
+         runnableDebuggingMode = "0">
+         <BuildableReference
+            BuildableIdentifier = "primary"
+            BlueprintIdentifier = "1391CA292F8CB08600B3B198"
+            BuildableName = "classroom_app.app"
+            BlueprintName = "classroom_app"
+            ReferencedContainer = "container:classroom_app.xcodeproj">
+         </BuildableReference>
+      </BuildableProductRunnable>
+      <StoreKitConfigurationFileReference
+         identifier = "../../classroom_app/StoreKit.storekit">
+      </StoreKitConfigurationFileReference>
+   </LaunchAction>
+   <ProfileAction
+      buildConfiguration = "Release"
+      shouldUseLaunchSchemeArgsEnv = "YES"
+      savedToolIdentifier = ""
+      useCustomWorkingDirectory = "NO"
+      debugDocumentVersioning = "YES">
+      <BuildableProductRunnable
+         runnableDebuggingMode = "0">
+         <BuildableReference
+            BuildableIdentifier = "primary"
+            BlueprintIdentifier = "1391CA292F8CB08600B3B198"
+            BuildableName = "classroom_app.app"
+            BlueprintName = "classroom_app"
+            ReferencedContainer = "container:classroom_app.xcodeproj">
+         </BuildableReference>
+      </BuildableProductRunnable>
+   </ProfileAction>
+   <AnalyzeAction
+      buildConfiguration = "Debug">
+   </AnalyzeAction>
+   <ArchiveAction
+      buildConfiguration = "Release"
+      revealArchiveInOrganizer = "YES">
+   </ArchiveAction>
+</Scheme>

classroom_app.xcodeproj/xcuserdata/devmac1.xcuserdatad/xcschemes/xcschememanagement.plist

@@ -10,5 +10,13 @@
 			<integer>0</integer>
 		</dict>
 	</dict>
+	<key>SuppressBuildableAutocreation</key>
+	<dict>
+		<key>1391CA292F8CB08600B3B198</key>
+		<dict>
+			<key>primary</key>
+			<true/>
+		</dict>
+	</dict>
 </dict>
 </plist>

classroom_app/AppDelegate.swift

@@ -9,22 +9,24 @@ import Cocoa
 
 @main
 class AppDelegate: NSObject, NSApplicationDelegate {
-
-    
-
+    private let darkModeDefaultsKey = "settings.darkModeEnabled"
 
     func applicationDidFinishLaunching(_ aNotification: Notification) {
-        // Insert code here to initialize your application
+        let darkEnabled = systemPrefersDarkMode()
+        UserDefaults.standard.set(darkEnabled, forKey: darkModeDefaultsKey)
+        NSApp.appearance = NSAppearance(named: darkEnabled ? .darkAqua : .aqua)
     }
 
     func applicationWillTerminate(_ aNotification: Notification) {
-        // Insert code here to tear down your application
     }
 
     func applicationSupportsSecureRestorableState(_ app: NSApplication) -> Bool {
         return true
     }
 
-
+    private func systemPrefersDarkMode() -> Bool {
+        let global = UserDefaults.standard.persistentDomain(forName: UserDefaults.globalDomain)
+        let style = global?["AppleInterfaceStyle"] as? String
+        return style?.lowercased() == "dark"
+    }
 }
-

classroom_app/Assets.xcassets/AccentColor.colorset/Contents.json

@@ -1,6 +1,15 @@
 {
   "colors" : [
     {
+      "color" : {
+        "color-space" : "srgb",
+        "components" : {
+          "alpha" : "1.000",
+          "blue" : "0.345",
+          "green" : "0.616",
+          "red" : "0.059"
+        }
+      },
       "idiom" : "universal"
     }
   ],

classroom_app/Assets.xcassets/GoogleGLogo.imageset/Contents.json

@@ -0,0 +1,27 @@
+{
+  "images" : [
+    {
+      "filename" : "google_g.png",
+      "idiom" : "universal",
+      "scale" : "1x"
+    },
+    {
+      "filename" : "google_g@2x.png",
+      "idiom" : "universal",
+      "scale" : "2x"
+    },
+    {
+      "filename" : "google_g@3x.png",
+      "idiom" : "universal",
+      "scale" : "3x"
+    }
+  ],
+  "info" : {
+    "author" : "xcode",
+    "version" : 1
+  },
+  "properties" : {
+    "preserves-vector-representation" : false,
+    "template-rendering-intent" : "original"
+  }
+}

classroom_app/Assets.xcassets/HeaderLogo.imageset/Contents.json

@@ -0,0 +1,23 @@
+{
+  "images": [
+    {
+      "idiom": "universal",
+      "filename": "HeaderLogo@1x.png",
+      "scale": "1x"
+    },
+    {
+      "idiom": "universal",
+      "filename": "HeaderLogo@2x.png",
+      "scale": "2x"
+    },
+    {
+      "idiom": "universal",
+      "filename": "HeaderLogo@3x.png",
+      "scale": "3x"
+    }
+  ],
+  "info": {
+    "version": 1,
+    "author": "xcode"
+  }
+}

classroom_app/Assets.xcassets/JoinMeetingsLogo.imageset/Contents.json

@@ -0,0 +1,26 @@
+{
+  "images" : [
+    {
+      "filename" : "join_meetings_logo.png",
+      "idiom" : "universal",
+      "scale" : "1x"
+    },
+    {
+      "filename" : "join_meetings_logo@2x.png",
+      "idiom" : "universal",
+      "scale" : "2x"
+    },
+    {
+      "filename" : "join_meetings_logo@3x.png",
+      "idiom" : "universal",
+      "scale" : "3x"
+    }
+  ],
+  "info" : {
+    "author" : "xcode",
+    "version" : 1
+  },
+  "properties" : {
+    "template-rendering-intent" : "template"
+  }
+}

classroom_app/Assets.xcassets/SidebarSettingsLogo.imageset/Contents.json

@@ -0,0 +1,26 @@
+{
+  "images": [
+    {
+      "filename": "sidebar_settings.png",
+      "idiom": "universal",
+      "scale": "1x"
+    },
+    {
+      "filename": "sidebar_settings@2x.png",
+      "idiom": "universal",
+      "scale": "2x"
+    },
+    {
+      "filename": "sidebar_settings@3x.png",
+      "idiom": "universal",
+      "scale": "3x"
+    }
+  ],
+  "info": {
+    "author": "xcode",
+    "version": 1
+  },
+  "properties": {
+    "template-rendering-intent": "template"
+  }
+}

classroom_app/Auth/GoogleOAuthService.swift

@@ -0,0 +1,444 @@
+import Foundation
+import CryptoKit
+import AppKit
+import Network
+
+struct GoogleOAuthTokens: Codable, Equatable {
+    var accessToken: String
+    var refreshToken: String?
+    var expiresAt: Date
+    var scope: String?
+    var tokenType: String?
+}
+
+struct GoogleUserProfile: Codable, Equatable {
+    var name: String?
+    var email: String?
+    var picture: String?
+}
+
+enum GoogleOAuthError: Error {
+    case missingClientId
+    case missingClientSecret
+    case invalidCallbackURL
+    case missingAuthorizationCode
+    case tokenExchangeFailed(String)
+    case unableToOpenBrowser
+    case authenticationTimedOut
+    case noStoredTokens
+}
+
+final class GoogleOAuthService: NSObject {
+    static let shared = GoogleOAuthService()
+
+    // Stored in UserDefaults so you can configure without rebuilding.
+    // Put your OAuth Desktop client ID here (from Google Cloud Console).
+    private let clientIdDefaultsKey = "google.oauth.clientId"
+    private let clientSecretDefaultsKey = "google.oauth.clientSecret"
+    private let bundledClientId = "824412072260-m9g5g6mlemnb0o079rtuqnh0e1unmelc.apps.googleusercontent.com"
+    private let bundledClientSecret = "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"
+
+    // Calendar is needed for schedule. Profile/email make login feel complete in-app.
+    private let scopes = [
+        "openid",
+        "email",
+        "profile",
+        "https://www.googleapis.com/auth/calendar.events"
+    ]
+
+    private let tokenStore = KeychainTokenStore()
+    private override init() {}
+
+    func configuredClientId() -> String? {
+        let value = UserDefaults.standard.string(forKey: clientIdDefaultsKey)?.trimmingCharacters(in: .whitespacesAndNewlines)
+        if let value, value.isEmpty == false { return value }
+        return bundledClientId
+    }
+
+    func setClientIdForTesting(_ clientId: String) {
+        UserDefaults.standard.set(clientId, forKey: clientIdDefaultsKey)
+    }
+
+    func configuredClientSecret() -> String? {
+        let value = UserDefaults.standard.string(forKey: clientSecretDefaultsKey)?.trimmingCharacters(in: .whitespacesAndNewlines)
+        if let value, value.isEmpty == false { return value }
+        return bundledClientSecret
+    }
+
+    func setClientSecretForTesting(_ clientSecret: String) {
+        UserDefaults.standard.set(clientSecret, forKey: clientSecretDefaultsKey)
+    }
+
+    func signOut() throws {
+        try tokenStore.deleteTokens()
+    }
+
+    func loadTokens() -> GoogleOAuthTokens? {
+        try? tokenStore.readTokens()
+    }
+
+    func fetchUserProfile(accessToken: String) async throws -> GoogleUserProfile {
+        var request = URLRequest(url: URL(string: "https://openidconnect.googleapis.com/v1/userinfo")!)
+        request.httpMethod = "GET"
+        request.setValue("Bearer \(accessToken)", forHTTPHeaderField: "Authorization")
+
+        let (data, response) = try await URLSession.shared.data(for: request)
+        guard let http = response as? HTTPURLResponse, (200..<300).contains(http.statusCode) else {
+            let details = String(data: data, encoding: .utf8) ?? "HTTP \((response as? HTTPURLResponse)?.statusCode ?? -1)"
+            throw GoogleOAuthError.tokenExchangeFailed(details)
+        }
+        return try JSONDecoder().decode(GoogleUserProfile.self, from: data)
+    }
+
+    func validAccessToken(presentingWindow: NSWindow?) async throws -> String {
+        if var tokens = try tokenStore.readTokens() {
+            if tokens.expiresAt.timeIntervalSinceNow > 60 {
+                return tokens.accessToken
+            }
+            if let refreshed = try await refreshTokens(tokens) {
+                tokens = refreshed
+                try tokenStore.writeTokens(tokens)
+                return tokens.accessToken
+            }
+        }
+
+        let tokens = try await interactiveSignIn(presentingWindow: presentingWindow)
+        try tokenStore.writeTokens(tokens)
+        return tokens.accessToken
+    }
+
+    // MARK: - Interactive sign-in (Authorization Code + PKCE)
+
+    private func interactiveSignIn(presentingWindow: NSWindow?) async throws -> GoogleOAuthTokens {
+        _ = presentingWindow
+        guard let clientId = configuredClientId() else { throw GoogleOAuthError.missingClientId }
+        guard let clientSecret = configuredClientSecret() else { throw GoogleOAuthError.missingClientSecret }
+        let codeVerifier = Self.randomURLSafeString(length: 64)
+        let codeChallenge = Self.pkceChallenge(for: codeVerifier)
+        let state = Self.randomURLSafeString(length: 32)
+
+        let loopback = try await OAuthLoopbackServer.start()
+        defer { loopback.stop() }
+        let redirectURI = loopback.redirectURI
+
+        var components = URLComponents(string: "https://accounts.google.com/o/oauth2/v2/auth")!
+        components.queryItems = [
+            URLQueryItem(name: "client_id", value: clientId),
+            URLQueryItem(name: "redirect_uri", value: redirectURI),
+            URLQueryItem(name: "response_type", value: "code"),
+            URLQueryItem(name: "scope", value: scopes.joined(separator: " ")),
+            URLQueryItem(name: "state", value: state),
+            URLQueryItem(name: "code_challenge", value: codeChallenge),
+            URLQueryItem(name: "code_challenge_method", value: "S256"),
+            URLQueryItem(name: "access_type", value: "offline"),
+            URLQueryItem(name: "prompt", value: "consent")
+        ]
+
+        guard let authURL = components.url else { throw GoogleOAuthError.invalidCallbackURL }
+        guard NSWorkspace.shared.open(authURL) else { throw GoogleOAuthError.unableToOpenBrowser }
+        let callbackURL = try await loopback.waitForCallback()
+
+        guard let returnedState = URLComponents(url: callbackURL, resolvingAgainstBaseURL: false)?
+            .queryItems?.first(where: { $0.name == "state" })?.value,
+              returnedState == state else {
+            throw GoogleOAuthError.invalidCallbackURL
+        }
+
+        guard let code = URLComponents(url: callbackURL, resolvingAgainstBaseURL: false)?
+            .queryItems?.first(where: { $0.name == "code" })?.value,
+              code.isEmpty == false else {
+            throw GoogleOAuthError.missingAuthorizationCode
+        }
+
+        return try await exchangeCodeForTokens(
+            code: code,
+            codeVerifier: codeVerifier,
+            redirectURI: redirectURI,
+            clientId: clientId,
+            clientSecret: clientSecret
+        )
+    }
+
+    private func exchangeCodeForTokens(code: String, codeVerifier: String, redirectURI: String, clientId: String, clientSecret: String) async throws -> GoogleOAuthTokens {
+        var request = URLRequest(url: URL(string: "https://oauth2.googleapis.com/token")!)
+        request.httpMethod = "POST"
+        request.setValue("application/x-www-form-urlencoded; charset=utf-8", forHTTPHeaderField: "Content-Type")
+        request.httpBody = Self.formURLEncoded([
+            "client_id": clientId,
+            "client_secret": clientSecret,
+            "code": code,
+            "code_verifier": codeVerifier,
+            "redirect_uri": redirectURI,
+            "grant_type": "authorization_code"
+        ])
+
+        let (data, response) = try await URLSession.shared.data(for: request)
+        guard let http = response as? HTTPURLResponse, (200..<300).contains(http.statusCode) else {
+            let details = String(data: data, encoding: .utf8) ?? "HTTP \((response as? HTTPURLResponse)?.statusCode ?? -1)"
+            throw GoogleOAuthError.tokenExchangeFailed(details)
+        }
+
+        struct TokenResponse: Decodable {
+            let access_token: String
+            let expires_in: Double
+            let refresh_token: String?
+            let scope: String?
+            let token_type: String?
+        }
+
+        let decoded = try JSONDecoder().decode(TokenResponse.self, from: data)
+        return GoogleOAuthTokens(
+            accessToken: decoded.access_token,
+            refreshToken: decoded.refresh_token,
+            expiresAt: Date().addingTimeInterval(decoded.expires_in),
+            scope: decoded.scope,
+            tokenType: decoded.token_type
+        )
+    }
+
+    private func refreshTokens(_ tokens: GoogleOAuthTokens) async throws -> GoogleOAuthTokens? {
+        guard let refreshToken = tokens.refreshToken else { return nil }
+        guard let clientId = configuredClientId() else { throw GoogleOAuthError.missingClientId }
+        guard let clientSecret = configuredClientSecret() else { throw GoogleOAuthError.missingClientSecret }
+
+        var request = URLRequest(url: URL(string: "https://oauth2.googleapis.com/token")!)
+        request.httpMethod = "POST"
+        request.setValue("application/x-www-form-urlencoded; charset=utf-8", forHTTPHeaderField: "Content-Type")
+        request.httpBody = Self.formURLEncoded([
+            "client_id": clientId,
+            "client_secret": clientSecret,
+            "refresh_token": refreshToken,
+            "grant_type": "refresh_token"
+        ])
+
+        let (data, response) = try await URLSession.shared.data(for: request)
+        guard let http = response as? HTTPURLResponse, (200..<300).contains(http.statusCode) else {
+            return nil
+        }
+
+        struct RefreshResponse: Decodable {
+            let access_token: String
+            let expires_in: Double
+            let scope: String?
+            let token_type: String?
+        }
+
+        let decoded = try JSONDecoder().decode(RefreshResponse.self, from: data)
+        return GoogleOAuthTokens(
+            accessToken: decoded.access_token,
+            refreshToken: refreshToken,
+            expiresAt: Date().addingTimeInterval(decoded.expires_in),
+            scope: decoded.scope ?? tokens.scope,
+            tokenType: decoded.token_type ?? tokens.tokenType
+        )
+    }
+
+    // MARK: - Helpers
+
+    private static func pkceChallenge(for verifier: String) -> String {
+        let data = Data(verifier.utf8)
+        let digest = SHA256.hash(data: data)
+        return Data(digest).base64URLEncodedString()
+    }
+
+    private static func randomURLSafeString(length: Int) -> String {
+        var bytes = [UInt8](repeating: 0, count: length)
+        _ = SecRandomCopyBytes(kSecRandomDefault, bytes.count, &bytes)
+        return Data(bytes).base64URLEncodedString()
+    }
+
+    private static func formURLEncoded(_ params: [String: String]) -> Data {
+        let allowed = CharacterSet(charactersIn: "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._~")
+        let pairs = params.map { key, value -> String in
+            let k = key.addingPercentEncoding(withAllowedCharacters: allowed) ?? key
+            let v = value.addingPercentEncoding(withAllowedCharacters: allowed) ?? value
+            return "\(k)=\(v)"
+        }
+        .joined(separator: "&")
+        return Data(pairs.utf8)
+    }
+}
+
+private extension Data {
+    func base64URLEncodedString() -> String {
+        let s = base64EncodedString()
+        return s
+            .replacingOccurrences(of: "+", with: "-")
+            .replacingOccurrences(of: "/", with: "_")
+            .replacingOccurrences(of: "=", with: "")
+    }
+}
+
+private final class OAuthLoopbackServer {
+    private let queue = DispatchQueue(label: "google.oauth.loopback.server")
+    private let listener: NWListener
+    private var readyContinuation: CheckedContinuation<Void, Error>?
+    private var callbackContinuation: CheckedContinuation<URL, Error>?
+    private var callbackURL: URL?
+
+    private init(listener: NWListener) {
+        self.listener = listener
+    }
+
+    static func start() async throws -> OAuthLoopbackServer {
+        let listener = try NWListener(using: .tcp, on: .any)
+        let server = OAuthLoopbackServer(listener: listener)
+        try await server.startListening()
+        return server
+    }
+
+    var redirectURI: String {
+        let port = listener.port?.rawValue ?? 0
+        return "http://127.0.0.1:\(port)/oauth2redirect"
+    }
+
+    func waitForCallback(timeoutSeconds: Double = 120) async throws -> URL {
+        try await withThrowingTaskGroup(of: URL.self) { group in
+            group.addTask { [weak self] in
+                guard let self else { throw GoogleOAuthError.invalidCallbackURL }
+                return try await self.awaitCallback()
+            }
+            group.addTask {
+                try await Task.sleep(nanoseconds: UInt64(timeoutSeconds * 1_000_000_000))
+                throw GoogleOAuthError.authenticationTimedOut
+            }
+
+            let url = try await group.next()!
+            group.cancelAll()
+            return url
+        }
+    }
+
+    func stop() {
+        queue.async {
+            self.listener.cancel()
+            if let callbackContinuation = self.callbackContinuation {
+                self.callbackContinuation = nil
+                callbackContinuation.resume(throwing: GoogleOAuthError.authenticationTimedOut)
+            }
+        }
+    }
+
+    private func startListening() async throws {
+        try await withCheckedThrowingContinuation { (continuation: CheckedContinuation<Void, Error>) in
+            queue.async {
+                self.readyContinuation = continuation
+                self.listener.stateUpdateHandler = { [weak self] state in
+                    guard let self else { return }
+                    switch state {
+                    case .ready:
+                        if let readyContinuation = self.readyContinuation {
+                            self.readyContinuation = nil
+                            readyContinuation.resume()
+                        }
+                    case .failed(let error):
+                        if let readyContinuation = self.readyContinuation {
+                            self.readyContinuation = nil
+                            readyContinuation.resume(throwing: error)
+                        }
+                    case .cancelled:
+                        if let readyContinuation = self.readyContinuation {
+                            self.readyContinuation = nil
+                            readyContinuation.resume(throwing: GoogleOAuthError.invalidCallbackURL)
+                        }
+                    default:
+                        break
+                    }
+                }
+                self.listener.newConnectionHandler = { [weak self] connection in
+                    self?.handle(connection: connection)
+                }
+                self.listener.start(queue: self.queue)
+            }
+        }
+    }
+
+    private func awaitCallback() async throws -> URL {
+        if let callbackURL { return callbackURL }
+        return try await withCheckedThrowingContinuation { (continuation: CheckedContinuation<URL, Error>) in
+            queue.async {
+                if let callbackURL = self.callbackURL {
+                    continuation.resume(returning: callbackURL)
+                    return
+                }
+                self.callbackContinuation = continuation
+            }
+        }
+    }
+
+    private func handle(connection: NWConnection) {
+        connection.start(queue: queue)
+        connection.receive(minimumIncompleteLength: 1, maximumLength: 8192) { [weak self] data, _, _, _ in
+            guard let self else { return }
+            let requestLine = data
+                .flatMap { String(data: $0, encoding: .utf8) }?
+                .split(separator: "\r\n", omittingEmptySubsequences: false)
+                .first
+                .map(String.init)
+
+            var parsedURL: URL?
+            if let requestLine {
+                let parts = requestLine.split(separator: " ")
+                if parts.count >= 2 {
+                    let pathAndQuery = String(parts[1])
+                    parsedURL = URL(string: "http://127.0.0.1\(pathAndQuery)")
+                }
+            }
+
+            self.sendHTTPResponse(connection: connection, success: parsedURL != nil)
+
+            if let parsedURL {
+                self.callbackURL = parsedURL
+                DispatchQueue.main.async {
+                    // Bring the app back to foreground once OAuth redirects.
+                    NSApp.activate(ignoringOtherApps: true)
+                }
+                if let continuation = self.callbackContinuation {
+                    self.callbackContinuation = nil
+                    continuation.resume(returning: parsedURL)
+                }
+                self.listener.cancel()
+            }
+            connection.cancel()
+        }
+    }
+
+    private func sendHTTPResponse(connection: NWConnection, success: Bool) {
+        let body = success
+            ? "<html><body><h3>Authentication complete</h3><p>You can return to the app.</p></body></html>"
+            : "<html><body><h3>Authentication failed</h3></body></html>"
+        let response = """
+        HTTP/1.1 200 OK\r
+        Content-Type: text/html; charset=utf-8\r
+        Content-Length: \(body.utf8.count)\r
+        Connection: close\r
+        \r
+        \(body)
+        """
+        connection.send(content: Data(response.utf8), completion: .contentProcessed { _ in })
+    }
+}
+
+extension GoogleOAuthError: LocalizedError {
+    var errorDescription: String? {
+        switch self {
+        case .missingClientId:
+            return "Missing Google OAuth Client ID."
+        case .missingClientSecret:
+            return "Missing Google OAuth Client Secret."
+        case .invalidCallbackURL:
+            return "Invalid OAuth callback URL."
+        case .missingAuthorizationCode:
+            return "Google did not return an authorization code."
+        case .tokenExchangeFailed(let details):
+            return "Token exchange failed: \(details)"
+        case .unableToOpenBrowser:
+            return "Could not open browser for Google sign-in."
+        case .authenticationTimedOut:
+            return "Google sign-in timed out."
+        case .noStoredTokens:
+            return "No stored Google tokens found."
+        }
+    }
+}
+

classroom_app/Auth/KeychainTokenStore.swift

@@ -0,0 +1,30 @@
+import Foundation
+
+/// Keeps the existing API surface while storing OAuth tokens in UserDefaults.
+/// This avoids macOS keychain unlock prompts during development/test runs.
+final class KeychainTokenStore {
+    private let defaultsKey: String
+    private let defaults: UserDefaults
+
+    init(service: String = Bundle.main.bundleIdentifier ?? "meetings_app",
+         account: String = "googleOAuthTokens",
+         defaults: UserDefaults = .standard) {
+        self.defaultsKey = "\(service).\(account)"
+        self.defaults = defaults
+    }
+
+    func readTokens() throws -> GoogleOAuthTokens? {
+        guard let data = defaults.data(forKey: defaultsKey) else { return nil }
+        return try JSONDecoder().decode(GoogleOAuthTokens.self, from: data)
+    }
+
+    func writeTokens(_ tokens: GoogleOAuthTokens) throws {
+        let data = try JSONEncoder().encode(tokens)
+        defaults.set(data, forKey: defaultsKey)
+    }
+
+    func deleteTokens() throws {
+        defaults.removeObject(forKey: defaultsKey)
+    }
+}
+

classroom_app/Google/GoogleCalendarClient.swift

@@ -0,0 +1,323 @@
+import Foundation
+
+enum GoogleCalendarClientError: Error {
+    case invalidResponse
+    case httpStatus(Int, String)
+    case decodeFailed(String)
+}
+
+final class GoogleCalendarClient {
+    struct Options: Sendable {
+        var daysAhead: Int
+        var maxResults: Int
+        var includeNonMeetEvents: Bool
+
+        init(daysAhead: Int = 180, maxResults: Int = 200, includeNonMeetEvents: Bool = true) {
+            self.daysAhead = daysAhead
+            self.maxResults = maxResults
+            self.includeNonMeetEvents = includeNonMeetEvents
+        }
+    }
+
+    private let session: URLSession
+
+    init(session: URLSession = .shared) {
+        self.session = session
+    }
+
+    func fetchUpcomingMeetings(accessToken: String) async throws -> [ScheduledMeeting] {
+        try await fetchUpcomingMeetings(accessToken: accessToken, options: Options())
+    }
+
+    func fetchUpcomingMeetings(accessToken: String, options: Options) async throws -> [ScheduledMeeting] {
+        let now = Date()
+        let end = Calendar.current.date(byAdding: .day, value: max(1, options.daysAhead), to: now) ?? now.addingTimeInterval(180 * 24 * 60 * 60)
+        let formatter = ISO8601DateFormatter()
+        formatter.formatOptions = [.withInternetDateTime, .withFractionalSeconds]
+        let totalLimit = max(1, options.maxResults)
+        let pageSize = min(250, totalLimit)
+        var nextPageToken: String?
+        var meetings: [ScheduledMeeting] = []
+
+        repeat {
+            var components = URLComponents(string: "https://www.googleapis.com/calendar/v3/calendars/primary/events")!
+            var queryItems = [
+                URLQueryItem(name: "timeMin", value: formatter.string(from: now)),
+                URLQueryItem(name: "timeMax", value: formatter.string(from: end)),
+                URLQueryItem(name: "singleEvents", value: "true"),
+                URLQueryItem(name: "orderBy", value: "startTime"),
+                URLQueryItem(name: "maxResults", value: String(pageSize)),
+                URLQueryItem(name: "conferenceDataVersion", value: "1")
+            ]
+            if let nextPageToken {
+                queryItems.append(URLQueryItem(name: "pageToken", value: nextPageToken))
+            }
+            components.queryItems = queryItems
+
+            var request = URLRequest(url: components.url!)
+            request.httpMethod = "GET"
+            request.setValue("Bearer \(accessToken)", forHTTPHeaderField: "Authorization")
+
+            let (data, response) = try await session.data(for: request)
+            guard let http = response as? HTTPURLResponse else { throw GoogleCalendarClientError.invalidResponse }
+            guard (200..<300).contains(http.statusCode) else {
+                let body = String(data: data, encoding: .utf8) ?? "<no body>"
+                throw GoogleCalendarClientError.httpStatus(http.statusCode, body)
+            }
+
+            let decoded: EventsList
+            do {
+                decoded = try JSONDecoder().decode(EventsList.self, from: data)
+            } catch {
+                let raw = String(data: data, encoding: .utf8) ?? "<unreadable body>"
+                throw GoogleCalendarClientError.decodeFailed(raw)
+            }
+
+            let pageMeetings: [ScheduledMeeting] = decoded.items.compactMap { item in
+            let title = item.summary?.trimmingCharacters(in: .whitespacesAndNewlines)
+            let subtitle = item.organizer?.displayName ?? item.organizer?.email
+
+            guard let start = item.start?.resolvedDate,
+                  let end = item.end?.resolvedDate else { return nil }
+
+            let isAllDay = item.start?.date != nil
+
+            let meetURL: URL? = {
+                if let hangout = item.hangoutLink, let u = URL(string: hangout) { return u }
+                let entry = item.conferenceData?.entryPoints?.first(where: { $0.entryPointType == "video" && ($0.uri?.contains("meet.google.com") ?? false) })
+                if let uri = entry?.uri, let u = URL(string: uri) { return u }
+                if options.includeNonMeetEvents, let htmlLink = item.htmlLink, let u = URL(string: htmlLink) { return u }
+                return nil
+            }()
+
+            if meetURL == nil, options.includeNonMeetEvents == false { return nil }
+            guard let meetURL else { return nil }
+
+            return ScheduledMeeting(
+                id: item.id ?? UUID().uuidString,
+                title: (title?.isEmpty == false) ? title! : "Untitled meeting",
+                subtitle: subtitle,
+                startDate: start,
+                endDate: end,
+                meetURL: meetURL,
+                isAllDay: isAllDay
+            )
+            }
+
+            meetings.append(contentsOf: pageMeetings)
+            nextPageToken = decoded.nextPageToken
+        } while nextPageToken != nil && meetings.count < totalLimit
+
+        if meetings.count > totalLimit {
+            meetings = Array(meetings.prefix(totalLimit))
+        }
+        return meetings
+    }
+
+    func createEvent(accessToken: String,
+                     title: String,
+                     description: String?,
+                     start: Date,
+                     end: Date,
+                     timeZone: TimeZone = .current) async throws -> ScheduledMeeting {
+        var components = URLComponents(string: "https://www.googleapis.com/calendar/v3/calendars/primary/events")!
+        components.queryItems = [
+            URLQueryItem(name: "conferenceDataVersion", value: "1")
+        ]
+
+        let requestID = UUID().uuidString
+        let body = CreateEventRequest(
+            summary: title,
+            description: description,
+            start: CreateEventRequest.EventDateTime(dateTime: ISO8601DateFormatter.fractional.string(from: start), timeZone: timeZone.identifier),
+            end: CreateEventRequest.EventDateTime(dateTime: ISO8601DateFormatter.fractional.string(from: end), timeZone: timeZone.identifier),
+            conferenceData: CreateEventRequest.ConferenceData(
+                createRequest: CreateEventRequest.CreateRequest(
+                    requestId: requestID,
+                    conferenceSolutionKey: CreateEventRequest.ConferenceSolutionKey(type: "hangoutsMeet")
+                )
+            )
+        )
+
+        var request = URLRequest(url: components.url!)
+        request.httpMethod = "POST"
+        request.setValue("Bearer \(accessToken)", forHTTPHeaderField: "Authorization")
+        request.setValue("application/json; charset=utf-8", forHTTPHeaderField: "Content-Type")
+        request.httpBody = try JSONEncoder().encode(body)
+
+        let (data, response) = try await session.data(for: request)
+        guard let http = response as? HTTPURLResponse else { throw GoogleCalendarClientError.invalidResponse }
+        guard (200..<300).contains(http.statusCode) else {
+            let raw = String(data: data, encoding: .utf8) ?? "<no body>"
+            throw GoogleCalendarClientError.httpStatus(http.statusCode, raw)
+        }
+
+        let created: EventItem
+        do {
+            created = try JSONDecoder().decode(EventItem.self, from: data)
+        } catch {
+            let raw = String(data: data, encoding: .utf8) ?? "<unreadable body>"
+            throw GoogleCalendarClientError.decodeFailed(raw)
+        }
+
+        guard let startDate = created.start?.resolvedDate,
+              let endDate = created.end?.resolvedDate else {
+            throw GoogleCalendarClientError.decodeFailed("Created event missing start/end.")
+        }
+
+        let isAllDay = created.start?.date != nil
+        let meetURL: URL? = {
+            if let hangout = created.hangoutLink, let u = URL(string: hangout) { return u }
+            let entry = created.conferenceData?.entryPoints?.first(where: { $0.entryPointType == "video" && ($0.uri?.contains("meet.google.com") ?? false) })
+            if let uri = entry?.uri, let u = URL(string: uri) { return u }
+            if let htmlLink = created.htmlLink, let u = URL(string: htmlLink) { return u }
+            return nil
+        }()
+        guard let meetURL else {
+            throw GoogleCalendarClientError.decodeFailed("Created event missing Meet/HTML link.")
+        }
+
+        let cleanedTitle = created.summary?.trimmingCharacters(in: .whitespacesAndNewlines)
+        let subtitle = created.organizer?.displayName ?? created.organizer?.email
+        return ScheduledMeeting(
+            id: created.id ?? UUID().uuidString,
+            title: (cleanedTitle?.isEmpty == false) ? cleanedTitle! : "Untitled meeting",
+            subtitle: subtitle,
+            startDate: startDate,
+            endDate: endDate,
+            meetURL: meetURL,
+            isAllDay: isAllDay
+        )
+    }
+}
+
+extension GoogleCalendarClientError: LocalizedError {
+    var errorDescription: String? {
+        switch self {
+        case .invalidResponse:
+            return "Google Calendar returned an invalid response."
+        case let .httpStatus(status, body):
+            return "Google Calendar API error (\(status)): \(body)"
+        case let .decodeFailed(raw):
+            return "Failed to parse Google Calendar events: \(raw)"
+        }
+    }
+}
+
+// MARK: - Calendar API models
+
+private struct EventsList: Decodable {
+    let items: [EventItem]
+    let nextPageToken: String?
+}
+
+private struct EventItem: Decodable {
+    let id: String?
+    let summary: String?
+    let hangoutLink: String?
+    let htmlLink: String?
+    let organizer: Organizer?
+    let start: EventDateTime?
+    let end: EventDateTime?
+    let conferenceData: ConferenceData?
+}
+
+private struct Organizer: Decodable {
+    let displayName: String?
+    let email: String?
+}
+
+private struct EventDateTime: Decodable {
+    let dateTime: String?
+    let date: String?
+    let timeZone: String?
+
+    var resolvedDate: Date? {
+        if let dateTime, let parsed = Self.parseDateTime(dateTime, timeZone: timeZone) {
+            return parsed
+        }
+        if let date, let parsed = DateFormatter.googleAllDay.date(from: date) {
+            return parsed
+        }
+        return nil
+    }
+
+    private static func parseDateTime(_ raw: String, timeZone: String?) -> Date? {
+        if let dt = ISO8601DateFormatter.fractional.date(from: raw) ?? ISO8601DateFormatter.nonFractional.date(from: raw) {
+            return dt
+        }
+
+        // Some Calendar payloads provide dateTime without explicit zone and separate timeZone field.
+        let formatter = DateFormatter()
+        formatter.calendar = Calendar(identifier: .gregorian)
+        formatter.locale = Locale(identifier: "en_US_POSIX")
+        formatter.dateFormat = "yyyy-MM-dd'T'HH:mm:ss"
+        if let timeZone, let tz = TimeZone(identifier: timeZone) {
+            formatter.timeZone = tz
+        } else {
+            formatter.timeZone = TimeZone.current
+        }
+        return formatter.date(from: raw)
+    }
+}
+
+private struct ConferenceData: Decodable {
+    let entryPoints: [EntryPoint]?
+}
+
+private struct EntryPoint: Decodable {
+    let entryPointType: String?
+    let uri: String?
+}
+
+private struct CreateEventRequest: Encodable {
+    struct EventDateTime: Encodable {
+        let dateTime: String
+        let timeZone: String
+    }
+
+    struct ConferenceSolutionKey: Encodable {
+        let type: String
+    }
+
+    struct CreateRequest: Encodable {
+        let requestId: String
+        let conferenceSolutionKey: ConferenceSolutionKey
+    }
+
+    struct ConferenceData: Encodable {
+        let createRequest: CreateRequest
+    }
+
+    let summary: String
+    let description: String?
+    let start: EventDateTime
+    let end: EventDateTime
+    let conferenceData: ConferenceData
+}
+
+private extension ISO8601DateFormatter {
+    static let fractional: ISO8601DateFormatter = {
+        let f = ISO8601DateFormatter()
+        f.formatOptions = [.withInternetDateTime, .withFractionalSeconds]
+        return f
+    }()
+
+    static let nonFractional: ISO8601DateFormatter = {
+        let f = ISO8601DateFormatter()
+        f.formatOptions = [.withInternetDateTime]
+        return f
+    }()
+}
+
+private extension DateFormatter {
+    static let googleAllDay: DateFormatter = {
+        let f = DateFormatter()
+        f.calendar = Calendar(identifier: .gregorian)
+        f.locale = Locale(identifier: "en_US_POSIX")
+        f.timeZone = TimeZone(secondsFromGMT: 0)
+        f.dateFormat = "yyyy-MM-dd"
+        return f
+    }()
+}
+

classroom_app/Google/GoogleMeetClient.swift

@@ -0,0 +1,50 @@
+import Foundation
+
+enum GoogleMeetClientError: Error {
+    case invalidResponse
+    case httpStatus(Int)
+}
+
+/// Thin Meet REST API wrapper.
+/// Note: Meet REST API is best used for conferences/participants/artifacts, while scheduling comes from Calendar.
+final class GoogleMeetClient {
+    private let session: URLSession
+
+    init(session: URLSession = .shared) {
+        self.session = session
+    }
+
+    /// Lists conference records for a given meeting space resource name.
+    /// This is intentionally minimal scaffolding for phase 2 enrichment.
+    func listConferenceRecords(accessToken: String, spaceResourceName: String, pageSize: Int = 10) async throws -> [ConferenceRecord] {
+        var components = URLComponents(string: "https://meet.googleapis.com/v2/\(spaceResourceName)/conferenceRecords")!
+        components.queryItems = [
+            URLQueryItem(name: "pageSize", value: String(pageSize))
+        ]
+
+        var request = URLRequest(url: components.url!)
+        request.httpMethod = "GET"
+        request.setValue("Bearer \(accessToken)", forHTTPHeaderField: "Authorization")
+
+        let (data, response) = try await session.data(for: request)
+        guard let http = response as? HTTPURLResponse else { throw GoogleMeetClientError.invalidResponse }
+        guard (200..<300).contains(http.statusCode) else { throw GoogleMeetClientError.httpStatus(http.statusCode) }
+
+        let decoded = try JSONDecoder().decode(ListConferenceRecordsResponse.self, from: data)
+        return decoded.conferenceRecords ?? []
+    }
+}
+
+// MARK: - Minimal models (v2)
+
+struct ConferenceRecord: Decodable, Equatable {
+    let name: String?
+    let startTime: Date?
+    let endTime: Date?
+}
+
+private struct ListConferenceRecordsResponse: Decodable {
+    let conferenceRecords: [ConferenceRecord]?
+    let nextPageToken: String?
+}
+

classroom_app/Models/ScheduledMeeting.swift

@@ -0,0 +1,12 @@
+import Foundation
+
+struct ScheduledMeeting: Identifiable, Equatable {
+    let id: String
+    let title: String
+    let subtitle: String?
+    let startDate: Date
+    let endDate: Date
+    let meetURL: URL
+    let isAllDay: Bool
+}
+

classroom_app/StoreKit.storekit

@@ -0,0 +1,82 @@
+{
+  "identifier" : "7B5DA685-94A9-4A9B-86EA-F7D90A0D5249",
+  "nonRenewingSubscriptions" : [],
+  "products" : [
+    {
+      "displayPrice" : "1100.00",
+      "familyShareable" : false,
+      "internalID" : "F16C0A1F-5B83-41AB-A9F2-69157A11A11A",
+      "localizations" : [
+        {
+          "description" : "Unlock premium features with weekly access.",
+          "displayName" : "Premium Weekly",
+          "locale" : "en_US"
+        }
+      ],
+      "productID" : "com.mqldev.classroomapp.premium.weekly",
+      "referenceName" : "Premium Weekly",
+      "type" : "NonConsumable"
+    },
+    {
+      "displayPrice" : "2500.00",
+      "familyShareable" : false,
+      "internalID" : "B2B57D59-AE2B-4953-BF03-5D4AFECAC6C1",
+      "localizations" : [
+        {
+          "description" : "Unlock premium features with monthly access.",
+          "displayName" : "Premium Monthly",
+          "locale" : "en_US"
+        }
+      ],
+      "productID" : "com.mqldev.classroomapp.premium.monthly",
+      "referenceName" : "Premium Monthly",
+      "type" : "NonConsumable"
+    },
+    {
+      "displayPrice" : "9900.00",
+      "familyShareable" : false,
+      "internalID" : "C5694F51-47D8-4AFD-9D33-95A888527BB5",
+      "localizations" : [
+        {
+          "description" : "Unlock premium features with yearly access.",
+          "displayName" : "Premium Yearly",
+          "locale" : "en_US"
+        }
+      ],
+      "productID" : "com.mqldev.classroomapp.premium.yearly",
+      "referenceName" : "Premium Yearly",
+      "type" : "NonConsumable"
+    },
+    {
+      "displayPrice" : "14900.00",
+      "familyShareable" : false,
+      "internalID" : "7F9AA412-9F7A-4DF7-BCFB-DF308359DCEF",
+      "localizations" : [
+        {
+          "description" : "One-time premium purchase for lifetime access.",
+          "displayName" : "Premium Lifetime",
+          "locale" : "en_US"
+        }
+      ],
+      "productID" : "com.mqldev.classroomapp.premium.lifetime",
+      "referenceName" : "Premium Lifetime",
+      "type" : "NonConsumable"
+    }
+  ],
+  "settings" : {
+    "_applicationInternalID" : "A53B9DA3-4C5B-40F4-8452-AD3B8DDE5B9F",
+    "_developerTeamID" : "",
+    "_disableDialogs" : false,
+    "_failTransactionsEnabled" : false,
+    "_lastSynchronizedDate" : 0,
+    "_locale" : "en_PK",
+    "_renewalRate" : 0,
+    "_storefront" : "PAK",
+    "_timeRate" : 0
+  },
+  "subscriptionGroups" : [],
+  "version" : {
+    "major" : 3,
+    "minor" : 0
+  }
+}

classroom_app/classroom_app.entitlements

@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>com.apple.security.app-sandbox</key>
+	<true/>
+	<key>com.apple.security.network.client</key>
+	<true/>
+	<key>com.apple.security.network.server</key>
+	<true/>
+	<key>com.apple.security.device.camera</key>
+	<true/>
+	<key>com.apple.security.device.audio-input</key>
+	<true/>
+	<key>com.apple.security.files.user-selected.read-only</key>
+	<true/>
+</dict>
+</plist>