@onairos/react-native 3.0.71 → 3.0.73

package/src/services/platformAuthService.ts

@@ -1,29 +1,62 @@
 import { Platform, Linking } from 'react-native';
 import AsyncStorage from '@react-native-async-storage/async-storage';
+import type { PlatformAuthConfig } from '../types';
+import { makeAuthenticatedRequest, getApiConfig } from './apiKeyService';
 
-// Define types for platform auth configuration
-interface PlatformAuthConfig {
-  hasNativeSDK: boolean;
-  nativeSDKPackage?: string;
-  authEndpoint: string;
-  color: string;
-  clientId?: string;
-  redirectUri?: string;
-  scope?: string;
-  responseType?: string;
-}
+// 🔑 CRITICAL: Initialize API key service for authentication
+let isApiKeyInitialized = false;
+
+/**
+ * Initialize the API key service with the admin key for testing
+ * This ensures all API requests include proper authentication headers
+ */
+export const initializePlatformAuthService = async (): Promise<void> => {
+  if (isApiKeyInitialized) {
+    console.log('🔑 API key service already initialized');
+    return;
+  }
+
+  try {
+    // Import the initialization function
+    const { initializeApiKey, ADMIN_API_KEY } = await import('./apiKeyService');
+    
+    // Initialize with admin key for testing/development
+    await initializeApiKey({
+      apiKey: ADMIN_API_KEY, // 'OnairosIsAUnicorn2025'
+      environment: 'development',
+      enableLogging: true,
+      timeout: 30000,
+    });
+
+    isApiKeyInitialized = true;
+    console.log('✅ Platform auth service initialized with admin key');
+  } catch (error) {
+    console.error('❌ Failed to initialize platform auth service:', error);
+    throw error;
+  }
+};
+
+/**
+ * Ensure API key is initialized before making authenticated requests
+ */
+const ensureApiKeyInitialized = async (): Promise<void> => {
+  if (!isApiKeyInitialized) {
+    console.log('🔑 API key not initialized, initializing now...');
+    await initializePlatformAuthService();
+  }
+};
 
 // Configuration for each platform's authentication
 let PLATFORM_AUTH_CONFIG: Record<string, PlatformAuthConfig> = {
   instagram: {
     hasNativeSDK: false, // Instagram uses OAuth WebView flow
-    authEndpoint: 'https://api2.onairos.uk/instagram/authorize',
+    authEndpoint: '/instagram/authorize',
     color: '#E1306C',
   },
   youtube: {
     hasNativeSDK: true, // Native Google Sign-In SDK enabled
     nativeSDKPackage: '@react-native-google-signin/google-signin',
-    authEndpoint: 'https://api2.onairos.uk/youtube/authorize',
+    authEndpoint: '/youtube/authorize',
     color: '#FF0000',
     clientId: '1030678346906-lovkuds2ouqmoc8eu5qpo98spa6edv4o.apps.googleusercontent.com',
     redirectUri: 'onairosevents://auth/callback',
@@ -32,17 +65,17 @@ let PLATFORM_AUTH_CONFIG: Record<string, PlatformAuthConfig> = {
   },
   reddit: {
     hasNativeSDK: false,
-    authEndpoint: 'https://api2.onairos.uk/reddit/authorize',
+    authEndpoint: '/reddit/authorize',
     color: '#FF4500',
   },
   pinterest: {
     hasNativeSDK: false,
-    authEndpoint: 'https://api2.onairos.uk/pinterest/authorize',
+    authEndpoint: '/pinterest/authorize',
     color: '#E60023',
   },
   email: {
     hasNativeSDK: false,
-    authEndpoint: 'https://api2.onairos.uk/gmail/authorize',
+    authEndpoint: '/gmail/authorize',
     color: '#4285F4',
   },
 };
@@ -123,34 +156,12 @@ export const initiateOAuth = async (platform: string, username: string, appName?
 
       console.log('📤 Sending Instagram OAuth request:', jsonData);
 
-      const controller = new AbortController();
-      const timeoutId = setTimeout(() => controller.abort(), 30000); // 30 second timeout
-
-      let response: Response;
-      try {
-        response = await fetch('https://api2.onairos.uk/instagram/authorize', {
-          method: 'POST',
-          headers: {
-            'Content-Type': 'application/json',
-            'User-Agent': 'OnairosReactNative/1.0',
-          },
-          body: JSON.stringify(jsonData),
-          signal: controller.signal,
-        });
-      } catch (fetchError) {
-        clearTimeout(timeoutId);
-        
-        if (fetchError.name === 'AbortError') {
-          throw new Error(`Request timeout: Instagram OAuth server took too long to respond`);
-        }
-        
-        throw new Error(`Network error: ${fetchError.message || 'Failed to connect to Instagram OAuth server'}`);
-      }
-      
-      clearTimeout(timeoutId);
+      const response = await makeAuthenticatedRequest(PLATFORM_AUTH_CONFIG[platform].authEndpoint, {
+        method: 'POST',
+        body: JSON.stringify(jsonData),
+      });
 
       console.log('📡 Instagram OAuth response status:', response.status);
-      console.log('📡 Instagram OAuth response headers:', response.headers);
 
       if (!response.ok) {
         const errorText = await response.text();
@@ -187,35 +198,13 @@ export const initiateOAuth = async (platform: string, username: string, appName?
 
     console.log(`📤 Sending ${platform} OAuth request:`, jsonData);
 
-    // Make the request to get the OAuth URL with enhanced error handling
-    const controller = new AbortController();
-    const timeoutId = setTimeout(() => controller.abort(), 30000); // 30 second timeout
-
-    let response: Response;
-    try {
-      response = await fetch(PLATFORM_AUTH_CONFIG[platform].authEndpoint, {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json',
-          'User-Agent': 'OnairosReactNative/1.0',
-        },
-        body: JSON.stringify(jsonData),
-        signal: controller.signal,
-      });
-    } catch (fetchError) {
-      clearTimeout(timeoutId);
-      
-      if (fetchError.name === 'AbortError') {
-        throw new Error(`Request timeout: ${platform} OAuth server took too long to respond`);
-      }
-      
-      throw new Error(`Network error: ${fetchError.message || 'Failed to connect to OAuth server'}`);
-    }
-    
-    clearTimeout(timeoutId);
+    // Make the authenticated request to get the OAuth URL
+    const response = await makeAuthenticatedRequest(PLATFORM_AUTH_CONFIG[platform].authEndpoint, {
+      method: 'POST',
+      body: JSON.stringify(jsonData),
+    });
 
     console.log(`📡 ${platform} OAuth response status:`, response.status);
-    console.log(`📡 ${platform} OAuth response headers:`, response.headers);
 
     if (!response.ok) {
       const errorText = await response.text();
@@ -834,45 +823,83 @@ export const requestEmailVerification = async (email: string, testMode = false):
   success: boolean;
   message?: string;
   error?: string;
+  requestId?: string;
 }> => {
   try {
     console.log('📧 Requesting email verification for:', email);
-    console.log('🔍 Test mode:', testMode);
-    
-    // Use the correct endpoint: /email/verify
-    const response = await fetch('https://api2.onairos.uk/email/verify', {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-      },
-      body: JSON.stringify({ email }),
-    });
+    console.log('🧪 Test mode:', testMode);
     
-    const result = await response.json();
+    if (!email || !email.includes('@')) {
+      return {
+        success: false,
+        error: 'Valid email address is required',
+      };
+    }
     
-    if (response.ok && result.success) {
-      console.log('✅ Email verification requested successfully');
+    // In test mode, always return success with mock request ID
+    if (testMode) {
+      console.log('🧪 Test mode: Always returning success with mock request ID');
+      const mockRequestId = 'test-request-' + Date.now();
       
-      const message = testMode 
-        ? 'Verification code sent to your email (testing mode: any code accepted)'
-        : result.message || 'Verification code sent to your email';
+      // Store request info for tracking
+      await AsyncStorage.setItem('email_verification_request_id', mockRequestId);
+      await AsyncStorage.setItem('email_verification_request_email', email);
       
       return {
         success: true,
-        message,
+        message: 'Email verification sent successfully (test mode)',
+        requestId: mockRequestId,
       };
-    } else {
-      console.error('❌ Email verification request failed:', result.error);
+    }
+    
+    // Production mode: Make real API call with API key authentication
+    try {
+      // 🔑 Ensure API key is initialized before making authenticated requests
+      await ensureApiKeyInitialized();
+      
+      const response = await makeAuthenticatedRequest('/email/verification', {
+        method: 'POST',
+        body: JSON.stringify({
+          email,
+          action: 'request',
+        }),
+      });
+      
+      const result = await response.json();
+      console.log('📡 Email verification API response:', result);
+      
+      if (response.ok && result.success) {
+        console.log('✅ Email verification request sent');
+        
+        // Store request info for tracking
+        const requestId = result.requestId || result.id || ('req-' + Date.now());
+        await AsyncStorage.setItem('email_verification_request_id', requestId);
+        await AsyncStorage.setItem('email_verification_request_email', email);
+        
+        return {
+          success: true,
+          message: result.message || 'Email verification sent successfully',
+          requestId: requestId,
+        };
+      } else {
+        console.error('❌ Email verification request failed:', result.error);
+        return {
+          success: false,
+          error: result.error || 'Failed to send verification email',
+        };
+      }
+    } catch (apiError) {
+      console.error('❌ Email verification API call failed:', apiError);
       return {
         success: false,
-        error: result.error || 'Failed to send verification code',
+        error: 'Network error while sending verification email',
       };
     }
   } catch (error) {
     console.error('❌ Email verification request error:', error);
     return {
       success: false,
-      error: error instanceof Error ? error.message : 'Network error',
+      error: error instanceof Error ? error.message : 'Unknown error',
     };
   }
 };
@@ -882,31 +909,57 @@ export const verifyEmailCode = async (email: string, code: string, testMode = fa
   message?: string;
   error?: string;
   existingUser?: boolean;
+  jwtToken?: string;
 }> => {
   try {
     console.log('🔍 Verifying email code for:', email);
-    console.log('🔍 Test mode:', testMode);
+    console.log('🔑 Code length:', code.length);
+    console.log('🧪 Test mode:', testMode);
+    
+    if (!email || !email.includes('@')) {
+      return {
+        success: false,
+        error: 'Valid email address is required',
+      };
+    }
     
-    // In test mode, accept any code
+    if (!code || code.length < 4) {
+      return {
+        success: false,
+        error: 'Valid verification code is required',
+      };
+    }
+    
+    // In test mode, always return success with mock JWT token
     if (testMode) {
-      console.log('🧪 Test mode: All codes will pass through');
-      // Simulate 30% chance of existing user in test mode
-      const simulateExistingUser = Math.random() < 0.3;
+      console.log('🧪 Test mode: Always returning success with mock JWT token');
+      const mockToken = 'test-jwt-token-' + Date.now();
+      
+      // Store mock token for API requests
+      await AsyncStorage.setItem('email_verification_token', mockToken);
+      await AsyncStorage.setItem('onairos_jwt_token', mockToken);
+      await AsyncStorage.setItem('email_verification_email', email);
+      
       return {
         success: true,
-        message: 'Email verified successfully (test mode: all codes accepted)',
-        existingUser: simulateExistingUser,
+        message: 'Email verification successful (test mode)',
+        existingUser: false,
+        jwtToken: mockToken,
       };
     }
     
-    // Production mode: Make real API call with proper validation
+    // Production mode: Make real API call with API key authentication
     try {
-      const response = await fetch('https://api2.onairos.uk/email/verify/confirm', {
+      // 🔑 Ensure API key is initialized before making authenticated requests
+      await ensureApiKeyInitialized();
+      
+      const response = await makeAuthenticatedRequest('/email/verification', {
         method: 'POST',
-        headers: {
-          'Content-Type': 'application/json',
-        },
-        body: JSON.stringify({ email, code }),
+        body: JSON.stringify({
+          email,
+          code,
+          action: 'verify',
+        }),
       });
       
       const result = await response.json();
@@ -914,23 +967,40 @@ export const verifyEmailCode = async (email: string, code: string, testMode = fa
       
       if (response.ok && result.success) {
         console.log('✅ Email verification successful');
+        
+        // 🎫 CRITICAL: Store JWT token from email verification response
+        const jwtToken = result.token || result.jwtToken || result.jwt || result.authToken;
+        
+        if (jwtToken) {
+          console.log('🎫 Storing JWT token from email verification response');
+          await AsyncStorage.setItem('email_verification_token', jwtToken);
+          await AsyncStorage.setItem('onairos_jwt_token', jwtToken);
+          await AsyncStorage.setItem('enoch_token', jwtToken);
+          await AsyncStorage.setItem('auth_token', jwtToken);
+          await AsyncStorage.setItem('email_verification_email', email);
+          await AsyncStorage.setItem('token_timestamp', Date.now().toString());
+        } else {
+          console.warn('⚠️ No JWT token received from email verification API');
+        }
+        
         return {
           success: true,
-          message: result.message || 'Email verified successfully',
-          existingUser: result.existingUser || false, // Backend should return this flag
+          message: result.message || 'Email verification successful',
+          existingUser: result.existingUser || false,
+          jwtToken: jwtToken,
         };
       } else {
         console.error('❌ Email verification failed:', result.error);
         return {
           success: false,
-          error: result.error || 'Invalid verification code',
+          error: result.error || 'Email verification failed',
         };
       }
     } catch (apiError) {
       console.error('❌ Email verification API call failed:', apiError);
       return {
         success: false,
-        error: 'Network error during verification',
+        error: 'Network error during email verification',
       };
     }
   } catch (error) {
@@ -962,13 +1032,13 @@ export const checkEmailVerificationStatus = async (email: string, testMode = fal
       };
     }
     
-    // Production mode: Make real API call
+    // Production mode: Make real API call with API key authentication
     try {
-      const response = await fetch(`https://api2.onairos.uk/email/verify/status/${encodeURIComponent(email)}`, {
+      // 🔑 Ensure API key is initialized before making authenticated requests
+      await ensureApiKeyInitialized();
+      
+      const response = await makeAuthenticatedRequest(`/email/verify/status/${encodeURIComponent(email)}`, {
         method: 'GET',
-        headers: {
-          'Content-Type': 'application/json',
-        },
       });
       
       const result = await response.json();
@@ -1014,41 +1084,208 @@ export const disconnectPlatform = async (platform: string, username: string): Pr
   error?: string;
 }> => {
   try {
-    console.log(`🔌 Disconnecting ${platform} for user:`, username);
+    console.log('🔌 Disconnecting platform:', platform, 'for user:', username);
+    
+    if (!platform || !username) {
+      return {
+        success: false,
+        error: 'Platform and username are required',
+      };
+    }
+    
+    // Make authenticated API call to disconnect platform
+    const response = await makeAuthenticatedRequest('/revoke', {
+      method: 'POST',
+      body: JSON.stringify({
+        platform,
+        username,
+      }),
+    });
+    
+    const result = await response.json();
+    console.log('📡 Platform disconnect API response:', result);
+    
+    if (response.ok && result.success) {
+      console.log('✅ Platform disconnected successfully');
+      return {
+        success: true,
+        message: result.message || 'Platform disconnected successfully',
+      };
+    } else {
+      console.error('❌ Platform disconnect failed:', result.error);
+      return {
+        success: false,
+        error: result.error || 'Failed to disconnect platform',
+      };
+    }
+  } catch (error) {
+    console.error('❌ Platform disconnect error:', error);
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : 'Platform disconnect failed',
+    };
+  }
+};
+
+/**
+ * 🔐 STORE PIN AFTER BIOMETRIC AUTHENTICATION
+ * Send PIN separately to /store-pin/web endpoint after biometric Face ID verification
+ */
+export const storePinAfterBiometric = async (username: string, pin: string, jwtToken?: string): Promise<{
+  success: boolean;
+  message?: string;
+  error?: string;
+}> => {
+  try {
+    console.log('🔐 Storing PIN after biometric authentication for user:', username);
+    console.log('🔑 PIN length:', pin.length);
+    console.log('🎫 JWT token provided:', !!jwtToken);
+    
+    if (!username || !pin) {
+      return {
+        success: false,
+        error: 'Username and PIN are required',
+      };
+    }
+    
+    if (pin.length < 4) {
+      return {
+        success: false,
+        error: 'PIN must be at least 4 digits',
+      };
+    }
+    
+    // Get JWT token from storage if not provided
+    let authToken = jwtToken;
+    if (!authToken) {
+      authToken = await AsyncStorage.getItem('onairos_jwt_token') || 
+                   await AsyncStorage.getItem('enoch_token') || 
+                   await AsyncStorage.getItem('auth_token') ||
+                   await AsyncStorage.getItem('email_verification_token');
+    }
+    
+    if (!authToken) {
+      console.warn('⚠️ No JWT token available for PIN storage');
+      return {
+        success: false,
+        error: 'No authentication token available',
+      };
+    }
+    
+    console.log('📤 Sending PIN to /store-pin/web endpoint');
     
-    const response = await fetch('https://api2.onairos.uk/revoke', {
+    // Make authenticated request to store PIN
+    const response = await makeAuthenticatedRequest('/store-pin/web', {
       method: 'POST',
       headers: {
-        'Content-Type': 'application/json',
+        'Authorization': `Bearer ${authToken}`,
       },
       body: JSON.stringify({
-        Info: {
-          connection: platform.charAt(0).toUpperCase() + platform.slice(1), // Capitalize platform name
-          username: username,
-        },
+        username,
+        pin,
       }),
     });
     
+    console.log('📡 PIN storage response status:', response.status);
+    
+    if (!response.ok) {
+      const errorText = await response.text();
+      console.error('❌ PIN storage failed:', errorText);
+      return {
+        success: false,
+        error: `PIN storage failed: ${response.status} - ${errorText}`,
+      };
+    }
+    
     const result = await response.json();
+    console.log('📥 PIN storage response:', result);
     
-    if (response.ok && result.success) {
-      console.log(`✅ ${platform} disconnected successfully`);
+    if (result.success) {
+      console.log('✅ PIN stored successfully after biometric authentication');
+      
+      // Store PIN locally for future use
+      await AsyncStorage.setItem('user_pin_stored', 'true');
+      await AsyncStorage.setItem('pin_storage_timestamp', Date.now().toString());
+      
       return {
         success: true,
-        message: result.message || `${platform} disconnected successfully`,
+        message: result.message || 'PIN stored successfully',
       };
     } else {
-      console.error(`❌ ${platform} disconnection failed:`, result.error);
+      console.error('❌ PIN storage API returned error:', result.error);
       return {
         success: false,
-        error: result.error || `Failed to disconnect ${platform}`,
+        error: result.error || 'PIN storage failed',
       };
     }
   } catch (error) {
-    console.error(`❌ ${platform} disconnection error:`, error);
+    console.error('❌ Error storing PIN after biometric authentication:', error);
     return {
       success: false,
-      error: error instanceof Error ? error.message : 'Network error',
+      error: error instanceof Error ? error.message : 'PIN storage failed',
     };
   }
 };
+
+/**
+ * 🎫 GET STORED JWT TOKEN
+ * Helper function to retrieve stored JWT token from email verification or other sources
+ */
+export const getStoredJwtToken = async (): Promise<string | null> => {
+  try {
+    console.log('🎫 Retrieving stored JWT token...');
+    
+    // Try different storage keys in order of preference
+    const tokenSources = [
+      'email_verification_token',
+      'onairos_jwt_token',
+      'enoch_token',
+      'auth_token',
+    ];
+    
+    for (const source of tokenSources) {
+      const token = await AsyncStorage.getItem(source);
+      if (token && token.length > 20) {
+        console.log(`✅ JWT token found in ${source}:`, token.substring(0, 20) + '...');
+        return token;
+      }
+    }
+    
+    console.warn('⚠️ No JWT token found in storage');
+    return null;
+  } catch (error) {
+    console.error('❌ Error retrieving JWT token:', error);
+    return null;
+  }
+};
+
+/**
+ * 🎫 CLEAR STORED TOKENS
+ * Helper function to clear all stored tokens (useful for logout)
+ */
+export const clearStoredTokens = async (): Promise<void> => {
+  try {
+    console.log('🧹 Clearing all stored tokens...');
+    
+    const tokenKeys = [
+      'email_verification_token',
+      'onairos_jwt_token',
+      'enoch_token',
+      'auth_token',
+      'email_verification_email',
+      'email_verification_request_id',
+      'email_verification_request_email',
+      'token_timestamp',
+      'user_pin_stored',
+      'pin_storage_timestamp',
+    ];
+    
+    await Promise.all(
+      tokenKeys.map(key => AsyncStorage.removeItem(key))
+    );
+    
+    console.log('✅ All tokens cleared successfully');
+  } catch (error) {
+    console.error('❌ Error clearing tokens:', error);
+  }
+};