@onairos/react-native 3.0.72 → 3.0.74

package/src/index.ts

@@ -1,156 +1,47 @@
 /**
  * Onairos React Native SDK
  * A React Native implementation for Onairos personalized data integration
+ * 
+ * PUBLIC API - Only expose what developers need
  */
 
-// Export types first to avoid circular dependencies
+// Essential Types Only
 export type {
   OnairosButtonProps,
+  OnairosProps,
   DataTier,
-  UniversalOnboardingProps,
-  ConnectionStatus,
-  PlatformListProps,
-  PinInputProps,
-  TrainingModalProps,
-  OAuthWebViewProps,
-  PlatformConfig,
-  PlatformAuthConfig,
-  ApiResponse,
-  CredentialsResult,
-  OverlayProps,
-  BiometricOptions,
-  PinRequirements,
   OnairosConfig,
-  ApiKeyConfig,
-  ApiKeyValidationResult,
   TestModeOptions,
-  DataRequest,
 } from './types';
 
-export type { EmailVerificationModalProps } from './components/EmailVerificationModal';
-
-export type { StorageOptions, OnairosCredentials } from './utils/secureStorage';
-export type { OAuthConfig } from './services/oauthService';
-export type { ApiErrorType, ApiError } from './utils/onairosApi';
-
-// Export constants
-export { COLORS, PLATFORMS, API_ENDPOINTS, STORAGE_KEYS, PIN_REQUIREMENTS, DEEP_LINK_CONFIG } from './constants';
+// Core Components
+export { OnairosButton } from './components/OnairosButton';
+export { Onairos } from './components/Onairos';
 
-// Export utilities
+// SDK Initialization
 export { 
-  storeCredentials,
-  getCredentials,
-  hasCredentials,
-  deleteCredentials,
-  updateCredentials,
-  generateDeviceUsername,
-  verifyCredentials,
-} from './utils/secureStorage';
-
-export {
-  validateCredentials,
-  createAccount,
-  authenticate,
-  refreshToken,
-  getPlatformData,
-  getUserProfile,
-  updatePlatformConnections,
-} from './utils/onairosApi';
-
-export {
-  rsaEncrypt,
-  sha256,
-  base64ToBuffer,
-} from './utils/crypto';
-
-export {
-  logDebug,
-  logError,
-  isDebugMode,
-} from './utils/debugHelper';
-
-// Export services
-export {
-  connectPlatform,
-  initializeOAuthService,
-  cleanupOAuthService,
-  storePlatformConnection,
-} from './services/oauthService';
+  initializeApiKey,
+  ADMIN_API_KEY,
+} from './services/apiKeyService';
 
+// Authentication & PIN Management
 export {
-  updateGoogleClientIds,
-  refreshYouTubeTokens,
-  hasNativeSDK,
-  testApiConnectivity,
+  storePinAfterBiometric,
+  getStoredJwtToken,
+  clearStoredTokens,
   requestEmailVerification,
   verifyEmailCode,
   checkEmailVerificationStatus,
-  disconnectPlatform,
-  initiateOAuth,
 } from './services/platformAuthService';
 
-// API Key Service - Initialize SDK with API key
-export { 
-  initializeApiKey, 
-  validateApiKey, 
-  getApiConfig, 
-  getApiKey, 
-  isApiKeyInitialized,
-  resetApiKeyService,
-  getAuthHeaders,
-  makeAuthenticatedRequest,
-} from './services/apiKeyService';
-
-// Export API and Services
-export { onairosApi } from './api';
-export { OAuthService } from './services/oauthService';
-export * from './utils/secureStorage';
-export * from './utils/encryption';
-
-// Export hooks
-export { useCredentials } from './hooks/useCredentials';
-export { useConnections } from './hooks/useConnections';
-
-// Export Portal components
-export { Portal, PortalHost } from './utils/Portal';
-
-// Screen Components
-export { ConnectorScreen } from './components/screens/ConnectorScreen';
-export { PinCreationScreen } from './components/screens/PinCreationScreen';
-export { LoadingScreen } from './components/screens/LoadingScreen';
-
-// Onboarding Components
-export { OAuthWebView } from './components/onboarding/OAuthWebView';
-export { PlatformConnector } from './components/onboarding/PlatformConnector';
-export { OnboardingHeader } from './components/onboarding/OnboardingHeader';
+// Programmatic Function (for custom buttons)
+export { executeOnairosFlow } from './utils/programmaticFlow';
 
-// Core Components - Export these last to avoid circular dependencies
-export { PlatformList } from './components/PlatformList';
-export { PinInput } from './components/PinInput';
-export { TrainingModal } from './components/TrainingModal';
-export { EmailVerificationModal } from './components/EmailVerificationModal';
-export { DataRequestScreen } from './components/DataRequestScreen';
-export { Overlay } from './components/Overlay';
-export { UniversalOnboarding } from './components/UniversalOnboarding';
-export { OnairosButton } from './components/OnairosButton';
-export { Onairos } from './components/Onairos';
-
-// Define the public components for default export
-import * as React from 'react';
-import { Onairos } from './components/Onairos';
+// Default export for convenience
 import { OnairosButton } from './components/OnairosButton';
-import { Overlay } from './components/Overlay';
-import { UniversalOnboarding } from './components/UniversalOnboarding';
-import { PortalHost } from './utils/Portal';
-
-// Simple default export object - main types are available through named exports
-const components = {
-  Onairos: Onairos as any,
-  OnairosButton: OnairosButton as any,
-  OnairosOverlay: Overlay as any,
-  UniversalOnboarding: UniversalOnboarding as any,
-  PortalHost: PortalHost as any,
-};
+import { Onairos } from './components/Onairos';
 
-// Export the components as the default export
-export default components;
+export default {
+  OnairosButton,
+  Onairos,
+};

package/src/services/apiKeyService.ts

@@ -1,5 +1,15 @@
 import type { OnairosConfig, ApiKeyValidationResult } from '../types';
 
+// Admin key for backend validation
+export const ADMIN_API_KEY = 'OnairosIsAUnicorn2025';
+
+// API key types
+export enum ApiKeyType {
+  DEVELOPER = 'developer',
+  ADMIN = 'admin',
+  INVALID = 'invalid'
+}
+
 /**
  * API Key Service for Onairos React Native SDK
  * 
@@ -12,6 +22,12 @@ import type { OnairosConfig, ApiKeyValidationResult } from '../types';
  * 3. Cache validation results for performance
  * 4. Include API key in all authenticated requests
  * 5. Handle API key errors gracefully with developer-friendly messages
+ * 
+ * Backend Integration:
+ * - All API requests include: Authorization: Bearer {apiKey}
+ * - Backend should validate API keys on each request
+ * - Admin key "OnairosIsAUnicorn2025" has full permissions
+ * - Developer keys have limited permissions based on validation response
  */
 
 // Global configuration state
@@ -89,6 +105,33 @@ export const initializeApiKey = async (config: OnairosConfig): Promise<void> =>
   }
 };
 
+/**
+ * Determine API key type
+ * @param apiKey The API key to check
+ * @returns The type of API key
+ */
+export const getApiKeyType = (apiKey: string): ApiKeyType => {
+  if (apiKey === ADMIN_API_KEY) {
+    return ApiKeyType.ADMIN;
+  }
+  
+  // Developer keys should be at least 32 characters and start with specific prefix
+  if (apiKey.length >= 32 && (apiKey.startsWith('dev_') || apiKey.startsWith('pk_'))) {
+    return ApiKeyType.DEVELOPER;
+  }
+  
+  return ApiKeyType.INVALID;
+};
+
+/**
+ * Check if API key is admin key
+ * @param apiKey The API key to check
+ * @returns True if admin key
+ */
+export const isAdminKey = (apiKey: string): boolean => {
+  return apiKey === ADMIN_API_KEY;
+};
+
 /**
  * Validate an API key with the Onairos backend
  * @param apiKey The API key to validate
@@ -98,6 +141,30 @@ export const validateApiKey = async (apiKey: string): Promise<ApiKeyValidationRe
   try {
     console.log('🔍 Validating API key...');
     
+    // Check if it's an admin key
+    if (isAdminKey(apiKey)) {
+      console.log('🔑 Admin key detected - granting full permissions');
+      return {
+        isValid: true,
+        permissions: ['*'], // Full permissions for admin
+        rateLimits: {
+          remaining: 999999,
+          resetTime: Date.now() + 24 * 60 * 60 * 1000 // 24 hours
+        },
+        keyType: ApiKeyType.ADMIN
+      };
+    }
+    
+    // Check basic format for developer keys
+    const keyType = getApiKeyType(apiKey);
+    if (keyType === ApiKeyType.INVALID) {
+      return {
+        isValid: false,
+        error: 'Invalid API key format. Developer keys must be at least 32 characters and start with "dev_" or "pk_"',
+        keyType: ApiKeyType.INVALID
+      };
+    }
+    
     // Check cache first
     const cached = validationCache.get(apiKey);
     if (cached && Date.now() - cached.timestamp < CACHE_DURATION) {
@@ -122,11 +189,14 @@ export const validateApiKey = async (apiKey: string): Promise<ApiKeyValidationRe
           'Content-Type': 'application/json',
           'Authorization': `Bearer ${apiKey}`,
           'User-Agent': 'OnairosReactNative/1.0',
+          'X-API-Key-Type': keyType,
         },
         body: JSON.stringify({
           environment,
-          sdk_version: '3.0.71',
+          sdk_version: '3.0.72',
           platform: 'react-native',
+          keyType,
+          timestamp: new Date().toISOString(),
         }),
         signal: controller.signal,
       });
@@ -140,6 +210,7 @@ export const validateApiKey = async (apiKey: string): Promise<ApiKeyValidationRe
           isValid: true,
           permissions: data.permissions || [],
           rateLimits: data.rateLimits || null,
+          keyType: keyType,
         };
 
         // Cache the successful result
@@ -159,6 +230,7 @@ export const validateApiKey = async (apiKey: string): Promise<ApiKeyValidationRe
         const result: ApiKeyValidationResult = {
           isValid: false,
           error: errorMessage,
+          keyType: keyType,
         };
 
         // Don't cache failed results
@@ -168,23 +240,23 @@ export const validateApiKey = async (apiKey: string): Promise<ApiKeyValidationRe
 
         return result;
       }
-    } catch (fetchError) {
+    } catch (fetchError: any) {
       clearTimeout(timeoutId);
       
       if (fetchError.name === 'AbortError') {
         const errorMessage = 'API key validation timeout';
         console.error('⏱️ API key validation timeout');
-        return { isValid: false, error: errorMessage };
+        return { isValid: false, error: errorMessage, keyType: keyType };
       }
       
       const errorMessage = `Network error during API key validation: ${fetchError.message}`;
       console.error('🌐 Network error during API key validation:', fetchError);
-      return { isValid: false, error: errorMessage };
+      return { isValid: false, error: errorMessage, keyType: keyType };
     }
-  } catch (error) {
+  } catch (error: any) {
     const errorMessage = `API key validation error: ${error.message}`;
     console.error('❌ API key validation error:', error);
-    return { isValid: false, error: errorMessage };
+    return { isValid: false, error: errorMessage, keyType: ApiKeyType.INVALID };
   }
 };
 
@@ -221,12 +293,16 @@ export const getAuthHeaders = (): Record<string, string> => {
     throw new Error('SDK not initialized. Call initializeApiKey() first.');
   }
 
+  const keyType = getApiKeyType(globalConfig.apiKey);
+  
   return {
     'Content-Type': 'application/json',
     'Authorization': `Bearer ${globalConfig.apiKey}`,
-    'User-Agent': 'OnairosReactNative/3.0.71',
-    'X-SDK-Version': '3.0.71',
+    'User-Agent': 'OnairosReactNative/3.0.72',
+    'X-SDK-Version': '3.0.72',
     'X-SDK-Environment': globalConfig.environment || 'production',
+    'X-API-Key-Type': keyType,
+    'X-Timestamp': new Date().toISOString(),
   };
 };
 

package/src/services/platformAuthService.ts

@@ -3,6 +3,49 @@ import AsyncStorage from '@react-native-async-storage/async-storage';
 import type { PlatformAuthConfig } from '../types';
 import { makeAuthenticatedRequest, getApiConfig } from './apiKeyService';
 
+// 🔑 CRITICAL: Initialize API key service for authentication
+let isApiKeyInitialized = false;
+
+/**
+ * Initialize the API key service with the admin key for testing
+ * This ensures all API requests include proper authentication headers
+ */
+export const initializePlatformAuthService = async (): Promise<void> => {
+  if (isApiKeyInitialized) {
+    console.log('🔑 API key service already initialized');
+    return;
+  }
+
+  try {
+    // Import the initialization function
+    const { initializeApiKey, ADMIN_API_KEY } = await import('./apiKeyService');
+    
+    // Initialize with admin key for production email service
+    await initializeApiKey({
+      apiKey: ADMIN_API_KEY, // 'OnairosIsAUnicorn2025'
+      environment: 'production', // Use production for email verification
+      enableLogging: true,
+      timeout: 30000,
+    });
+
+    isApiKeyInitialized = true;
+    console.log('✅ Platform auth service initialized with admin key (production)');
+  } catch (error) {
+    console.error('❌ Failed to initialize platform auth service:', error);
+    throw error;
+  }
+};
+
+/**
+ * Ensure API key is initialized before making authenticated requests
+ */
+const ensureApiKeyInitialized = async (): Promise<void> => {
+  if (!isApiKeyInitialized) {
+    console.log('🔑 API key not initialized, initializing now...');
+    await initializePlatformAuthService();
+  }
+};
+
 // Configuration for each platform's authentication
 let PLATFORM_AUTH_CONFIG: Record<string, PlatformAuthConfig> = {
   instagram: {
@@ -780,6 +823,7 @@ export const requestEmailVerification = async (email: string, testMode = false):
   success: boolean;
   message?: string;
   error?: string;
+  requestId?: string;
 }> => {
   try {
     console.log('📧 Requesting email verification for:', email);
@@ -792,17 +836,27 @@ export const requestEmailVerification = async (email: string, testMode = false):
       };
     }
     
-    // In test mode, always return success
+    // In test mode, always return success with mock request ID
     if (testMode) {
-      console.log('🧪 Test mode: Always returning success');
+      console.log('🧪 Test mode: Always returning success with mock request ID');
+      const mockRequestId = 'test-request-' + Date.now();
+      
+      // Store request info for tracking
+      await AsyncStorage.setItem('email_verification_request_id', mockRequestId);
+      await AsyncStorage.setItem('email_verification_request_email', email);
+      
       return {
         success: true,
         message: 'Email verification sent successfully (test mode)',
+        requestId: mockRequestId,
       };
     }
     
     // Production mode: Make real API call with API key authentication
     try {
+      // 🔑 Ensure API key is initialized before making authenticated requests
+      await ensureApiKeyInitialized();
+      
       const response = await makeAuthenticatedRequest('/email/verification', {
         method: 'POST',
         body: JSON.stringify({
@@ -816,9 +870,16 @@ export const requestEmailVerification = async (email: string, testMode = false):
       
       if (response.ok && result.success) {
         console.log('✅ Email verification request sent');
+        
+        // Store request info for tracking
+        const requestId = result.requestId || result.id || ('req-' + Date.now());
+        await AsyncStorage.setItem('email_verification_request_id', requestId);
+        await AsyncStorage.setItem('email_verification_request_email', email);
+        
         return {
           success: true,
           message: result.message || 'Email verification sent successfully',
+          requestId: requestId,
         };
       } else {
         console.error('❌ Email verification request failed:', result.error);
@@ -848,6 +909,7 @@ export const verifyEmailCode = async (email: string, code: string, testMode = fa
   message?: string;
   error?: string;
   existingUser?: boolean;
+  jwtToken?: string;
 }> => {
   try {
     console.log('🔍 Verifying email code for:', email);
@@ -868,18 +930,29 @@ export const verifyEmailCode = async (email: string, code: string, testMode = fa
       };
     }
     
-    // In test mode, always return success
+    // In test mode, always return success with mock JWT token
     if (testMode) {
-      console.log('🧪 Test mode: Always returning success');
+      console.log('🧪 Test mode: Always returning success with mock JWT token');
+      const mockToken = 'test-jwt-token-' + Date.now();
+      
+      // Store mock token for API requests
+      await AsyncStorage.setItem('email_verification_token', mockToken);
+      await AsyncStorage.setItem('onairos_jwt_token', mockToken);
+      await AsyncStorage.setItem('email_verification_email', email);
+      
       return {
         success: true,
         message: 'Email verification successful (test mode)',
         existingUser: false,
+        jwtToken: mockToken,
       };
     }
     
     // Production mode: Make real API call with API key authentication
     try {
+      // 🔑 Ensure API key is initialized before making authenticated requests
+      await ensureApiKeyInitialized();
+      
       const response = await makeAuthenticatedRequest('/email/verification', {
         method: 'POST',
         body: JSON.stringify({
@@ -894,10 +967,27 @@ export const verifyEmailCode = async (email: string, code: string, testMode = fa
       
       if (response.ok && result.success) {
         console.log('✅ Email verification successful');
+        
+        // 🎫 CRITICAL: Store JWT token from email verification response
+        const jwtToken = result.token || result.jwtToken || result.jwt || result.authToken;
+        
+        if (jwtToken) {
+          console.log('🎫 Storing JWT token from email verification response');
+          await AsyncStorage.setItem('email_verification_token', jwtToken);
+          await AsyncStorage.setItem('onairos_jwt_token', jwtToken);
+          await AsyncStorage.setItem('enoch_token', jwtToken);
+          await AsyncStorage.setItem('auth_token', jwtToken);
+          await AsyncStorage.setItem('email_verification_email', email);
+          await AsyncStorage.setItem('token_timestamp', Date.now().toString());
+        } else {
+          console.warn('⚠️ No JWT token received from email verification API');
+        }
+        
         return {
           success: true,
           message: result.message || 'Email verification successful',
           existingUser: result.existingUser || false,
+          jwtToken: jwtToken,
         };
       } else {
         console.error('❌ Email verification failed:', result.error);
@@ -944,6 +1034,9 @@ export const checkEmailVerificationStatus = async (email: string, testMode = fal
     
     // Production mode: Make real API call with API key authentication
     try {
+      // 🔑 Ensure API key is initialized before making authenticated requests
+      await ensureApiKeyInitialized();
+      
       const response = await makeAuthenticatedRequest(`/email/verify/status/${encodeURIComponent(email)}`, {
         method: 'GET',
       });
@@ -1033,3 +1126,166 @@ export const disconnectPlatform = async (platform: string, username: string): Pr
     };
   }
 };
+
+/**
+ * 🔐 STORE PIN AFTER BIOMETRIC AUTHENTICATION
+ * Send PIN separately to /store-pin/web endpoint after biometric Face ID verification
+ */
+export const storePinAfterBiometric = async (username: string, pin: string, jwtToken?: string): Promise<{
+  success: boolean;
+  message?: string;
+  error?: string;
+}> => {
+  try {
+    console.log('🔐 Storing PIN after biometric authentication for user:', username);
+    console.log('🔑 PIN length:', pin.length);
+    console.log('🎫 JWT token provided:', !!jwtToken);
+    
+    if (!username || !pin) {
+      return {
+        success: false,
+        error: 'Username and PIN are required',
+      };
+    }
+    
+    if (pin.length < 4) {
+      return {
+        success: false,
+        error: 'PIN must be at least 4 digits',
+      };
+    }
+    
+    // Get JWT token from storage if not provided
+    let authToken = jwtToken;
+    if (!authToken) {
+      authToken = await AsyncStorage.getItem('onairos_jwt_token') || 
+                   await AsyncStorage.getItem('enoch_token') || 
+                   await AsyncStorage.getItem('auth_token') ||
+                   await AsyncStorage.getItem('email_verification_token');
+    }
+    
+    if (!authToken) {
+      console.warn('⚠️ No JWT token available for PIN storage');
+      return {
+        success: false,
+        error: 'No authentication token available',
+      };
+    }
+    
+    console.log('📤 Sending PIN to /store-pin/web endpoint');
+    
+    // Make authenticated request to store PIN
+    const response = await makeAuthenticatedRequest('/store-pin/web', {
+      method: 'POST',
+      headers: {
+        'Authorization': `Bearer ${authToken}`,
+      },
+      body: JSON.stringify({
+        username,
+        pin,
+      }),
+    });
+    
+    console.log('📡 PIN storage response status:', response.status);
+    
+    if (!response.ok) {
+      const errorText = await response.text();
+      console.error('❌ PIN storage failed:', errorText);
+      return {
+        success: false,
+        error: `PIN storage failed: ${response.status} - ${errorText}`,
+      };
+    }
+    
+    const result = await response.json();
+    console.log('📥 PIN storage response:', result);
+    
+    if (result.success) {
+      console.log('✅ PIN stored successfully after biometric authentication');
+      
+      // Store PIN locally for future use
+      await AsyncStorage.setItem('user_pin_stored', 'true');
+      await AsyncStorage.setItem('pin_storage_timestamp', Date.now().toString());
+      
+      return {
+        success: true,
+        message: result.message || 'PIN stored successfully',
+      };
+    } else {
+      console.error('❌ PIN storage API returned error:', result.error);
+      return {
+        success: false,
+        error: result.error || 'PIN storage failed',
+      };
+    }
+  } catch (error) {
+    console.error('❌ Error storing PIN after biometric authentication:', error);
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : 'PIN storage failed',
+    };
+  }
+};
+
+/**
+ * 🎫 GET STORED JWT TOKEN
+ * Helper function to retrieve stored JWT token from email verification or other sources
+ */
+export const getStoredJwtToken = async (): Promise<string | null> => {
+  try {
+    console.log('🎫 Retrieving stored JWT token...');
+    
+    // Try different storage keys in order of preference
+    const tokenSources = [
+      'email_verification_token',
+      'onairos_jwt_token',
+      'enoch_token',
+      'auth_token',
+    ];
+    
+    for (const source of tokenSources) {
+      const token = await AsyncStorage.getItem(source);
+      if (token && token.length > 20) {
+        console.log(`✅ JWT token found in ${source}:`, token.substring(0, 20) + '...');
+        return token;
+      }
+    }
+    
+    console.warn('⚠️ No JWT token found in storage');
+    return null;
+  } catch (error) {
+    console.error('❌ Error retrieving JWT token:', error);
+    return null;
+  }
+};
+
+/**
+ * 🎫 CLEAR STORED TOKENS
+ * Helper function to clear all stored tokens (useful for logout)
+ */
+export const clearStoredTokens = async (): Promise<void> => {
+  try {
+    console.log('🧹 Clearing all stored tokens...');
+    
+    const tokenKeys = [
+      'email_verification_token',
+      'onairos_jwt_token',
+      'enoch_token',
+      'auth_token',
+      'email_verification_email',
+      'email_verification_request_id',
+      'email_verification_request_email',
+      'token_timestamp',
+      'user_pin_stored',
+      'pin_storage_timestamp',
+    ];
+    
+    await Promise.all(
+      tokenKeys.map(key => AsyncStorage.removeItem(key))
+    );
+    
+    console.log('✅ All tokens cleared successfully');
+  } catch (error) {
+    console.error('❌ Error clearing tokens:', error);
+  }
+};