@onairos/react-native 3.1.12 → 3.1.14

package/src/services/platformAuthService.ts

@@ -1,1113 +1,1346 @@
-import { Platform, Linking } from 'react-native';
-import AsyncStorage from '@react-native-async-storage/async-storage';
-import type { PlatformAuthConfig } from '../types';
-import { makeDeveloperRequest, getApiConfig, storeJWT, extractUsernameFromJWT } from './apiKeyService';
-
-// 🔑 CRITICAL: Use two-tier authentication system
-// - Developer API key for email verification requests
-// - JWT tokens for user-authenticated requests after email verification
-
-/**
- * Initialize the platform auth service
- * This service now uses the two-tier authentication system
- */
-export const initializePlatformAuthService = async (): Promise<void> => {
-  try {
-    // Check if app is already initialized with API key
-    const existingConfig = getApiConfig();
-    
-    if (existingConfig && existingConfig.apiKey) {
-      console.log('🔑 Platform auth service using existing app configuration');
-      console.log(`✅ Environment: ${existingConfig.environment}`);
-      return;
-    }
-    
-    // If no app initialization, we can't proceed
-    console.error('❌ Platform auth service requires app-level API key initialization');
-    throw new Error('Platform auth service requires app-level API key initialization. Please call initializeApiKey() first.');
-  } catch (error) {
-    console.error('❌ Failed to initialize platform auth service:', error);
-    throw error;
-  }
-};
-
-// Configuration for each platform's authentication
-let PLATFORM_AUTH_CONFIG: Record<string, PlatformAuthConfig> = {
-  instagram: {
-    hasNativeSDK: false, // Instagram uses OAuth WebView flow
-    authEndpoint: '/instagram/authorize',
-    color: '#E1306C',
-  },
-  youtube: {
-    hasNativeSDK: true, // Native Google Sign-In SDK enabled
-    nativeSDKPackage: '@react-native-google-signin/google-signin',
-    authEndpoint: '/youtube/authorize',
-    color: '#FF0000',
-    clientId: '1030678346906-lovkuds2ouqmoc8eu5qpo98spa6edv4o.apps.googleusercontent.com',
-    redirectUri: 'onairosevents://auth/callback',
-    scope: 'https://www.googleapis.com/auth/youtube.readonly',
-    responseType: 'code',
-  },
-  reddit: {
-    hasNativeSDK: false,
-    authEndpoint: '/reddit/authorize',
-    color: '#FF4500',
-  },
-  pinterest: {
-    hasNativeSDK: false,
-    authEndpoint: '/pinterest/authorize',
-    color: '#E60023',
-  },
-  email: {
-    hasNativeSDK: false,
-    authEndpoint: '/gmail/authorize',
-    color: '#4285F4',
-  },
-};
-
-/**
- * Checks if a native SDK is available for the given platform
- */
-export const hasNativeSDK = (platform: string): boolean => {
-  const config = PLATFORM_AUTH_CONFIG[platform];
-  return config?.hasNativeSDK || false;
-};
-
-/**
- * Gets the auth endpoint URL for a platform
- */
-export const getAuthEndpoint = (platform: string): string => {
-  const config = PLATFORM_AUTH_CONFIG[platform];
-  return config?.authEndpoint || '';
-};
-
-/**
- * Gets the color associated with a platform
- */
-export const getPlatformColor = (platform: string): string => {
-  const config = PLATFORM_AUTH_CONFIG[platform];
-  return config?.color || '#000000';
-};
-
-/**
- * Initiates the OAuth flow for a platform
- * @param platform The platform to authenticate with
- * @param username The username to associate with the authentication
- * @param appName The app name to use for the OAuth session (optional)
- * @returns A Promise that resolves to the OAuth URL to open in a WebView or null if using native SDK
- */
-export const initiateOAuth = async (platform: string, username: string, appName?: string): Promise<string | null> => {
-  try {
-    console.log('🚀 Initiating OAuth for platform:', platform);
-    console.log('👤 Username:', username);
-    console.log('📱 App name:', appName);
-    
-    // Check if the platform is supported
-    if (!PLATFORM_AUTH_CONFIG[platform]) {
-      console.error('❌ Unsupported platform:', platform);
-      throw new Error(`Unsupported platform: ${platform}`);
-    }
-
-    // Check if platform has a native SDK
-    if (PLATFORM_AUTH_CONFIG[platform].hasNativeSDK) {
-      console.log('📱 Platform uses native SDK, returning null');
-      // Return null to indicate that we should use the native SDK
-      return null;
-    }
-
-    console.log('🌐 Platform uses OAuth WebView flow');
-    console.log('🔗 Auth endpoint:', PLATFORM_AUTH_CONFIG[platform].authEndpoint);
-
-    // Pre-flight connectivity check
-    console.log('🔍 Performing pre-flight connectivity check...');
-    const connectivityResult = await testApiConnectivity();
-    
-    if (!connectivityResult.success) {
-      console.error('❌ Pre-flight connectivity check failed:', connectivityResult.error);
-      throw new Error(`Cannot reach authentication server: ${connectivityResult.error}`);
-    }
-    
-    console.log('✅ Pre-flight connectivity check passed');
-
-    // Handle Instagram with specific API format
-    if (platform === 'instagram') {
-      const state = 'djksbfds';
-      const jsonData = {
-        session: {
-          oauthState: state,
-          username: username || 'Avatar',
-        },
-      };
-
-      console.log('📤 Sending Instagram OAuth request:', jsonData);
-
-      const response = await makeDeveloperRequest(PLATFORM_AUTH_CONFIG[platform].authEndpoint, {
-        method: 'POST',
-        body: JSON.stringify(jsonData),
-      });
-
-      console.log('📡 Instagram OAuth response status:', response.status);
-
-      if (!response.ok) {
-        const errorText = await response.text();
-        console.error('❌ Instagram OAuth API error:', errorText);
-        throw new Error(`Instagram OAuth API error: ${response.status} - ${errorText}`);
-      }
-
-      const responseData = await response.json();
-      console.log('📥 Instagram OAuth response data:', responseData);
-      
-      if (responseData.instagramURL) {
-        console.log('✅ Instagram OAuth URL received:', responseData.instagramURL);
-        
-        // Validate the URL before returning
-        if (await validateOAuthUrl(responseData.instagramURL)) {
-          return responseData.instagramURL;
-        } else {
-          throw new Error('Received invalid Instagram OAuth URL');
-        }
-      }
-      
-      console.error('❌ No Instagram URL found in response');
-      throw new Error('No Instagram URL found in response');
-    }
-
-    // Prepare the request body for other platforms
-    const jsonData = {
-      session: {
-        oauthState: 'djksbfds', // Use same state for all platforms
-        username: username || 'Avatar',
-        appName: appName || 'DefaultApp',
-      },
-    };
-
-    console.log(`📤 Sending ${platform} OAuth request:`, jsonData);
-
-    // Make the authenticated request to get the OAuth URL
-    const response = await makeDeveloperRequest(PLATFORM_AUTH_CONFIG[platform].authEndpoint, {
-      method: 'POST',
-      body: JSON.stringify(jsonData),
-    });
-
-    console.log(`📡 ${platform} OAuth response status:`, response.status);
-
-    if (!response.ok) {
-      const errorText = await response.text();
-      console.error(`❌ ${platform} OAuth API error:`, errorText);
-      throw new Error(`${platform} OAuth API error: ${response.status} - ${errorText}`);
-    }
-
-    // Parse the response
-    const data = await response.json();
-    console.log(`📥 ${platform} OAuth response data:`, data);
-    
-    // Extra logging for Gmail to help debug
-    if (platform === 'email') {
-      console.log('🔍 Gmail OAuth response keys:', Object.keys(data));
-      console.log('🔍 Gmail OAuth full response:', JSON.stringify(data, null, 2));
-    }
-    
-    // Check if the response contains the OAuth URL based on platform
-    let oauthUrl: string | null = null;
-    
-    switch (platform) {
-      case 'reddit':
-        oauthUrl = data.redditURL;
-        break;
-      case 'pinterest':
-        oauthUrl = data.pinterestURL;
-        break;
-      case 'youtube':
-        oauthUrl = data.youtubeURL;
-        break;
-      case 'email':
-        // Gmail might return under different field names
-        oauthUrl = data.emailURL || data.gmailURL || data.authUrl || data.url;
-        break;
-      default:
-        oauthUrl = data.url;
-        break;
-    }
-
-    if (!oauthUrl) {
-      console.error(`❌ No OAuth URL found in response for ${platform}. Response:`, data);
-      throw new Error(`No OAuth URL found in response for ${platform}`);
-    }
-
-    console.log(`✅ ${platform} OAuth URL received:`, oauthUrl);
-    
-    // Validate the URL before returning
-    if (await validateOAuthUrl(oauthUrl)) {
-      return oauthUrl;
-    } else {
-      throw new Error(`Received invalid ${platform} OAuth URL`);
-    }
-  } catch (error) {
-    console.error(`Error initiating OAuth for ${platform}:`, error);
-    throw error;
-  }
-};
-
-/**
- * Validates an OAuth URL to ensure it's reachable
- * @param url The OAuth URL to validate
- * @returns Promise<boolean> indicating if the URL is valid and reachable
- */
-const validateOAuthUrl = async (url: string): Promise<boolean> => {
-  try {
-    console.log('🔍 Validating OAuth URL:', url);
-    
-    // Basic URL format validation
-    if (!url || typeof url !== 'string') {
-      console.error('❌ Invalid URL format:', url);
-      return false;
-    }
-    
-    // Check if URL starts with https
-    if (!url.startsWith('https://')) {
-      console.error('❌ URL must use HTTPS:', url);
-      return false;
-    }
-    
-    // Try to parse the URL
-    try {
-      new URL(url);
-    } catch (parseError) {
-      console.error('❌ URL parsing failed:', parseError);
-      return false;
-    }
-    
-    // Make a HEAD request to check if the URL is reachable
-    const controller = new AbortController();
-    const timeoutId = setTimeout(() => controller.abort(), 10000); // 10 second timeout
-    
-    try {
-      const response = await fetch(url, {
-        method: 'HEAD',
-        signal: controller.signal,
-      });
-      
-      clearTimeout(timeoutId);
-      
-      // Accept any response that's not a network error
-      // OAuth pages might return various status codes
-      console.log('✅ OAuth URL validation successful, status:', response.status);
-      return true;
-    } catch (fetchError) {
-      clearTimeout(timeoutId);
-      
-      if (fetchError.name === 'AbortError') {
-        console.warn('⚠️ OAuth URL validation timeout, but proceeding anyway');
-        return true; // Allow timeout as URLs might be slow to respond
-      }
-      
-      console.warn('⚠️ OAuth URL validation failed, but proceeding anyway:', fetchError.message);
-      return true; // Allow network errors as they might be temporary
-    }
-  } catch (error) {
-    console.warn('⚠️ OAuth URL validation error, but proceeding anyway:', error);
-    return true; // Allow validation errors to not block the flow
-  }
-};
-
-/**
- * Initiates the native SDK authentication flow for a platform
- * @param platform The platform to authenticate with
- * @returns A Promise that resolves to the authentication result
- */
-export const initiateNativeAuth = async (platform: string, username?: string): Promise<boolean> => {
-  if (platform === 'youtube') {
-    console.log('🔗 Initiating native Google Sign-In for YouTube');
-    try {
-      // Check if Google Sign-In package is available
-      let GoogleSignin, statusCodes;
-      try {
-        const googleSignInModule = require('@react-native-google-signin/google-signin');
-        GoogleSignin = googleSignInModule.GoogleSignin;
-        statusCodes = googleSignInModule.statusCodes;
-      } catch (importError) {
-        console.error('❌ Google Sign-In package not available:', importError);
-        throw new Error('Google Sign-In SDK not installed. Please install @react-native-google-signin/google-signin');
-      }
-      
-      // Configure Google Sign-In with better error handling
-      try {
-        const youtubeConfig = PLATFORM_AUTH_CONFIG.youtube;
-        const webClientId = youtubeConfig.clientId || '1030678346906-lovkuds2ouqmoc8eu5qpo98spa6edv4o.apps.googleusercontent.com';
-        const iosClientId = youtubeConfig.iosClientId || webClientId;
-        
-        await GoogleSignin.configure({
-          webClientId: webClientId,
-          iosClientId: iosClientId,
-          scopes: ['https://www.googleapis.com/auth/youtube.readonly'],
-          offlineAccess: true,
-          hostedDomain: '',
-          forceCodeForRefreshToken: true,
-          accountName: '',
-        });
-        console.log('✅ Google Sign-In configured successfully with client ID:', webClientId.substring(0, 20) + '...');
-      } catch (configError) {
-        console.error('❌ Google Sign-In configuration failed:', configError);
-        throw new Error(`Google Sign-In configuration failed: ${configError.message || configError}`);
-      }
-      
-      // Check if Google Play Services are available (Android only)
-      try {
-        await GoogleSignin.hasPlayServices({ showPlayServicesUpdateDialog: true });
-        console.log('✅ Google Play Services available');
-      } catch (playServicesError) {
-        console.error('❌ Google Play Services error:', playServicesError);
-        throw new Error(`Google Play Services not available: ${playServicesError.message || playServicesError}`);
-      }
-      
-      // Sign in with Google
-      let userInfo;
-      try {
-        userInfo = await GoogleSignin.signIn();
-        console.log('✅ Google Sign-In successful:', userInfo.user?.email);
-      } catch (signInError) {
-        console.error('❌ Google Sign-In failed:', signInError);
-        
-        // Handle specific error codes
-        if (signInError.code === statusCodes.SIGN_IN_CANCELLED) {
-          throw new Error('Google Sign-In was cancelled by user');
-        } else if (signInError.code === statusCodes.IN_PROGRESS) {
-          throw new Error('Google Sign-In already in progress');
-        } else if (signInError.code === statusCodes.PLAY_SERVICES_NOT_AVAILABLE) {
-          throw new Error('Google Play Services not available or outdated');
-        } else {
-          throw new Error(`Google Sign-In failed: ${signInError.message || signInError}`);
-        }
-      }
-      
-      // Get access token for API calls
-      const tokens = await GoogleSignin.getTokens();
-      console.log('🔑 Got Google tokens');
-      
-      // Get current user info with refresh token
-      const currentUser = await GoogleSignin.getCurrentUser();
-      console.log('👤 Current user info:', currentUser?.user?.email);
-      
-      // Extract refresh token from server auth code
-      let refreshToken = null;
-      if (currentUser?.serverAuthCode) {
-        console.log('🔄 Server auth code available for refresh token');
-        refreshToken = currentUser.serverAuthCode;
-      }
-      
-      if (!refreshToken) {
-        console.warn('⚠️ No refresh token available - token refresh may fail later');
-      } else {
-        console.log('✅ Refresh token available for YouTube connection');
-      }
-      
-      // Fetch YouTube channel information
-      let channelName = 'Unknown Channel';
-      let channelId = null;
-      try {
-        console.log('📺 Fetching YouTube channel information...');
-        const channelResponse = await fetch('https://www.googleapis.com/youtube/v3/channels?part=snippet&mine=true', {
-          headers: {
-            'Authorization': `Bearer ${tokens.accessToken}`,
-            'Accept': 'application/json'
-          }
-        });
-        
-        if (channelResponse.ok) {
-          const channelData = await channelResponse.json();
-          if (channelData.items && channelData.items.length > 0) {
-            channelName = channelData.items[0].snippet.title;
-            channelId = channelData.items[0].id;
-            console.log('✅ YouTube channel found:', channelName);
-          }
-        }
-      } catch (channelError) {
-        console.log('⚠️ Error fetching YouTube channel info:', channelError);
-        channelName = userInfo.user?.name || userInfo.user?.email || 'Unknown Channel';
-      }
-      
-      // Get authentication info
-      let authToken = await AsyncStorage.getItem('onairos_jwt_token') || 
-                     await AsyncStorage.getItem('enoch_token') || 
-                     await AsyncStorage.getItem('auth_token');
-      const storedUsername = await AsyncStorage.getItem('onairos_username');
-      const finalUsername = storedUsername || username || userInfo.user?.email || 'youtube_user';
-      
-      // Create auth token if needed
-      if (!authToken || authToken.trim().length < 20) {
-        console.log('🔐 Creating authentication token for YouTube...');
-        
-        try {
-          const fallbackEmail = userInfo.user?.email || `${finalUsername}@youtube.temp`;
-          
-          // Create user accounts and get JWT token
-          const onairosSignupResponse = await fetch('https://api2.onairos.uk/register/enoch', {
-            method: 'POST',
-            headers: {
-              'Content-Type': 'application/json'
-            },
-            body: JSON.stringify({
-              email: fallbackEmail,
-              username: finalUsername,
-              name: finalUsername
-            })
-          });
-          
-          if (onairosSignupResponse.ok) {
-            const onairosResponseData = await onairosSignupResponse.json();
-            
-            // Extract token from response
-            authToken = onairosResponseData.token || onairosResponseData.data?.token || onairosResponseData.jwt;
-            
-            if (authToken) {
-              // Store tokens
-              await AsyncStorage.setItem('onairos_jwt_token', authToken);
-              await AsyncStorage.setItem('enoch_token', authToken);
-              await AsyncStorage.setItem('auth_token', authToken);
-              await AsyncStorage.setItem('onairos_username', onairosResponseData.username || finalUsername);
-              
-              console.log('✅ Successfully created and stored authentication token');
-            }
-          }
-        } catch (tokenError) {
-          console.warn('⚠️ Error creating auth token:', tokenError);
-        }
-      }
-      
-      console.log('🔗 Linking YouTube data to user:', finalUsername);
-      console.log('📺 YouTube channel name:', channelName);
-      
-      // Send tokens to backend for YouTube data processing
-      const backendResponse = await fetch('https://api2.onairos.uk/youtube/native-auth', {
-        method: 'POST',
-        headers: {
-          'Content-Type': 'application/json',
-          ...(authToken && { 'Authorization': `Bearer ${authToken}` })
-        },
-        body: JSON.stringify({
-          session: {
-            username: finalUsername,
-            platform: 'youtube',
-            timestamp: new Date().toISOString(),
-            channelName: channelName,
-            channelId: channelId
-          },
-          googleUser: userInfo.user,
-          accessToken: tokens.accessToken,
-          idToken: tokens.idToken,
-          refreshToken: refreshToken, // CRITICAL: Include refresh token
-          serverAuthCode: currentUser?.serverAuthCode,
-          userAccountInfo: {
-            username: finalUsername,
-            email: userInfo.user?.email,
-            authToken: authToken,
-            channelName: channelName,
-            channelId: channelId,
-            userIdentifier: authToken ? `user-${authToken.substring(0, 10)}` : `youtube-${userInfo.user?.email}`,
-            googleId: userInfo.user?.id,
-          },
-          tokenExpiry: new Date(Date.now() + 3600 * 1000).toISOString(), // 1 hour from now
-          requestRefreshToken: true
-        })
-      });
-      
-      if (backendResponse.ok) {
-        const responseData = await backendResponse.json();
-        console.log('✅ YouTube connection processed by backend:', responseData);
-        return true;
-      } else {
-        const errorData = await backendResponse.text();
-        console.error('❌ Backend processing failed:', backendResponse.status, errorData);
-        return false;
-      }
-      
-    } catch (error: any) {
-      console.error('❌ Google Sign-In error:', error);
-        
-      const { statusCodes: StatusCodes } = require('@react-native-google-signin/google-signin');
-      
-      if (error.code === StatusCodes.SIGN_IN_CANCELLED) {
-        console.log('User cancelled Google Sign-In');
-      } else if (error.code === StatusCodes.IN_PROGRESS) {
-        console.log('Google Sign-In already in progress');
-      } else if (error.code === StatusCodes.PLAY_SERVICES_NOT_AVAILABLE) {
-        console.log('Google Play Services not available');
-      }
-      
-      return false;
-    }
-  }
-    
-  return false;
-};
-
-/**
- * Handles the OAuth callback
- * @param url The callback URL
- * @returns The authorization code extracted from the URL
- */
-export const handleOAuthCallback = (url: string): string | null => {
-  try {
-    // Parse the URL
-    const parsedUrl = new URL(url);
-    
-    // Extract the authorization code
-    return parsedUrl.searchParams.get('code');
-  } catch (error) {
-    console.error('Error handling OAuth callback:', error);
-    return null;
-  }
-};
-
-/**
- * Checks if a URL is an OAuth callback
- * @param url The URL to check
- * @returns True if the URL is an OAuth callback
- */
-export const isOAuthCallback = (url: string): boolean => {
-  // Check if the URL starts with our redirect URI
-  return url.startsWith('onairosanime://auth/');
-};
-
-/**
- * Test connectivity to the Onairos API server
- */
-export const testApiConnectivity = async (): Promise<{ success: boolean; error?: string }> => {
-  try {
-    console.log('🔍 Testing connectivity to Onairos API...');
-    
-    // Test multiple endpoints for better reliability
-    const testEndpoints = [
-      'https://api2.onairos.uk/health',
-      'https://api2.onairos.uk', // Base URL
-    ];
-    
-    let lastError: string | null = null;
-    
-    for (const endpoint of testEndpoints) {
-      try {
-        console.log(`🔍 Testing endpoint: ${endpoint}`);
-        
-        const controller = new AbortController();
-        const timeoutId = setTimeout(() => controller.abort(), 10000); // 10 second timeout
-        
-        const response = await fetch(endpoint, {
-          method: 'GET',
-          headers: {
-            'Content-Type': 'application/json',
-            'User-Agent': 'OnairosReactNative/1.0',
-          },
-          signal: controller.signal,
-        });
-        
-        clearTimeout(timeoutId);
-        
-        console.log(`🌐 API connectivity test response for ${endpoint}:`, response.status);
-        
-        if (response.ok || response.status === 404) {
-          // Accept 404 as it means the server is reachable
-          console.log('✅ API server is reachable');
-          return { success: true };
-        } else {
-          console.log(`⚠️ API server responded with status ${response.status} for ${endpoint}`);
-          lastError = `API server error: ${response.status}`;
-          // Continue to next endpoint
-        }
-      } catch (fetchError) {
-        console.log(`❌ Failed to reach ${endpoint}:`, fetchError);
-        
-        if (fetchError.name === 'AbortError') {
-          lastError = 'Connection timeout - API server took too long to respond';
-        } else if (fetchError.message.includes('Network request failed')) {
-          lastError = 'Network error - check your internet connection';
-        } else if (fetchError.message.includes('not connected to the internet')) {
-          lastError = 'No internet connection';
-        } else {
-          lastError = `Network error: ${fetchError.message}`;
-        }
-        
-        // Continue to next endpoint
-      }
-    }
-    
-    console.error('❌ All API connectivity tests failed');
-    return { success: false, error: lastError || 'Cannot reach API server' };
-  } catch (error) {
-    console.error('❌ API connectivity test failed:', error);
-    return { success: false, error: error instanceof Error ? error.message : 'Unknown error' };
-  }
-};
-
-/**
- * 🔄 REFRESH GOOGLE TOKENS
- */
-export const refreshGoogleTokens = async (): Promise<{ accessToken: string; idToken?: string } | null> => {
-  try {
-    console.log('🔄 Attempting to refresh Google tokens...');
-    
-    const { GoogleSignin } = require('@react-native-google-signin/google-signin');
-    
-    const currentUser = await GoogleSignin.getCurrentUser();
-    if (!currentUser) {
-      console.log('❌ User not signed in to Google, cannot refresh tokens');
-      return null;
-    }
-    
-    const tokens = await GoogleSignin.getTokens();
-    console.log('✅ Successfully refreshed Google tokens');
-    
-    return {
-      accessToken: tokens.accessToken,
-      idToken: tokens.idToken
-    };
-  } catch (error) {
-    console.error('❌ Failed to refresh Google tokens:', error);
-    
-    // If refresh fails, try to sign in again
-    try {
-      console.log('🔄 Refresh failed, attempting re-authentication...');
-      const { GoogleSignin } = require('@react-native-google-signin/google-signin');
-      const userInfo = await GoogleSignin.signIn();
-      const tokens = await GoogleSignin.getTokens();
-      
-      console.log('✅ Re-authentication successful');
-      return {
-        accessToken: tokens.accessToken,
-        idToken: tokens.idToken
-      };
-    } catch (signInError) {
-      console.error('❌ Re-authentication also failed:', signInError);
-      return null;
-    }
-  }
-};
-
-/**
- * 🔄 REFRESH YOUTUBE TOKENS
- */
-export const refreshYouTubeTokens = async (): Promise<boolean> => {
-  try {
-    console.log('🔄 Refreshing YouTube tokens...');
-    
-    // Get fresh tokens from Google SDK
-    const freshTokens = await refreshGoogleTokens();
-    if (!freshTokens) {
-      console.error('❌ Failed to get fresh tokens from Google SDK');
-      return false;
-    }
-    
-    // Get current user info
-    const { GoogleSignin } = require('@react-native-google-signin/google-signin');
-    const currentUser = await GoogleSignin.getCurrentUser();
-    if (!currentUser) {
-      console.error('❌ No current Google user found');
-      return false;
-    }
-    
-    // Get stored auth token
-    const authToken = await AsyncStorage.getItem('onairos_jwt_token') || 
-                     await AsyncStorage.getItem('enoch_token') || 
-                     await AsyncStorage.getItem('auth_token');
-    
-    if (!authToken) {
-      console.error('❌ No auth token found for YouTube refresh');
-      return false;
-    }
-    
-    // Send refreshed tokens to backend
-    const refreshResponse = await fetch('https://api2.onairos.uk/youtube/refresh-token', {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-        'Authorization': `Bearer ${authToken}`
-      },
-      body: JSON.stringify({
-        accessToken: freshTokens.accessToken,
-        idToken: freshTokens.idToken,
-        refreshToken: currentUser.serverAuthCode,
-        userEmail: currentUser.user?.email,
-        tokenExpiry: new Date(Date.now() + 3600 * 1000).toISOString(),
-        timestamp: new Date().toISOString()
-      })
-    });
-    
-    if (refreshResponse.ok) {
-      const responseData = await refreshResponse.json();
-      console.log('✅ YouTube tokens refreshed successfully:', responseData);
-      return true;
-    } else {
-      const errorData = await refreshResponse.text();
-      console.error('❌ YouTube token refresh failed:', refreshResponse.status, errorData);
-      return false;
-    }
-  } catch (error) {
-    console.error('❌ Error refreshing YouTube tokens:', error);
-    return false;
-  }
-};
-
-/**
- * 🎯 ENHANCED OAUTH CALLBACK HANDLER
- */
-export const handleOAuthCallbackUrl = (url: string): { platform?: string; code?: string; success: boolean } => {
-  try {
-    console.log('🔍 Processing OAuth callback URL:', url);
-    
-    // Parse the URL
-    const parsedUrl = new URL(url);
-    
-    // Extract platform and code
-    const platform = parsedUrl.searchParams.get('platform') || 
-                    parsedUrl.pathname.split('/').find(segment => 
-                      ['instagram', 'youtube', 'reddit', 'pinterest', 'email'].includes(segment)
-                    );
-    
-    const code = parsedUrl.searchParams.get('code');
-    const error = parsedUrl.searchParams.get('error');
-    
-    if (error) {
-      console.error('❌ OAuth error in callback:', error);
-      return { success: false };
-    }
-    
-    if (code && platform) {
-      console.log(`✅ OAuth callback processed: ${platform} with code: ${code.substring(0, 10)}...`);
-      return { platform, code, success: true };
-    }
-    
-    console.warn('⚠️ OAuth callback missing platform or code');
-    return { success: false };
-  } catch (error) {
-    console.error('❌ Error processing OAuth callback:', error);
-    return { success: false };
-  }
-};
-
-/**
- * 🔧 UPDATE GOOGLE CLIENT IDS
- * Allows apps to configure their own Google client IDs
- */
-export const updateGoogleClientIds = (config: {
-  webClientId?: string;
-  iosClientId?: string;
-}) => {
-  console.log('🔧 Updating Google client IDs configuration');
-  
-  if (config.webClientId || config.iosClientId) {
-    // Update the YouTube configuration
-    PLATFORM_AUTH_CONFIG.youtube = {
-      ...PLATFORM_AUTH_CONFIG.youtube,
-      clientId: config.webClientId || PLATFORM_AUTH_CONFIG.youtube.clientId,
-      iosClientId: config.iosClientId || PLATFORM_AUTH_CONFIG.youtube.iosClientId,
-    };
-    
-    console.log('✅ Google client IDs updated successfully');
-    console.log('  - Web Client ID:', config.webClientId ? config.webClientId.substring(0, 20) + '...' : 'not provided');
-    console.log('  - iOS Client ID:', config.iosClientId ? config.iosClientId.substring(0, 20) + '...' : 'not provided');
-  }
-};
-
-/**
- * Request email verification using developer API key
- * @param email Email address to verify
- * @param testMode Whether to use test mode
- * @returns Promise with verification result
- */
-export const requestEmailVerification = async (
-  email: string,
-  testMode: boolean = false
-): Promise<{ success: boolean; message?: string; error?: string }> => {
-  try {
-    console.log('📧 Requesting email verification for:', email);
-    
-    const response = await makeDeveloperRequest('/email/verification', {
-      method: 'POST',
-      body: JSON.stringify({
-        email,
-        action: 'request',
-        testMode
-      })
-    });
-
-    const data = await response.json();
-
-    if (response.ok && data.success) {
-      console.log('✅ Email verification requested successfully');
-      return {
-        success: true,
-        message: data.message || 'Verification code sent to your email'
-      };
-    } else {
-      console.error('❌ Email verification request failed:', data.error);
-      return {
-        success: false,
-        error: data.error || 'Failed to send verification code'
-      };
-    }
-  } catch (error) {
-    console.error('❌ Error requesting email verification:', error);
-    return {
-      success: false,
-      error: error instanceof Error ? error.message : 'Network error'
-    };
-  }
-};
-
-/**
- * Verify email code and store JWT token
- * @param email Email address
- * @param code Verification code
- * @param testMode Whether to use test mode
- * @returns Promise with verification result and JWT token
- */
-export const verifyEmailCode = async (
-  email: string,
-  code: string,
-  testMode: boolean = false
-): Promise<{ success: boolean; message?: string; error?: string; existingUser?: boolean; token?: string }> => {
-  try {
-    console.log('🔍 Verifying email code for:', email);
-    
-    const response = await makeDeveloperRequest('/email/verification', {
-      method: 'POST',
-      body: JSON.stringify({
-        email,
-        action: 'verify',
-        code,
-        testMode
-      })
-    });
-
-    const data = await response.json();
-
-    if (response.ok && data.success) {
-      console.log('✅ Email verification successful');
-      
-      // Store JWT token if received
-      if (data.token || data.jwtToken) {
-        const jwtToken = data.token || data.jwtToken;
-        await storeJWT(jwtToken);
-        console.log('🎫 JWT token stored successfully');
-      }
-      
-      return {
-        success: true,
-        message: data.message || 'Email verified successfully',
-        existingUser: data.existingUser || false,
-        token: data.token || data.jwtToken
-      };
-    } else {
-      console.error('❌ Email verification failed:', data.error);
-      return {
-        success: false,
-        error: data.error || 'Invalid verification code'
-      };
-    }
-  } catch (error) {
-    console.error('❌ Error verifying email code:', error);
-    return {
-      success: false,
-      error: error instanceof Error ? error.message : 'Network error'
-    };
-  }
-};
-
-/**
- * Check email verification status
- * @param email Email address
- * @param testMode Whether to use test mode
- * @returns Promise with status result
- */
-export const checkEmailVerificationStatus = async (
-  email: string,
-  testMode: boolean = false
-): Promise<{ success: boolean; isPending?: boolean; error?: string }> => {
-  try {
-    console.log('🔍 Checking email verification status for:', email);
-    
-    const response = await makeDeveloperRequest('/email/verification/status', {
-      method: 'POST',
-      body: JSON.stringify({
-        email,
-        testMode
-      })
-    });
-
-    const data = await response.json();
-
-    if (response.ok && data.success) {
-      return {
-        success: true,
-        isPending: data.isPending || false
-      };
-    } else {
-      return {
-        success: false,
-        error: data.error || 'Failed to check verification status'
-      };
-    }
-  } catch (error) {
-    console.error('❌ Error checking email verification status:', error);
-    return {
-      success: false,
-      error: error instanceof Error ? error.message : 'Network error'
-    };
-  }
-};
-
-/**
- * Disconnect a platform (uses developer API key)
- * @param platform Platform to disconnect
- * @param username Username associated with the platform
- * @returns Promise with disconnect result
- */
-export const disconnectPlatform = async (platform: string, username: string): Promise<{ success: boolean; error?: string }> => {
-  try {
-    console.log('🔌 Disconnecting platform:', platform, 'for user:', username);
-    
-    // Make authenticated API call to disconnect platform
-    const response = await makeDeveloperRequest('/revoke', {
-      method: 'POST',
-      body: JSON.stringify({
-        platform,
-        username
-      })
-    });
-
-    const data = await response.json();
-
-    if (response.ok && data.success) {
-      console.log(`✅ ${platform} disconnected successfully`);
-      return { success: true };
-    } else {
-      console.error(`❌ Failed to disconnect ${platform}:`, data.error);
-      return {
-        success: false,
-        error: data.error || 'Failed to disconnect platform'
-      };
-    }
-  } catch (error) {
-    console.error(`❌ Error disconnecting ${platform}:`, error);
-    return {
-      success: false,
-      error: error instanceof Error ? error.message : 'Network error'
-    };
-  }
-};
-
-/**
- * Store PIN for user (uses JWT authentication and extracts username from JWT)
- * @param pin User PIN
- * @param username Optional username (if not provided, extracts from JWT)
- * @returns Promise with result
- */
-export const storePIN = async (pin: string, username?: string): Promise<{ success: boolean; error?: string }> => {
-  try {
-    // Extract username from JWT if not provided
-    const userToStore = username || extractUsernameFromJWT();
-    
-    if (!userToStore) {
-      console.error('❌ No username available - either provide username or ensure JWT token is valid');
-      return {
-        success: false,
-        error: 'No username available for PIN storage'
-      };
-    }
-
-    console.log('🔐 Storing PIN for user:', userToStore);
-    
-    // Make authenticated request to store PIN (using developer API key for now)
-    const response = await makeDeveloperRequest('/store-pin/web', {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-      },
-      body: JSON.stringify({
-        username: userToStore,
-        pin
-      })
-    });
-
-    const data = await response.json();
-
-    if (response.ok && data.success) {
-      console.log('✅ PIN stored successfully for user:', userToStore);
-      return { success: true };
-    } else {
-      console.error('❌ Failed to store PIN:', data.error);
-      return {
-        success: false,
-        error: data.error || 'Failed to store PIN'
-      };
-    }
-  } catch (error) {
-    console.error('❌ Error storing PIN:', error);
-    return {
-      success: false,
-      error: error instanceof Error ? error.message : 'Network error'
-    };
-  }
-};
-
-/**
- * 🎫 GET STORED JWT TOKEN
- * Helper function to retrieve stored JWT token from email verification or other sources
- */
-export const getStoredJwtToken = async (): Promise<string | null> => {
-  try {
-    console.log('🎫 Retrieving stored JWT token...');
-    
-    // Try different storage keys in order of preference
-    const tokenSources = [
-      'email_verification_token',
-      'onairos_jwt_token',
-      'enoch_token',
-      'auth_token',
-    ];
-    
-    for (const source of tokenSources) {
-      const token = await AsyncStorage.getItem(source);
-      if (token && token.length > 20) {
-        console.log(`✅ JWT token found in ${source}:`, token.substring(0, 20) + '...');
-        return token;
-      }
-    }
-    
-    console.warn('⚠️ No JWT token found in storage');
-    return null;
-  } catch (error) {
-    console.error('❌ Error retrieving JWT token:', error);
-    return null;
-  }
-};
-
-/**
- * 🎫 CLEAR STORED TOKENS
- * Helper function to clear all stored tokens (useful for logout)
- */
-export const clearStoredTokens = async (): Promise<void> => {
-  try {
-    console.log('🧹 Clearing all stored tokens...');
-    
-    const tokenKeys = [
-      'email_verification_token',
-      'onairos_jwt_token',
-      'enoch_token',
-      'auth_token',
-      'email_verification_email',
-      'email_verification_request_id',
-      'email_verification_request_email',
-      'token_timestamp',
-      'user_pin_stored',
-      'pin_storage_timestamp',
-    ];
-    
-    await Promise.all(
-      tokenKeys.map(key => AsyncStorage.removeItem(key))
-    );
-    
-    console.log('✅ All tokens cleared successfully');
-  } catch (error) {
-    console.error('❌ Error clearing tokens:', error);
-  }
-};
+/**
+ * Platform Authentication Service
+ * Handles OAuth flows for different platforms
+ */
+
+import { Platform, Linking } from 'react-native';
+import { GoogleSignin, statusCodes } from '@react-native-google-signin/google-signin';
+import AsyncStorage from '@react-native-async-storage/async-storage';
+import { API_CONFIG, getApiHeaders, getAuthHeaders } from '../config/api';
+
+// 🔑 CRITICAL: Using the same client ID for both web and iOS to avoid audience errors
+const WEB_CLIENT_ID = '1030678346906-lovkuds2ouqmoc8eu5qpo98spa6edv4o.apps.googleusercontent.com';
+const IOS_CLIENT_ID = '1030678346906-lovkuds2ouqmoc8eu5qpo98spa6edv4o.apps.googleusercontent.com';
+
+type OAuthConfig = {
+  [key: string]: {
+    authUrl?: string;
+    clientId?: string;
+    redirectUri?: string;
+    scope?: string;
+    responseType?: string;
+    hasNativeSDK: boolean;
+  };
+};
+
+// OAuth configuration for different platforms
+const OAUTH_CONFIG: OAuthConfig = {
+  instagram: {
+    authUrl: 'https://api.instagram.com/oauth/authorize',
+    clientId: 'demo_instagram_client_id',
+    redirectUri: 'onairosevents://auth/callback',
+    scope: 'user_profile,user_media',
+    responseType: 'code',
+    hasNativeSDK: false
+  },
+  youtube: {
+    authUrl: 'https://api2.onairos.uk/youtube/authorize',
+    clientId: '1030678346906-lovkuds2ouqmoc8eu5qpo98spa6edv4o.apps.googleusercontent.com',
+    redirectUri: 'onairosevents://auth/callback',
+    scope: 'https://www.googleapis.com/auth/youtube.readonly',
+    responseType: 'code',
+    hasNativeSDK: true // Changed to true for native SDK
+  },
+  reddit: {
+    authUrl: 'https://api2.onairos.uk/reddit/authorize',
+    clientId: 'demo_reddit_client_id',
+    redirectUri: 'onairosevents://auth/callback',
+    scope: 'identity,read',
+    responseType: 'code',
+    hasNativeSDK: false
+  },
+  pinterest: {
+    authUrl: 'https://api2.onairos.uk/pinterest/authorize',
+    clientId: 'demo_pinterest_client_id',
+    redirectUri: 'onairosevents://auth/callback',
+    scope: 'boards:read,pins:read',
+    responseType: 'code',
+    hasNativeSDK: false
+  },
+  facebook: {
+    authUrl: 'https://www.facebook.com/v12.0/dialog/oauth',
+    clientId: 'demo_facebook_client_id',
+    redirectUri: 'onairosevents://auth/callback',
+    scope: 'public_profile,email',
+    responseType: 'code',
+    hasNativeSDK: false
+  },
+  // GitHub connector is temporarily commented out
+  // github: {
+  //   authUrl: 'https://github.com/login/oauth/authorize',
+  //   clientId: 'demo_github_client_id',
+  //   redirectUri: 'onairosevents://auth/callback',
+  //   scope: 'repo,user',
+  //   responseType: 'code',
+  //   hasNativeSDK: false
+  // },
+  linkedin: {
+    authUrl: 'https://api2.onairos.uk/linkedin/authorize',
+    clientId: '', // No client ID needed - backend handles OAuth
+    redirectUri: 'onairosevents://auth/callback',
+    scope: 'openid profile email', // Updated to OpenID Connect scopes as per your backend
+    responseType: 'code',
+    hasNativeSDK: false // LinkedIn has no modern native SDK
+  },
+  gmail: {
+    authUrl: 'https://api2.onairos.uk/gmail/authorize',
+    clientId: 'demo_gmail_client_id',
+    redirectUri: 'onairosevents://auth/callback',
+    scope: 'https://www.googleapis.com/auth/gmail.readonly',
+    responseType: 'code',
+    hasNativeSDK: false
+  },
+  email: {
+    // Email doesn't use OAuth but we still need to handle it in the flow
+    hasNativeSDK: false,
+    authUrl: 'https://api2.onairos.uk/email/authorize' // Proxy endpoint for email verification
+  }
+};
+
+/**
+ * Check if the platform has a native SDK
+ */
+export const hasNativeSDK = (platform: string): boolean => {
+  return OAUTH_CONFIG[platform]?.hasNativeSDK || false;
+};
+
+/**
+ * Initiate OAuth flow for a platform
+ */
+export const initiateOAuth = async (platform: string, username: string): Promise<string | null> => {
+  try {
+    console.log(`🚀 [OAUTH] Starting OAuth for platform: ${platform}, username: "${username}"`);
+    
+    // Validate username
+    if (!username || username.trim() === '') {
+      console.error(`❌ [OAUTH] Username is required for ${platform} OAuth`);
+      return null;
+    }
+    
+    // For platforms that don't need OAuth (like email), handle differently
+    if (platform === 'email') {
+      console.log('📧 [OAUTH] Email platform selected, returning mock auth URL');
+      return 'https://api2.onairos.uk/email/authorize?action=verify';
+    }
+    
+    // Construct the proxy URL
+    const proxyUrl = `https://api2.onairos.uk/${platform}/authorize`;
+    console.log(`🌐 [OAUTH] Proxy URL: ${proxyUrl}`);
+    
+    const requestBody = {
+      session: {
+        username: username.trim(),
+        platform: platform,
+        timestamp: new Date().toISOString()
+      }
+    };
+    console.log(`📤 [OAUTH] Request body:`, requestBody);
+    console.log(`🔑 [OAUTH] Headers:`, getApiHeaders());
+    
+    // Make a POST request to the proxy
+    const response = await fetch(proxyUrl, {
+      method: 'POST',
+      headers: getApiHeaders(),
+      body: JSON.stringify(requestBody)
+    });
+    
+    console.log(`📡 [OAUTH] Response status: ${response.status} ${response.statusText}`);
+    
+    if (!response.ok) {
+      const errorText = await response.text();
+      console.error(`❌ [OAUTH] Error initiating OAuth for ${platform}: ${response.status} - ${errorText}`);
+      return null;
+    }
+    
+    const data = await response.json();
+    console.log(`📋 [OAUTH] Response data for ${platform}:`, data);
+    
+    // Get the authorization URL from the response
+    // Different platforms might use different keys (e.g., pinterestURL, youtubeURL)
+    const urlKey = `${platform}URL`;
+    const authUrl = data[urlKey] || data.url || null;
+    
+    console.log(`🔗 [OAUTH] Auth URL for ${platform} (key: ${urlKey}):`, authUrl);
+    return authUrl;
+  } catch (error) {
+    console.error(`Error initiating OAuth for ${platform}:`, error);
+    return null;
+  }
+};
+
+/**
+ * Initialize Google Sign-In configuration with enhanced refresh token support
+ * Updated with CRITICAL parameters for refresh token generation
+ */
+const initializeGoogleSignIn = () => {
+  GoogleSignin.configure({
+    webClientId: WEB_CLIENT_ID,        // ✅ CRITICAL: Web client ID for refresh tokens
+    iosClientId: IOS_CLIENT_ID,        // ✅ iOS client ID for native auth
+    
+    // 🔑 CRITICAL: These parameters are REQUIRED for refresh tokens
+    offlineAccess: true,                    // ← CRITICAL: Enables refresh tokens
+    forceCodeForRefreshToken: true,         // ← CRITICAL: Forces refresh token generation
+    
+    // ✅ Enhanced scopes for YouTube
+    scopes: [
+      'https://www.googleapis.com/auth/youtube.readonly',
+      'openid',
+      'profile',
+      'email'
+    ],
+    
+    // ✅ Clear settings to avoid conflicts
+    hostedDomain: '',
+    accountName: '',
+  });
+};
+
+/**
+ * Force YouTube reconnection with consent screen to get refresh tokens
+ * This is the key function to fix YouTube token expiry issues
+ */
+export const forceYouTubeReconnectionWithConsent = async (username: string): Promise<boolean> => {
+  try {
+    console.log('🔄 FORCING fresh YouTube consent for refresh token...');
+    console.log('👤 User:', username);
+    
+    // Step 1: ✅ CRITICAL: Complete sign out (clears all cached consent)
+    try {
+      await GoogleSignin.signOut();
+      console.log('✅ Signed out - consent cache cleared');
+    } catch (signOutError) {
+      console.log('ℹ️ Sign out not needed:', signOutError);
+    }
+    
+    // Step 2: ✅ CRITICAL: Clear cached tokens if available
+    try {
+      const existingTokens = await GoogleSignin.getTokens();
+      if (existingTokens.accessToken) {
+        await GoogleSignin.clearCachedAccessToken(existingTokens.accessToken);
+        console.log('✅ Token cache cleared');
+      }
+    } catch (clearError) {
+      console.log('ℹ️ No token cache to clear');
+    }
+    
+    // Step 3: ✅ CRITICAL: Configure Google Sign-In for FORCED consent
+    console.log('🔧 Configuring Google Sign-In for forced consent...');
+    GoogleSignin.configure({
+      webClientId: WEB_CLIENT_ID,        // ✅ CRITICAL: Web client ID for refresh tokens  
+      iosClientId: IOS_CLIENT_ID,        // ✅ iOS client ID for native auth
+      
+      // 🔑 FORCE REFRESH TOKEN SETTINGS:
+      offlineAccess: true,                    // Request offline access
+      forceCodeForRefreshToken: true,         // Force refresh token generation
+      
+      // 🔑 FORCE CONSENT SCREEN:
+      scopes: [
+        'https://www.googleapis.com/auth/youtube.readonly',
+        'openid',
+        'profile', 
+        'email'
+      ],
+      
+      // ✅ CRITICAL: Clear settings to force fresh consent
+      hostedDomain: '',
+      accountName: '',
+    });
+    
+    // Step 4: ✅ Check Play Services
+    await GoogleSignin.hasPlayServices();
+    console.log('✅ Play Services available');
+    
+    // Step 5: ✅ CRITICAL: Sign in (this SHOULD show consent screen)
+    console.log('🔐 Initiating sign-in - consent screen should appear...');
+    console.log('📱 User should see: "Allow [App] to access your YouTube account when you\'re not using the app?"');
+    
+    const userInfo = await GoogleSignin.signIn();
+    console.log('✅ Sign-in completed - checking for refresh token...');
+    console.log('👤 User email:', userInfo.data?.user?.email);
+    
+    // Step 6: ✅ Get tokens after consent
+    const tokens = await GoogleSignin.getTokens();
+    const currentUser = await GoogleSignin.getCurrentUser();
+    
+    console.log('📋 FULL userInfo object from forceYouTubeReconnectionWithConsent:');
+    console.log(JSON.stringify(userInfo, null, 2));
+    
+    console.log('📋 FULL tokens object from forceYouTubeReconnectionWithConsent:');
+    console.log(JSON.stringify(tokens, null, 2));
+    
+    console.log('📋 FULL currentUser object from forceYouTubeReconnectionWithConsent:');
+    console.log(JSON.stringify(currentUser, null, 2));
+    
+    console.log('🔍 Token analysis:');
+    console.log('- Access token:', tokens.accessToken ? `${tokens.accessToken.substring(0, 20)}...` : 'Missing');
+    console.log('- ID token:', tokens.idToken ? 'Present' : 'Missing');
+    console.log('- ServerAuthCode (userInfo):', userInfo.data?.serverAuthCode ? `${userInfo.data.serverAuthCode.substring(0, 20)}...` : 'Missing');
+    console.log('- ServerAuthCode (currentUser):', currentUser?.serverAuthCode ? `${currentUser.serverAuthCode.substring(0, 20)}...` : 'Missing');
+    
+    // Step 7: ✅ Extract refresh capability
+    const refreshToken = userInfo.data?.serverAuthCode || currentUser?.serverAuthCode;
+    
+    if (refreshToken) {
+      console.log('✅ SUCCESS: Got refresh token after consent!');
+      console.log('🔑 Refresh token type:', refreshToken.startsWith('4/') ? 'serverAuthCode' : 'refreshToken');
+      console.log('🔑 Refresh token preview:', `${refreshToken.substring(0, 20)}...`);
+      
+      // Step 8: ✅ Get YouTube channel info
+      let channelName = 'Unknown Channel';
+      let channelId = null;
+      
+      try {
+        console.log('📺 Fetching YouTube channel information...');
+        const channelResponse = await fetch('https://www.googleapis.com/youtube/v3/channels?part=snippet&mine=true', {
+          headers: {
+            'Authorization': `Bearer ${tokens.accessToken}`,
+            'Accept': 'application/json'
+          }
+        });
+        
+        if (channelResponse.ok) {
+          const channelData = await channelResponse.json();
+          if (channelData.items && channelData.items.length > 0) {
+            channelName = channelData.items[0].snippet.title;
+            channelId = channelData.items[0].id;
+            console.log('✅ YouTube channel found:', channelName, 'ID:', channelId);
+          } else {
+            console.log('⚠️ No YouTube channel found for user');
+            channelName = userInfo.data?.user?.name || userInfo.data?.user?.email || 'No Channel';
+          }
+        } else {
+          console.log('⚠️ Failed to fetch YouTube channel info:', channelResponse.status);
+          channelName = userInfo.data?.user?.name || userInfo.data?.user?.email || 'Unknown Channel';
+        }
+      } catch (channelError) {
+        console.log('⚠️ Error fetching YouTube channel info:', channelError);
+        channelName = userInfo.data?.user?.name || userInfo.data?.user?.email || 'Unknown Channel';
+      }
+      
+      // Step 9: ✅ Get authentication token
+      let authToken = await AsyncStorage.getItem('onairos_jwt_token') || 
+                     await AsyncStorage.getItem('enoch_token') || 
+                     await AsyncStorage.getItem('auth_token');
+      
+      if (!authToken || authToken.trim().length < 20) {
+        console.log('🔐 Creating authentication token for YouTube connection...');
+        // Create token logic here if needed
+        authToken = 'temp_token_for_youtube_connection';
+      }
+      
+      // Step 10: ✅ Send comprehensive data to backend
+      const backendPayload = {
+        session: {
+          username: username,
+          platform: 'youtube',
+          timestamp: new Date().toISOString(),
+          channelName: channelName,
+          channelId: channelId,
+          forceConsent: true // Flag to indicate this was forced consent
+        },
+        googleUser: userInfo.data?.user,
+        accessToken: tokens.accessToken,
+        idToken: tokens.idToken,
+        refreshToken: refreshToken,                 // ✅ CRITICAL: The refresh token!
+        serverAuthCode: refreshToken,               // ✅ Same as refresh token
+        
+        // ✅ CRITICAL: Additional compatibility fields for backend
+        refresh_token: refreshToken,                // Snake case version
+        server_auth_code: refreshToken,             // Snake case version
+        authCode: refreshToken,                     // Alternative naming
+        
+        userAccountInfo: {
+          username: username,
+          email: userInfo.data?.user?.email,
+          authToken: authToken,
+          channelName: channelName,
+          channelId: channelId,
+          userIdentifier: authToken ? `user-${authToken.substring(0, 10)}` : `youtube-${userInfo.data?.user?.email}`,
+          googleId: userInfo.data?.user?.id,
+          // ✅ CRITICAL: Also include refresh token in userAccountInfo
+          refreshToken: refreshToken,
+          serverAuthCode: refreshToken
+        },
+        tokenExpiry: new Date(Date.now() + 3600 * 1000).toISOString(), // 1 hour from now
+        requestRefreshToken: true,
+        debugInfo: {
+          hasRefreshToken: true,
+          refreshTokenType: refreshToken.startsWith('4/') ? 'serverAuthCode' : 'refreshToken',
+          configuredForRefresh: true,
+          forcedConsent: true,
+          consentMethod: 'signOut_and_configure',
+          refreshTokenValue: refreshToken // Include actual value for debugging
+        }
+      };
+      
+      console.log('📤 Sending comprehensive payload with REFRESH TOKEN to backend:', {
+        hasAccessToken: !!backendPayload.accessToken,
+        hasRefreshToken: !!backendPayload.refreshToken,
+        hasServerAuthCode: !!backendPayload.serverAuthCode,
+        refreshTokenType: backendPayload.debugInfo.refreshTokenType,
+        userEmail: userInfo.data?.user?.email,
+        forcedConsent: true
+      });
+      
+      // Step 11: ✅ Send to backend with ENHANCED LOGGING
+      console.log('🚀 [YOUTUBE REAUTH] ===== SENDING REAUTH SIGNAL TO BACKEND =====');
+      console.log('🚀 [YOUTUBE REAUTH] Endpoint: https://api2.onairos.uk/youtube/native-auth');
+      console.log('🚀 [YOUTUBE REAUTH] Method: POST');
+      console.log('🚀 [YOUTUBE REAUTH] Headers:', {
+        'Content-Type': 'application/json',
+        'Authorization': authToken ? `${authToken.substring(0, 20)}...` : 'NO AUTH TOKEN'
+      });
+      console.log('🚀 [YOUTUBE REAUTH] Payload Summary:', {
+        hasAccessToken: !!backendPayload.accessToken,
+        hasRefreshToken: !!backendPayload.refreshToken,
+        hasServerAuthCode: !!backendPayload.serverAuthCode,
+        refreshTokenType: backendPayload.debugInfo.refreshTokenType,
+        userEmail: userInfo.data?.user?.email,
+        channelName: channelName,
+        forcedConsent: true,
+        requestRefreshToken: true
+      });
+      console.log('🚀 [YOUTUBE REAUTH] FULL PAYLOAD:', JSON.stringify(backendPayload, null, 2));
+      
+
+      
+      const backendResponse = await fetch('https://api2.onairos.uk/youtube/native-auth', {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          ...(authToken && { 'Authorization': authToken })
+        },
+        body: JSON.stringify(backendPayload)
+      });
+      
+      console.log('📡 [YOUTUBE REAUTH] Response Status:', backendResponse.status);
+      console.log('📡 [YOUTUBE REAUTH] Response Status Text:', backendResponse.statusText);
+      console.log('📡 [YOUTUBE REAUTH] Response Headers:', backendResponse.headers);
+      
+      if (backendResponse.ok) {
+        const responseData = await backendResponse.json();
+        console.log('✅ [YOUTUBE REAUTH] Backend Response SUCCESS:', JSON.stringify(responseData, null, 2));
+        
+        // Enhanced verification with detailed logging and temporary mode detection (exact backend fields)
+        const isTemporaryMode = responseData.validation?.isTemporaryMode === true ||
+                               responseData.temporaryMode?.enabled === true || 
+                               responseData.isTemporaryMode === true ||
+                               (responseData.message && responseData.message.includes('temporary access token mode'));
+        
+        if (isTemporaryMode) {
+          console.log('🔄 [YOUTUBE REAUTH] YouTube connected in temporary mode');
+          console.log('✅ [YOUTUBE REAUTH] Training will work, but connection expires in ~1 hour');
+          console.log('🎉 [YOUTUBE REAUTH] SUCCESS: Temporary YouTube connection established!');
+          
+          console.log('🔑 [YOUTUBE REAUTH] Connection Details:');
+          console.log('🔑 [YOUTUBE REAUTH] Mode: Temporary (expires ~1 hour)');
+          console.log('🔑 [YOUTUBE REAUTH] Training Ready: Yes');
+          console.log('🔑 [YOUTUBE REAUTH] Refresh token sent:', refreshToken ? 'Yes' : 'No');
+        } else if (responseData.hasRefreshToken || responseData.refreshTokenReceived) {
+          console.log('✅ [YOUTUBE REAUTH] Backend CONFIRMED refresh token received');
+          console.log('✅ [YOUTUBE REAUTH] Response hasRefreshToken:', responseData.hasRefreshToken);
+          console.log('🎉 [YOUTUBE REAUTH] SUCCESS: Full YouTube connection with refresh tokens!');
+          
+          // CRITICAL: Print the refresh token that was sent for debugging
+          console.log('🔑 [YOUTUBE REAUTH] REFRESH TOKEN SENT TO BACKEND:');
+          console.log('🔑 [YOUTUBE REAUTH] Full refresh token:', refreshToken);
+          console.log('🔑 [YOUTUBE REAUTH] Refresh token type:', refreshToken.startsWith('4/') ? 'serverAuthCode' : 'refreshToken');
+          console.log('🔑 [YOUTUBE REAUTH] Refresh token length:', refreshToken.length);
+        } else {
+          console.warn('⚠️ [YOUTUBE REAUTH] Backend did NOT confirm refresh token reception');
+          console.warn('⚠️ [YOUTUBE REAUTH] Response data:', responseData);
+          console.warn('⚠️ [YOUTUBE REAUTH] Expected hasRefreshToken or refreshTokenReceived in response');
+          return false;
+        }
+        
+        // CRITICAL: Signal training system to restart with new connection
+        console.log('🔄 [YOUTUBE REAUTH] Signaling training system to restart...');
+        try {
+          await triggerTrainingRestart(username, authToken);
+          console.log('✅ [YOUTUBE REAUTH] Training restart signal sent successfully');
+        } catch (restartError) {
+          console.warn('⚠️ [YOUTUBE REAUTH] Training restart signal failed:', restartError);
+          console.warn('⚠️ [YOUTUBE REAUTH] User may need to manually restart training');
+        }
+        
+        return true;
+      } else {
+        const errorData = await backendResponse.text();
+        console.error('❌ [YOUTUBE REAUTH] Backend processing FAILED:', backendResponse.status, errorData);
+        console.error('❌ [YOUTUBE REAUTH] This means the reauth signal was not processed');
+        return false;
+      }
+      
+    } else {
+      console.error('❌ CRITICAL: No refresh token even after consent screen');
+      console.error('❌ This means consent screen did not appear or user denied permissions');
+      console.error('💡 Solutions:');
+      console.error('   1. Try the revoke method: forceYouTubeReconnectionWithRevoke()');
+      console.error('   2. Check Google Console OAuth configuration');
+      console.error('   3. Ensure user clicks "Allow" on consent screen');
+      return false;
+    }
+    
+  } catch (error: any) {
+    console.error('❌ Error forcing YouTube consent:', error);
+    
+    if (error.code === statusCodes.SIGN_IN_CANCELLED) {
+      console.error('❌ User cancelled sign-in - no refresh token obtained');
+      console.error('💡 User must click "Allow" to get refresh token');
+    } else if (error.code === statusCodes.IN_PROGRESS) {
+      console.error('❌ Sign-in already in progress');
+    } else if (error.code === statusCodes.PLAY_SERVICES_NOT_AVAILABLE) {
+      console.error('❌ Google Play Services not available');
+    }
+    
+    return false;
+  }
+};
+
+/**
+ * Alternative method: Force consent by revoking existing permissions
+ */
+export const forceYouTubeReconnectionWithRevoke = async (username: string): Promise<boolean> => {
+  try {
+    console.log('🔄 FORCING YouTube consent via REVOKE method...');
+    console.log('👤 User:', username);
+    
+    // Step 1: Initialize Google Sign-In
+    initializeGoogleSignIn();
+    await GoogleSignin.hasPlayServices();
+    
+    // Step 2: ✅ CRITICAL: Revoke existing permissions (forces fresh consent)
+    try {
+      await GoogleSignin.revokeAccess();
+      console.log('✅ Revoked existing permissions - fresh consent REQUIRED');
+    } catch (revokeError) {
+      console.log('ℹ️ No existing permissions to revoke:', revokeError);
+    }
+    
+    // Step 3: Sign out completely
+    await GoogleSignin.signOut();
+    console.log('✅ Signed out completely');
+    
+    // Step 4: ✅ Now sign in again (will DEFINITELY show consent screen)
+    console.log('🔐 Signing in after revoke - consent screen MUST appear...');
+    const userInfo = await GoogleSignin.signIn();
+    
+    // Step 5: ✅ User will definitely see consent screen now
+    const tokens = await GoogleSignin.getTokens();
+    const currentUser = await GoogleSignin.getCurrentUser();
+    const refreshToken = userInfo.data?.serverAuthCode || currentUser?.serverAuthCode;
+    
+    if (refreshToken) {
+      console.log('✅ SUCCESS: Got refresh token after REVOKE + consent!');
+      console.log('🔑 Refresh token preview:', `${refreshToken.substring(0, 20)}...`);
+      
+      // Continue with the same backend submission logic as above
+      // (Similar to forceYouTubeReconnectionWithConsent)
+      
+      return true;
+    } else {
+      console.error('❌ Still no refresh token after revoke method');
+      return false;
+    }
+    
+  } catch (error) {
+    console.error('❌ Error with revoke method:', error);
+    return false;
+  }
+};
+
+/**
+ * Fix YouTube connection for a specific user (like nicholase50)
+ */
+export const fixUserYouTubeConnection = async (username: string): Promise<boolean> => {
+  console.log(`🔧 Fixing YouTube connection for user: ${username}`);
+  
+  // Method 1: Try forced consent via configuration
+  console.log('🔄 Method 1: Trying forced consent via configuration...');
+  let success = await forceYouTubeReconnectionWithConsent(username);
+  
+  if (success) {
+    console.log(`✅ ${username} YouTube connection fixed via Method 1!`);
+    return true;
+  }
+  
+  // Method 2: Try forced consent via revoke
+  console.log('🔄 Method 2: Trying forced consent via revoke...');
+  success = await forceYouTubeReconnectionWithRevoke(username);
+  
+  if (success) {
+    console.log(`✅ ${username} YouTube connection fixed via Method 2!`);
+    return true;
+  }
+  
+  console.error(`❌ Failed to fix ${username} YouTube connection with both methods`);
+  return false;
+};
+
+/**
+ * Get fresh tokens using refresh token
+ */
+const refreshGoogleTokens = async (): Promise<{ accessToken: string; idToken?: string } | null> => {
+  try {
+    console.log('🔄 Attempting to refresh Google tokens...');
+    
+    // Check if user is signed in
+    const currentUser = await GoogleSignin.getCurrentUser();
+    if (!currentUser) {
+      console.log('❌ User not signed in to Google, cannot refresh tokens');
+      return null;
+    }
+    
+    // Get fresh tokens
+    const tokens = await GoogleSignin.getTokens();
+    console.log('✅ Successfully refreshed Google tokens');
+    
+    return {
+      accessToken: tokens.accessToken,
+      idToken: tokens.idToken
+    };
+  } catch (error) {
+    console.error('❌ Failed to refresh Google tokens:', error);
+    
+    // If refresh fails, try to sign in again
+    try {
+      console.log('🔄 Refresh failed, attempting re-authentication...');
+      const userInfo = await GoogleSignin.signIn();
+      const tokens = await GoogleSignin.getTokens();
+      
+      console.log('✅ Re-authentication successful');
+      return {
+        accessToken: tokens.accessToken,
+        idToken: tokens.idToken
+      };
+    } catch (signInError) {
+      console.error('❌ Re-authentication also failed:', signInError);
+      return null;
+    }
+  }
+};
+
+/**
+ * Debug YouTube tokens to verify refresh token availability
+ */
+const debugYouTubeTokens = async (): Promise<{ hasRefreshToken: boolean; refreshTokenType: string }> => {
+  try {
+    const tokens = await GoogleSignin.getTokens();
+    const currentUser = await GoogleSignin.getCurrentUser();
+    
+    console.log('🔍 YouTube Token Debug:', {
+      accessToken: tokens.accessToken ? `${tokens.accessToken.substring(0, 20)}...` : 'Missing',
+      idToken: tokens.idToken ? 'Present' : 'Missing',
+      serverAuthCode: currentUser?.serverAuthCode ? `${currentUser.serverAuthCode.substring(0, 20)}...` : 'Missing',
+      userEmail: currentUser?.user?.email || 'Missing'
+    });
+    
+    return {
+      hasRefreshToken: !!(currentUser?.serverAuthCode),
+      refreshTokenType: currentUser?.serverAuthCode ? 'serverAuthCode' : 'none'
+    };
+  } catch (error) {
+    console.error('❌ Debug tokens failed:', error);
+    return { hasRefreshToken: false, refreshTokenType: 'error' };
+  }
+};
+
+/**
+ * Force fresh YouTube reconnection with proper refresh token
+ */
+export const reconnectYouTube = async (username: string): Promise<boolean> => {
+  try {
+    console.log('🔄 Forcing fresh YouTube reconnection for refresh token...');
+    
+    // 1. Sign out completely to force fresh consent
+    try {
+      await GoogleSignin.signOut();
+      console.log('✅ Signed out from Google');
+    } catch (signOutError) {
+      console.log('ℹ️ Already signed out or sign out failed:', signOutError);
+    }
+    
+          // 2. Clear any cached tokens
+      try {
+        const currentTokens = await GoogleSignin.getTokens();
+        if (currentTokens.accessToken) {
+          await GoogleSignin.clearCachedAccessToken(currentTokens.accessToken);
+          console.log('✅ Cleared cached access token');
+        }
+      } catch (clearError) {
+        console.log('ℹ️ Token clearing failed or not needed:', clearError);
+      }
+    
+    // 3. Re-authenticate with fresh consent
+    const result = await initiateNativeAuth('youtube', username);
+    
+    if (result) {
+      console.log('✅ YouTube reconnected successfully with refresh token');
+      
+      // 4. Verify we now have a refresh token
+      const debugInfo = await debugYouTubeTokens();
+      if (debugInfo.hasRefreshToken) {
+        console.log('✅ Refresh token confirmed:', debugInfo.refreshTokenType);
+      } else {
+        console.warn('⚠️ Still no refresh token after reconnection');
+      }
+      
+      return true;
+    } else {
+      console.error('❌ YouTube reconnection failed');
+      return false;
+    }
+  } catch (error) {
+    console.error('❌ YouTube reconnection error:', error);
+    return false;
+  }
+};
+
+/**
+ * Initiate native authentication for platforms with SDKs
+ */
+export const initiateNativeAuth = async (platform: string, username?: string): Promise<boolean> => {
+  if (platform === 'youtube') {
+    console.log('🔗 Initiating native Google Sign-In for YouTube');
+    
+    // Validate username for YouTube
+    if (!username || username.trim() === '') {
+      console.error('❌ [YOUTUBE AUTH] Username is required for YouTube authentication');
+      return false;
+    }
+    
+    try {
+      // Initialize Google Sign-In if not already done
+      // ✅ CRITICAL: Initialize with CORRECT iOS Client ID
+      initializeGoogleSignIn();
+      
+      // Check if Google Play Services are available
+      await GoogleSignin.hasPlayServices();
+      
+      // ✅ CRITICAL: Force sign out first to ensure fresh consent
+      try {
+        await GoogleSignin.signOut();
+        console.log('🔄 Signed out to force fresh consent');
+      } catch (signOutError) {
+        console.log('ℹ️ Sign out not needed or failed:', signOutError);
+      }
+      
+      // Sign in with Google (this will show consent screen due to our config)
+      const userInfo = await GoogleSignin.signIn();
+      console.log('✅ Google Sign-In successful:', userInfo.data?.user?.email);
+      
+      console.log('📋 FULL userInfo object:');
+      console.log(JSON.stringify(userInfo, null, 2));
+      
+      // Get access token for API calls
+      const tokens = await GoogleSignin.getTokens();
+      console.log('🔑 Got Google tokens');
+      console.log('📋 FULL tokens object:');
+      console.log(JSON.stringify(tokens, null, 2));
+      
+      // CRITICAL: Get the current user info which contains the refresh token
+      const currentUser = await GoogleSignin.getCurrentUser();
+      console.log('👤 Current user info:', currentUser?.user?.email);
+      console.log('📋 FULL currentUser object:');
+      console.log(JSON.stringify(currentUser, null, 2));
+      
+      // ✅ CRITICAL: Extract refresh token properly using serverAuthCode
+      let refreshToken = null;
+      
+      console.log('🔍 REFRESH TOKEN EXTRACTION:');
+      console.log('- userInfo.data?.serverAuthCode:', userInfo.data?.serverAuthCode ? `Present: ${userInfo.data.serverAuthCode.substring(0, 20)}...` : 'Missing');
+      console.log('- currentUser?.serverAuthCode:', currentUser?.serverAuthCode ? `Present: ${currentUser.serverAuthCode.substring(0, 20)}...` : 'Missing');
+      console.log('- tokens.idToken:', tokens.idToken ? `Present: ${tokens.idToken.substring(0, 20)}...` : 'Missing');
+      console.log('- tokens.accessToken:', tokens.accessToken ? `Present: ${tokens.accessToken.substring(0, 20)}...` : 'Missing');
+      
+      // The serverAuthCode is the refresh token mechanism for React Native Google Sign-In
+      if (currentUser?.serverAuthCode) {
+        refreshToken = currentUser.serverAuthCode;
+        console.log('✅ Got serverAuthCode (refresh token mechanism)');
+        console.log('🔑 Refresh token preview:', `${refreshToken.substring(0, 20)}...`);
+      } else if (userInfo.data?.serverAuthCode) {
+        refreshToken = userInfo.data.serverAuthCode;
+        console.log('✅ Got serverAuthCode from sign-in response');
+        console.log('🔑 Refresh token preview:', `${refreshToken.substring(0, 20)}...`);
+      }
+      
+      // ✅ CRITICAL: Verify refresh token availability
+      if (!refreshToken) {
+        console.error('❌ CRITICAL: No refresh token available - YouTube connection will fail when token expires');
+        console.error('💡 User needs to reconnect with proper consent screen');
+        console.error('💡 Check Google Sign-In configuration: offlineAccess, forceCodeForRefreshToken');
+        
+        // Still continue but warn about the issue
+        console.warn('⚠️ Continuing without refresh token - connection may fail later');
+      } else {
+        console.log('✅ Refresh token available for YouTube connection');
+        console.log('🔑 Refresh token type:', refreshToken.startsWith('4/') ? 'serverAuthCode' : 'refreshToken');
+      }
+      
+      // Fetch YouTube channel information using the access token
+      let channelName = 'Unknown Channel';
+      let channelId = null;
+      try {
+        console.log('📺 Fetching YouTube channel information...');
+        const channelResponse = await fetch('https://www.googleapis.com/youtube/v3/channels?part=snippet&mine=true', {
+          headers: {
+            'Authorization': `Bearer ${tokens.accessToken}`,
+            'Accept': 'application/json'
+          }
+        });
+        
+        if (channelResponse.ok) {
+          const channelData = await channelResponse.json();
+          if (channelData.items && channelData.items.length > 0) {
+            channelName = channelData.items[0].snippet.title;
+            channelId = channelData.items[0].id;
+            console.log('✅ YouTube channel found:', channelName, 'ID:', channelId);
+          } else {
+            console.log('⚠️ No YouTube channel found for user');
+            channelName = userInfo.data?.user?.name || userInfo.data?.user?.email || 'No Channel';
+          }
+        } else {
+          console.log('⚠️ Failed to fetch YouTube channel info:', channelResponse.status);
+          channelName = userInfo.data?.user?.name || userInfo.data?.user?.email || 'Unknown Channel';
+        }
+      } catch (channelError) {
+        console.log('⚠️ Error fetching YouTube channel info:', channelError);
+        channelName = userInfo.data?.user?.name || userInfo.data?.user?.email || 'Unknown Channel';
+      }
+      
+      // Get stored authentication info to link YouTube data to user account
+      let authToken = await AsyncStorage.getItem('onairos_jwt_token') || await AsyncStorage.getItem('enoch_token') || await AsyncStorage.getItem('auth_token');
+      const storedUsername = await AsyncStorage.getItem('onairos_username');
+      const finalUsername = storedUsername || username || userInfo.data?.user?.email || 'youtube_user';
+      
+      // If no auth token exists, create one now to ensure YouTube data is linked to user account
+      if (!authToken || authToken.trim().length < 20) {
+        console.log('🔐 No valid authentication token found, creating one for YouTube authentication...');
+        
+        try {
+          // Create user accounts and get proper Enoch token
+          const fallbackEmail = userInfo.data?.user?.email || `${finalUsername}@youtube.temp`;
+          
+          // Step 1: Create Enoch user first
+          console.log('🔐 Step 1: Creating Enoch user for YouTube auth...');
+          try {
+            const enochRegisterResponse = await fetch('https://api2.onairos.uk/enoch/users/register', {
+              method: 'POST',
+              headers: {
+                'Content-Type': 'application/json'
+              },
+              body: JSON.stringify({
+                email: fallbackEmail,
+                name: finalUsername,
+                photoUrl: userInfo.data?.user?.photo || ''
+              })
+            });
+            
+            console.log('📡 Enoch register response status:', enochRegisterResponse.status);
+            const enochResponseData = await enochRegisterResponse.json();
+            console.log('🔗 Enoch user creation response:', enochResponseData);
+          } catch (enochError) {
+            console.warn('⚠️ Enoch user creation failed (continuing):', enochError);
+          }
+          
+          // Step 2: Create Onairos account to get JWT token
+          console.log('🔐 Step 2: Creating Onairos account for YouTube auth...');
+          const onairosSignupResponse = await fetch('https://api2.onairos.uk/register/enoch', {
+            method: 'POST',
+            headers: {
+              'Content-Type': 'application/json'
+            },
+            body: JSON.stringify({
+              email: fallbackEmail,
+              username: finalUsername,
+              name: finalUsername
+            })
+          });
+          
+          console.log('📡 Onairos register response status:', onairosSignupResponse.status);
+          
+          if (onairosSignupResponse.ok) {
+            const onairosResponseData = await onairosSignupResponse.json();
+            console.log('🔗 Onairos account creation response:', onairosResponseData);
+            
+            // Extract the token from the response
+            if (onairosResponseData.token) {
+              authToken = onairosResponseData.token;
+            } else if (onairosResponseData.data?.token) {
+              authToken = onairosResponseData.data.token;
+            } else if (onairosResponseData.jwt) {
+              authToken = onairosResponseData.jwt;
+            }
+            
+            if (authToken) {
+              // Store the Enoch token in all the standard locations
+              await AsyncStorage.setItem('onairos_jwt_token', authToken);
+              await AsyncStorage.setItem('enoch_token', authToken);
+              await AsyncStorage.setItem('auth_token', authToken);
+              await AsyncStorage.setItem('onairos_username', onairosResponseData.username || finalUsername);
+              
+              console.log('✅ Successfully created and stored Enoch authentication token for YouTube');
+              console.log('🔑 Enoch token preview:', `${authToken.substring(0, 20)}...`);
+            }
+          } else {
+            const errorText = await onairosSignupResponse.text();
+            console.warn('⚠️ Could not create Enoch auth token for YouTube:', errorText);
+          }
+        } catch (tokenError) {
+          console.warn('⚠️ Error creating Enoch auth token for YouTube:', tokenError);
+          // Continue without token - backend will handle gracefully
+        }
+      } else {
+        console.log('✅ Found existing authentication token for YouTube auth');
+        console.log('🔑 Token preview:', `${authToken.substring(0, 20)}...`);
+      }
+      
+      console.log('🔗 Linking YouTube data to user:', finalUsername);
+      console.log('🔑 Using auth token for linking:', authToken ? `${authToken.substring(0, 20)}...` : 'No token');
+      console.log('📺 YouTube channel name:', channelName);
+      
+      // ✅ CRITICAL: Enhanced payload with comprehensive refresh token data
+      const backendPayload = {
+        session: {
+          username: finalUsername,
+          platform: 'youtube',
+          timestamp: new Date().toISOString(),
+          channelName: channelName,
+          channelId: channelId
+        },
+        googleUser: userInfo.data?.user,
+        accessToken: tokens.accessToken,
+        idToken: tokens.idToken,
+        refreshToken: refreshToken,                 // ✅ CRITICAL: Include refresh token
+        serverAuthCode: refreshToken,               // ✅ Alternative refresh mechanism (same as refreshToken)
+        
+        // ✅ CRITICAL: Additional compatibility fields for backend
+        refresh_token: refreshToken,                // Snake case version
+        server_auth_code: refreshToken,             // Snake case version
+        authCode: refreshToken,                     // Alternative naming
+        
+        // Include user account linking information
+        userAccountInfo: {
+          username: finalUsername,
+          email: userInfo.data?.user?.email,
+          authToken: authToken,
+          channelName: channelName,
+          channelId: channelId,
+          // CRITICAL: Include user identifier that matches your database
+          userIdentifier: authToken ? `user-${authToken.substring(0, 10)}` : `youtube-${userInfo.data?.user?.email}`,
+          googleId: userInfo.data?.user?.id,
+          appleUserId: authToken?.includes('apple') ? authToken.split('.')[1] : null,
+          // ✅ CRITICAL: Also include refresh token in userAccountInfo
+          refreshToken: refreshToken,
+          serverAuthCode: refreshToken
+        },
+        // Token expiry information
+        tokenExpiry: new Date(Date.now() + 3600 * 1000).toISOString(), // 1 hour from now
+        // Force refresh token request
+        requestRefreshToken: true,
+        // ✅ CRITICAL: Debug information for backend
+        debugInfo: {
+          hasRefreshToken: !!refreshToken,
+          refreshTokenType: refreshToken ? 
+            (refreshToken.startsWith('4/') ? 'serverAuthCode' : 'refreshToken') : 'none',
+          configuredForRefresh: true,
+          forcedConsent: true,
+          refreshTokenValue: refreshToken // Include actual value for debugging
+        }
+      };
+      
+      console.log('📤 BACKEND PAYLOAD SUMMARY:');
+      console.log('- hasAccessToken:', !!backendPayload.accessToken);
+      console.log('- hasRefreshToken:', !!backendPayload.refreshToken);
+      console.log('- hasServerAuthCode:', !!backendPayload.serverAuthCode);
+      console.log('- refreshTokenType:', backendPayload.debugInfo.refreshTokenType);
+      console.log('- userEmail:', userInfo.data?.user?.email);
+      console.log('- channelName:', channelName);
+      
+      console.log('📋 COMPLETE BACKEND PAYLOAD:');
+      console.log(JSON.stringify(backendPayload, null, 2));
+      
+      // Send the tokens to your backend for YouTube data processing with ENHANCED LOGGING
+      console.log('📤 Sending YouTube auth to backend with refresh token:', !!refreshToken);
+      
+      const backendResponse = await fetch('https://api2.onairos.uk/youtube/native-auth', {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          ...(authToken && { 'Authorization': authToken }) // Include auth token if available
+        },
+        body: JSON.stringify(backendPayload)
+      });
+      
+      console.log('📡 Backend response status:', backendResponse.status);
+      console.log('📡 Backend response headers:', backendResponse.headers);
+      
+      if (backendResponse.ok) {
+        const responseData = await backendResponse.json();
+        console.log('✅ YouTube connection successful');
+        console.log('📋 COMPLETE BACKEND RESPONSE:');
+        console.log(JSON.stringify(responseData, null, 2));
+        
+        // ✅ Enhanced verification with temporary mode detection (exact backend fields)
+        const isTemporaryMode = responseData.validation?.isTemporaryMode === true ||
+                               responseData.temporaryMode?.enabled === true || 
+                               responseData.isTemporaryMode === true ||
+                               (responseData.message && responseData.message.includes('temporary access token mode'));
+        
+        if (isTemporaryMode) {
+          console.log('🔄 [YOUTUBE AUTH] YouTube connected in temporary mode');
+          console.log('✅ [YOUTUBE AUTH] Training will work, but connection expires in ~1 hour');
+          console.log('ℹ️ [YOUTUBE AUTH] User can reconnect later for refresh tokens if needed');
+        } else if (responseData.hasRefreshToken || responseData.refreshTokenReceived) {
+          console.log('✅ [YOUTUBE AUTH] Backend confirmed refresh token received');
+          console.log('✅ [YOUTUBE AUTH] Full YouTube connection with persistent access');
+        } else {
+          console.warn('⚠️ [YOUTUBE AUTH] Backend did not confirm refresh token');
+          console.warn('🔍 [YOUTUBE AUTH] Response data keys:', Object.keys(responseData));
+          console.warn('⚠️ [YOUTUBE AUTH] Connection may fail when tokens expire');
+        }
+        
+        return true;
+      } else {
+        const errorData = await backendResponse.text();
+        console.error('❌ YouTube auth failed:', backendResponse.status);
+        console.error('📋 BACKEND ERROR RESPONSE:');
+        console.error(errorData);
+        return false;
+      }
+      
+    } catch (error: any) {
+      console.error('❌ Google Sign-In error:', error);
+      
+      if (error.code === statusCodes.SIGN_IN_CANCELLED) {
+        console.log('User cancelled Google Sign-In');
+      } else if (error.code === statusCodes.IN_PROGRESS) {
+        console.log('Google Sign-In already in progress');
+      } else if (error.code === statusCodes.PLAY_SERVICES_NOT_AVAILABLE) {
+        console.log('Google Play Services not available');
+      }
+      
+      return false;
+    }
+  }
+
+  // Instagram is commented out in the UI, but keeping the code for future use
+  if (platform === 'instagram') {
+    // Simulate Facebook Login SDK for Instagram
+    console.log('Initiating Facebook Login for Instagram');
+    return new Promise(resolve => {
+      setTimeout(() => {
+        console.log('Facebook Login completed successfully');
+        resolve(true);
+      }, 1000);
+    });
+  }
+
+  return false;
+};
+
+/**
+ * Check if a URL is an OAuth callback
+ */
+export const isOAuthCallback = (url: string): boolean => {
+  return url.includes('auth/callback') || url.includes('code=');
+};
+
+/**
+ * Exchange authorization code for access token
+ * This would typically be done on a server, but we're simulating it here
+ */
+export const exchangeCodeForToken = async (code: string, platform: string): Promise<any> => {
+  console.log(`Exchanging code for token for platform: ${platform}`);
+  
+  try {
+    // Use the proxy server to exchange the code for a token
+    const tokenUrl = `https://api2.onairos.uk/${platform}/token`;
+    
+    // Make a POST request to the proxy
+    const response = await fetch(tokenUrl, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json'
+      },
+      body: JSON.stringify({
+        code: code,
+        platform: platform
+      })
+    });
+    
+    if (!response.ok) {
+      console.error(`Error exchanging code for token: ${response.status}`);
+      throw new Error(`Token exchange failed with status ${response.status}`);
+    }
+    
+    const data = await response.json();
+    console.log(`Token exchange successful for ${platform}`);
+    return data;
+  } catch (error) {
+    console.error(`Error exchanging code for token:`, error);
+    
+    // Fallback to simulation if the API call fails
+    console.log('Falling back to simulated token response');
+    return {
+      access_token: `${platform}_access_token_${Math.random().toString(36).substring(7)}`,
+      refresh_token: `${platform}_refresh_token_${Math.random().toString(36).substring(7)}`,
+      expires_in: 3600,
+    };
+  }
+};
+
+/**
+ * Refresh YouTube tokens when they expire
+ * This should be called when the backend reports token expiry
+ */
+export const refreshYouTubeTokens = async (): Promise<boolean> => {
+  try {
+    console.log('🔄 Refreshing YouTube tokens...');
+    
+    // Get fresh tokens from Google SDK
+    const freshTokens = await GoogleSignin.getTokens();
+    if (!freshTokens) {
+      console.error('❌ Failed to get fresh tokens from Google SDK');
+      return false;
+    }
+    
+    // Get current user info
+    const currentUser = await GoogleSignin.getCurrentUser();
+    if (!currentUser) {
+      console.error('❌ No current Google user found');
+      return false;
+    }
+    
+    // Get stored auth token
+    const authToken = await AsyncStorage.getItem('onairos_jwt_token') || 
+                     await AsyncStorage.getItem('enoch_token') || 
+                     await AsyncStorage.getItem('auth_token');
+    
+    if (!authToken) {
+      console.error('❌ No auth token found for YouTube refresh');
+      return false;
+    }
+    
+    // Send refreshed tokens to backend
+    const refreshResponse = await fetch('https://api2.onairos.uk/youtube/refresh-token', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Authorization': authToken
+      },
+      body: JSON.stringify({
+        accessToken: freshTokens.accessToken,
+        idToken: freshTokens.idToken,
+        refreshToken: currentUser.serverAuthCode,
+        userEmail: currentUser.user?.email,
+        tokenExpiry: new Date(Date.now() + 3600 * 1000).toISOString(), // 1 hour from now
+        timestamp: new Date().toISOString()
+      })
+    });
+    
+    if (refreshResponse.ok) {
+      const responseData = await refreshResponse.json();
+      console.log('✅ YouTube tokens refreshed successfully:', responseData);
+      return true;
+    } else {
+      const errorData = await refreshResponse.text();
+      console.error('❌ YouTube token refresh failed:', refreshResponse.status, errorData);
+      return false;
+    }
+  } catch (error) {
+    console.error('❌ Error refreshing YouTube tokens:', error);
+    return false;
+  }
+};
+
+/**
+ * Trigger training restart after YouTube re-authentication
+ * This signals the backend to restart training with the new refresh token
+ */
+const triggerTrainingRestart = async (username: string, authToken: string): Promise<void> => {
+  try {
+    console.log('🔄 [TRAINING RESTART] Triggering training restart for user:', username);
+    
+    const response = await fetch('https://api2.onairos.uk/mobile-training/restart', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Authorization': authToken
+      },
+      body: JSON.stringify({
+        username: username,
+        reason: 'youtube_reauth',
+        platform: 'youtube',
+        timestamp: new Date().toISOString(),
+        requestNewTraining: true
+      })
+    });
+    
+    if (response.ok) {
+      const responseData = await response.json();
+      console.log('✅ [TRAINING RESTART] Training restart successful:', responseData);
+    } else {
+      const errorData = await response.text();
+      console.error('❌ [TRAINING RESTART] Training restart failed:', response.status, errorData);
+      throw new Error(`Training restart failed: ${response.status}`);
+    }
+  } catch (error) {
+    console.error('❌ [TRAINING RESTART] Error triggering training restart:', error);
+    throw error;
+  }
+};
+
+/**
+ * Test function to verify YouTube refresh token functionality
+ * Call this in your app to test the YouTube connection
+ */
+export const testYouTubeRefreshToken = async (username: string): Promise<void> => {
+  console.log('🧪 Testing YouTube refresh token functionality...');
+  console.log('👤 User:', username);
+  
+  try {
+    // Test the debug function first
+    const debugInfo = await debugYouTubeTokens();
+    console.log('🔍 Current token status:', debugInfo);
+    
+    if (!debugInfo.hasRefreshToken) {
+      console.log('⚠️ No refresh token found - attempting to fix...');
+      const success = await fixUserYouTubeConnection(username);
+      
+      if (success) {
+        console.log('✅ YouTube connection fixed! Testing again...');
+        const newDebugInfo = await debugYouTubeTokens();
+        console.log('🔍 New token status:', newDebugInfo);
+      } else {
+        console.error('❌ Failed to fix YouTube connection');
+      }
+    } else {
+      console.log('✅ Refresh token already available');
+    }
+    
+  } catch (error) {
+    console.error('❌ Error testing YouTube refresh token:', error);
+  }
+};
+
+/**
+ * Request email verification code
+ */
+export const requestEmailVerification = async (email: string, testMode: boolean = false): Promise<any> => {
+  try {
+    console.log('📧 Requesting email verification for:', email);
+    
+    const response = await fetch(`${API_CONFIG.BASE_URL}/email/verification`, {
+      method: 'POST',
+      headers: getApiHeaders(),
+      body: JSON.stringify({ 
+        email,
+        action: 'request',
+        testMode
+      }),
+    });
+    
+    const result = await response.json();
+    
+    if (response.ok) {
+      return {
+        success: true,
+        message: result.message || 'Verification code sent to your email'
+      };
+    } else {
+      return {
+        success: false,
+        error: result.message || 'Failed to send verification code'
+      };
+    }
+  } catch (error) {
+    console.error('❌ Error requesting email verification:', error);
+    return {
+      success: false,
+      error: 'Network error. Please check your connection and try again.'
+    };
+  }
+};
+
+/**
+ * Verify email code
+ */
+export const verifyEmailCode = async (email: string, code: string, testMode: boolean = false): Promise<any> => {
+  try {
+    console.log('🔍 Verifying email code for:', email);
+    
+    const response = await fetch(`${API_CONFIG.BASE_URL}/email/verification`, {
+      method: 'POST',
+      headers: getApiHeaders(),
+      body: JSON.stringify({ 
+        email,
+        code,
+        action: 'verify',
+        testMode
+      }),
+    });
+    
+    const result = await response.json();
+    
+    if (response.ok) {
+      return {
+        success: true,
+        message: result.message || 'Email verified successfully',
+        existingUser: result.existingUser || false,
+        token: result.token
+      };
+    } else {
+      return {
+        success: false,
+        error: result.message || 'Invalid verification code'
+      };
+    }
+  } catch (error) {
+    console.error('❌ Error verifying email code:', error);
+    return {
+      success: false,
+      error: 'Network error. Please check your connection and try again.'
+    };
+  }
+};
+
+/**
+ * Check email verification status
+ */
+export const checkEmailVerificationStatus = async (email: string, testMode: boolean = false): Promise<any> => {
+  try {
+    const response = await fetch(`${API_CONFIG.BASE_URL}/email/verification/status`, {
+      method: 'POST',
+      headers: getApiHeaders(),
+      body: JSON.stringify({ 
+        email,
+        testMode
+      }),
+    });
+    
+    const result = await response.json();
+    
+    return {
+      success: response.ok,
+      isPending: result.isPending || false,
+      message: result.message
+    };
+  } catch (error) {
+    console.error('❌ Error checking email verification status:', error);
+    return {
+      success: false,
+      isPending: false,
+      error: 'Network error'
+    };
+  }
+};
+
+/**
+ * Initialize platform auth service
+ */
+export const initializePlatformAuthService = () => {
+  console.log('🔧 Platform auth service initialized');
+  // Initialize Google Sign-In
+  initializeGoogleSignIn();
+};