@onairos/react-native 3.1.16 → 3.1.17

package/src/services/apiClient.ts

@@ -1,337 +1,337 @@
-import { getJWTForRoute, TokenType, getTokenTypeForRoute, clearJWT, getAllTokens } from './jwtStorageService';
-import { API_CONFIG } from '../config/api';
-
-/**
- * Centralized API Client with Route-Based JWT Token Management
- * CORRECTED APPROACH: Uses different JWT tokens for different route families
- * 
- * TOKEN ROUTING:
- * - Enoch JWT: /enoch/*, /api/auth/*, /mobile-training/enoch
- * - Onairos JWT: /youtube/*, /gmail/*, social connections
- * - Auth Token: Context-specific auth flows
- */
-
-interface ApiRequestOptions {
-  method?: 'GET' | 'POST' | 'PUT' | 'DELETE' | 'PATCH';
-  body?: any;
-  headers?: Record<string, string>;
-  requiresAuth?: boolean;
-}
-
-interface ApiResponse<T = any> {
-  success: boolean;
-  data?: T;
-  error?: string;
-  status: number;
-  tokenType?: TokenType;
-}
-
-/**
- * Global request counter for tracking in-flight requests
- */
-let currentRequestId = 0;
-const activeRequests = new Map<number, AbortController>();
-
-/**
- * Route-specific authentication triggers
- */
-interface AuthTriggers {
-  triggerEnochReAuth?: () => Promise<void>;
-  triggerOnairosReAuth?: () => Promise<void>;
-  triggerAuthTokenRefresh?: () => Promise<void>;
-}
-
-/**
- * Create API client with route-based token management
- */
-class ApiClient {
-  private baseUrl: string;
-  private authTriggers: AuthTriggers;
-
-  constructor(baseUrl: string = API_CONFIG.BASE_URL, authTriggers: AuthTriggers = {}) {
-    this.baseUrl = baseUrl;
-    this.authTriggers = authTriggers;
-  }
-
-  /**
-   * Make authenticated API request with route-based token selection
-   * CRITICAL: Uses the correct token type based on route
-   */
-  async request<T = any>(
-    endpoint: string, 
-    options: ApiRequestOptions = {}
-  ): Promise<ApiResponse<T>> {
-    const requestId = ++currentRequestId;
-    const abortController = new AbortController();
-    activeRequests.set(requestId, abortController);
-
-    try {
-      console.log(`🔗 [API Client] Starting request ${requestId} to: ${endpoint}`);
-      
-      // CRITICAL FIX: Determine which token type to use based on route
-      const tokenType = getTokenTypeForRoute(endpoint);
-      console.log(`🎯 [API Client] Route ${endpoint} requires ${tokenType} token`);
-      
-      // Get route-specific headers
-      const headers = await this.getRequestHeaders(endpoint, options.requiresAuth !== false);
-      
-      const fetchOptions: RequestInit = {
-        method: options.method || 'GET',
-        headers: {
-          'Content-Type': 'application/json',
-          'User-Agent': 'OnairosSDK/1.0.0',
-          ...headers,
-          ...options.headers,
-        },
-        body: options.body ? JSON.stringify(options.body) : undefined,
-        signal: abortController.signal,
-      };
-
-      console.log(`🔐 [API Client] Request ${requestId} using ${tokenType} token`);
-      
-      const response = await fetch(`${this.baseUrl}${endpoint}`, fetchOptions);
-      
-      console.log(`📡 [API Client] Response ${requestId} status:`, response.status);
-
-      // CRITICAL FIX: Route-specific 401 handler
-      if (response.status === 401) {
-        return await this.handle401Error(requestId, endpoint, tokenType, options);
-      }
-
-      const result = await response.json();
-      
-      activeRequests.delete(requestId);
-
-      if (!response.ok) {
-        return {
-          success: false,
-          error: result.message || `Request failed with status ${response.status}`,
-          status: response.status,
-          tokenType,
-        };
-      }
-
-      return {
-        success: true,
-        data: result,
-        status: response.status,
-        tokenType,
-      };
-      
-    } catch (error) {
-      activeRequests.delete(requestId);
-      
-      if (error instanceof Error && error.name === 'AbortError') {
-        console.log(`🚫 [API Client] Request ${requestId} was cancelled`);
-        return {
-          success: false,
-          error: 'Request cancelled',
-          status: 0,
-        };
-      }
-      
-      console.error(`❌ [API Client] Request ${requestId} failed:`, error);
-      return {
-        success: false,
-        error: error instanceof Error ? error.message : 'Unknown error',
-        status: 0,
-      };
-    }
-  }
-
-  /**
-   * Get request headers with route-appropriate token
-   * CRITICAL: Selects correct token based on route
-   */
-  private async getRequestHeaders(endpoint: string, requiresAuth: boolean): Promise<Record<string, string>> {
-    if (!requiresAuth) {
-      return {};
-    }
-
-    // CRITICAL FIX: Get token specifically for this route
-    const token = await getJWTForRoute(endpoint);
-    
-    if (!token) {
-      const tokenType = getTokenTypeForRoute(endpoint);
-      throw new Error(`No ${tokenType} token available for route ${endpoint}. Please authenticate first.`);
-    }
-
-    return {
-      'Authorization': token,
-    };
-  }
-
-  /**
-   * Handle 401 errors with route-specific re-authentication
-   * CRITICAL FIX: Different auth flows for different token types
-   */
-  private async handle401Error<T>(
-    requestId: number,
-    endpoint: string,
-    tokenType: TokenType,
-    options: ApiRequestOptions
-  ): Promise<ApiResponse<T>> {
-    console.error(`🚫 [API Client] Request ${requestId} received 401 for ${tokenType} token on route: ${endpoint}`);
-    
-    // CRITICAL FIX: Clear only the specific token type that failed
-    console.log(`🔄 [API Client] Clearing ${tokenType} token due to 401 error`);
-    await clearJWT(tokenType);
-    
-    // Cancel requests using the same token type
-    this.cancelRequestsForTokenType(tokenType, requestId);
-
-    // CRITICAL FIX: Route-specific re-authentication
-    await this.triggerReAuthForTokenType(tokenType, endpoint);
-
-    console.log(`🔑 [API Client] ${tokenType} token cleared, user needs to re-authenticate`);
-    
-    return {
-      success: false,
-      error: `${tokenType} authentication expired for ${endpoint}. Please re-authenticate.`,
-      status: 401,
-      tokenType,
-    };
-  }
-
-  /**
-   * Trigger appropriate re-authentication based on token type
-   */
-  private async triggerReAuthForTokenType(tokenType: TokenType, endpoint: string): Promise<void> {
-    console.log(`🔄 [API Client] Triggering re-auth for ${tokenType} token (endpoint: ${endpoint})`);
-    
-    try {
-      switch (tokenType) {
-        case TokenType.ENOCH:
-          if (this.authTriggers.triggerEnochReAuth) {
-            console.log('📧 [API Client] Triggering Enoch email re-verification');
-            await this.authTriggers.triggerEnochReAuth();
-          } else {
-            console.warn('⚠️ [API Client] No Enoch re-auth trigger configured');
-          }
-          break;
-          
-        case TokenType.ONAIROS:
-          if (this.authTriggers.triggerOnairosReAuth) {
-            console.log('🔑 [API Client] Triggering Onairos re-authentication');
-            await this.authTriggers.triggerOnairosReAuth();
-          } else {
-            console.warn('⚠️ [API Client] No Onairos re-auth trigger configured');
-          }
-          break;
-          
-        case TokenType.AUTH:
-          if (this.authTriggers.triggerAuthTokenRefresh) {
-            console.log('🔄 [API Client] Triggering auth token refresh');
-            await this.authTriggers.triggerAuthTokenRefresh();
-          } else {
-            console.warn('⚠️ [API Client] No auth token refresh trigger configured');
-          }
-          break;
-      }
-    } catch (error) {
-      console.error(`❌ [API Client] Failed to trigger re-auth for ${tokenType}:`, error);
-    }
-  }
-
-  /**
-   * Cancel requests using a specific token type
-   */
-  private cancelRequestsForTokenType(tokenType: TokenType, excludeRequestId?: number): void {
-    let cancelledCount = 0;
-    
-    // Note: In a full implementation, we'd track which requests use which tokens
-    // For now, we cancel all other requests as a safety measure
-    for (const [requestId, controller] of activeRequests.entries()) {
-      if (requestId !== excludeRequestId) {
-        controller.abort();
-        activeRequests.delete(requestId);
-        cancelledCount++;
-      }
-    }
-    
-    if (cancelledCount > 0) {
-      console.log(`🚫 [API Client] Cancelled ${cancelledCount} requests due to ${tokenType} token failure`);
-    }
-  }
-
-  /**
-   * Replace token for specific type and cancel related requests
-   */
-  async replaceTokenForType(tokenType: TokenType, newToken: string): Promise<boolean> {
-    console.log(`🔄 [API Client] Replacing ${tokenType} token`);
-    
-    // Cancel all in-flight requests using this token type
-    this.cancelRequestsForTokenType(tokenType);
-    
-    // Replace token using storage service
-    const { replaceJWTAfterVerification } = await import('./jwtStorageService');
-    const replaced = await replaceJWTAfterVerification(tokenType, newToken);
-    
-    if (replaced) {
-      console.log(`✅ [API Client] ${tokenType} token replaced and related requests cancelled`);
-    }
-    
-    return replaced;
-  }
-
-  /**
-   * Debug: Get all current tokens
-   */
-  async debugTokens(): Promise<Record<TokenType, string | null>> {
-    console.log('🔍 [API Client] Debug: Current token status');
-    const tokens = await getAllTokens();
-    
-    for (const [tokenType, token] of Object.entries(tokens)) {
-      if (token) {
-        console.log(`🔐 ${tokenType}: ${token.substring(0, 20)}... (length: ${token.length})`);
-      } else {
-        console.log(`📭 ${tokenType}: null`);
-      }
-    }
-    
-    return tokens;
-  }
-
-  /**
-   * Set authentication triggers
-   */
-  setAuthTriggers(triggers: AuthTriggers): void {
-    this.authTriggers = { ...this.authTriggers, ...triggers };
-    console.log('🔧 [API Client] Authentication triggers updated');
-  }
-
-  /**
-   * Convenience methods for common HTTP verbs
-   */
-  async get<T = any>(endpoint: string, options: Omit<ApiRequestOptions, 'method'> = {}): Promise<ApiResponse<T>> {
-    return this.request<T>(endpoint, { ...options, method: 'GET' });
-  }
-
-  async post<T = any>(endpoint: string, body?: any, options: Omit<ApiRequestOptions, 'method' | 'body'> = {}): Promise<ApiResponse<T>> {
-    return this.request<T>(endpoint, { ...options, method: 'POST', body });
-  }
-
-  async put<T = any>(endpoint: string, body?: any, options: Omit<ApiRequestOptions, 'method' | 'body'> = {}): Promise<ApiResponse<T>> {
-    return this.request<T>(endpoint, { ...options, method: 'PUT', body });
-  }
-
-  async delete<T = any>(endpoint: string, options: Omit<ApiRequestOptions, 'method'> = {}): Promise<ApiResponse<T>> {
-    return this.request<T>(endpoint, { ...options, method: 'DELETE' });
-  }
-}
-
-// SINGLE INSTANCE - Global API client  
-export const apiClient = new ApiClient();
-export { ApiClient };
-
-// Export convenience functions
-export const authenticatedRequest = apiClient.request.bind(apiClient);
-export const apiGet = apiClient.get.bind(apiClient);
-export const apiPost = apiClient.post.bind(apiClient);
-export const apiPut = apiClient.put.bind(apiClient);
-export const apiDelete = apiClient.delete.bind(apiClient);
-
-// Export types for external use
-export type { TokenType, ApiResponse, AuthTriggers };
-
+import { getJWTForRoute, TokenType, getTokenTypeForRoute, clearJWT, getAllTokens } from './jwtStorageService';
+import { API_CONFIG } from '../config/api';
+
+/**
+ * Centralized API Client with Route-Based JWT Token Management
+ * CORRECTED APPROACH: Uses different JWT tokens for different route families
+ * 
+ * TOKEN ROUTING:
+ * - Enoch JWT: /enoch/*, /api/auth/*, /mobile-training/enoch
+ * - Onairos JWT: /youtube/*, /gmail/*, social connections
+ * - Auth Token: Context-specific auth flows
+ */
+
+interface ApiRequestOptions {
+  method?: 'GET' | 'POST' | 'PUT' | 'DELETE' | 'PATCH';
+  body?: any;
+  headers?: Record<string, string>;
+  requiresAuth?: boolean;
+}
+
+interface ApiResponse<T = any> {
+  success: boolean;
+  data?: T;
+  error?: string;
+  status: number;
+  tokenType?: TokenType;
+}
+
+/**
+ * Global request counter for tracking in-flight requests
+ */
+let currentRequestId = 0;
+const activeRequests = new Map<number, AbortController>();
+
+/**
+ * Route-specific authentication triggers
+ */
+interface AuthTriggers {
+  triggerEnochReAuth?: () => Promise<void>;
+  triggerOnairosReAuth?: () => Promise<void>;
+  triggerAuthTokenRefresh?: () => Promise<void>;
+}
+
+/**
+ * Create API client with route-based token management
+ */
+class ApiClient {
+  private baseUrl: string;
+  private authTriggers: AuthTriggers;
+
+  constructor(baseUrl: string = API_CONFIG.BASE_URL, authTriggers: AuthTriggers = {}) {
+    this.baseUrl = baseUrl;
+    this.authTriggers = authTriggers;
+  }
+
+  /**
+   * Make authenticated API request with route-based token selection
+   * CRITICAL: Uses the correct token type based on route
+   */
+  async request<T = any>(
+    endpoint: string, 
+    options: ApiRequestOptions = {}
+  ): Promise<ApiResponse<T>> {
+    const requestId = ++currentRequestId;
+    const abortController = new AbortController();
+    activeRequests.set(requestId, abortController);
+
+    try {
+      console.log(`🔗 [API Client] Starting request ${requestId} to: ${endpoint}`);
+      
+      // CRITICAL FIX: Determine which token type to use based on route
+      const tokenType = getTokenTypeForRoute(endpoint);
+      console.log(`🎯 [API Client] Route ${endpoint} requires ${tokenType} token`);
+      
+      // Get route-specific headers
+      const headers = await this.getRequestHeaders(endpoint, options.requiresAuth !== false);
+      
+      const fetchOptions: RequestInit = {
+        method: options.method || 'GET',
+        headers: {
+          'Content-Type': 'application/json',
+          'User-Agent': 'OnairosSDK/1.0.0',
+          ...headers,
+          ...options.headers,
+        },
+        body: options.body ? JSON.stringify(options.body) : undefined,
+        signal: abortController.signal,
+      };
+
+      console.log(`🔐 [API Client] Request ${requestId} using ${tokenType} token`);
+      
+      const response = await fetch(`${this.baseUrl}${endpoint}`, fetchOptions);
+      
+      console.log(`📡 [API Client] Response ${requestId} status:`, response.status);
+
+      // CRITICAL FIX: Route-specific 401 handler
+      if (response.status === 401) {
+        return await this.handle401Error(requestId, endpoint, tokenType, options);
+      }
+
+      const result = await response.json();
+      
+      activeRequests.delete(requestId);
+
+      if (!response.ok) {
+        return {
+          success: false,
+          error: result.message || `Request failed with status ${response.status}`,
+          status: response.status,
+          tokenType,
+        };
+      }
+
+      return {
+        success: true,
+        data: result,
+        status: response.status,
+        tokenType,
+      };
+      
+    } catch (error) {
+      activeRequests.delete(requestId);
+      
+      if (error instanceof Error && error.name === 'AbortError') {
+        console.log(`🚫 [API Client] Request ${requestId} was cancelled`);
+        return {
+          success: false,
+          error: 'Request cancelled',
+          status: 0,
+        };
+      }
+      
+      console.error(`❌ [API Client] Request ${requestId} failed:`, error);
+      return {
+        success: false,
+        error: error instanceof Error ? error.message : 'Unknown error',
+        status: 0,
+      };
+    }
+  }
+
+  /**
+   * Get request headers with route-appropriate token
+   * CRITICAL: Selects correct token based on route
+   */
+  private async getRequestHeaders(endpoint: string, requiresAuth: boolean): Promise<Record<string, string>> {
+    if (!requiresAuth) {
+      return {};
+    }
+
+    // CRITICAL FIX: Get token specifically for this route
+    const token = await getJWTForRoute(endpoint);
+    
+    if (!token) {
+      const tokenType = getTokenTypeForRoute(endpoint);
+      throw new Error(`No ${tokenType} token available for route ${endpoint}. Please authenticate first.`);
+    }
+
+    return {
+      'Authorization': token,
+    };
+  }
+
+  /**
+   * Handle 401 errors with route-specific re-authentication
+   * CRITICAL FIX: Different auth flows for different token types
+   */
+  private async handle401Error<T>(
+    requestId: number,
+    endpoint: string,
+    tokenType: TokenType,
+    options: ApiRequestOptions
+  ): Promise<ApiResponse<T>> {
+    console.error(`🚫 [API Client] Request ${requestId} received 401 for ${tokenType} token on route: ${endpoint}`);
+    
+    // CRITICAL FIX: Clear only the specific token type that failed
+    console.log(`🔄 [API Client] Clearing ${tokenType} token due to 401 error`);
+    await clearJWT(tokenType);
+    
+    // Cancel requests using the same token type
+    this.cancelRequestsForTokenType(tokenType, requestId);
+
+    // CRITICAL FIX: Route-specific re-authentication
+    await this.triggerReAuthForTokenType(tokenType, endpoint);
+
+    console.log(`🔑 [API Client] ${tokenType} token cleared, user needs to re-authenticate`);
+    
+    return {
+      success: false,
+      error: `${tokenType} authentication expired for ${endpoint}. Please re-authenticate.`,
+      status: 401,
+      tokenType,
+    };
+  }
+
+  /**
+   * Trigger appropriate re-authentication based on token type
+   */
+  private async triggerReAuthForTokenType(tokenType: TokenType, endpoint: string): Promise<void> {
+    console.log(`🔄 [API Client] Triggering re-auth for ${tokenType} token (endpoint: ${endpoint})`);
+    
+    try {
+      switch (tokenType) {
+        case TokenType.ENOCH:
+          if (this.authTriggers.triggerEnochReAuth) {
+            console.log('📧 [API Client] Triggering Enoch email re-verification');
+            await this.authTriggers.triggerEnochReAuth();
+          } else {
+            console.warn('⚠️ [API Client] No Enoch re-auth trigger configured');
+          }
+          break;
+          
+        case TokenType.ONAIROS:
+          if (this.authTriggers.triggerOnairosReAuth) {
+            console.log('🔑 [API Client] Triggering Onairos re-authentication');
+            await this.authTriggers.triggerOnairosReAuth();
+          } else {
+            console.warn('⚠️ [API Client] No Onairos re-auth trigger configured');
+          }
+          break;
+          
+        case TokenType.AUTH:
+          if (this.authTriggers.triggerAuthTokenRefresh) {
+            console.log('🔄 [API Client] Triggering auth token refresh');
+            await this.authTriggers.triggerAuthTokenRefresh();
+          } else {
+            console.warn('⚠️ [API Client] No auth token refresh trigger configured');
+          }
+          break;
+      }
+    } catch (error) {
+      console.error(`❌ [API Client] Failed to trigger re-auth for ${tokenType}:`, error);
+    }
+  }
+
+  /**
+   * Cancel requests using a specific token type
+   */
+  private cancelRequestsForTokenType(tokenType: TokenType, excludeRequestId?: number): void {
+    let cancelledCount = 0;
+    
+    // Note: In a full implementation, we'd track which requests use which tokens
+    // For now, we cancel all other requests as a safety measure
+    for (const [requestId, controller] of activeRequests.entries()) {
+      if (requestId !== excludeRequestId) {
+        controller.abort();
+        activeRequests.delete(requestId);
+        cancelledCount++;
+      }
+    }
+    
+    if (cancelledCount > 0) {
+      console.log(`🚫 [API Client] Cancelled ${cancelledCount} requests due to ${tokenType} token failure`);
+    }
+  }
+
+  /**
+   * Replace token for specific type and cancel related requests
+   */
+  async replaceTokenForType(tokenType: TokenType, newToken: string): Promise<boolean> {
+    console.log(`🔄 [API Client] Replacing ${tokenType} token`);
+    
+    // Cancel all in-flight requests using this token type
+    this.cancelRequestsForTokenType(tokenType);
+    
+    // Replace token using storage service
+    const { replaceJWTAfterVerification } = await import('./jwtStorageService');
+    const replaced = await replaceJWTAfterVerification(tokenType, newToken);
+    
+    if (replaced) {
+      console.log(`✅ [API Client] ${tokenType} token replaced and related requests cancelled`);
+    }
+    
+    return replaced;
+  }
+
+  /**
+   * Debug: Get all current tokens
+   */
+  async debugTokens(): Promise<Record<TokenType, string | null>> {
+    console.log('🔍 [API Client] Debug: Current token status');
+    const tokens = await getAllTokens();
+    
+    for (const [tokenType, token] of Object.entries(tokens)) {
+      if (token) {
+        console.log(`🔐 ${tokenType}: ${token.substring(0, 20)}... (length: ${token.length})`);
+      } else {
+        console.log(`📭 ${tokenType}: null`);
+      }
+    }
+    
+    return tokens;
+  }
+
+  /**
+   * Set authentication triggers
+   */
+  setAuthTriggers(triggers: AuthTriggers): void {
+    this.authTriggers = { ...this.authTriggers, ...triggers };
+    console.log('🔧 [API Client] Authentication triggers updated');
+  }
+
+  /**
+   * Convenience methods for common HTTP verbs
+   */
+  async get<T = any>(endpoint: string, options: Omit<ApiRequestOptions, 'method'> = {}): Promise<ApiResponse<T>> {
+    return this.request<T>(endpoint, { ...options, method: 'GET' });
+  }
+
+  async post<T = any>(endpoint: string, body?: any, options: Omit<ApiRequestOptions, 'method' | 'body'> = {}): Promise<ApiResponse<T>> {
+    return this.request<T>(endpoint, { ...options, method: 'POST', body });
+  }
+
+  async put<T = any>(endpoint: string, body?: any, options: Omit<ApiRequestOptions, 'method' | 'body'> = {}): Promise<ApiResponse<T>> {
+    return this.request<T>(endpoint, { ...options, method: 'PUT', body });
+  }
+
+  async delete<T = any>(endpoint: string, options: Omit<ApiRequestOptions, 'method'> = {}): Promise<ApiResponse<T>> {
+    return this.request<T>(endpoint, { ...options, method: 'DELETE' });
+  }
+}
+
+// SINGLE INSTANCE - Global API client  
+export const apiClient = new ApiClient();
+export { ApiClient };
+
+// Export convenience functions
+export const authenticatedRequest = apiClient.request.bind(apiClient);
+export const apiGet = apiClient.get.bind(apiClient);
+export const apiPost = apiClient.post.bind(apiClient);
+export const apiPut = apiClient.put.bind(apiClient);
+export const apiDelete = apiClient.delete.bind(apiClient);
+
+// Export types for external use
+export type { TokenType, ApiResponse, AuthTriggers };
+
 export default apiClient;