@onairos/react-native 3.1.17 → 3.2.0

package/lib/module/services/platformAuthService.js

@@ -1,743 +1,390 @@
-/**
- * Platform Authentication Service
- * Handles OAuth flows for different platforms
+import AsyncStorage from '@react-native-async-storage/async-storage';
+import { makeDeveloperRequest, getApiConfig, storeJWT, extractUsernameFromJWT } from './apiKeyService';
+
+// 🔑 CRITICAL: Use two-tier authentication system
+// - Developer API key for email verification requests
+// - JWT tokens for user-authenticated requests after email verification
+
+/**
+ * Initialize the platform auth service
+ * This service now uses the two-tier authentication system
  */
+export const initializePlatformAuthService = async () => {
+  try {
+    // Check if app is already initialized with API key
+    const existingConfig = getApiConfig();
+    if (existingConfig && existingConfig.apiKey) {
+      console.log('🔑 Platform auth service using existing app configuration');
+      console.log(`✅ Environment: ${existingConfig.environment}`);
+      return;
+    }
 
-import { GoogleSignin, statusCodes } from '@react-native-google-signin/google-signin';
-import AsyncStorage from '@react-native-async-storage/async-storage';
-import { API_CONFIG, getApiHeaders } from '../config/api';
+    // If no app initialization, we can't proceed
+    console.error('❌ Platform auth service requires app-level API key initialization');
+    throw new Error('Platform auth service requires app-level API key initialization. Please call initializeApiKey() first.');
+  } catch (error) {
+    console.error('❌ Failed to initialize platform auth service:', error);
+    throw error;
+  }
+};
 
-// 🔑 CRITICAL: Using the same client ID for both web and iOS to avoid audience errors
-const WEB_CLIENT_ID = '1030678346906-lovkuds2ouqmoc8eu5qpo98spa6edv4o.apps.googleusercontent.com';
-const IOS_CLIENT_ID = '1030678346906-lovkuds2ouqmoc8eu5qpo98spa6edv4o.apps.googleusercontent.com';
-// OAuth configuration for different platforms
-const OAUTH_CONFIG = {
+// Configuration for each platform's authentication
+let PLATFORM_AUTH_CONFIG = {
   instagram: {
-    authUrl: 'https://api.instagram.com/oauth/authorize',
-    clientId: 'demo_instagram_client_id',
-    redirectUri: 'onairosevents://auth/callback',
-    scope: 'user_profile,user_media',
-    responseType: 'code',
-    hasNativeSDK: false
+    hasNativeSDK: false,
+    // Instagram uses OAuth WebView flow
+    authEndpoint: '/instagram/authorize',
+    color: '#E1306C'
   },
   youtube: {
-    authUrl: 'https://api2.onairos.uk/youtube/authorize',
+    hasNativeSDK: true,
+    // Native Google Sign-In SDK enabled
+    nativeSDKPackage: '@react-native-google-signin/google-signin',
+    authEndpoint: '/youtube/authorize',
+    color: '#FF0000',
     clientId: '1030678346906-lovkuds2ouqmoc8eu5qpo98spa6edv4o.apps.googleusercontent.com',
     redirectUri: 'onairosevents://auth/callback',
     scope: 'https://www.googleapis.com/auth/youtube.readonly',
-    responseType: 'code',
-    hasNativeSDK: true // Changed to true for native SDK
+    responseType: 'code'
   },
   reddit: {
-    authUrl: 'https://api2.onairos.uk/reddit/authorize',
-    clientId: 'demo_reddit_client_id',
-    redirectUri: 'onairosevents://auth/callback',
-    scope: 'identity,read',
-    responseType: 'code',
-    hasNativeSDK: false
+    hasNativeSDK: false,
+    authEndpoint: '/reddit/authorize',
+    color: '#FF4500'
   },
   pinterest: {
-    authUrl: 'https://api2.onairos.uk/pinterest/authorize',
-    clientId: 'demo_pinterest_client_id',
-    redirectUri: 'onairosevents://auth/callback',
-    scope: 'boards:read,pins:read',
-    responseType: 'code',
-    hasNativeSDK: false
-  },
-  facebook: {
-    authUrl: 'https://www.facebook.com/v12.0/dialog/oauth',
-    clientId: 'demo_facebook_client_id',
-    redirectUri: 'onairosevents://auth/callback',
-    scope: 'public_profile,email',
-    responseType: 'code',
-    hasNativeSDK: false
-  },
-  // GitHub connector is temporarily commented out
-  // github: {
-  //   authUrl: 'https://github.com/login/oauth/authorize',
-  //   clientId: 'demo_github_client_id',
-  //   redirectUri: 'onairosevents://auth/callback',
-  //   scope: 'repo,user',
-  //   responseType: 'code',
-  //   hasNativeSDK: false
-  // },
-  linkedin: {
-    authUrl: 'https://api2.onairos.uk/linkedin/authorize',
-    clientId: '',
-    // No client ID needed - backend handles OAuth
-    redirectUri: 'onairosevents://auth/callback',
-    scope: 'openid profile email',
-    // Updated to OpenID Connect scopes as per your backend
-    responseType: 'code',
-    hasNativeSDK: false // LinkedIn has no modern native SDK
-  },
-  gmail: {
-    authUrl: 'https://api2.onairos.uk/gmail/authorize',
-    clientId: 'demo_gmail_client_id',
-    redirectUri: 'onairosevents://auth/callback',
-    scope: 'https://www.googleapis.com/auth/gmail.readonly',
-    responseType: 'code',
-    hasNativeSDK: false
+    hasNativeSDK: false,
+    authEndpoint: '/pinterest/authorize',
+    color: '#E60023'
   },
   email: {
-    // Email doesn't use OAuth but we still need to handle it in the flow
     hasNativeSDK: false,
-    authUrl: 'https://api2.onairos.uk/email/authorize' // Proxy endpoint for email verification
+    authEndpoint: '/gmail/authorize',
+    color: '#4285F4'
   }
 };
 
-/**
- * Check if the platform has a native SDK
+/**
+ * Checks if a native SDK is available for the given platform
  */
 export const hasNativeSDK = platform => {
-  var _OAUTH_CONFIG$platfor;
-  return ((_OAUTH_CONFIG$platfor = OAUTH_CONFIG[platform]) === null || _OAUTH_CONFIG$platfor === void 0 ? void 0 : _OAUTH_CONFIG$platfor.hasNativeSDK) || false;
+  const config = PLATFORM_AUTH_CONFIG[platform];
+  return (config === null || config === void 0 ? void 0 : config.hasNativeSDK) || false;
 };
 
-/**
- * Initiate OAuth flow for a platform
+/**
+ * Gets the auth endpoint URL for a platform
  */
-export const initiateOAuth = async (platform, username) => {
-  try {
-    console.log(`🚀 [OAUTH] Starting OAuth for platform: ${platform}, username: "${username}"`);
-
-    // Validate username
-    if (!username || username.trim() === '') {
-      console.error(`❌ [OAUTH] Username is required for ${platform} OAuth`);
-      return null;
-    }
-
-    // For platforms that don't need OAuth (like email), handle differently
-    if (platform === 'email') {
-      console.log('📧 [OAUTH] Email platform selected, returning mock auth URL');
-      return 'https://api2.onairos.uk/email/authorize?action=verify';
-    }
-
-    // Construct the proxy URL
-    const proxyUrl = `https://api2.onairos.uk/${platform}/authorize`;
-    console.log(`🌐 [OAUTH] Proxy URL: ${proxyUrl}`);
-    const requestBody = {
-      session: {
-        username: username.trim(),
-        platform: platform,
-        timestamp: new Date().toISOString()
-      }
-    };
-    console.log(`📤 [OAUTH] Request body:`, requestBody);
-    console.log(`🔑 [OAUTH] Headers:`, getApiHeaders());
-
-    // Make a POST request to the proxy
-    const response = await fetch(proxyUrl, {
-      method: 'POST',
-      headers: getApiHeaders(),
-      body: JSON.stringify(requestBody)
-    });
-    console.log(`📡 [OAUTH] Response status: ${response.status} ${response.statusText}`);
-    if (!response.ok) {
-      const errorText = await response.text();
-      console.error(`❌ [OAUTH] Error initiating OAuth for ${platform}: ${response.status} - ${errorText}`);
-      return null;
-    }
-    const data = await response.json();
-    console.log(`📋 [OAUTH] Response data for ${platform}:`, data);
-
-    // Get the authorization URL from the response
-    // Different platforms might use different keys (e.g., pinterestURL, youtubeURL)
-    const urlKey = `${platform}URL`;
-    const authUrl = data[urlKey] || data.url || null;
-    console.log(`🔗 [OAUTH] Auth URL for ${platform} (key: ${urlKey}):`, authUrl);
-    return authUrl;
-  } catch (error) {
-    console.error(`Error initiating OAuth for ${platform}:`, error);
-    return null;
-  }
+export const getAuthEndpoint = platform => {
+  const config = PLATFORM_AUTH_CONFIG[platform];
+  return (config === null || config === void 0 ? void 0 : config.authEndpoint) || '';
 };
 
-/**
- * Initialize Google Sign-In configuration with enhanced refresh token support
- * Updated with CRITICAL parameters for refresh token generation
+/**
+ * Gets the color associated with a platform
  */
-const initializeGoogleSignIn = () => {
-  GoogleSignin.configure({
-    webClientId: WEB_CLIENT_ID,
-    // ✅ CRITICAL: Web client ID for refresh tokens
-    iosClientId: IOS_CLIENT_ID,
-    // ✅ iOS client ID for native auth
-
-    // 🔑 CRITICAL: These parameters are REQUIRED for refresh tokens
-    offlineAccess: true,
-    // ← CRITICAL: Enables refresh tokens
-    forceCodeForRefreshToken: true,
-    // ← CRITICAL: Forces refresh token generation
-
-    // ✅ Enhanced scopes for YouTube
-    scopes: ['https://www.googleapis.com/auth/youtube.readonly', 'openid', 'profile', 'email'],
-    // ✅ Clear settings to avoid conflicts
-    hostedDomain: '',
-    accountName: ''
-  });
+export const getPlatformColor = platform => {
+  const config = PLATFORM_AUTH_CONFIG[platform];
+  return (config === null || config === void 0 ? void 0 : config.color) || '#000000';
 };
 
-/**
- * Force YouTube reconnection with consent screen to get refresh tokens
- * This is the key function to fix YouTube token expiry issues
+/**
+ * Initiates the OAuth flow for a platform
+ * @param platform The platform to authenticate with
+ * @param username The username to associate with the authentication
+ * @param appName The app name to use for the OAuth session (optional)
+ * @returns A Promise that resolves to the OAuth URL to open in a WebView or null if using native SDK
  */
-export const forceYouTubeReconnectionWithConsent = async username => {
+export const initiateOAuth = async (platform, username, appName) => {
   try {
-    var _userInfo$data, _userInfo$data2, _userInfo$data3;
-    console.log('🔄 FORCING fresh YouTube consent for refresh token...');
-    console.log('👤 User:', username);
-
-    // Step 1: ✅ CRITICAL: Complete sign out (clears all cached consent)
-    try {
-      await GoogleSignin.signOut();
-      console.log('✅ Signed out - consent cache cleared');
-    } catch (signOutError) {
-      console.log('ℹ️ Sign out not needed:', signOutError);
+    console.log('🚀 Initiating OAuth for platform:', platform);
+    console.log('👤 Username:', username);
+    console.log('📱 App name:', appName);
+
+    // Check if the platform is supported
+    if (!PLATFORM_AUTH_CONFIG[platform]) {
+      console.error('❌ Unsupported platform:', platform);
+      throw new Error(`Unsupported platform: ${platform}`);
     }
 
-    // Step 2: ✅ CRITICAL: Clear cached tokens if available
-    try {
-      const existingTokens = await GoogleSignin.getTokens();
-      if (existingTokens.accessToken) {
-        await GoogleSignin.clearCachedAccessToken(existingTokens.accessToken);
-        console.log('✅ Token cache cleared');
-      }
-    } catch (clearError) {
-      console.log('ℹ️ No token cache to clear');
+    // Check if platform has a native SDK
+    if (PLATFORM_AUTH_CONFIG[platform].hasNativeSDK) {
+      console.log('📱 Platform uses native SDK, returning null');
+      // Return null to indicate that we should use the native SDK
+      return null;
     }
+    console.log('🌐 Platform uses OAuth WebView flow');
+    console.log('🔗 Auth endpoint:', PLATFORM_AUTH_CONFIG[platform].authEndpoint);
+
+    // Pre-flight connectivity check
+    console.log('🔍 Performing pre-flight connectivity check...');
+    const connectivityResult = await testApiConnectivity();
+    if (!connectivityResult.success) {
+      console.error('❌ Pre-flight connectivity check failed:', connectivityResult.error);
+      throw new Error(`Cannot reach authentication server: ${connectivityResult.error}`);
+    }
+    console.log('✅ Pre-flight connectivity check passed');
 
-    // Step 3: ✅ CRITICAL: Configure Google Sign-In for FORCED consent
-    console.log('🔧 Configuring Google Sign-In for forced consent...');
-    GoogleSignin.configure({
-      webClientId: WEB_CLIENT_ID,
-      // ✅ CRITICAL: Web client ID for refresh tokens  
-      iosClientId: IOS_CLIENT_ID,
-      // ✅ iOS client ID for native auth
-
-      // 🔑 FORCE REFRESH TOKEN SETTINGS:
-      offlineAccess: true,
-      // Request offline access
-      forceCodeForRefreshToken: true,
-      // Force refresh token generation
-
-      // 🔑 FORCE CONSENT SCREEN:
-      scopes: ['https://www.googleapis.com/auth/youtube.readonly', 'openid', 'profile', 'email'],
-      // ✅ CRITICAL: Clear settings to force fresh consent
-      hostedDomain: '',
-      accountName: ''
-    });
-
-    // Step 4: ✅ Check Play Services
-    await GoogleSignin.hasPlayServices();
-    console.log('✅ Play Services available');
-
-    // Step 5: ✅ CRITICAL: Sign in (this SHOULD show consent screen)
-    console.log('🔐 Initiating sign-in - consent screen should appear...');
-    console.log('📱 User should see: "Allow [App] to access your YouTube account when you\'re not using the app?"');
-    const userInfo = await GoogleSignin.signIn();
-    console.log('✅ Sign-in completed - checking for refresh token...');
-    console.log('👤 User email:', (_userInfo$data = userInfo.data) === null || _userInfo$data === void 0 || (_userInfo$data = _userInfo$data.user) === null || _userInfo$data === void 0 ? void 0 : _userInfo$data.email);
-
-    // Step 6: ✅ Get tokens after consent
-    const tokens = await GoogleSignin.getTokens();
-    const currentUser = await GoogleSignin.getCurrentUser();
-    console.log('📋 FULL userInfo object from forceYouTubeReconnectionWithConsent:');
-    console.log(JSON.stringify(userInfo, null, 2));
-    console.log('📋 FULL tokens object from forceYouTubeReconnectionWithConsent:');
-    console.log(JSON.stringify(tokens, null, 2));
-    console.log('📋 FULL currentUser object from forceYouTubeReconnectionWithConsent:');
-    console.log(JSON.stringify(currentUser, null, 2));
-    console.log('🔍 Token analysis:');
-    console.log('- Access token:', tokens.accessToken ? `${tokens.accessToken.substring(0, 20)}...` : 'Missing');
-    console.log('- ID token:', tokens.idToken ? 'Present' : 'Missing');
-    console.log('- ServerAuthCode (userInfo):', (_userInfo$data2 = userInfo.data) !== null && _userInfo$data2 !== void 0 && _userInfo$data2.serverAuthCode ? `${userInfo.data.serverAuthCode.substring(0, 20)}...` : 'Missing');
-    console.log('- ServerAuthCode (currentUser):', currentUser !== null && currentUser !== void 0 && currentUser.serverAuthCode ? `${currentUser.serverAuthCode.substring(0, 20)}...` : 'Missing');
-
-    // Step 7: ✅ Extract refresh capability
-    const refreshToken = ((_userInfo$data3 = userInfo.data) === null || _userInfo$data3 === void 0 ? void 0 : _userInfo$data3.serverAuthCode) || (currentUser === null || currentUser === void 0 ? void 0 : currentUser.serverAuthCode);
-    if (refreshToken) {
-      var _userInfo$data0, _userInfo$data1, _userInfo$data10, _userInfo$data11, _userInfo$data12, _userInfo$data13;
-      console.log('✅ SUCCESS: Got refresh token after consent!');
-      console.log('🔑 Refresh token type:', refreshToken.startsWith('4/') ? 'serverAuthCode' : 'refreshToken');
-      console.log('🔑 Refresh token preview:', `${refreshToken.substring(0, 20)}...`);
-
-      // Step 8: ✅ Get YouTube channel info
-      let channelName = 'Unknown Channel';
-      let channelId = null;
-      try {
-        console.log('📺 Fetching YouTube channel information...');
-        const channelResponse = await fetch('https://www.googleapis.com/youtube/v3/channels?part=snippet&mine=true', {
-          headers: {
-            'Authorization': `Bearer ${tokens.accessToken}`,
-            'Accept': 'application/json'
-          }
-        });
-        if (channelResponse.ok) {
-          const channelData = await channelResponse.json();
-          if (channelData.items && channelData.items.length > 0) {
-            channelName = channelData.items[0].snippet.title;
-            channelId = channelData.items[0].id;
-            console.log('✅ YouTube channel found:', channelName, 'ID:', channelId);
-          } else {
-            var _userInfo$data4, _userInfo$data5;
-            console.log('⚠️ No YouTube channel found for user');
-            channelName = ((_userInfo$data4 = userInfo.data) === null || _userInfo$data4 === void 0 || (_userInfo$data4 = _userInfo$data4.user) === null || _userInfo$data4 === void 0 ? void 0 : _userInfo$data4.name) || ((_userInfo$data5 = userInfo.data) === null || _userInfo$data5 === void 0 || (_userInfo$data5 = _userInfo$data5.user) === null || _userInfo$data5 === void 0 ? void 0 : _userInfo$data5.email) || 'No Channel';
-          }
-        } else {
-          var _userInfo$data6, _userInfo$data7;
-          console.log('⚠️ Failed to fetch YouTube channel info:', channelResponse.status);
-          channelName = ((_userInfo$data6 = userInfo.data) === null || _userInfo$data6 === void 0 || (_userInfo$data6 = _userInfo$data6.user) === null || _userInfo$data6 === void 0 ? void 0 : _userInfo$data6.name) || ((_userInfo$data7 = userInfo.data) === null || _userInfo$data7 === void 0 || (_userInfo$data7 = _userInfo$data7.user) === null || _userInfo$data7 === void 0 ? void 0 : _userInfo$data7.email) || 'Unknown Channel';
-        }
-      } catch (channelError) {
-        var _userInfo$data8, _userInfo$data9;
-        console.log('⚠️ Error fetching YouTube channel info:', channelError);
-        channelName = ((_userInfo$data8 = userInfo.data) === null || _userInfo$data8 === void 0 || (_userInfo$data8 = _userInfo$data8.user) === null || _userInfo$data8 === void 0 ? void 0 : _userInfo$data8.name) || ((_userInfo$data9 = userInfo.data) === null || _userInfo$data9 === void 0 || (_userInfo$data9 = _userInfo$data9.user) === null || _userInfo$data9 === void 0 ? void 0 : _userInfo$data9.email) || 'Unknown Channel';
-      }
-
-      // Step 9: ✅ Get authentication token
-      let authToken = (await AsyncStorage.getItem('onairos_jwt_token')) || (await AsyncStorage.getItem('enoch_token')) || (await AsyncStorage.getItem('auth_token'));
-      if (!authToken || authToken.trim().length < 20) {
-        console.log('🔐 Creating authentication token for YouTube connection...');
-        // Create token logic here if needed
-        authToken = 'temp_token_for_youtube_connection';
-      }
-
-      // Step 10: ✅ Send comprehensive data to backend
-      const backendPayload = {
+    // Handle Instagram with specific API format
+    if (platform === 'instagram') {
+      const state = 'djksbfds';
+      const jsonData = {
         session: {
-          username: username,
-          platform: 'youtube',
-          timestamp: new Date().toISOString(),
-          channelName: channelName,
-          channelId: channelId,
-          forceConsent: true // Flag to indicate this was forced consent
-        },
-        googleUser: (_userInfo$data0 = userInfo.data) === null || _userInfo$data0 === void 0 ? void 0 : _userInfo$data0.user,
-        accessToken: tokens.accessToken,
-        idToken: tokens.idToken,
-        refreshToken: refreshToken,
-        // ✅ CRITICAL: The refresh token!
-        serverAuthCode: refreshToken,
-        // ✅ Same as refresh token
-
-        // ✅ CRITICAL: Additional compatibility fields for backend
-        refresh_token: refreshToken,
-        // Snake case version
-        server_auth_code: refreshToken,
-        // Snake case version
-        authCode: refreshToken,
-        // Alternative naming
-
-        userAccountInfo: {
-          username: username,
-          email: (_userInfo$data1 = userInfo.data) === null || _userInfo$data1 === void 0 || (_userInfo$data1 = _userInfo$data1.user) === null || _userInfo$data1 === void 0 ? void 0 : _userInfo$data1.email,
-          authToken: authToken,
-          channelName: channelName,
-          channelId: channelId,
-          userIdentifier: authToken ? `user-${authToken.substring(0, 10)}` : `youtube-${(_userInfo$data10 = userInfo.data) === null || _userInfo$data10 === void 0 || (_userInfo$data10 = _userInfo$data10.user) === null || _userInfo$data10 === void 0 ? void 0 : _userInfo$data10.email}`,
-          googleId: (_userInfo$data11 = userInfo.data) === null || _userInfo$data11 === void 0 || (_userInfo$data11 = _userInfo$data11.user) === null || _userInfo$data11 === void 0 ? void 0 : _userInfo$data11.id,
-          // ✅ CRITICAL: Also include refresh token in userAccountInfo
-          refreshToken: refreshToken,
-          serverAuthCode: refreshToken
-        },
-        tokenExpiry: new Date(Date.now() + 3600 * 1000).toISOString(),
-        // 1 hour from now
-        requestRefreshToken: true,
-        debugInfo: {
-          hasRefreshToken: true,
-          refreshTokenType: refreshToken.startsWith('4/') ? 'serverAuthCode' : 'refreshToken',
-          configuredForRefresh: true,
-          forcedConsent: true,
-          consentMethod: 'signOut_and_configure',
-          refreshTokenValue: refreshToken // Include actual value for debugging
+          oauthState: state,
+          username: username || 'Avatar'
         }
       };
-      console.log('📤 Sending comprehensive payload with REFRESH TOKEN to backend:', {
-        hasAccessToken: !!backendPayload.accessToken,
-        hasRefreshToken: !!backendPayload.refreshToken,
-        hasServerAuthCode: !!backendPayload.serverAuthCode,
-        refreshTokenType: backendPayload.debugInfo.refreshTokenType,
-        userEmail: (_userInfo$data12 = userInfo.data) === null || _userInfo$data12 === void 0 || (_userInfo$data12 = _userInfo$data12.user) === null || _userInfo$data12 === void 0 ? void 0 : _userInfo$data12.email,
-        forcedConsent: true
-      });
-
-      // Step 11: ✅ Send to backend with ENHANCED LOGGING
-      console.log('🚀 [YOUTUBE REAUTH] ===== SENDING REAUTH SIGNAL TO BACKEND =====');
-      console.log('🚀 [YOUTUBE REAUTH] Endpoint: https://api2.onairos.uk/youtube/native-auth');
-      console.log('🚀 [YOUTUBE REAUTH] Method: POST');
-      console.log('🚀 [YOUTUBE REAUTH] Headers:', {
-        'Content-Type': 'application/json',
-        'Authorization': authToken ? `${authToken.substring(0, 20)}...` : 'NO AUTH TOKEN'
-      });
-      console.log('🚀 [YOUTUBE REAUTH] Payload Summary:', {
-        hasAccessToken: !!backendPayload.accessToken,
-        hasRefreshToken: !!backendPayload.refreshToken,
-        hasServerAuthCode: !!backendPayload.serverAuthCode,
-        refreshTokenType: backendPayload.debugInfo.refreshTokenType,
-        userEmail: (_userInfo$data13 = userInfo.data) === null || _userInfo$data13 === void 0 || (_userInfo$data13 = _userInfo$data13.user) === null || _userInfo$data13 === void 0 ? void 0 : _userInfo$data13.email,
-        channelName: channelName,
-        forcedConsent: true,
-        requestRefreshToken: true
-      });
-      console.log('🚀 [YOUTUBE REAUTH] FULL PAYLOAD:', JSON.stringify(backendPayload, null, 2));
-      const backendResponse = await fetch('https://api2.onairos.uk/youtube/native-auth', {
+      console.log('📤 Sending Instagram OAuth request:', jsonData);
+      const response = await makeDeveloperRequest(PLATFORM_AUTH_CONFIG[platform].authEndpoint, {
         method: 'POST',
-        headers: {
-          'Content-Type': 'application/json',
-          ...(authToken && {
-            'Authorization': authToken
-          })
-        },
-        body: JSON.stringify(backendPayload)
+        body: JSON.stringify(jsonData)
       });
-      console.log('📡 [YOUTUBE REAUTH] Response Status:', backendResponse.status);
-      console.log('📡 [YOUTUBE REAUTH] Response Status Text:', backendResponse.statusText);
-      console.log('📡 [YOUTUBE REAUTH] Response Headers:', backendResponse.headers);
-      if (backendResponse.ok) {
-        var _responseData$validat, _responseData$tempora;
-        const responseData = await backendResponse.json();
-        console.log('✅ [YOUTUBE REAUTH] Backend Response SUCCESS:', JSON.stringify(responseData, null, 2));
-
-        // Enhanced verification with detailed logging and temporary mode detection (exact backend fields)
-        const isTemporaryMode = ((_responseData$validat = responseData.validation) === null || _responseData$validat === void 0 ? void 0 : _responseData$validat.isTemporaryMode) === true || ((_responseData$tempora = responseData.temporaryMode) === null || _responseData$tempora === void 0 ? void 0 : _responseData$tempora.enabled) === true || responseData.isTemporaryMode === true || responseData.message && responseData.message.includes('temporary access token mode');
-        if (isTemporaryMode) {
-          console.log('🔄 [YOUTUBE REAUTH] YouTube connected in temporary mode');
-          console.log('✅ [YOUTUBE REAUTH] Training will work, but connection expires in ~1 hour');
-          console.log('🎉 [YOUTUBE REAUTH] SUCCESS: Temporary YouTube connection established!');
-          console.log('🔑 [YOUTUBE REAUTH] Connection Details:');
-          console.log('🔑 [YOUTUBE REAUTH] Mode: Temporary (expires ~1 hour)');
-          console.log('🔑 [YOUTUBE REAUTH] Training Ready: Yes');
-          console.log('🔑 [YOUTUBE REAUTH] Refresh token sent:', refreshToken ? 'Yes' : 'No');
-        } else if (responseData.hasRefreshToken || responseData.refreshTokenReceived) {
-          console.log('✅ [YOUTUBE REAUTH] Backend CONFIRMED refresh token received');
-          console.log('✅ [YOUTUBE REAUTH] Response hasRefreshToken:', responseData.hasRefreshToken);
-          console.log('🎉 [YOUTUBE REAUTH] SUCCESS: Full YouTube connection with refresh tokens!');
-
-          // CRITICAL: Print the refresh token that was sent for debugging
-          console.log('🔑 [YOUTUBE REAUTH] REFRESH TOKEN SENT TO BACKEND:');
-          console.log('🔑 [YOUTUBE REAUTH] Full refresh token:', refreshToken);
-          console.log('🔑 [YOUTUBE REAUTH] Refresh token type:', refreshToken.startsWith('4/') ? 'serverAuthCode' : 'refreshToken');
-          console.log('🔑 [YOUTUBE REAUTH] Refresh token length:', refreshToken.length);
-        } else {
-          console.warn('⚠️ [YOUTUBE REAUTH] Backend did NOT confirm refresh token reception');
-          console.warn('⚠️ [YOUTUBE REAUTH] Response data:', responseData);
-          console.warn('⚠️ [YOUTUBE REAUTH] Expected hasRefreshToken or refreshTokenReceived in response');
-          return false;
-        }
+      console.log('📡 Instagram OAuth response status:', response.status);
+      if (!response.ok) {
+        const errorText = await response.text();
+        console.error('❌ Instagram OAuth API error:', errorText);
+        throw new Error(`Instagram OAuth API error: ${response.status} - ${errorText}`);
+      }
+      const responseData = await response.json();
+      console.log('📥 Instagram OAuth response data:', responseData);
+      if (responseData.instagramURL) {
+        console.log('✅ Instagram OAuth URL received:', responseData.instagramURL);
 
-        // CRITICAL: Signal training system to restart with new connection
-        console.log('🔄 [YOUTUBE REAUTH] Signaling training system to restart...');
-        try {
-          await triggerTrainingRestart(username, authToken);
-          console.log('✅ [YOUTUBE REAUTH] Training restart signal sent successfully');
-        } catch (restartError) {
-          console.warn('⚠️ [YOUTUBE REAUTH] Training restart signal failed:', restartError);
-          console.warn('⚠️ [YOUTUBE REAUTH] User may need to manually restart training');
+        // Validate the URL before returning
+        if (await validateOAuthUrl(responseData.instagramURL)) {
+          return responseData.instagramURL;
+        } else {
+          throw new Error('Received invalid Instagram OAuth URL');
         }
-        return true;
-      } else {
-        const errorData = await backendResponse.text();
-        console.error('❌ [YOUTUBE REAUTH] Backend processing FAILED:', backendResponse.status, errorData);
-        console.error('❌ [YOUTUBE REAUTH] This means the reauth signal was not processed');
-        return false;
       }
-    } else {
-      console.error('❌ CRITICAL: No refresh token even after consent screen');
-      console.error('❌ This means consent screen did not appear or user denied permissions');
-      console.error('💡 Solutions:');
-      console.error('   1. Try the revoke method: forceYouTubeReconnectionWithRevoke()');
-      console.error('   2. Check Google Console OAuth configuration');
-      console.error('   3. Ensure user clicks "Allow" on consent screen');
-      return false;
+      console.error('❌ No Instagram URL found in response');
+      throw new Error('No Instagram URL found in response');
     }
-  } catch (error) {
-    console.error('❌ Error forcing YouTube consent:', error);
-    if (error.code === statusCodes.SIGN_IN_CANCELLED) {
-      console.error('❌ User cancelled sign-in - no refresh token obtained');
-      console.error('💡 User must click "Allow" to get refresh token');
-    } else if (error.code === statusCodes.IN_PROGRESS) {
-      console.error('❌ Sign-in already in progress');
-    } else if (error.code === statusCodes.PLAY_SERVICES_NOT_AVAILABLE) {
-      console.error('❌ Google Play Services not available');
-    }
-    return false;
-  }
-};
 
-/**
- * Alternative method: Force consent by revoking existing permissions
- */
-export const forceYouTubeReconnectionWithRevoke = async username => {
-  try {
-    var _userInfo$data14;
-    console.log('🔄 FORCING YouTube consent via REVOKE method...');
-    console.log('👤 User:', username);
-
-    // Step 1: Initialize Google Sign-In
-    initializeGoogleSignIn();
-    await GoogleSignin.hasPlayServices();
+    // Prepare the request body for other platforms
+    const jsonData = {
+      session: {
+        oauthState: 'djksbfds',
+        // Use same state for all platforms
+        username: username || 'Avatar',
+        appName: appName || 'DefaultApp'
+      }
+    };
+    console.log(`📤 Sending ${platform} OAuth request:`, jsonData);
 
-    // Step 2: ✅ CRITICAL: Revoke existing permissions (forces fresh consent)
-    try {
-      await GoogleSignin.revokeAccess();
-      console.log('✅ Revoked existing permissions - fresh consent REQUIRED');
-    } catch (revokeError) {
-      console.log('ℹ️ No existing permissions to revoke:', revokeError);
+    // Make the authenticated request to get the OAuth URL
+    const response = await makeDeveloperRequest(PLATFORM_AUTH_CONFIG[platform].authEndpoint, {
+      method: 'POST',
+      body: JSON.stringify(jsonData)
+    });
+    console.log(`📡 ${platform} OAuth response status:`, response.status);
+    if (!response.ok) {
+      const errorText = await response.text();
+      console.error(`❌ ${platform} OAuth API error:`, errorText);
+      throw new Error(`${platform} OAuth API error: ${response.status} - ${errorText}`);
     }
 
-    // Step 3: Sign out completely
-    await GoogleSignin.signOut();
-    console.log('✅ Signed out completely');
-
-    // Step 4: ✅ Now sign in again (will DEFINITELY show consent screen)
-    console.log('🔐 Signing in after revoke - consent screen MUST appear...');
-    const userInfo = await GoogleSignin.signIn();
+    // Parse the response
+    const data = await response.json();
+    console.log(`📥 ${platform} OAuth response data:`, data);
 
-    // Step 5: ✅ User will definitely see consent screen now
-    const tokens = await GoogleSignin.getTokens();
-    const currentUser = await GoogleSignin.getCurrentUser();
-    const refreshToken = ((_userInfo$data14 = userInfo.data) === null || _userInfo$data14 === void 0 ? void 0 : _userInfo$data14.serverAuthCode) || (currentUser === null || currentUser === void 0 ? void 0 : currentUser.serverAuthCode);
-    if (refreshToken) {
-      console.log('✅ SUCCESS: Got refresh token after REVOKE + consent!');
-      console.log('🔑 Refresh token preview:', `${refreshToken.substring(0, 20)}...`);
+    // Extra logging for Gmail to help debug
+    if (platform === 'email') {
+      console.log('🔍 Gmail OAuth response keys:', Object.keys(data));
+      console.log('🔍 Gmail OAuth full response:', JSON.stringify(data, null, 2));
+    }
 
-      // Continue with the same backend submission logic as above
-      // (Similar to forceYouTubeReconnectionWithConsent)
+    // Check if the response contains the OAuth URL based on platform
+    let oauthUrl = null;
+    switch (platform) {
+      case 'reddit':
+        oauthUrl = data.redditURL;
+        break;
+      case 'pinterest':
+        oauthUrl = data.pinterestURL;
+        break;
+      case 'youtube':
+        oauthUrl = data.youtubeURL;
+        break;
+      case 'email':
+        // Gmail might return under different field names
+        oauthUrl = data.emailURL || data.gmailURL || data.authUrl || data.url;
+        break;
+      default:
+        oauthUrl = data.url;
+        break;
+    }
+    if (!oauthUrl) {
+      console.error(`❌ No OAuth URL found in response for ${platform}. Response:`, data);
+      throw new Error(`No OAuth URL found in response for ${platform}`);
+    }
+    console.log(`✅ ${platform} OAuth URL received:`, oauthUrl);
 
-      return true;
+    // Validate the URL before returning
+    if (await validateOAuthUrl(oauthUrl)) {
+      return oauthUrl;
     } else {
-      console.error('❌ Still no refresh token after revoke method');
-      return false;
+      throw new Error(`Received invalid ${platform} OAuth URL`);
     }
   } catch (error) {
-    console.error('❌ Error with revoke method:', error);
-    return false;
-  }
-};
-
-/**
- * Fix YouTube connection for a specific user (like nicholase50)
- */
-export const fixUserYouTubeConnection = async username => {
-  console.log(`🔧 Fixing YouTube connection for user: ${username}`);
-
-  // Method 1: Try forced consent via configuration
-  console.log('🔄 Method 1: Trying forced consent via configuration...');
-  let success = await forceYouTubeReconnectionWithConsent(username);
-  if (success) {
-    console.log(`✅ ${username} YouTube connection fixed via Method 1!`);
-    return true;
-  }
-
-  // Method 2: Try forced consent via revoke
-  console.log('🔄 Method 2: Trying forced consent via revoke...');
-  success = await forceYouTubeReconnectionWithRevoke(username);
-  if (success) {
-    console.log(`✅ ${username} YouTube connection fixed via Method 2!`);
-    return true;
+    console.error(`Error initiating OAuth for ${platform}:`, error);
+    throw error;
   }
-  console.error(`❌ Failed to fix ${username} YouTube connection with both methods`);
-  return false;
 };
 
-/**
- * Get fresh tokens using refresh token
+/**
+ * Validates an OAuth URL to ensure it's reachable
+ * @param url The OAuth URL to validate
+ * @returns Promise<boolean> indicating if the URL is valid and reachable
  */
-const refreshGoogleTokens = async () => {
+const validateOAuthUrl = async url => {
   try {
-    console.log('🔄 Attempting to refresh Google tokens...');
+    console.log('🔍 Validating OAuth URL:', url);
 
-    // Check if user is signed in
-    const currentUser = await GoogleSignin.getCurrentUser();
-    if (!currentUser) {
-      console.log('❌ User not signed in to Google, cannot refresh tokens');
-      return null;
+    // Basic URL format validation
+    if (!url || typeof url !== 'string') {
+      console.error('❌ Invalid URL format:', url);
+      return false;
     }
 
-    // Get fresh tokens
-    const tokens = await GoogleSignin.getTokens();
-    console.log('✅ Successfully refreshed Google tokens');
-    return {
-      accessToken: tokens.accessToken,
-      idToken: tokens.idToken
-    };
-  } catch (error) {
-    console.error('❌ Failed to refresh Google tokens:', error);
-
-    // If refresh fails, try to sign in again
-    try {
-      console.log('🔄 Refresh failed, attempting re-authentication...');
-      const userInfo = await GoogleSignin.signIn();
-      const tokens = await GoogleSignin.getTokens();
-      console.log('✅ Re-authentication successful');
-      return {
-        accessToken: tokens.accessToken,
-        idToken: tokens.idToken
-      };
-    } catch (signInError) {
-      console.error('❌ Re-authentication also failed:', signInError);
-      return null;
+    // Check if URL starts with https
+    if (!url.startsWith('https://')) {
+      console.error('❌ URL must use HTTPS:', url);
+      return false;
     }
-  }
-};
-
-/**
- * Debug YouTube tokens to verify refresh token availability
- */
-const debugYouTubeTokens = async () => {
-  try {
-    var _currentUser$user;
-    const tokens = await GoogleSignin.getTokens();
-    const currentUser = await GoogleSignin.getCurrentUser();
-    console.log('🔍 YouTube Token Debug:', {
-      accessToken: tokens.accessToken ? `${tokens.accessToken.substring(0, 20)}...` : 'Missing',
-      idToken: tokens.idToken ? 'Present' : 'Missing',
-      serverAuthCode: currentUser !== null && currentUser !== void 0 && currentUser.serverAuthCode ? `${currentUser.serverAuthCode.substring(0, 20)}...` : 'Missing',
-      userEmail: (currentUser === null || currentUser === void 0 || (_currentUser$user = currentUser.user) === null || _currentUser$user === void 0 ? void 0 : _currentUser$user.email) || 'Missing'
-    });
-    return {
-      hasRefreshToken: !!(currentUser !== null && currentUser !== void 0 && currentUser.serverAuthCode),
-      refreshTokenType: currentUser !== null && currentUser !== void 0 && currentUser.serverAuthCode ? 'serverAuthCode' : 'none'
-    };
-  } catch (error) {
-    console.error('❌ Debug tokens failed:', error);
-    return {
-      hasRefreshToken: false,
-      refreshTokenType: 'error'
-    };
-  }
-};
-
-/**
- * Force fresh YouTube reconnection with proper refresh token
- */
-export const reconnectYouTube = async username => {
-  try {
-    console.log('🔄 Forcing fresh YouTube reconnection for refresh token...');
 
-    // 1. Sign out completely to force fresh consent
+    // Try to parse the URL
     try {
-      await GoogleSignin.signOut();
-      console.log('✅ Signed out from Google');
-    } catch (signOutError) {
-      console.log('ℹ️ Already signed out or sign out failed:', signOutError);
+      new URL(url);
+    } catch (parseError) {
+      console.error('❌ URL parsing failed:', parseError);
+      return false;
     }
 
-    // 2. Clear any cached tokens
-    try {
-      const currentTokens = await GoogleSignin.getTokens();
-      if (currentTokens.accessToken) {
-        await GoogleSignin.clearCachedAccessToken(currentTokens.accessToken);
-        console.log('✅ Cleared cached access token');
-      }
-    } catch (clearError) {
-      console.log('ℹ️ Token clearing failed or not needed:', clearError);
-    }
+    // Make a HEAD request to check if the URL is reachable
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), 10000); // 10 second timeout
 
-    // 3. Re-authenticate with fresh consent
-    const result = await initiateNativeAuth('youtube', username);
-    if (result) {
-      console.log('✅ YouTube reconnected successfully with refresh token');
+    try {
+      const response = await fetch(url, {
+        method: 'HEAD',
+        signal: controller.signal
+      });
+      clearTimeout(timeoutId);
 
-      // 4. Verify we now have a refresh token
-      const debugInfo = await debugYouTubeTokens();
-      if (debugInfo.hasRefreshToken) {
-        console.log('✅ Refresh token confirmed:', debugInfo.refreshTokenType);
-      } else {
-        console.warn('⚠️ Still no refresh token after reconnection');
-      }
+      // Accept any response that's not a network error
+      // OAuth pages might return various status codes
+      console.log('✅ OAuth URL validation successful, status:', response.status);
       return true;
-    } else {
-      console.error('❌ YouTube reconnection failed');
-      return false;
+    } catch (fetchError) {
+      clearTimeout(timeoutId);
+      if (fetchError.name === 'AbortError') {
+        console.warn('⚠️ OAuth URL validation timeout, but proceeding anyway');
+        return true; // Allow timeout as URLs might be slow to respond
+      }
+      console.warn('⚠️ OAuth URL validation failed, but proceeding anyway:', fetchError.message);
+      return true; // Allow network errors as they might be temporary
     }
   } catch (error) {
-    console.error('❌ YouTube reconnection error:', error);
-    return false;
+    console.warn('⚠️ OAuth URL validation error, but proceeding anyway:', error);
+    return true; // Allow validation errors to not block the flow
   }
 };
 
-/**
- * Initiate native authentication for platforms with SDKs
+/**
+ * Initiates the native SDK authentication flow for a platform
+ * @param platform The platform to authenticate with
+ * @returns A Promise that resolves to the authentication result
  */
 export const initiateNativeAuth = async (platform, username) => {
   if (platform === 'youtube') {
     console.log('🔗 Initiating native Google Sign-In for YouTube');
-
-    // Validate username for YouTube
-    if (!username || username.trim() === '') {
-      console.error('❌ [YOUTUBE AUTH] Username is required for YouTube authentication');
-      return false;
-    }
     try {
-      var _userInfo$data15, _currentUser$user2, _userInfo$data16, _userInfo$data17, _userInfo$data24, _userInfo$data27, _userInfo$data28, _userInfo$data29, _userInfo$data30, _authToken, _userInfo$data31;
-      // Initialize Google Sign-In if not already done
-      // ✅ CRITICAL: Initialize with CORRECT iOS Client ID
-      initializeGoogleSignIn();
+      var _currentUser$user, _userInfo$user4, _userInfo$user6, _userInfo$user7, _userInfo$user8;
+      // Check if Google Sign-In package is available
+      let GoogleSignin, statusCodes;
+      try {
+        const googleSignInModule = require('@react-native-google-signin/google-signin');
+        GoogleSignin = googleSignInModule.GoogleSignin;
+        statusCodes = googleSignInModule.statusCodes;
+      } catch (importError) {
+        console.error('❌ Google Sign-In package not available:', importError);
+        throw new Error('Google Sign-In SDK not installed. Please install @react-native-google-signin/google-signin');
+      }
 
-      // Check if Google Play Services are available
-      await GoogleSignin.hasPlayServices();
+      // Configure Google Sign-In with better error handling
+      try {
+        const youtubeConfig = PLATFORM_AUTH_CONFIG.youtube;
+        const webClientId = youtubeConfig.clientId || '1030678346906-lovkuds2ouqmoc8eu5qpo98spa6edv4o.apps.googleusercontent.com';
+        const iosClientId = youtubeConfig.iosClientId || webClientId;
+        await GoogleSignin.configure({
+          webClientId: webClientId,
+          iosClientId: iosClientId,
+          scopes: ['https://www.googleapis.com/auth/youtube.readonly'],
+          offlineAccess: true,
+          hostedDomain: '',
+          forceCodeForRefreshToken: true,
+          accountName: ''
+        });
+        console.log('✅ Google Sign-In configured successfully with client ID:', webClientId.substring(0, 20) + '...');
+      } catch (configError) {
+        console.error('❌ Google Sign-In configuration failed:', configError);
+        throw new Error(`Google Sign-In configuration failed: ${configError.message || configError}`);
+      }
 
-      // ✅ CRITICAL: Force sign out first to ensure fresh consent
+      // Check if Google Play Services are available (Android only)
       try {
-        await GoogleSignin.signOut();
-        console.log('🔄 Signed out to force fresh consent');
-      } catch (signOutError) {
-        console.log('ℹ️ Sign out not needed or failed:', signOutError);
+        await GoogleSignin.hasPlayServices({
+          showPlayServicesUpdateDialog: true
+        });
+        console.log('✅ Google Play Services available');
+      } catch (playServicesError) {
+        console.error('❌ Google Play Services error:', playServicesError);
+        throw new Error(`Google Play Services not available: ${playServicesError.message || playServicesError}`);
       }
 
-      // Sign in with Google (this will show consent screen due to our config)
-      const userInfo = await GoogleSignin.signIn();
-      console.log('✅ Google Sign-In successful:', (_userInfo$data15 = userInfo.data) === null || _userInfo$data15 === void 0 || (_userInfo$data15 = _userInfo$data15.user) === null || _userInfo$data15 === void 0 ? void 0 : _userInfo$data15.email);
-      console.log('📋 FULL userInfo object:');
-      console.log(JSON.stringify(userInfo, null, 2));
+      // Sign in with Google
+      let userInfo;
+      try {
+        var _userInfo$user;
+        userInfo = await GoogleSignin.signIn();
+        console.log('✅ Google Sign-In successful:', (_userInfo$user = userInfo.user) === null || _userInfo$user === void 0 ? void 0 : _userInfo$user.email);
+      } catch (signInError) {
+        console.error('❌ Google Sign-In failed:', signInError);
+
+        // Handle specific error codes
+        if (signInError.code === statusCodes.SIGN_IN_CANCELLED) {
+          throw new Error('Google Sign-In was cancelled by user');
+        } else if (signInError.code === statusCodes.IN_PROGRESS) {
+          throw new Error('Google Sign-In already in progress');
+        } else if (signInError.code === statusCodes.PLAY_SERVICES_NOT_AVAILABLE) {
+          throw new Error('Google Play Services not available or outdated');
+        } else {
+          throw new Error(`Google Sign-In failed: ${signInError.message || signInError}`);
+        }
+      }
 
       // Get access token for API calls
       const tokens = await GoogleSignin.getTokens();
       console.log('🔑 Got Google tokens');
-      console.log('📋 FULL tokens object:');
-      console.log(JSON.stringify(tokens, null, 2));
 
-      // CRITICAL: Get the current user info which contains the refresh token
+      // Get current user info with refresh token
       const currentUser = await GoogleSignin.getCurrentUser();
-      console.log('👤 Current user info:', currentUser === null || currentUser === void 0 || (_currentUser$user2 = currentUser.user) === null || _currentUser$user2 === void 0 ? void 0 : _currentUser$user2.email);
-      console.log('📋 FULL currentUser object:');
-      console.log(JSON.stringify(currentUser, null, 2));
+      console.log('👤 Current user info:', currentUser === null || currentUser === void 0 || (_currentUser$user = currentUser.user) === null || _currentUser$user === void 0 ? void 0 : _currentUser$user.email);
 
-      // ✅ CRITICAL: Extract refresh token properly using serverAuthCode
+      // Extract refresh token from server auth code
       let refreshToken = null;
-      console.log('🔍 REFRESH TOKEN EXTRACTION:');
-      console.log('- userInfo.data?.serverAuthCode:', (_userInfo$data16 = userInfo.data) !== null && _userInfo$data16 !== void 0 && _userInfo$data16.serverAuthCode ? `Present: ${userInfo.data.serverAuthCode.substring(0, 20)}...` : 'Missing');
-      console.log('- currentUser?.serverAuthCode:', currentUser !== null && currentUser !== void 0 && currentUser.serverAuthCode ? `Present: ${currentUser.serverAuthCode.substring(0, 20)}...` : 'Missing');
-      console.log('- tokens.idToken:', tokens.idToken ? `Present: ${tokens.idToken.substring(0, 20)}...` : 'Missing');
-      console.log('- tokens.accessToken:', tokens.accessToken ? `Present: ${tokens.accessToken.substring(0, 20)}...` : 'Missing');
-
-      // The serverAuthCode is the refresh token mechanism for React Native Google Sign-In
       if (currentUser !== null && currentUser !== void 0 && currentUser.serverAuthCode) {
+        console.log('🔄 Server auth code available for refresh token');
         refreshToken = currentUser.serverAuthCode;
-        console.log('✅ Got serverAuthCode (refresh token mechanism)');
-        console.log('🔑 Refresh token preview:', `${refreshToken.substring(0, 20)}...`);
-      } else if ((_userInfo$data17 = userInfo.data) !== null && _userInfo$data17 !== void 0 && _userInfo$data17.serverAuthCode) {
-        refreshToken = userInfo.data.serverAuthCode;
-        console.log('✅ Got serverAuthCode from sign-in response');
-        console.log('🔑 Refresh token preview:', `${refreshToken.substring(0, 20)}...`);
       }
-
-      // ✅ CRITICAL: Verify refresh token availability
       if (!refreshToken) {
-        console.error('❌ CRITICAL: No refresh token available - YouTube connection will fail when token expires');
-        console.error('💡 User needs to reconnect with proper consent screen');
-        console.error('💡 Check Google Sign-In configuration: offlineAccess, forceCodeForRefreshToken');
-
-        // Still continue but warn about the issue
-        console.warn('⚠️ Continuing without refresh token - connection may fail later');
+        console.warn('⚠️ No refresh token available - token refresh may fail later');
       } else {
         console.log('✅ Refresh token available for YouTube connection');
-        console.log('🔑 Refresh token type:', refreshToken.startsWith('4/') ? 'serverAuthCode' : 'refreshToken');
       }
 
-      // Fetch YouTube channel information using the access token
+      // Fetch YouTube channel information
       let channelName = 'Unknown Channel';
       let channelId = null;
       try {
@@ -753,60 +400,28 @@ export const initiateNativeAuth = async (platform, username) => {
           if (channelData.items && channelData.items.length > 0) {
             channelName = channelData.items[0].snippet.title;
             channelId = channelData.items[0].id;
-            console.log('✅ YouTube channel found:', channelName, 'ID:', channelId);
-          } else {
-            var _userInfo$data18, _userInfo$data19;
-            console.log('⚠️ No YouTube channel found for user');
-            channelName = ((_userInfo$data18 = userInfo.data) === null || _userInfo$data18 === void 0 || (_userInfo$data18 = _userInfo$data18.user) === null || _userInfo$data18 === void 0 ? void 0 : _userInfo$data18.name) || ((_userInfo$data19 = userInfo.data) === null || _userInfo$data19 === void 0 || (_userInfo$data19 = _userInfo$data19.user) === null || _userInfo$data19 === void 0 ? void 0 : _userInfo$data19.email) || 'No Channel';
+            console.log('✅ YouTube channel found:', channelName);
           }
-        } else {
-          var _userInfo$data20, _userInfo$data21;
-          console.log('⚠️ Failed to fetch YouTube channel info:', channelResponse.status);
-          channelName = ((_userInfo$data20 = userInfo.data) === null || _userInfo$data20 === void 0 || (_userInfo$data20 = _userInfo$data20.user) === null || _userInfo$data20 === void 0 ? void 0 : _userInfo$data20.name) || ((_userInfo$data21 = userInfo.data) === null || _userInfo$data21 === void 0 || (_userInfo$data21 = _userInfo$data21.user) === null || _userInfo$data21 === void 0 ? void 0 : _userInfo$data21.email) || 'Unknown Channel';
         }
       } catch (channelError) {
-        var _userInfo$data22, _userInfo$data23;
+        var _userInfo$user2, _userInfo$user3;
         console.log('⚠️ Error fetching YouTube channel info:', channelError);
-        channelName = ((_userInfo$data22 = userInfo.data) === null || _userInfo$data22 === void 0 || (_userInfo$data22 = _userInfo$data22.user) === null || _userInfo$data22 === void 0 ? void 0 : _userInfo$data22.name) || ((_userInfo$data23 = userInfo.data) === null || _userInfo$data23 === void 0 || (_userInfo$data23 = _userInfo$data23.user) === null || _userInfo$data23 === void 0 ? void 0 : _userInfo$data23.email) || 'Unknown Channel';
+        channelName = ((_userInfo$user2 = userInfo.user) === null || _userInfo$user2 === void 0 ? void 0 : _userInfo$user2.name) || ((_userInfo$user3 = userInfo.user) === null || _userInfo$user3 === void 0 ? void 0 : _userInfo$user3.email) || 'Unknown Channel';
       }
 
-      // Get stored authentication info to link YouTube data to user account
+      // Get authentication info
       let authToken = (await AsyncStorage.getItem('onairos_jwt_token')) || (await AsyncStorage.getItem('enoch_token')) || (await AsyncStorage.getItem('auth_token'));
       const storedUsername = await AsyncStorage.getItem('onairos_username');
-      const finalUsername = storedUsername || username || ((_userInfo$data24 = userInfo.data) === null || _userInfo$data24 === void 0 || (_userInfo$data24 = _userInfo$data24.user) === null || _userInfo$data24 === void 0 ? void 0 : _userInfo$data24.email) || 'youtube_user';
+      const finalUsername = storedUsername || username || ((_userInfo$user4 = userInfo.user) === null || _userInfo$user4 === void 0 ? void 0 : _userInfo$user4.email) || 'youtube_user';
 
-      // If no auth token exists, create one now to ensure YouTube data is linked to user account
+      // Create auth token if needed
       if (!authToken || authToken.trim().length < 20) {
-        console.log('🔐 No valid authentication token found, creating one for YouTube authentication...');
+        console.log('🔐 Creating authentication token for YouTube...');
         try {
-          var _userInfo$data25;
-          // Create user accounts and get proper Enoch token
-          const fallbackEmail = ((_userInfo$data25 = userInfo.data) === null || _userInfo$data25 === void 0 || (_userInfo$data25 = _userInfo$data25.user) === null || _userInfo$data25 === void 0 ? void 0 : _userInfo$data25.email) || `${finalUsername}@youtube.temp`;
-
-          // Step 1: Create Enoch user first
-          console.log('🔐 Step 1: Creating Enoch user for YouTube auth...');
-          try {
-            var _userInfo$data26;
-            const enochRegisterResponse = await fetch('https://api2.onairos.uk/enoch/users/register', {
-              method: 'POST',
-              headers: {
-                'Content-Type': 'application/json'
-              },
-              body: JSON.stringify({
-                email: fallbackEmail,
-                name: finalUsername,
-                photoUrl: ((_userInfo$data26 = userInfo.data) === null || _userInfo$data26 === void 0 || (_userInfo$data26 = _userInfo$data26.user) === null || _userInfo$data26 === void 0 ? void 0 : _userInfo$data26.photo) || ''
-              })
-            });
-            console.log('📡 Enoch register response status:', enochRegisterResponse.status);
-            const enochResponseData = await enochRegisterResponse.json();
-            console.log('🔗 Enoch user creation response:', enochResponseData);
-          } catch (enochError) {
-            console.warn('⚠️ Enoch user creation failed (continuing):', enochError);
-          }
+          var _userInfo$user5;
+          const fallbackEmail = ((_userInfo$user5 = userInfo.user) === null || _userInfo$user5 === void 0 ? void 0 : _userInfo$user5.email) || `${finalUsername}@youtube.temp`;
 
-          // Step 2: Create Onairos account to get JWT token
-          console.log('🔐 Step 2: Creating Onairos account for YouTube auth...');
+          // Create user accounts and get JWT token
           const onairosSignupResponse = await fetch('https://api2.onairos.uk/register/enoch', {
             method: 'POST',
             headers: {
@@ -818,244 +433,249 @@ export const initiateNativeAuth = async (platform, username) => {
               name: finalUsername
             })
           });
-          console.log('📡 Onairos register response status:', onairosSignupResponse.status);
           if (onairosSignupResponse.ok) {
             var _onairosResponseData$;
             const onairosResponseData = await onairosSignupResponse.json();
-            console.log('🔗 Onairos account creation response:', onairosResponseData);
-
-            // Extract the token from the response
-            if (onairosResponseData.token) {
-              authToken = onairosResponseData.token;
-            } else if ((_onairosResponseData$ = onairosResponseData.data) !== null && _onairosResponseData$ !== void 0 && _onairosResponseData$.token) {
-              authToken = onairosResponseData.data.token;
-            } else if (onairosResponseData.jwt) {
-              authToken = onairosResponseData.jwt;
-            }
+
+            // Extract token from response
+            authToken = onairosResponseData.token || ((_onairosResponseData$ = onairosResponseData.data) === null || _onairosResponseData$ === void 0 ? void 0 : _onairosResponseData$.token) || onairosResponseData.jwt;
             if (authToken) {
-              // Store the Enoch token in all the standard locations
+              // Store tokens
               await AsyncStorage.setItem('onairos_jwt_token', authToken);
               await AsyncStorage.setItem('enoch_token', authToken);
               await AsyncStorage.setItem('auth_token', authToken);
               await AsyncStorage.setItem('onairos_username', onairosResponseData.username || finalUsername);
-              console.log('✅ Successfully created and stored Enoch authentication token for YouTube');
-              console.log('🔑 Enoch token preview:', `${authToken.substring(0, 20)}...`);
+              console.log('✅ Successfully created and stored authentication token');
             }
-          } else {
-            const errorText = await onairosSignupResponse.text();
-            console.warn('⚠️ Could not create Enoch auth token for YouTube:', errorText);
           }
         } catch (tokenError) {
-          console.warn('⚠️ Error creating Enoch auth token for YouTube:', tokenError);
-          // Continue without token - backend will handle gracefully
+          console.warn('⚠️ Error creating auth token:', tokenError);
         }
-      } else {
-        console.log('✅ Found existing authentication token for YouTube auth');
-        console.log('🔑 Token preview:', `${authToken.substring(0, 20)}...`);
       }
       console.log('🔗 Linking YouTube data to user:', finalUsername);
-      console.log('🔑 Using auth token for linking:', authToken ? `${authToken.substring(0, 20)}...` : 'No token');
       console.log('📺 YouTube channel name:', channelName);
 
-      // ✅ CRITICAL: Enhanced payload with comprehensive refresh token data
-      const backendPayload = {
-        session: {
-          username: finalUsername,
-          platform: 'youtube',
-          timestamp: new Date().toISOString(),
-          channelName: channelName,
-          channelId: channelId
-        },
-        googleUser: (_userInfo$data27 = userInfo.data) === null || _userInfo$data27 === void 0 ? void 0 : _userInfo$data27.user,
-        accessToken: tokens.accessToken,
-        idToken: tokens.idToken,
-        refreshToken: refreshToken,
-        // ✅ CRITICAL: Include refresh token
-        serverAuthCode: refreshToken,
-        // ✅ Alternative refresh mechanism (same as refreshToken)
-
-        // ✅ CRITICAL: Additional compatibility fields for backend
-        refresh_token: refreshToken,
-        // Snake case version
-        server_auth_code: refreshToken,
-        // Snake case version
-        authCode: refreshToken,
-        // Alternative naming
-
-        // Include user account linking information
-        userAccountInfo: {
-          username: finalUsername,
-          email: (_userInfo$data28 = userInfo.data) === null || _userInfo$data28 === void 0 || (_userInfo$data28 = _userInfo$data28.user) === null || _userInfo$data28 === void 0 ? void 0 : _userInfo$data28.email,
-          authToken: authToken,
-          channelName: channelName,
-          channelId: channelId,
-          // CRITICAL: Include user identifier that matches your database
-          userIdentifier: authToken ? `user-${authToken.substring(0, 10)}` : `youtube-${(_userInfo$data29 = userInfo.data) === null || _userInfo$data29 === void 0 || (_userInfo$data29 = _userInfo$data29.user) === null || _userInfo$data29 === void 0 ? void 0 : _userInfo$data29.email}`,
-          googleId: (_userInfo$data30 = userInfo.data) === null || _userInfo$data30 === void 0 || (_userInfo$data30 = _userInfo$data30.user) === null || _userInfo$data30 === void 0 ? void 0 : _userInfo$data30.id,
-          appleUserId: (_authToken = authToken) !== null && _authToken !== void 0 && _authToken.includes('apple') ? authToken.split('.')[1] : null,
-          // ✅ CRITICAL: Also include refresh token in userAccountInfo
-          refreshToken: refreshToken,
-          serverAuthCode: refreshToken
-        },
-        // Token expiry information
-        tokenExpiry: new Date(Date.now() + 3600 * 1000).toISOString(),
-        // 1 hour from now
-        // Force refresh token request
-        requestRefreshToken: true,
-        // ✅ CRITICAL: Debug information for backend
-        debugInfo: {
-          hasRefreshToken: !!refreshToken,
-          refreshTokenType: refreshToken ? refreshToken.startsWith('4/') ? 'serverAuthCode' : 'refreshToken' : 'none',
-          configuredForRefresh: true,
-          forcedConsent: true,
-          refreshTokenValue: refreshToken // Include actual value for debugging
-        }
-      };
-      console.log('📤 BACKEND PAYLOAD SUMMARY:');
-      console.log('- hasAccessToken:', !!backendPayload.accessToken);
-      console.log('- hasRefreshToken:', !!backendPayload.refreshToken);
-      console.log('- hasServerAuthCode:', !!backendPayload.serverAuthCode);
-      console.log('- refreshTokenType:', backendPayload.debugInfo.refreshTokenType);
-      console.log('- userEmail:', (_userInfo$data31 = userInfo.data) === null || _userInfo$data31 === void 0 || (_userInfo$data31 = _userInfo$data31.user) === null || _userInfo$data31 === void 0 ? void 0 : _userInfo$data31.email);
-      console.log('- channelName:', channelName);
-      console.log('📋 COMPLETE BACKEND PAYLOAD:');
-      console.log(JSON.stringify(backendPayload, null, 2));
-
-      // Send the tokens to your backend for YouTube data processing with ENHANCED LOGGING
-      console.log('📤 Sending YouTube auth to backend with refresh token:', !!refreshToken);
+      // Send tokens to backend for YouTube data processing
       const backendResponse = await fetch('https://api2.onairos.uk/youtube/native-auth', {
         method: 'POST',
         headers: {
           'Content-Type': 'application/json',
           ...(authToken && {
-            'Authorization': authToken
-          }) // Include auth token if available
+            'Authorization': `Bearer ${authToken}`
+          })
         },
-        body: JSON.stringify(backendPayload)
+        body: JSON.stringify({
+          session: {
+            username: finalUsername,
+            platform: 'youtube',
+            timestamp: new Date().toISOString(),
+            channelName: channelName,
+            channelId: channelId
+          },
+          googleUser: userInfo.user,
+          accessToken: tokens.accessToken,
+          idToken: tokens.idToken,
+          refreshToken: refreshToken,
+          // CRITICAL: Include refresh token
+          serverAuthCode: currentUser === null || currentUser === void 0 ? void 0 : currentUser.serverAuthCode,
+          userAccountInfo: {
+            username: finalUsername,
+            email: (_userInfo$user6 = userInfo.user) === null || _userInfo$user6 === void 0 ? void 0 : _userInfo$user6.email,
+            authToken: authToken,
+            channelName: channelName,
+            channelId: channelId,
+            userIdentifier: authToken ? `user-${authToken.substring(0, 10)}` : `youtube-${(_userInfo$user7 = userInfo.user) === null || _userInfo$user7 === void 0 ? void 0 : _userInfo$user7.email}`,
+            googleId: (_userInfo$user8 = userInfo.user) === null || _userInfo$user8 === void 0 ? void 0 : _userInfo$user8.id
+          },
+          tokenExpiry: new Date(Date.now() + 3600 * 1000).toISOString(),
+          // 1 hour from now
+          requestRefreshToken: true
+        })
       });
-      console.log('📡 Backend response status:', backendResponse.status);
-      console.log('📡 Backend response headers:', backendResponse.headers);
       if (backendResponse.ok) {
-        var _responseData$validat2, _responseData$tempora2;
         const responseData = await backendResponse.json();
-        console.log('✅ YouTube connection successful');
-        console.log('📋 COMPLETE BACKEND RESPONSE:');
-        console.log(JSON.stringify(responseData, null, 2));
-
-        // ✅ Enhanced verification with temporary mode detection (exact backend fields)
-        const isTemporaryMode = ((_responseData$validat2 = responseData.validation) === null || _responseData$validat2 === void 0 ? void 0 : _responseData$validat2.isTemporaryMode) === true || ((_responseData$tempora2 = responseData.temporaryMode) === null || _responseData$tempora2 === void 0 ? void 0 : _responseData$tempora2.enabled) === true || responseData.isTemporaryMode === true || responseData.message && responseData.message.includes('temporary access token mode');
-        if (isTemporaryMode) {
-          console.log('🔄 [YOUTUBE AUTH] YouTube connected in temporary mode');
-          console.log('✅ [YOUTUBE AUTH] Training will work, but connection expires in ~1 hour');
-          console.log('ℹ️ [YOUTUBE AUTH] User can reconnect later for refresh tokens if needed');
-        } else if (responseData.hasRefreshToken || responseData.refreshTokenReceived) {
-          console.log('✅ [YOUTUBE AUTH] Backend confirmed refresh token received');
-          console.log('✅ [YOUTUBE AUTH] Full YouTube connection with persistent access');
-        } else {
-          console.warn('⚠️ [YOUTUBE AUTH] Backend did not confirm refresh token');
-          console.warn('🔍 [YOUTUBE AUTH] Response data keys:', Object.keys(responseData));
-          console.warn('⚠️ [YOUTUBE AUTH] Connection may fail when tokens expire');
-        }
+        console.log('✅ YouTube connection processed by backend:', responseData);
         return true;
       } else {
         const errorData = await backendResponse.text();
-        console.error('❌ YouTube auth failed:', backendResponse.status);
-        console.error('📋 BACKEND ERROR RESPONSE:');
-        console.error(errorData);
+        console.error('❌ Backend processing failed:', backendResponse.status, errorData);
         return false;
       }
     } catch (error) {
       console.error('❌ Google Sign-In error:', error);
-      if (error.code === statusCodes.SIGN_IN_CANCELLED) {
+      const {
+        statusCodes: StatusCodes
+      } = require('@react-native-google-signin/google-signin');
+      if (error.code === StatusCodes.SIGN_IN_CANCELLED) {
         console.log('User cancelled Google Sign-In');
-      } else if (error.code === statusCodes.IN_PROGRESS) {
+      } else if (error.code === StatusCodes.IN_PROGRESS) {
         console.log('Google Sign-In already in progress');
-      } else if (error.code === statusCodes.PLAY_SERVICES_NOT_AVAILABLE) {
+      } else if (error.code === StatusCodes.PLAY_SERVICES_NOT_AVAILABLE) {
         console.log('Google Play Services not available');
       }
       return false;
     }
   }
+  return false;
+};
 
-  // Instagram is commented out in the UI, but keeping the code for future use
-  if (platform === 'instagram') {
-    // Simulate Facebook Login SDK for Instagram
-    console.log('Initiating Facebook Login for Instagram');
-    return new Promise(resolve => {
-      setTimeout(() => {
-        console.log('Facebook Login completed successfully');
-        resolve(true);
-      }, 1000);
-    });
+/**
+ * Handles the OAuth callback
+ * @param url The callback URL
+ * @returns The authorization code extracted from the URL
+ */
+export const handleOAuthCallback = url => {
+  try {
+    // Parse the URL
+    const parsedUrl = new URL(url);
+
+    // Extract the authorization code
+    return parsedUrl.searchParams.get('code');
+  } catch (error) {
+    console.error('Error handling OAuth callback:', error);
+    return null;
   }
-  return false;
 };
 
-/**
- * Check if a URL is an OAuth callback
+/**
+ * Checks if a URL is an OAuth callback
+ * @param url The URL to check
+ * @returns True if the URL is an OAuth callback
  */
 export const isOAuthCallback = url => {
-  return url.includes('auth/callback') || url.includes('code=');
+  // Check if the URL starts with our redirect URI
+  return url.startsWith('onairosanime://auth/');
 };
 
-/**
- * Exchange authorization code for access token
- * This would typically be done on a server, but we're simulating it here
+/**
+ * Test connectivity to the Onairos API server
  */
-export const exchangeCodeForToken = async (code, platform) => {
-  console.log(`Exchanging code for token for platform: ${platform}`);
+export const testApiConnectivity = async () => {
   try {
-    // Use the proxy server to exchange the code for a token
-    const tokenUrl = `https://api2.onairos.uk/${platform}/token`;
+    console.log('🔍 Testing connectivity to Onairos API...');
 
-    // Make a POST request to the proxy
-    const response = await fetch(tokenUrl, {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json'
-      },
-      body: JSON.stringify({
-        code: code,
-        platform: platform
-      })
-    });
-    if (!response.ok) {
-      console.error(`Error exchanging code for token: ${response.status}`);
-      throw new Error(`Token exchange failed with status ${response.status}`);
+    // Test multiple endpoints for better reliability
+    const testEndpoints = ['https://api2.onairos.uk/health', 'https://api2.onairos.uk' // Base URL
+    ];
+    let lastError = null;
+    for (const endpoint of testEndpoints) {
+      try {
+        console.log(`🔍 Testing endpoint: ${endpoint}`);
+        const controller = new AbortController();
+        const timeoutId = setTimeout(() => controller.abort(), 10000); // 10 second timeout
+
+        const response = await fetch(endpoint, {
+          method: 'GET',
+          headers: {
+            'Content-Type': 'application/json',
+            'User-Agent': 'OnairosReactNative/1.0'
+          },
+          signal: controller.signal
+        });
+        clearTimeout(timeoutId);
+        console.log(`🌐 API connectivity test response for ${endpoint}:`, response.status);
+        if (response.ok || response.status === 404) {
+          // Accept 404 as it means the server is reachable
+          console.log('✅ API server is reachable');
+          return {
+            success: true
+          };
+        } else {
+          console.log(`⚠️ API server responded with status ${response.status} for ${endpoint}`);
+          lastError = `API server error: ${response.status}`;
+          // Continue to next endpoint
+        }
+      } catch (fetchError) {
+        console.log(`❌ Failed to reach ${endpoint}:`, fetchError);
+        if (fetchError.name === 'AbortError') {
+          lastError = 'Connection timeout - API server took too long to respond';
+        } else if (fetchError.message.includes('Network request failed')) {
+          lastError = 'Network error - check your internet connection';
+        } else if (fetchError.message.includes('not connected to the internet')) {
+          lastError = 'No internet connection';
+        } else {
+          lastError = `Network error: ${fetchError.message}`;
+        }
+
+        // Continue to next endpoint
+      }
     }
-    const data = await response.json();
-    console.log(`Token exchange successful for ${platform}`);
-    return data;
+    console.error('❌ All API connectivity tests failed');
+    return {
+      success: false,
+      error: lastError || 'Cannot reach API server'
+    };
   } catch (error) {
-    console.error(`Error exchanging code for token:`, error);
+    console.error('❌ API connectivity test failed:', error);
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : 'Unknown error'
+    };
+  }
+};
 
-    // Fallback to simulation if the API call fails
-    console.log('Falling back to simulated token response');
+/**
+ * 🔄 REFRESH GOOGLE TOKENS
+ */
+export const refreshGoogleTokens = async () => {
+  try {
+    console.log('🔄 Attempting to refresh Google tokens...');
+    const {
+      GoogleSignin
+    } = require('@react-native-google-signin/google-signin');
+    const currentUser = await GoogleSignin.getCurrentUser();
+    if (!currentUser) {
+      console.log('❌ User not signed in to Google, cannot refresh tokens');
+      return null;
+    }
+    const tokens = await GoogleSignin.getTokens();
+    console.log('✅ Successfully refreshed Google tokens');
     return {
-      access_token: `${platform}_access_token_${Math.random().toString(36).substring(7)}`,
-      refresh_token: `${platform}_refresh_token_${Math.random().toString(36).substring(7)}`,
-      expires_in: 3600
+      accessToken: tokens.accessToken,
+      idToken: tokens.idToken
     };
+  } catch (error) {
+    console.error('❌ Failed to refresh Google tokens:', error);
+
+    // If refresh fails, try to sign in again
+    try {
+      console.log('🔄 Refresh failed, attempting re-authentication...');
+      const {
+        GoogleSignin
+      } = require('@react-native-google-signin/google-signin');
+      const userInfo = await GoogleSignin.signIn();
+      const tokens = await GoogleSignin.getTokens();
+      console.log('✅ Re-authentication successful');
+      return {
+        accessToken: tokens.accessToken,
+        idToken: tokens.idToken
+      };
+    } catch (signInError) {
+      console.error('❌ Re-authentication also failed:', signInError);
+      return null;
+    }
   }
 };
 
-/**
- * Refresh YouTube tokens when they expire
- * This should be called when the backend reports token expiry
+/**
+ * 🔄 REFRESH YOUTUBE TOKENS
  */
 export const refreshYouTubeTokens = async () => {
   try {
-    var _currentUser$user3;
+    var _currentUser$user2;
     console.log('🔄 Refreshing YouTube tokens...');
 
     // Get fresh tokens from Google SDK
-    const freshTokens = await GoogleSignin.getTokens();
+    const freshTokens = await refreshGoogleTokens();
     if (!freshTokens) {
       console.error('❌ Failed to get fresh tokens from Google SDK');
       return false;
     }
 
     // Get current user info
+    const {
+      GoogleSignin
+    } = require('@react-native-google-signin/google-signin');
     const currentUser = await GoogleSignin.getCurrentUser();
     if (!currentUser) {
       console.error('❌ No current Google user found');
@@ -1074,15 +694,14 @@ export const refreshYouTubeTokens = async () => {
       method: 'POST',
       headers: {
         'Content-Type': 'application/json',
-        'Authorization': authToken
+        'Authorization': `Bearer ${authToken}`
       },
       body: JSON.stringify({
         accessToken: freshTokens.accessToken,
         idToken: freshTokens.idToken,
         refreshToken: currentUser.serverAuthCode,
-        userEmail: (_currentUser$user3 = currentUser.user) === null || _currentUser$user3 === void 0 ? void 0 : _currentUser$user3.email,
+        userEmail: (_currentUser$user2 = currentUser.user) === null || _currentUser$user2 === void 0 ? void 0 : _currentUser$user2.email,
         tokenExpiry: new Date(Date.now() + 3600 * 1000).toISOString(),
-        // 1 hour from now
         timestamp: new Date().toISOString()
       })
     });
@@ -1101,180 +720,322 @@ export const refreshYouTubeTokens = async () => {
   }
 };
 
-/**
- * Trigger training restart after YouTube re-authentication
- * This signals the backend to restart training with the new refresh token
+/**
+ * 🎯 ENHANCED OAUTH CALLBACK HANDLER
  */
-const triggerTrainingRestart = async (username, authToken) => {
+export const handleOAuthCallbackUrl = url => {
   try {
-    console.log('🔄 [TRAINING RESTART] Triggering training restart for user:', username);
-    const response = await fetch('https://api2.onairos.uk/mobile-training/restart', {
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/json',
-        'Authorization': authToken
-      },
-      body: JSON.stringify({
-        username: username,
-        reason: 'youtube_reauth',
-        platform: 'youtube',
-        timestamp: new Date().toISOString(),
-        requestNewTraining: true
-      })
-    });
-    if (response.ok) {
-      const responseData = await response.json();
-      console.log('✅ [TRAINING RESTART] Training restart successful:', responseData);
-    } else {
-      const errorData = await response.text();
-      console.error('❌ [TRAINING RESTART] Training restart failed:', response.status, errorData);
-      throw new Error(`Training restart failed: ${response.status}`);
+    console.log('🔍 Processing OAuth callback URL:', url);
+
+    // Parse the URL
+    const parsedUrl = new URL(url);
+
+    // Extract platform and code
+    const platform = parsedUrl.searchParams.get('platform') || parsedUrl.pathname.split('/').find(segment => ['instagram', 'youtube', 'reddit', 'pinterest', 'email'].includes(segment));
+    const code = parsedUrl.searchParams.get('code');
+    const error = parsedUrl.searchParams.get('error');
+    if (error) {
+      console.error('❌ OAuth error in callback:', error);
+      return {
+        success: false
+      };
+    }
+    if (code && platform) {
+      console.log(`✅ OAuth callback processed: ${platform} with code: ${code.substring(0, 10)}...`);
+      return {
+        platform,
+        code,
+        success: true
+      };
     }
+    console.warn('⚠️ OAuth callback missing platform or code');
+    return {
+      success: false
+    };
   } catch (error) {
-    console.error('❌ [TRAINING RESTART] Error triggering training restart:', error);
-    throw error;
+    console.error('❌ Error processing OAuth callback:', error);
+    return {
+      success: false
+    };
   }
 };
 
-/**
- * Test function to verify YouTube refresh token functionality
- * Call this in your app to test the YouTube connection
+/**
+ * 🔧 UPDATE GOOGLE CLIENT IDS
+ * Allows apps to configure their own Google client IDs
  */
-export const testYouTubeRefreshToken = async username => {
-  console.log('🧪 Testing YouTube refresh token functionality...');
-  console.log('👤 User:', username);
-  try {
-    // Test the debug function first
-    const debugInfo = await debugYouTubeTokens();
-    console.log('🔍 Current token status:', debugInfo);
-    if (!debugInfo.hasRefreshToken) {
-      console.log('⚠️ No refresh token found - attempting to fix...');
-      const success = await fixUserYouTubeConnection(username);
-      if (success) {
-        console.log('✅ YouTube connection fixed! Testing again...');
-        const newDebugInfo = await debugYouTubeTokens();
-        console.log('🔍 New token status:', newDebugInfo);
-      } else {
-        console.error('❌ Failed to fix YouTube connection');
-      }
-    } else {
-      console.log('✅ Refresh token already available');
-    }
-  } catch (error) {
-    console.error('❌ Error testing YouTube refresh token:', error);
+export const updateGoogleClientIds = config => {
+  console.log('🔧 Updating Google client IDs configuration');
+  if (config.webClientId || config.iosClientId) {
+    // Update the YouTube configuration
+    PLATFORM_AUTH_CONFIG.youtube = {
+      ...PLATFORM_AUTH_CONFIG.youtube,
+      clientId: config.webClientId || PLATFORM_AUTH_CONFIG.youtube.clientId,
+      iosClientId: config.iosClientId || PLATFORM_AUTH_CONFIG.youtube.iosClientId
+    };
+    console.log('✅ Google client IDs updated successfully');
+    console.log('  - Web Client ID:', config.webClientId ? config.webClientId.substring(0, 20) + '...' : 'not provided');
+    console.log('  - iOS Client ID:', config.iosClientId ? config.iosClientId.substring(0, 20) + '...' : 'not provided');
   }
 };
 
-/**
- * Request email verification code
+/**
+ * Request email verification using developer API key
+ * @param email Email address to verify
+ * @param testMode Whether to use test mode
+ * @returns Promise with verification result
  */
 export const requestEmailVerification = async (email, testMode = false) => {
   try {
     console.log('📧 Requesting email verification for:', email);
-    const response = await fetch(`${API_CONFIG.BASE_URL}/email/verification`, {
+    const response = await makeDeveloperRequest('/email/verification', {
       method: 'POST',
-      headers: getApiHeaders(),
       body: JSON.stringify({
         email,
         action: 'request',
         testMode
       })
     });
-    const result = await response.json();
-    if (response.ok) {
+    const data = await response.json();
+    if (response.ok && data.success) {
+      console.log('✅ Email verification requested successfully');
       return {
         success: true,
-        message: result.message || 'Verification code sent to your email'
+        message: data.message || 'Verification code sent to your email'
       };
     } else {
+      console.error('❌ Email verification request failed:', data.error);
       return {
         success: false,
-        error: result.message || 'Failed to send verification code'
+        error: data.error || 'Failed to send verification code'
       };
     }
   } catch (error) {
     console.error('❌ Error requesting email verification:', error);
     return {
       success: false,
-      error: 'Network error. Please check your connection and try again.'
+      error: error instanceof Error ? error.message : 'Network error'
     };
   }
 };
 
-/**
- * Verify email code
+/**
+ * Verify email code and store JWT token
+ * @param email Email address
+ * @param code Verification code
+ * @param testMode Whether to use test mode
+ * @returns Promise with verification result and JWT token
  */
 export const verifyEmailCode = async (email, code, testMode = false) => {
   try {
     console.log('🔍 Verifying email code for:', email);
-    const response = await fetch(`${API_CONFIG.BASE_URL}/email/verification`, {
+    const response = await makeDeveloperRequest('/email/verification', {
       method: 'POST',
-      headers: getApiHeaders(),
       body: JSON.stringify({
         email,
-        code,
         action: 'verify',
+        code,
         testMode
       })
     });
-    const result = await response.json();
-    if (response.ok) {
+    const data = await response.json();
+    if (response.ok && data.success) {
+      console.log('✅ Email verification successful');
+
+      // Store JWT token if received
+      if (data.token || data.jwtToken) {
+        const jwtToken = data.token || data.jwtToken;
+        await storeJWT(jwtToken);
+        console.log('🎫 JWT token stored successfully');
+      }
       return {
         success: true,
-        message: result.message || 'Email verified successfully',
-        existingUser: result.existingUser || false,
-        token: result.token
+        message: data.message || 'Email verified successfully',
+        existingUser: data.existingUser || false,
+        token: data.token || data.jwtToken
       };
     } else {
+      console.error('❌ Email verification failed:', data.error);
       return {
         success: false,
-        error: result.message || 'Invalid verification code'
+        error: data.error || 'Invalid verification code'
       };
     }
   } catch (error) {
     console.error('❌ Error verifying email code:', error);
     return {
       success: false,
-      error: 'Network error. Please check your connection and try again.'
+      error: error instanceof Error ? error.message : 'Network error'
     };
   }
 };
 
-/**
- * Check email verification status
+/**
+ * Check email verification status
+ * @param email Email address
+ * @param testMode Whether to use test mode
+ * @returns Promise with status result
  */
 export const checkEmailVerificationStatus = async (email, testMode = false) => {
   try {
-    const response = await fetch(`${API_CONFIG.BASE_URL}/email/verification/status`, {
+    console.log('🔍 Checking email verification status for:', email);
+    const response = await makeDeveloperRequest('/email/verification/status', {
       method: 'POST',
-      headers: getApiHeaders(),
       body: JSON.stringify({
         email,
         testMode
       })
     });
-    const result = await response.json();
+    const data = await response.json();
+    if (response.ok && data.success) {
+      return {
+        success: true,
+        isPending: data.isPending || false
+      };
+    } else {
+      return {
+        success: false,
+        error: data.error || 'Failed to check verification status'
+      };
+    }
+  } catch (error) {
+    console.error('❌ Error checking email verification status:', error);
     return {
-      success: response.ok,
-      isPending: result.isPending || false,
-      message: result.message
+      success: false,
+      error: error instanceof Error ? error.message : 'Network error'
     };
+  }
+};
+
+/**
+ * Disconnect a platform (uses developer API key)
+ * @param platform Platform to disconnect
+ * @param username Username associated with the platform
+ * @returns Promise with disconnect result
+ */
+export const disconnectPlatform = async (platform, username) => {
+  try {
+    console.log('🔌 Disconnecting platform:', platform, 'for user:', username);
+
+    // Make authenticated API call to disconnect platform
+    const response = await makeDeveloperRequest('/revoke', {
+      method: 'POST',
+      body: JSON.stringify({
+        platform,
+        username
+      })
+    });
+    const data = await response.json();
+    if (response.ok && data.success) {
+      console.log(`✅ ${platform} disconnected successfully`);
+      return {
+        success: true
+      };
+    } else {
+      console.error(`❌ Failed to disconnect ${platform}:`, data.error);
+      return {
+        success: false,
+        error: data.error || 'Failed to disconnect platform'
+      };
+    }
   } catch (error) {
-    console.error('❌ Error checking email verification status:', error);
+    console.error(`❌ Error disconnecting ${platform}:`, error);
     return {
       success: false,
-      isPending: false,
-      error: 'Network error'
+      error: error instanceof Error ? error.message : 'Network error'
     };
   }
 };
 
-/**
- * Initialize platform auth service
+/**
+ * Store PIN for user (uses JWT authentication and extracts username from JWT)
+ * @param pin User PIN
+ * @param username Optional username (if not provided, extracts from JWT)
+ * @returns Promise with result
  */
-export const initializePlatformAuthService = () => {
-  console.log('🔧 Platform auth service initialized');
-  // Initialize Google Sign-In
-  initializeGoogleSignIn();
+export const storePIN = async (pin, username) => {
+  try {
+    // Extract username from JWT if not provided
+    const userToStore = username || extractUsernameFromJWT();
+    if (!userToStore) {
+      console.error('❌ No username available - either provide username or ensure JWT token is valid');
+      return {
+        success: false,
+        error: 'No username available for PIN storage'
+      };
+    }
+    console.log('🔐 Storing PIN for user:', userToStore);
+
+    // Make authenticated request to store PIN (using developer API key for now)
+    const response = await makeDeveloperRequest('/store-pin/web', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json'
+      },
+      body: JSON.stringify({
+        username: userToStore,
+        pin
+      })
+    });
+    const data = await response.json();
+    if (response.ok && data.success) {
+      console.log('✅ PIN stored successfully for user:', userToStore);
+      return {
+        success: true
+      };
+    } else {
+      console.error('❌ Failed to store PIN:', data.error);
+      return {
+        success: false,
+        error: data.error || 'Failed to store PIN'
+      };
+    }
+  } catch (error) {
+    console.error('❌ Error storing PIN:', error);
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : 'Network error'
+    };
+  }
+};
+
+/**
+ * 🎫 GET STORED JWT TOKEN
+ * Helper function to retrieve stored JWT token from email verification or other sources
+ */
+export const getStoredJwtToken = async () => {
+  try {
+    console.log('🎫 Retrieving stored JWT token...');
+
+    // Try different storage keys in order of preference
+    const tokenSources = ['email_verification_token', 'onairos_jwt_token', 'enoch_token', 'auth_token'];
+    for (const source of tokenSources) {
+      const token = await AsyncStorage.getItem(source);
+      if (token && token.length > 20) {
+        console.log(`✅ JWT token found in ${source}:`, token.substring(0, 20) + '...');
+        return token;
+      }
+    }
+    console.warn('⚠️ No JWT token found in storage');
+    return null;
+  } catch (error) {
+    console.error('❌ Error retrieving JWT token:', error);
+    return null;
+  }
+};
+
+/**
+ * 🎫 CLEAR STORED TOKENS
+ * Helper function to clear all stored tokens (useful for logout)
+ */
+export const clearStoredTokens = async () => {
+  try {
+    console.log('🧹 Clearing all stored tokens...');
+    const tokenKeys = ['email_verification_token', 'onairos_jwt_token', 'enoch_token', 'auth_token', 'email_verification_email', 'email_verification_request_id', 'email_verification_request_email', 'token_timestamp', 'user_pin_stored', 'pin_storage_timestamp'];
+    await Promise.all(tokenKeys.map(key => AsyncStorage.removeItem(key)));
+    console.log('✅ All tokens cleared successfully');
+  } catch (error) {
+    console.error('❌ Error clearing tokens:', error);
+  }
 };
 //# sourceMappingURL=platformAuthService.js.map