npm - @onairos/react-native - Versions diffs - 3.6.8 → 3.6.9 - Mend

@onairos/react-native 3.6.8 → 3.6.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (257) hide show

package/lib/module/config/PLATFORM_APIS.md ADDED Viewed

@@ -0,0 +1,559 @@
+# Platform Connector APIs Reference
+Quick reference for all platform data sources, APIs, authentication, and token management.
+---
+## Sephora
+**Platform ID:** `mobile-sephora`
+**Data Type:** E-commerce / Beauty
+### Authentication
+| Key | Storage | Format |
+|-----|---------|--------|
+| `seph-access-token` | localStorage | JSON: `{ data: "JWT...", expiry: "timestamp" }` |
+| `x-api-key` | Header | `nQc7BFt78yJBvfYDKtle9APd5RrX984i` |
+**Token Expiry:** ~150 days (expiry is Unix timestamp in seconds)
+### APIs
+| API | Endpoint | Method | Data Retrieved |
+|-----|----------|--------|----------------|
+| **Profile** | `/gapi/users/profiles/{profileId}/current/full` | GET | Name, email, VIB status, Beauty Insider points, skin/hair/makeup preferences, preferred store |
+| **Basket** | `/api/shopping-cart/basket` | GET | Cart items, subtotal, BI points, shipping info |
+| **Loves** | `/gway/v1/dotcom/users/profiles/{profileId}/lists/skus/all` | GET | Wishlist products with ratings, categories, prices, images |
+| **Purchases** | `/api/bi/profiles/{profileId}/purchases` | GET | Purchase history with products, dates, order IDs |
+### Profile API Params
+```
+?skipApis=targetersResult
+&includeApis=profile,basket,loves,shoppingList,segments
+```
+### Loves API Params
+```
+?itemsPerPage=100
+&currentPage=1
+&listShortNameLength=20
+&skipProductDetails=false
+&includeInactiveSkus=true
+&fetchAllLovesList=true
+&sortBy=recently
+&includeCategories=true
+```
+### Purchases API Params
+```
+?sortBy=recently
+&itemsPerPage=100
+&groupBy=none
+&excludeSamples=true
+&excludeRewards=true
+```
+### Data Extracted
+**Profile:**
+- `profileId`, `firstName`, `lastName`, `email`
+- `vibStatus` (BI, VIB, Rouge)
+- Beauty Insider: points, segment, spending, birthday gift eligibility
+- Preferences: skin concerns, hair concerns, makeup preferences
+- Preferred store info
+**Basket:**
+- Items with SKU ID, product ID, name, brand, price, quantity, size, image
+**Loves:**
+- Products with ratings, reviews, categories, stock status, sale info
+**Purchases:**
+- Order history with product details, dates, quantities
+### Token Extraction
+```javascript
+function getSephoraToken() {
+  var tokenKeys = ['seph-access-token', 'sephoraAccessToken', 'accessToken'];
+  // Try localStorage
+  for (var i = 0; i < tokenKeys.length; i++) {
+    var token = localStorage.getItem(tokenKeys[i]);
+    if (token) {
+      try {
+        var parsed = JSON.parse(token);
+        if (parsed && parsed.data) return parsed.data;
+      } catch (e) {
+        return token; // Not JSON, use as-is
+      }
+    }
+  }
+  // Try cookies
+  var cookieMatch = document.cookie.match(/seph-access-token=([^;]+)/);
+  if (cookieMatch) return cookieMatch[1];
+  // Try window state
+  if (window.__PRELOADED_STATE__ && window.__PRELOADED_STATE__.user) {
+    return window.__PRELOADED_STATE__.user.accessToken;
+  }
+  return null;
+}
+```
+### Profile ID Extraction
+The `profileId` is needed for most Sephora APIs. Extract from:
+```javascript
+function getProfileId() {
+  // Method 1: From token (JWT payload)
+  var token = getSephoraToken();
+  if (token) {
+    try {
+      var payload = JSON.parse(atob(token.split('.')[1]));
+      if (payload.sub) return payload.sub;
+    } catch (e) {}
+  }
+  // Method 2: From localStorage
+  var profileId = localStorage.getItem('biAccountId') ||
+                  localStorage.getItem('profileId');
+  if (profileId) return profileId;
+  // Method 3: From window state
+  if (window.__PRELOADED_STATE__ && window.__PRELOADED_STATE__.user) {
+    return window.__PRELOADED_STATE__.user.profileId;
+  }
+  // Method 4: From basket API (doesn't require profileId)
+  // Call /api/shopping-cart/basket first, extract profileId from response
+  return null;
+}
+```
+### Token Expiry Check
+```javascript
+function isTokenExpired() {
+  var tokenData = localStorage.getItem('seph-access-token');
+  if (!tokenData) return true;
+  try {
+    var parsed = JSON.parse(tokenData);
+    var expiry = parseInt(parsed.expiry, 10);
+    var now = Math.floor(Date.now() / 1000);
+    return now >= expiry;
+  } catch (e) {
+    return true;
+  }
+}
+```
+---
+## Instagram
+**Platform ID:** `mobile-instagram` (data connector) / `instagram` (OAuth)
+**Data Type:** Social
+### Authentication
+| Key | Storage | Notes |
+|-----|---------|-------|
+| `csrftoken` | Cookie | CSRF token for POST requests |
+| `sessionid` | Cookie | Session authentication |
+| `X-IG-App-ID` | Header | `936619743392459` |
+| `__bkv` | URL param | Bloks version: `cc4d2103131ee3bbc02c20a86f633b7fb7a031cbf515d12d81e0c8ae7af305dd` |
+**Token Expiry:** Session-based (tied to browser session cookie)
+### APIs
+| API | Endpoint | Method | Data Retrieved |
+|-----|----------|--------|----------------|
+| **Liked Media (Bloks)** | `/async/wbloks/fetch/` | POST | Liked posts via Bloks framework |
+| **Saved Posts** | `/api/v1/feed/saved/posts/` | GET | Saved posts with media, captions, owner info |
+| **Timeline (GraphQL)** | `/graphql/query` | POST | Feed timeline with media, captions, engagement |
+### Bloks API (Liked Media)
+**Endpoint:**
+```
+POST https://www.instagram.com/async/wbloks/fetch/?appid=com.instagram.privacy.activity_center.liked_media_screen&type=app&__bkv={bloksVersionId}
+```
+**Request Body:** `application/x-www-form-urlencoded`
+```
+params=%7B%7D
+```
+**Response Format:**
+```javascript
+for (;;);{"__ar":1,"rid":"...","payload":{"layout":{"bloks_payload":{"data":[
+  {"id":"440463611_0","type":"gs","data":{...}},
+  ...
+]}}}}
+```
+**Note:** Response has `for (;;);` prefix (anti-JSON hijacking) that must be stripped before JSON.parse()
+**Parsing the Bloks payload:**
+```javascript
+function parseLikedMedia(data) {
+  var likes = [];
+  if (data && data.payload && data.payload.layout && data.payload.layout.bloks_payload) {
+    var bloksData = data.payload.layout.bloks_payload.data || [];
+    bloksData.forEach(function(item, idx) {
+      // Bloks items have varying structures
+      if (item.type === 'media' || item.type === 'ig' || item.data) {
+        likes.push({
+          id: item.id || 'like_' + idx,
+          type: 'like',
+          rawData: item.data,
+          bloksType: item.type
+        });
+      }
+    });
+  }
+  return likes;
+}
+```
+**⚠️ Bloks Caveat:** The Bloks payload structure is complex and may vary. The `data` array contains UI component definitions, not clean media objects. You may need to recursively parse to extract actual media IDs.
+### Saved Posts API
+**Endpoint:**
+```
+GET https://www.instagram.com/api/v1/feed/saved/posts/
+```
+**Response Format:**
+```javascript
+{
+  "items": [
+    {
+      "media": {
+        "id": "...",
+        "pk": "...",
+        "code": "...",
+        "media_type": 1,
+        "caption": { "text": "..." },
+        "user": { "pk": "...", "username": "..." },
+        "like_count": 123,
+        "comment_count": 45,
+        "taken_at": 1706123456,
+        "image_versions2": { "candidates": [{ "url": "..." }] }
+      }
+    }
+  ],
+  "more_available": true,
+  "next_max_id": "..."
+}
+```
+### GraphQL API (Timeline)
+**Endpoint:**
+```
+POST https://www.instagram.com/graphql/query
+```
+**Request Body:** `application/x-www-form-urlencoded`
+```
+doc_id=8845758582119845&variables={"first":12,"after":null}
+```
+**Response Format:**
+```javascript
+{
+  "data": {
+    "xdt_api__v1__feed__timeline__connection": {
+      "pagination_source": null,
+      "edges": [
+        {
+          "node": {
+            "media": {
+              "id": "3820598654428293407_10139962",
+              "pk": "3820598654428293407",
+              "code": "...",
+              "media_type": 1,
+              "caption": { "text": "..." },
+              "user": { "pk": "...", "username": "..." },
+              "like_count": 123,
+              "comment_count": 45,
+              "taken_at": 1706123456,
+              "image_versions2": { "candidates": [{ "url": "..." }] }
+            }
+          }
+        }
+      ]
+    }
+  }
+}
+```
+### Required Headers
+```javascript
+{
+  'Accept': '*/*',
+  'Accept-Language': 'en-US,en;q=0.9',
+  'X-CSRFToken': csrfToken,
+  'X-IG-App-ID': '936619743392459',
+  'X-Requested-With': 'XMLHttpRequest',
+  'X-ASBD-ID': '129477',
+  'Content-Type': 'application/x-www-form-urlencoded'
+}
+```
+### Data Extracted
+**Liked Media:**
+- Post IDs
+- Bloks payload data (varies by content type)
+**Saved Posts:**
+- `id`, `pk`, `code` (shortcode for URL)
+- `mediaType` (1=image, 2=video, 8=carousel)
+- `caption` text
+- `owner` (user info: id, username, full name)
+- `likeCount`, `commentCount`
+- `takenAt` (Unix timestamp)
+- `imageUrl` (best quality candidate)
+**Timeline:**
+- `id`, `pk`, `code` (shortcode for URL)
+- `mediaType` (1=image, 2=video, 8=carousel)
+- `caption` text
+- `owner` (user info: id, username, full name)
+- `likeCount`, `commentCount`
+- `takenAt` (Unix timestamp)
+- `imageUrl` (best quality candidate)
+### User ID Extraction
+Instagram requires the user's ID for some operations. Extract from page state:
+```javascript
+function getUserId() {
+  // Method 1: window._sharedData (older pages)
+  if (window._sharedData && window._sharedData.config) {
+    return window._sharedData.config.viewerId;
+  }
+  // Method 2: window.__initialData (newer pages)
+  if (window.__initialData && window.__initialData.data && window.__initialData.data.user) {
+    return window.__initialData.data.user.id;
+  }
+  // Method 3: Script tag parsing (fallback)
+  var scripts = document.querySelectorAll('script');
+  for (var i = 0; i < scripts.length; i++) {
+    var text = scripts[i].textContent || '';
+    var match = text.match(/"userId":"(\d+)"/);
+    if (match) return match[1];
+    match = text.match(/"viewerId":"(\d+)"/);
+    if (match) return match[1];
+  }
+  return null;
+}
+```
+### Bloks Version ID
+The `__bkv` parameter is a hash that may change with Instagram updates.
+**Current value:** `cc4d2103131ee3bbc02c20a86f633b7fb7a031cbf515d12d81e0c8ae7af305dd`
+**To find current value:**
+1. Open Instagram DevTools → Network tab
+2. Navigate to Your Activity → Likes
+3. Look for requests to `/async/wbloks/fetch/`
+4. Copy `__bkv` value from URL
+### Pagination
+**Saved Posts:**
+```javascript
+// First request
+GET /api/v1/feed/saved/posts/
+// Subsequent requests (if more_available: true)
+GET /api/v1/feed/saved/posts/?max_id={next_max_id}
+```
+**GraphQL Timeline:**
+```javascript
+// First request
+doc_id=8845758582119845&variables={"first":12,"after":null}
+// Subsequent requests
+doc_id=8845758582119845&variables={"first":12,"after":"{end_cursor}"}
+```
+The `end_cursor` comes from `pageInfo.end_cursor` in the response.
+### Cookie Extraction Helper
+```javascript
+function getCookie(name) {
+  var match = document.cookie.match(new RegExp('(^| )' + name + '=([^;]+)'));
+  return match ? match[2] : null;
+}
+// Usage
+var csrfToken = getCookie('csrftoken');
+var sessionId = getCookie('sessionid');
+```
+---
+## Hinge
+**Platform ID:** `mobile-hinge`
+**Data Type:** Dating
+### Authentication
+| Key | Storage | Notes |
+|-----|---------|-------|
+| `auth_token` | Cookie/localStorage | TBD - need to confirm |
+| `hinge_auth_token` | Cookie | Fallback |
+### APIs
+| API | Endpoint | Data Retrieved |
+|-----|----------|----------------|
+| TBD | TBD | Matches, messages |
+### Data Extracted
+- Matches (profiles)
+- Messages/chat history
+---
+## Token Expiry Reference
+| Platform | Token Lifetime | Refresh Mechanism |
+|----------|---------------|-------------------|
+| **Sephora** | ~150 days | Auto-refresh on site visit, `refreshToken` in localStorage |
+| **Instagram** | Session-based | Tied to browser `sessionid` cookie, refreshes on site activity |
+| **Hinge** | TBD | TBD |
+---
+## Common Request Headers
+All platforms require:
+```javascript
+{
+  'Accept': 'application/json',
+  'Content-Type': 'application/json',
+  'credentials': 'include'  // for cookies
+}
+```
+Platform-specific headers are added per connector.
+---
+## Onairos Backend Endpoint
+All extracted data is sent to:
+```
+POST https://api2.onairos.uk/platform-data/store
+```
+With headers:
+```javascript
+{
+  'Content-Type': 'application/json',
+  'Authorization': 'Bearer <onairos_user_token>'
+}
+```
+Payload structure:
+```javascript
+{
+  platform: 'mobile-sephora',  // platform ID
+  dataType: 'ecommerce',       // data category
+  data: { ... },               // extracted data
+  summary: { ... },            // quick stats
+  mobileMetadata: {
+    platform: 'web',
+    source: 'bookmarklet-api',
+    extractedAt: 'ISO timestamp',
+    tokenExpiry: { ... }       // token expiry info
+  }
+}
+```
+---
+## Rate Limits & Best Practices
+### General Guidelines
+| Platform | Rate Limit | Recommendation |
+|----------|------------|----------------|
+| **Sephora** | Unknown (generous) | Max 10 requests per extraction |
+| **Instagram** | Strict (anti-bot) | Max 3-5 requests, add delays |
+| **Hinge** | TBD | TBD |
+### Implementation Tips
+1. **Parallel requests** - Use `Promise.all()` for independent API calls
+2. **Error handling** - Gracefully handle 401/403 (re-auth needed), 429 (rate limited)
+3. **Credentials** - Always include `credentials: 'include'` for cookie-based auth
+4. **CORS** - These APIs work from same-origin (bookmarklet on the site), not cross-origin
+### Response Parsing
+**Instagram Bloks (strip prefix):**
+```javascript
+function parseBloksResponse(text) {
+  if (text.startsWith('for (;;);')) {
+    text = text.substring(9);
+  }
+  return JSON.parse(text);
+}
+```
+**Sephora (standard JSON):**
+```javascript
+var data = await response.json();
+```
+### Error Codes
+| Code | Meaning | Action |
+|------|---------|--------|
+| 200 | Success | Parse response |
+| 401 | Unauthorized | Token expired, prompt re-login |
+| 403 | Forbidden | Blocked/banned, try later |
+| 429 | Rate Limited | Wait and retry |
+| 500+ | Server Error | Retry with backoff |
+---
+## Quick Implementation Checklist
+For each platform connector:
+- [ ] Verify user is on correct domain
+- [ ] Show consent popup
+- [ ] Extract auth token(s)
+- [ ] Check token validity/expiry
+- [ ] Call APIs with proper headers
+- [ ] Parse responses
+- [ ] Build normalized payload
+- [ ] Send to Onairos backend
+- [ ] Show success/error message

package/lib/module/config/api.js CHANGED Viewed

	@@ -1 +1 @@
1	- ~~function _0x45fc(_0x1bd59a,_0x45fc11){_0x1bd59a=_0x1bd59a-0x0;const _0x2a54da=_0x1bd5();let _0x53eec5=_0x2a54da[_0x1bd59a];return _0x53eec5;}~~import{getAuthToken}from'../services/authService';function _0x1bd5(){const _0xc030dd=['/auth','/user','/connections','/training','/oauth','User\x20not\x20authenticated\x20-\x20no\x20JWT\x20token\x20found','WkONn','Pjcsz','Bearer\x20'];_0x1bd5=function(){return _0xc030dd;};return _0x1bd5();}export const API_CONFIG={'BASE_URL':'https://api2.onairos.uk','ENDPOINTS':{'AUTH':~~_0x45fc~~(0x0),'USER':~~_0x45fc~~(0x1),'CONNECTIONS':~~_0x45fc(0x2)~~,'TRAINING':~~_0x45fc~~(~~0x3~~),'OAUTH':~~_0x45fc~~(~~0x4~~)},'TIMEOUT':0x7530};export const getApiHeaders=()=>({'Content-Type':'application/json','Accept':'application/json'});export const getAuthHeaders=~~_0x37650a~~=>({...getApiHeaders(),...~~_0x37650a~~&&{'Authorization':~~'Bearer\x20'~~+~~_0x37650a~~}});export const getUserAuthHeaders=async()=>{const ~~_0x4cc6f1~~={'~~WkONn~~':~~_0x45fc(0x5)~~,'~~Pjcsz~~':function(~~_0x207dbc~~){return ~~_0x207dbc~~();}},~~_0x59dd15~~=await getAuthToken();if(!~~_0x59dd15~~)throw new Error(~~_0x4cc6f1~~[~~_0x45fc~~(~~0x6~~)]);return{...~~_0x4cc6f1~~[~~_0x45fc~~(~~0x7~~)](getApiHeaders),'Authorization':~~_0x45fc~~(~~0x8~~)+~~_0x59dd15~~};};
1	+ import{getAuthToken}from'../services/authService';export const API_CONFIG={'BASE_URL':'https://api2.onairos.uk','ENDPOINTS':{'AUTH':_0x2cef(0x0),'USER':_0x2cef(0x1),'CONNECTIONS':'/connections','TRAINING':_0x2cef(0x2),'OAUTH':_0x2cef(0x3)},'TIMEOUT':0x7530};export const getApiHeaders=()=>({'Content-Type':'application/json','Accept':'application/json'});function _0x2cef(_0x351cfc,_0x2cef4e){_0x351cfc=_0x351cfc-0x0;const _0x5b2062=_0x351c();let _0x35c162=_0x5b2062[_0x351cfc];return _0x35c162;}export const getAuthHeaders=_0x147359=>({...getApiHeaders(),..._0x147359&&{'Authorization':_0x2cef(0x4)+_0x147359}});export const getUserAuthHeaders=async()=>{const _0xb2ba4c={'ViVfO':'User\x20not\x20authenticated\x20-\x20no\x20JWT\x20token\x20found','iHOca':function(_0x198691){return _0x198691();}},_0x217447=await getAuthToken();if(!_0x217447)throw new Error(_0xb2ba4c[_0x2cef(0x5)]);return{..._0xb2ba4c[_0x2cef(0x6)](getApiHeaders),'Authorization':_0x2cef(0x4)+_0x217447};};function _0x351c(){const _0x469b0d=['/auth','/user','/training','/oauth','Bearer\x20','ViVfO','iHOca'];_0x351c=function(){return _0x469b0d;};return _0x351c();}

package/lib/module/config/telegramConfig.js ADDED Viewed

@@ -0,0 +1,8 @@
+// Onairos SDK - Asset Registry (auto-generated)
+var __ONAIROS_REQ_REGISTRY__ = [
+    require('telegram'),
+    require('telegram/sessions')
+];
+function __ONAIROS_REQ_FUNC__(i) { return __ONAIROS_REQ_REGISTRY__[i]; }
+export const TELEGRAM_API_CONFIG={'API_ID':0x1fb8026,'API_HASH':'4b76b3a34aa0f56d8a8971db097a2ae3','APP_TITLE':_0x152c(0x0),'SHORT_NAME':_0x152c(0x0)};export const TELEGRAM_SERVERS={'production':{'host':_0x152c(0x1),'port':0x1bb,'dc':0x2},'test':{'host':'149.154.167.40','port':0x1bb,'dc':0x2}};function _0x47de(){const _0x5437a8=['Onairos','149.154.167.50','-----BEGIN\x20RSA\x20PUBLIC\x20KEY-----\x0aMIIBCgKCAQEA6LszBcC1LGzyr992NzE0ieY+BSaOW622Aa9Bd4ZHLl+TuFQ4lo4g\x0a5nKaMBwK/BIb9xUfg0Q29/2mgIR6Zr9krM7HjuIcCzFvDtr+L0GQjae9H0pRB2OO\x0a62cECs5HKhT5DZ98K33vmWiLowc621dQuwKWSQKjWf50XYFw42h21P2KXUGyp2y/\x0a+aEyZ+uVgLLQbRA1dEjSDZ2iGRy12Mk5gpYc397aYp438fsJoHIgJ2lgMv5h7WY9\x0at6N/byY9Nw9p21Og3AoXSL2q/2IJ1WRUhebgAdGVMlV1fkuOQoEzR7EdpqtQD9Cs\x0a5+bfo3Nhmcyvk5ftB0WkJ9z6bNZ7yxrP8wIDAQAB\x0a-----END\x20RSA\x20PUBLIC\x20KEY-----','-----BEGIN\x20RSA\x20PUBLIC\x20KEY-----\x0aMIIBCgKCAQEAyMEdY1aR+sCR3ZSJrtztKTKqigvO/vBfqACJLZtS7QMgCGXJ6XIR\x0ayy7mx66W0/sOFa7/1mAZtEoIokDP3ShoqF4fVNb6XeqgQfaUHd8wJpDWHcR2OFwv\x0aplUUI1PLTktZ9uW2WE23b+ixNwJjJGwBDJPQEQFBE+vfmH0JP503wr5INS1poWg/\x0aj25sIWeYPHYeOrFp/eXaqhISP6G+q2IeTaWTXpwZj4LzXq5YOpk4bYEQ6mvRq7D1\x0aaHWfYmlEGepfaYR8Q0YqvvhYtMte3ITnuSJs171+GDqpdKcSwHnd6FudwGO4pcCO\x0aj4WcDuXc2CTHgH8gFTNhp/Y8/SpDOhvn9QIDAQAB\x0a-----END\x20RSA\x20PUBLIC\x20KEY-----','full_access_after_auth','messages.getDialogs','See\x20comment\x20above'];_0x47de=function(){return _0x5437a8;};return _0x47de();}export const TELEGRAM_PUBLIC_KEY_PRODUCTION=_0x152c(0x2);export const TELEGRAM_PUBLIC_KEY_TEST=_0x152c(0x3);export const TELEGRAM_ACCESS_INFO={'hasOAuthScopes':![],'accessModel':_0x152c(0x4),'dataExtracted':{'dialogs':!![],'userMessages':!![],'otherMessages':![],'secretChats':![],'media':![],'contacts':![]},'apiMethods':[_0x152c(0x5),'messages.getHistory']};function _0x152c(_0x47de24,_0x152c92){_0x47de24=_0x47de24-0x0;const _0x1e5c67=_0x47de();let _0x5f2d4d=_0x1e5c67[_0x47de24];return _0x5f2d4d;}export const PYTHON_EXAMPLE=_0x152c(0x6);export const NODEJS_EXAMPLE=_0x152c(0x6);