@oxyhq/services 5.17.17 → 5.17.18

package/src/core/services/TokenService.ts

@@ -1,237 +0,0 @@
-/**
- * TokenService - Single Source of Truth for Token Management
- * 
- * Handles all token storage, retrieval, refresh, and validation.
- * Used by HttpService, SocketService, and other services that need tokens.
- * 
- * Architecture:
- * - Single storage location (no duplication)
- * - Automatic token refresh when expiring soon
- * - Type-safe token payload handling
- * - userId is always MongoDB ObjectId, never publicKey
- */
-
-import { jwtDecode } from 'jwt-decode';
-
-/**
- * AccessTokenPayload - Matches the token payload structure from API
- * userId is always MongoDB ObjectId (24 hex characters), never publicKey
- */
-interface AccessTokenPayload {
-  userId: string;      // MongoDB ObjectId - PRIMARY IDENTIFIER
-  sessionId: string;   // Session UUID
-  deviceId: string;   // Device identifier
-  type: 'access';
-  iat?: number;        // Issued at (added by JWT)
-  exp?: number;        // Expiration (added by JWT)
-}
-
-interface TokenStore {
-  accessToken: string | null;
-  refreshToken: string | null;
-}
-
-/**
- * TokenService - Singleton pattern for global token management
- */
-class TokenService {
-  private static instance: TokenService;
-  private tokenStore: TokenStore = {
-    accessToken: null,
-    refreshToken: null,
-  };
-  private refreshPromise: Promise<void> | null = null;
-  private baseURL: string | null = null;
-
-  private constructor() {}
-
-  static getInstance(): TokenService {
-    if (!TokenService.instance) {
-      TokenService.instance = new TokenService();
-    }
-    return TokenService.instance;
-  }
-
-  /**
-   * Initialize TokenService with base URL for refresh requests
-   */
-  initialize(baseURL: string): void {
-    this.baseURL = baseURL;
-  }
-
-  /**
-   * Get current access token
-   */
-  getAccessToken(): string | null {
-    return this.tokenStore.accessToken;
-  }
-
-  /**
-   * Get current refresh token
-   */
-  getRefreshToken(): string | null {
-    return this.tokenStore.refreshToken;
-  }
-
-  /**
-   * Set tokens (called after login or token refresh)
-   */
-  setTokens(accessToken: string, refreshToken: string = ''): void {
-    this.tokenStore.accessToken = accessToken;
-    this.tokenStore.refreshToken = refreshToken || this.tokenStore.refreshToken;
-  }
-
-  /**
-   * Clear all tokens (called on logout)
-   */
-  clearTokens(): void {
-    this.tokenStore.accessToken = null;
-    this.tokenStore.refreshToken = null;
-    this.refreshPromise = null;
-  }
-
-  /**
-   * Check if access token exists
-   */
-  hasAccessToken(): boolean {
-    return !!this.tokenStore.accessToken;
-  }
-
-  /**
-   * Check if token is expiring soon (within 60 seconds)
-   */
-  isTokenExpiringSoon(): boolean {
-    const token = this.tokenStore.accessToken;
-    if (!token) return false;
-
-    try {
-      const decoded = jwtDecode<AccessTokenPayload>(token);
-      if (!decoded.exp) return false;
-
-      const currentTime = Math.floor(Date.now() / 1000);
-      return decoded.exp - currentTime < 60; // Expiring within 60 seconds
-    } catch {
-      return false;
-    }
-  }
-
-  /**
-   * Get userId from current access token
-   * Returns MongoDB ObjectId (never publicKey)
-   */
-  getUserIdFromToken(): string | null {
-    const token = this.tokenStore.accessToken;
-    if (!token) return null;
-
-    try {
-      const decoded = jwtDecode<AccessTokenPayload>(token);
-      return decoded.userId || null;
-    } catch {
-      return null;
-    }
-  }
-
-  /**
-   * Refresh access token if expiring soon
-   * Returns promise that resolves when token is refreshed (or already valid)
-   */
-  async refreshTokenIfNeeded(): Promise<void> {
-    // If already refreshing, wait for that promise
-    if (this.refreshPromise) {
-      return this.refreshPromise;
-    }
-
-    const hasToken = !!this.tokenStore.accessToken;
-    const needsRefresh = this.isTokenExpiringSoon();
-
-    // If no access token but we have refresh token, attempt refresh once
-    if (!hasToken && this.tokenStore.refreshToken) {
-      this.refreshPromise = this._performRefresh();
-      try {
-        await this.refreshPromise;
-      } finally {
-        this.refreshPromise = null;
-      }
-      return;
-    }
-
-    // If token not expiring soon, no refresh needed
-    if (!needsRefresh) {
-      return;
-    }
-
-    // Start refresh
-    this.refreshPromise = this._performRefresh();
-    
-    try {
-      await this.refreshPromise;
-    } finally {
-      this.refreshPromise = null;
-    }
-  }
-
-  /**
-   * Perform token refresh
-   */
-  private async _performRefresh(): Promise<void> {
-    const refreshToken = this.tokenStore.refreshToken;
-    if (!refreshToken) {
-      throw new Error('No refresh token to refresh');
-    }
-
-    try {
-      if (!this.baseURL) {
-        throw new Error('TokenService not initialized with baseURL');
-      }
-
-      const refreshUrl = `${this.baseURL}/api/auth/refresh`;
-      const response = await fetch(refreshUrl, {
-        method: 'POST',
-        headers: { 
-          'Accept': 'application/json',
-          'Content-Type': 'application/json',
-        },
-        body: JSON.stringify({ refreshToken }),
-        signal: AbortSignal.timeout(5000),
-      });
-
-      if (!response.ok) {
-        throw new Error(`Token refresh failed: ${response.status}`);
-      }
-
-      const { accessToken: newToken, refreshToken: newRefresh } = await response.json();
-      
-      if (!newToken) {
-        throw new Error('No access token in refresh response');
-      }
-
-      // Validate new token has correct userId format (ObjectId)
-      const newDecoded = jwtDecode<AccessTokenPayload>(newToken);
-      if (newDecoded.userId && !/^[0-9a-fA-F]{24}$/.test(newDecoded.userId)) {
-        throw new Error(`Invalid userId format in refreshed token: ${newDecoded.userId.substring(0, 20)}...`);
-      }
-
-      this.setTokens(newToken, newRefresh || refreshToken);
-    } catch (error) {
-      // Clear tokens on refresh failure (likely expired or invalid)
-      this.clearTokens();
-      throw error;
-    }
-  }
-
-  /**
-   * Get authorization header with automatic refresh
-   */
-  async getAuthHeader(): Promise<string | null> {
-    // Refresh if needed
-    await this.refreshTokenIfNeeded().catch(() => {
-      // Ignore refresh errors, will use current token or return null
-    });
-
-    const token = this.tokenStore.accessToken;
-    return token ? `Bearer ${token}` : null;
-  }
-}
-
-// Export singleton instance
-export const tokenService = TokenService.getInstance();

package/src/crypto/types.ts

@@ -1,23 +0,0 @@
-/**
- * Cryptographic types for authentication and backup
- */
-
-/**
- * Encrypted backup data structure
- * Used for identity backup files
- */
-export interface BackupData {
-  /** Base64-encoded encrypted private key */
-  encrypted: string;
-  /** Hex-encoded salt used for key derivation */
-  salt: string;
-  /** Hex-encoded initialization vector */
-  iv: string;
-  /** Public key associated with the encrypted private key */
-  publicKey: string;
-  /** Encryption algorithm used (optional, for backward compatibility) */
-  algorithm?: 'xor' | 'aes-256-gcm';
-  /** Format version (optional, for backward compatibility) */
-  version?: string;
-}
-

package/src/ui/context/OxyContextBase.tsx

@@ -1,78 +0,0 @@
-import { createContext, useContext } from 'react';
-import type { ReactNode } from 'react';
-import type { OxyServices } from '../../core';
-import type { User, ApiError } from '../../models/interfaces';
-import type { ClientSession, SessionLoginResponse } from '../../models/session';
-import type { UseFollowHook } from '../hooks/useFollow.types';
-import type { useLanguageManagement } from '../hooks/useLanguageManagement';
-import type { RouteName } from '../navigation/routes';
-
-export interface OxyContextState {
-    user: User | null;
-    sessions: ClientSession[];
-    activeSessionId: string | null;
-    currentDeviceId: string | null;
-    isAuthenticated: boolean;
-    isLoading: boolean;
-    isTokenReady: boolean;
-    isStorageReady: boolean;
-    error: string | null;
-    currentLanguage: string;
-    currentLanguageMetadata: ReturnType<typeof useLanguageManagement>['metadata'];
-    currentLanguageName: string;
-    currentNativeLanguageName: string;
-
-    // Authentication (Services SDK only handles tokens/sessions, NOT identity)
-    // Identity management (KeyManager, SignatureService, challenge signing) belongs ONLY in Accounts app
-    // completeSignIn accepts already-verified session data from Accounts app
-    completeSignIn: (sessionResponse: SessionLoginResponse) => Promise<User>;
-
-    // Session management
-    logout: (targetSessionId?: string) => Promise<void>;
-    logoutAll: () => Promise<void>;
-    switchSession: (sessionId: string) => Promise<void>;
-    removeSession: (sessionId: string) => Promise<void>;
-    refreshSessions: () => Promise<void>;
-    setLanguage: (languageId: string) => Promise<void>;
-    getDeviceSessions: () => Promise<
-        Array<{
-            sessionId: string;
-            deviceId: string;
-            deviceName?: string;
-            lastActive?: string;
-            expiresAt?: string;
-        }>
-    >;
-    logoutAllDeviceSessions: () => Promise<void>;
-    updateDeviceName: (deviceName: string) => Promise<void>;
-    clearSessionState: () => Promise<void>;
-    clearAllAccountData: () => Promise<void>;
-    oxyServices: OxyServices;
-    useFollow?: UseFollowHook;
-    showBottomSheet?: (screenOrConfig: RouteName | { screen: RouteName; props?: Record<string, unknown> }) => void;
-    openAvatarPicker: () => void;
-    updateProfile: (updates: Partial<User>) => Promise<User>;
-}
-
-export const OxyContext = createContext<OxyContextState | null>(null);
-
-export interface OxyContextProviderProps {
-    children: ReactNode;
-    oxyServices?: OxyServices;
-    baseURL?: string;
-    storageKeyPrefix?: string;
-    onAuthStateChange?: (user: User | null) => void;
-    onError?: (error: ApiError) => void;
-}
-
-/**
- * Hook to access the Oxy context.
- * Must be used within an OxyContextProvider.
- */
-export const useOxy = (): OxyContextState => {
-    const context = useContext(OxyContext);
-    if (!context) {
-        throw new Error('useOxy must be used within an OxyContextProvider');
-    }
-    return context;
-};

package/src/ui/context/hooks/useStorage.ts

@@ -1,104 +0,0 @@
-import { useCallback, useEffect, useRef, useState } from 'react';
-import type { ApiError } from '../../../models/interfaces';
-import { createPlatformStorage, type StorageInterface } from '../../utils/storageHelpers';
-import { extractErrorMessage } from '../../utils/errorHandlers';
-
-export interface UseStorageOptions {
-  onError?: (error: ApiError) => void;
-  logger?: (message: string, error?: unknown) => void;
-  errorCode?: string;
-}
-
-export interface UseStorageResult {
-  storage: StorageInterface | null;
-  isReady: boolean;
-  error: string | null;
-  refresh: () => Promise<StorageInterface | null>;
-  withStorage: <T>(callback: (storage: StorageInterface) => Promise<T>) => Promise<T | null>;
-}
-
-const DEFAULT_ERROR_CODE = 'STORAGE_INIT_ERROR';
-
-/**
- * React hook that exposes a platform-agnostic storage reference.
- * Handles initialization, error propagation, and lazy re-initialization.
- *
- * @param options - Optional configuration for error reporting and logging
- */
-export const useStorage = ({
-  onError,
-  logger,
-  errorCode = DEFAULT_ERROR_CODE,
-}: UseStorageOptions = {}): UseStorageResult => {
-  const [storage, setStorage] = useState<StorageInterface | null>(null);
-  const [error, setError] = useState<string | null>(null);
-  const initializingRef = useRef<Promise<StorageInterface | null> | null>(null);
-
-  const notifyError = useCallback(
-    (err: unknown) => {
-      const message = extractErrorMessage(err, 'Failed to initialize storage');
-      setError(message);
-
-      if (logger) {
-        logger(message, err);
-      }
-
-      onError?.({
-        message,
-        code: errorCode,
-        status: 500,
-      });
-    },
-    [errorCode, logger, onError],
-  );
-
-  const createStorageInstance = useCallback(async (): Promise<StorageInterface | null> => {
-    try {
-      const platformStorage = await createPlatformStorage();
-      setStorage(platformStorage);
-      setError(null);
-      return platformStorage;
-    } catch (err) {
-      notifyError(err);
-      setStorage(null);
-      return null;
-    }
-  }, [notifyError]);
-
-  const refresh = useCallback(async (): Promise<StorageInterface | null> => {
-    if (!initializingRef.current) {
-      initializingRef.current = createStorageInstance().finally(() => {
-        initializingRef.current = null;
-      });
-    }
-
-    return initializingRef.current;
-  }, [createStorageInstance]);
-
-  useEffect(() => {
-    refresh().catch((err) => {
-      notifyError(err);
-    });
-  }, [refresh, notifyError]);
-
-  const withStorage = useCallback(
-    async <T,>(callback: (resolvedStorage: StorageInterface) => Promise<T>): Promise<T | null> => {
-      const resolvedStorage = storage ?? (await refresh());
-      if (!resolvedStorage) {
-        return null;
-      }
-      return callback(resolvedStorage);
-    },
-    [refresh, storage],
-  );
-
-  return {
-    storage,
-    isReady: Boolean(storage) && !error,
-    error,
-    refresh,
-    withStorage,
-  };
-};
-
-

package/src/ui/hooks/useAvatarPicker.ts

@@ -1,61 +0,0 @@
-/**
- * Provides avatar picker action wired to bottom sheet selection and profile update.
- */
-import { useCallback } from 'react';
-import type { QueryClient } from '@tanstack/react-query';
-import { toast } from '../../lib/sonner';
-import { translate } from '../../i18n';
-import { updateAvatarVisibility, updateProfileWithAvatar } from '../utils/avatarUtils';
-import type { OxyServices } from '../../core';
-import type { RouteName } from '../navigation/routes';
-
-interface UseAvatarPickerOptions {
-  oxyServices: OxyServices;
-  currentLanguage: string;
-  activeSessionId: string | null;
-  currentDeviceId: string | null;
-  queryClient: QueryClient;
-  showBottomSheet: (screenOrConfig: RouteName | { screen: RouteName; props?: Record<string, unknown> }) => void;
-}
-
-export const useAvatarPicker = ({
-  oxyServices,
-  currentLanguage,
-  activeSessionId,
-  currentDeviceId,
-  queryClient,
-  showBottomSheet,
-}: UseAvatarPickerOptions) => {
-  const openAvatarPicker = useCallback(() => {
-    showBottomSheet({
-      screen: 'FileManagement' as RouteName,
-      props: {
-        selectMode: true,
-        multiSelect: false,
-        disabledMimeTypes: ['video/', 'audio/', 'application/pdf'],
-        afterSelect: 'none',
-        onSelect: async (file: any) => {
-          if (!file.contentType.startsWith('image/')) {
-            toast.error(translate(currentLanguage, 'editProfile.toasts.selectImage') || 'Please select an image file');
-            return;
-          }
-          try {
-            await updateAvatarVisibility(file.id, oxyServices, 'OxyContext');
-            await updateProfileWithAvatar(
-              { avatar: file.id },
-              oxyServices,
-              activeSessionId,
-              queryClient,
-              { deviceId: currentDeviceId || undefined }
-            );
-            toast.success(translate(currentLanguage, 'editProfile.toasts.avatarUpdated') || 'Avatar updated');
-          } catch (e: any) {
-            toast.error(e.message || translate(currentLanguage, 'editProfile.toasts.updateAvatarFailed') || 'Failed to update avatar');
-          }
-        },
-      },
-    });
-  }, [activeSessionId, currentDeviceId, currentLanguage, oxyServices, queryClient, showBottomSheet]);
-
-  return { openAvatarPicker };
-};