@clipin/convex-wearables 0.0.1

package/dist/component/oauthActions.js

@@ -0,0 +1,208 @@
+/**
+ * OAuth flow Convex actions.
+ *
+ * Actions (not mutations) because they make external HTTP calls to
+ * provider token endpoints and APIs.
+ */
+import { v } from "convex/values";
+import { api, internal } from "./_generated/api";
+import { action, internalAction } from "./_generated/server";
+import { buildAuthorizationUrl, exchangeCodeForTokens, generateCodeChallenge, generateRandomString, refreshAccessToken, } from "./providers/oauth";
+import { getProvider } from "./providers/registry";
+import { providerName } from "./schema";
+// ---------------------------------------------------------------------------
+// Generate authorization URL
+// ---------------------------------------------------------------------------
+/**
+ * Generate an OAuth authorization URL for a provider.
+ *
+ * Stores the state token in the oauthStates table and returns the URL
+ * the client should redirect the user to.
+ */
+export const generateAuthUrl = action({
+    args: {
+        userId: v.string(),
+        provider: providerName,
+        clientId: v.string(),
+        clientSecret: v.string(),
+        subscriptionKey: v.optional(v.string()),
+        redirectUri: v.string(),
+    },
+    returns: v.string(),
+    handler: async (ctx, args) => {
+        await ctx.runMutation(internal.providerSettings.upsertCredentials, {
+            provider: args.provider,
+            clientId: args.clientId,
+            clientSecret: args.clientSecret,
+            subscriptionKey: args.subscriptionKey,
+        });
+        const providerDef = getProvider(args.provider);
+        if (!providerDef) {
+            throw new Error(`Provider "${args.provider}" is not implemented`);
+        }
+        const credentials = {
+            clientId: args.clientId,
+            clientSecret: args.clientSecret,
+            subscriptionKey: args.subscriptionKey,
+        };
+        const config = providerDef.oauthConfig(credentials);
+        // Generate state token
+        const state = generateRandomString(32);
+        // PKCE if the provider requires it
+        let codeVerifier;
+        let codeChallenge;
+        if (config.usePkce) {
+            codeVerifier = generateRandomString(64);
+            codeChallenge = await generateCodeChallenge(codeVerifier);
+        }
+        // Store state in the database for validation during callback
+        await ctx.runMutation(internal.oauthStates.store, {
+            state,
+            userId: args.userId,
+            provider: args.provider,
+            codeVerifier,
+            redirectUri: args.redirectUri,
+        });
+        // Build the authorization URL
+        const url = buildAuthorizationUrl({
+            config,
+            redirectUri: args.redirectUri,
+            state,
+            codeChallenge,
+        });
+        return url;
+    },
+});
+// ---------------------------------------------------------------------------
+// Handle OAuth callback (exchange code for tokens)
+// ---------------------------------------------------------------------------
+/**
+ * Handle the OAuth callback. Consumes the state token, exchanges the
+ * authorization code for access/refresh tokens, fetches the user's
+ * provider profile, and creates/updates the connection.
+ */
+export const handleCallback = action({
+    args: {
+        state: v.string(),
+        code: v.string(),
+        clientId: v.string(),
+        clientSecret: v.string(),
+        subscriptionKey: v.optional(v.string()),
+    },
+    returns: v.object({
+        provider: v.string(),
+        userId: v.string(),
+        connectionId: v.string(),
+    }),
+    handler: async (ctx, args) => {
+        // Consume the state token
+        const oauthState = await ctx.runMutation(internal.oauthStates.consume, {
+            state: args.state,
+        });
+        if (!oauthState) {
+            throw new Error("Invalid or expired OAuth state");
+        }
+        const providerDef = getProvider(oauthState.provider);
+        if (!providerDef) {
+            throw new Error(`Provider "${oauthState.provider}" is not implemented`);
+        }
+        await ctx.runMutation(internal.providerSettings.upsertCredentials, {
+            provider: oauthState.provider,
+            clientId: args.clientId,
+            clientSecret: args.clientSecret,
+            subscriptionKey: args.subscriptionKey,
+        });
+        const credentials = {
+            clientId: args.clientId,
+            clientSecret: args.clientSecret,
+            subscriptionKey: args.subscriptionKey,
+        };
+        const config = providerDef.oauthConfig(credentials);
+        // Exchange code for tokens
+        const tokenResponse = await exchangeCodeForTokens(config, args.code, oauthState.redirectUri ?? "", oauthState.codeVerifier);
+        // Fetch user info from the provider
+        if (providerDef.postConnect) {
+            await providerDef.postConnect(tokenResponse.access_token, tokenResponse, oauthState.userId, credentials);
+        }
+        const userInfo = await providerDef.getUserInfo(tokenResponse.access_token, tokenResponse, oauthState.userId, credentials);
+        // Calculate token expiry
+        const tokenExpiresAt = tokenResponse.expires_in
+            ? Date.now() + tokenResponse.expires_in * 1000
+            : undefined;
+        // Create or update the connection
+        const connectionId = await ctx.runMutation(internal.connections.createConnection, {
+            userId: oauthState.userId,
+            provider: oauthState.provider,
+            providerUserId: userInfo.providerUserId ?? undefined,
+            providerUsername: userInfo.username ?? undefined,
+            accessToken: tokenResponse.access_token,
+            refreshToken: tokenResponse.refresh_token,
+            tokenExpiresAt,
+            scope: tokenResponse.scope,
+        });
+        // Create a data source for this connection
+        await ctx.runMutation(api.dataSources.getOrCreate, {
+            userId: oauthState.userId,
+            provider: oauthState.provider,
+            connectionId,
+            source: oauthState.provider,
+        });
+        return {
+            provider: oauthState.provider,
+            userId: oauthState.userId,
+            connectionId: String(connectionId),
+        };
+    },
+});
+/**
+ * Ensure a connection has a valid (non-expired) access token.
+ * If expired, refreshes the token and updates the connection.
+ * Returns the valid access token.
+ */
+export const ensureValidToken = internalAction({
+    args: {
+        connectionId: v.id("connections"),
+        provider: providerName,
+        accessToken: v.string(),
+        refreshToken: v.optional(v.string()),
+        tokenExpiresAt: v.optional(v.number()),
+        clientId: v.string(),
+        clientSecret: v.string(),
+        subscriptionKey: v.optional(v.string()),
+    },
+    returns: v.string(), // valid access token
+    handler: async (ctx, args) => {
+        // Check if token is still valid (with 5-minute buffer)
+        const bufferMs = 5 * 60 * 1000;
+        if (args.tokenExpiresAt && args.tokenExpiresAt - bufferMs > Date.now()) {
+            return args.accessToken;
+        }
+        // Token is expired or about to expire — refresh it
+        if (!args.refreshToken) {
+            throw new Error(`Token expired for ${args.provider} connection and no refresh token available`);
+        }
+        const providerDef = getProvider(args.provider);
+        if (!providerDef) {
+            throw new Error(`Provider "${args.provider}" is not implemented`);
+        }
+        const credentials = {
+            clientId: args.clientId,
+            clientSecret: args.clientSecret,
+            subscriptionKey: args.subscriptionKey,
+        };
+        const config = providerDef.oauthConfig(credentials);
+        const tokenResponse = await refreshAccessToken(config, args.refreshToken);
+        const newExpiresAt = tokenResponse.expires_in
+            ? Date.now() + tokenResponse.expires_in * 1000
+            : undefined;
+        // Update the connection with new tokens
+        await ctx.runMutation(internal.connections.updateTokens, {
+            connectionId: args.connectionId,
+            accessToken: tokenResponse.access_token,
+            refreshToken: tokenResponse.refresh_token ?? args.refreshToken,
+            tokenExpiresAt: newExpiresAt,
+        });
+        return tokenResponse.access_token;
+    },
+});
+//# sourceMappingURL=oauthActions.js.map

package/dist/component/oauthActions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauthActions.js","sourceRoot":"","sources":["../../src/component/oauthActions.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,eAAe,CAAC;AAClC,OAAO,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAC7D,OAAO,EACL,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,EACrB,oBAAoB,EACpB,kBAAkB,GACnB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAEnD,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,8EAA8E;AAC9E,6BAA6B;AAC7B,8EAA8E;AAE9E;;;;;GAKG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,MAAM,CAAC;IACpC,IAAI,EAAE;QACJ,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;QAClB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;QACpB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;QACxB,eAAe,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;QACvC,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;KACxB;IACD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,MAAM,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,gBAAgB,CAAC,iBAAiB,EAAE;YACjE,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,eAAe,EAAE,IAAI,CAAC,eAAe;SACtC,CAAC,CAAC;QAEH,MAAM,WAAW,GAAG,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,aAAa,IAAI,CAAC,QAAQ,sBAAsB,CAAC,CAAC;QACpE,CAAC;QAED,MAAM,WAAW,GAAwB;YACvC,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,eAAe,EAAE,IAAI,CAAC,eAAe;SACtC,CAAC;QACF,MAAM,MAAM,GAAG,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;QAEpD,uBAAuB;QACvB,MAAM,KAAK,GAAG,oBAAoB,CAAC,EAAE,CAAC,CAAC;QAEvC,mCAAmC;QACnC,IAAI,YAAgC,CAAC;QACrC,IAAI,aAAiC,CAAC;QACtC,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACnB,YAAY,GAAG,oBAAoB,CAAC,EAAE,CAAC,CAAC;YACxC,aAAa,GAAG,MAAM,qBAAqB,CAAC,YAAY,CAAC,CAAC;QAC5D,CAAC;QAED,6DAA6D;QAC7D,MAAM,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,WAAW,CAAC,KAAK,EAAE;YAChD,KAAK;YACL,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,YAAY;YACZ,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B,CAAC,CAAC;QAEH,8BAA8B;QAC9B,MAAM,GAAG,GAAG,qBAAqB,CAAC;YAChC,MAAM;YACN,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,KAAK;YACL,aAAa;SACd,CAAC,CAAC;QAEH,OAAO,GAAG,CAAC;IACb,CAAC;CACF,CAAC,CAAC;AAEH,8EAA8E;AAC9E,mDAAmD;AACnD,8EAA8E;AAE9E;;;;GAIG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,MAAM,CAAC;IACnC,IAAI,EAAE;QACJ,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;QACjB,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;QAChB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;QACpB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;QACxB,eAAe,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;KACxC;IACD,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC;QAChB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;QACpB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;QAClB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;KACzB,CAAC;IACF,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,0BAA0B;QAC1B,MAAM,UAAU,GAAG,MAAM,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,WAAW,CAAC,OAAO,EAAE;YACrE,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;QAEH,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,WAAW,GAAG,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QACrD,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,aAAa,UAAU,CAAC,QAAQ,sBAAsB,CAAC,CAAC;QAC1E,CAAC;QAED,MAAM,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,gBAAgB,CAAC,iBAAiB,EAAE;YACjE,QAAQ,EAAE,UAAU,CAAC,QAAQ;YAC7B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,eAAe,EAAE,IAAI,CAAC,eAAe;SACtC,CAAC,CAAC;QAEH,MAAM,WAAW,GAAwB;YACvC,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,eAAe,EAAE,IAAI,CAAC,eAAe;SACtC,CAAC;QACF,MAAM,MAAM,GAAG,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;QAEpD,2BAA2B;QAC3B,MAAM,aAAa,GAAG,MAAM,qBAAqB,CAC/C,MAAM,EACN,IAAI,CAAC,IAAI,EACT,UAAU,CAAC,WAAW,IAAI,EAAE,EAC5B,UAAU,CAAC,YAAY,CACxB,CAAC;QAEF,oCAAoC;QACpC,IAAI,WAAW,CAAC,WAAW,EAAE,CAAC;YAC5B,MAAM,WAAW,CAAC,WAAW,CAC3B,aAAa,CAAC,YAAY,EAC1B,aAAa,EACb,UAAU,CAAC,MAAM,EACjB,WAAW,CACZ,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,WAAW,CAC5C,aAAa,CAAC,YAAY,EAC1B,aAAa,EACb,UAAU,CAAC,MAAM,EACjB,WAAW,CACZ,CAAC;QAEF,yBAAyB;QACzB,MAAM,cAAc,GAAG,aAAa,CAAC,UAAU;YAC7C,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,aAAa,CAAC,UAAU,GAAG,IAAI;YAC9C,CAAC,CAAC,SAAS,CAAC;QAEd,kCAAkC;QAClC,MAAM,YAAY,GAAG,MAAM,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,WAAW,CAAC,gBAAgB,EAAE;YAChF,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,QAAQ,EAAE,UAAU,CAAC,QAAQ;YAC7B,cAAc,EAAE,QAAQ,CAAC,cAAc,IAAI,SAAS;YACpD,gBAAgB,EAAE,QAAQ,CAAC,QAAQ,IAAI,SAAS;YAChD,WAAW,EAAE,aAAa,CAAC,YAAY;YACvC,YAAY,EAAE,aAAa,CAAC,aAAa;YACzC,cAAc;YACd,KAAK,EAAE,aAAa,CAAC,KAAK;SAC3B,CAAC,CAAC;QAEH,2CAA2C;QAC3C,MAAM,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,WAAW,EAAE;YACjD,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,QAAQ,EAAE,UAAU,CAAC,QAAQ;YAC7B,YAAY;YACZ,MAAM,EAAE,UAAU,CAAC,QAAQ;SAC5B,CAAC,CAAC;QAEH,OAAO;YACL,QAAQ,EAAE,UAAU,CAAC,QAAQ;YAC7B,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC;SACnC,CAAC;IACJ,CAAC;CACF,CAAC,CAAC;AAEH;;;;GAIG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,cAAc,CAAC;IAC7C,IAAI,EAAE;QACJ,YAAY,EAAE,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC;QACjC,QAAQ,EAAE,YAAY;QACtB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;QACvB,YAAY,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;QACpC,cAAc,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;QACtC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;QACpB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;QACxB,eAAe,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;KACxC;IACD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,qBAAqB;IAC1C,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,uDAAuD;QACvD,MAAM,QAAQ,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;QAC/B,IAAI,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc,GAAG,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YACvE,OAAO,IAAI,CAAC,WAAW,CAAC;QAC1B,CAAC;QAED,mDAAmD;QACnD,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,IAAI,KAAK,CACb,qBAAqB,IAAI,CAAC,QAAQ,4CAA4C,CAC/E,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAG,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC/C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,aAAa,IAAI,CAAC,QAAQ,sBAAsB,CAAC,CAAC;QACpE,CAAC;QAED,MAAM,WAAW,GAAwB;YACvC,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,eAAe,EAAE,IAAI,CAAC,eAAe;SACtC,CAAC;QACF,MAAM,MAAM,GAAG,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;QACpD,MAAM,aAAa,GAAG,MAAM,kBAAkB,CAAC,MAAM,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;QAE1E,MAAM,YAAY,GAAG,aAAa,CAAC,UAAU;YAC3C,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,aAAa,CAAC,UAAU,GAAG,IAAI;YAC9C,CAAC,CAAC,SAAS,CAAC;QAEd,wCAAwC;QACxC,MAAM,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,WAAW,CAAC,YAAY,EAAE;YACvD,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,WAAW,EAAE,aAAa,CAAC,YAAY;YACvC,YAAY,EAAE,aAAa,CAAC,aAAa,IAAI,IAAI,CAAC,YAAY;YAC9D,cAAc,EAAE,YAAY;SAC7B,CAAC,CAAC;QAEH,OAAO,aAAa,CAAC,YAAY,CAAC;IACpC,CAAC;CACF,CAAC,CAAC"}

package/dist/component/oauthStates.d.ts

@@ -0,0 +1,47 @@
+/**
+ * Look up an OAuth state by its state token.
+ */
+export declare const getByState: import("convex/server").RegisteredQuery<"internal", {
+    state: string;
+}, Promise<{
+    _id: import("convex/values").GenericId<"oauthStates">;
+    _creationTime: number;
+    codeVerifier?: string | undefined;
+    redirectUri?: string | undefined;
+    provider: "garmin" | "suunto" | "polar" | "whoop" | "strava" | "apple" | "samsung" | "google";
+    userId: string;
+    state: string;
+    createdAt: number;
+} | null>>;
+/**
+ * Store a new OAuth state. Schedules automatic cleanup after 15 minutes.
+ */
+export declare const store: import("convex/server").RegisteredMutation<"internal", {
+    codeVerifier?: string | undefined;
+    redirectUri?: string | undefined;
+    provider: "garmin" | "suunto" | "polar" | "whoop" | "strava" | "apple" | "samsung" | "google";
+    userId: string;
+    state: string;
+}, Promise<import("convex/values").GenericId<"oauthStates">>>;
+/**
+ * Consume an OAuth state (read and delete). Used during the callback.
+ */
+export declare const consume: import("convex/server").RegisteredMutation<"internal", {
+    state: string;
+}, Promise<{
+    _id: import("convex/values").GenericId<"oauthStates">;
+    _creationTime: number;
+    codeVerifier?: string | undefined;
+    redirectUri?: string | undefined;
+    provider: "garmin" | "suunto" | "polar" | "whoop" | "strava" | "apple" | "samsung" | "google";
+    userId: string;
+    state: string;
+    createdAt: number;
+} | null>>;
+/**
+ * Delete an OAuth state by ID (used by scheduled cleanup).
+ */
+export declare const deleteById: import("convex/server").RegisteredMutation<"internal", {
+    id: import("convex/values").GenericId<"oauthStates">;
+}, Promise<void>>;
+//# sourceMappingURL=oauthStates.d.ts.map

package/dist/component/oauthStates.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauthStates.d.ts","sourceRoot":"","sources":["../../src/component/oauthStates.ts"],"names":[],"mappings":"AASA;;GAEG;AACH,eAAO,MAAM,UAAU;;;;;;;;;;;UASrB,CAAC;AAMH;;GAEG;AACH,eAAO,MAAM,KAAK;;;;;;6DAsBhB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,OAAO;;;;;;;;;;;UAclB,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,UAAU;;iBAQrB,CAAC"}

package/dist/component/oauthStates.js

@@ -0,0 +1,77 @@
+import { v } from "convex/values";
+import { internal } from "./_generated/api";
+import { internalMutation, internalQuery } from "./_generated/server";
+import { providerName } from "./schema";
+// ---------------------------------------------------------------------------
+// Queries
+// ---------------------------------------------------------------------------
+/**
+ * Look up an OAuth state by its state token.
+ */
+export const getByState = internalQuery({
+    args: { state: v.string() },
+    returns: v.any(),
+    handler: async (ctx, args) => {
+        return await ctx.db
+            .query("oauthStates")
+            .withIndex("by_state", (idx) => idx.eq("state", args.state))
+            .first();
+    },
+});
+// ---------------------------------------------------------------------------
+// Mutations
+// ---------------------------------------------------------------------------
+/**
+ * Store a new OAuth state. Schedules automatic cleanup after 15 minutes.
+ */
+export const store = internalMutation({
+    args: {
+        state: v.string(),
+        userId: v.string(),
+        provider: providerName,
+        codeVerifier: v.optional(v.string()),
+        redirectUri: v.optional(v.string()),
+    },
+    returns: v.id("oauthStates"),
+    handler: async (ctx, args) => {
+        const id = await ctx.db.insert("oauthStates", {
+            ...args,
+            createdAt: Date.now(),
+        });
+        // Schedule cleanup in 15 minutes
+        await ctx.scheduler.runAfter(15 * 60 * 1000, internal.oauthStates.deleteById, {
+            id,
+        });
+        return id;
+    },
+});
+/**
+ * Consume an OAuth state (read and delete). Used during the callback.
+ */
+export const consume = internalMutation({
+    args: { state: v.string() },
+    returns: v.any(),
+    handler: async (ctx, args) => {
+        const record = await ctx.db
+            .query("oauthStates")
+            .withIndex("by_state", (idx) => idx.eq("state", args.state))
+            .first();
+        if (!record)
+            return null;
+        await ctx.db.delete(record._id);
+        return record;
+    },
+});
+/**
+ * Delete an OAuth state by ID (used by scheduled cleanup).
+ */
+export const deleteById = internalMutation({
+    args: { id: v.id("oauthStates") },
+    handler: async (ctx, args) => {
+        const record = await ctx.db.get(args.id);
+        if (record) {
+            await ctx.db.delete(args.id);
+        }
+    },
+});
+//# sourceMappingURL=oauthStates.js.map

package/dist/component/oauthStates.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauthStates.js","sourceRoot":"","sources":["../../src/component/oauthStates.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,eAAe,CAAC;AAClC,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACtE,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E;;GAEG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,aAAa,CAAC;IACtC,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE;IAC3B,OAAO,EAAE,CAAC,CAAC,GAAG,EAAE;IAChB,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,OAAO,MAAM,GAAG,CAAC,EAAE;aAChB,KAAK,CAAC,aAAa,CAAC;aACpB,SAAS,CAAC,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;aAC3D,KAAK,EAAE,CAAC;IACb,CAAC;CACF,CAAC,CAAC;AAEH,8EAA8E;AAC9E,YAAY;AACZ,8EAA8E;AAE9E;;GAEG;AACH,MAAM,CAAC,MAAM,KAAK,GAAG,gBAAgB,CAAC;IACpC,IAAI,EAAE;QACJ,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;QACjB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;QAClB,QAAQ,EAAE,YAAY;QACtB,YAAY,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;QACpC,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;KACpC;IACD,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC;IAC5B,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,MAAM,EAAE,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,aAAa,EAAE;YAC5C,GAAG,IAAI;YACP,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC,CAAC;QAEH,iCAAiC;QACjC,MAAM,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,QAAQ,CAAC,WAAW,CAAC,UAAU,EAAE;YAC5E,EAAE;SACH,CAAC,CAAC;QAEH,OAAO,EAAE,CAAC;IACZ,CAAC;CACF,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,gBAAgB,CAAC;IACtC,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE;IAC3B,OAAO,EAAE,CAAC,CAAC,GAAG,EAAE;IAChB,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,EAAE;aACxB,KAAK,CAAC,aAAa,CAAC;aACpB,SAAS,CAAC,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;aAC3D,KAAK,EAAE,CAAC;QAEX,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QAEzB,MAAM,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChC,OAAO,MAAM,CAAC;IAChB,CAAC;CACF,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,gBAAgB,CAAC;IACzC,IAAI,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,EAAE;IACjC,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACzC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;CACF,CAAC,CAAC"}

package/dist/component/providerSettings.d.ts

@@ -0,0 +1,15 @@
+export declare const upsertCredentials: import("convex/server").RegisteredMutation<"internal", {
+    subscriptionKey?: string | undefined;
+    provider: "garmin" | "suunto" | "polar" | "whoop" | "strava" | "apple" | "samsung" | "google";
+    clientId: string;
+    clientSecret: string;
+}, Promise<import("convex/values").GenericId<"providerSettings">>>;
+export declare const getCredentials: import("convex/server").RegisteredQuery<"internal", {
+    provider: "garmin" | "suunto" | "polar" | "whoop" | "strava" | "apple" | "samsung" | "google";
+}, Promise<{
+    provider: "garmin" | "suunto" | "polar" | "whoop" | "strava" | "apple" | "samsung" | "google";
+    clientId: string;
+    clientSecret: string;
+    subscriptionKey: string | undefined;
+} | null>>;
+//# sourceMappingURL=providerSettings.d.ts.map

package/dist/component/providerSettings.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"providerSettings.d.ts","sourceRoot":"","sources":["../../src/component/providerSettings.ts"],"names":[],"mappings":"AAIA,eAAO,MAAM,iBAAiB;;;;;kEA6B5B,CAAC;AAEH,eAAO,MAAM,cAAc;;;;;;;UA8BzB,CAAC"}

package/dist/component/providerSettings.js

@@ -0,0 +1,57 @@
+import { v } from "convex/values";
+import { internalMutation, internalQuery } from "./_generated/server";
+import { providerName } from "./schema";
+export const upsertCredentials = internalMutation({
+    args: {
+        provider: providerName,
+        clientId: v.string(),
+        clientSecret: v.string(),
+        subscriptionKey: v.optional(v.string()),
+    },
+    handler: async (ctx, args) => {
+        const existing = await ctx.db
+            .query("providerSettings")
+            .withIndex("by_provider", (idx) => idx.eq("provider", args.provider))
+            .first();
+        const patch = {
+            provider: args.provider,
+            isEnabled: true,
+            clientId: args.clientId,
+            clientSecret: args.clientSecret,
+            subscriptionKey: args.subscriptionKey,
+            updatedAt: Date.now(),
+        };
+        if (existing) {
+            await ctx.db.patch(existing._id, patch);
+            return existing._id;
+        }
+        return await ctx.db.insert("providerSettings", patch);
+    },
+});
+export const getCredentials = internalQuery({
+    args: {
+        provider: providerName,
+    },
+    returns: v.union(v.object({
+        provider: providerName,
+        clientId: v.string(),
+        clientSecret: v.string(),
+        subscriptionKey: v.optional(v.string()),
+    }), v.null()),
+    handler: async (ctx, args) => {
+        const settings = await ctx.db
+            .query("providerSettings")
+            .withIndex("by_provider", (idx) => idx.eq("provider", args.provider))
+            .first();
+        if (!settings?.clientId || !settings.clientSecret) {
+            return null;
+        }
+        return {
+            provider: settings.provider,
+            clientId: settings.clientId,
+            clientSecret: settings.clientSecret,
+            subscriptionKey: settings.subscriptionKey,
+        };
+    },
+});
+//# sourceMappingURL=providerSettings.js.map

package/dist/component/providerSettings.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"providerSettings.js","sourceRoot":"","sources":["../../src/component/providerSettings.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,eAAe,CAAC;AAClC,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACtE,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,MAAM,CAAC,MAAM,iBAAiB,GAAG,gBAAgB,CAAC;IAChD,IAAI,EAAE;QACJ,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;QACpB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;QACxB,eAAe,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;KACxC;IACD,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,EAAE;aAC1B,KAAK,CAAC,kBAAkB,CAAC;aACzB,SAAS,CAAC,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;aACpE,KAAK,EAAE,CAAC;QAEX,MAAM,KAAK,GAAG;YACZ,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,SAAS,EAAE,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC;QAEF,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACxC,OAAO,QAAQ,CAAC,GAAG,CAAC;QACtB,CAAC;QAED,OAAO,MAAM,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,kBAAkB,EAAE,KAAK,CAAC,CAAC;IACxD,CAAC;CACF,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,cAAc,GAAG,aAAa,CAAC;IAC1C,IAAI,EAAE;QACJ,QAAQ,EAAE,YAAY;KACvB;IACD,OAAO,EAAE,CAAC,CAAC,KAAK,CACd,CAAC,CAAC,MAAM,CAAC;QACP,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;QACpB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;QACxB,eAAe,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;KACxC,CAAC,EACF,CAAC,CAAC,IAAI,EAAE,CACT;IACD,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,EAAE;aAC1B,KAAK,CAAC,kBAAkB,CAAC;aACzB,SAAS,CAAC,aAAa,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;aACpE,KAAK,EAAE,CAAC;QAEX,IAAI,CAAC,QAAQ,EAAE,QAAQ,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,CAAC;YAClD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO;YACL,QAAQ,EAAE,QAAQ,CAAC,QAAQ;YAC3B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;YAC3B,YAAY,EAAE,QAAQ,CAAC,YAAY;YACnC,eAAe,EAAE,QAAQ,CAAC,eAAe;SAC1C,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}