@nativesquare/soma 0.13.1 → 0.14.0

package/src/component/garmin/auth.ts

@@ -2,6 +2,8 @@
 // Pure helper functions for the Garmin OAuth 2.0 PKCE flow.
 // Uses the Web Crypto API for SHA-256 challenge generation and global `fetch`.
 
+import type { OAuthRefreshResult } from "../utils.js";
+
 export interface GarminOAuth2TokenResponse {
   access_token: string;
   refresh_token: string;
@@ -158,7 +160,7 @@ export interface RefreshTokenOptions {
  */
 export async function refreshToken(
   opts: RefreshTokenOptions,
-): Promise<GarminOAuth2TokenResponse> {
+): Promise<OAuthRefreshResult> {
   const body = new URLSearchParams({
     grant_type: "refresh_token",
     client_id: opts.clientId,
@@ -179,5 +181,10 @@ export async function refreshToken(
     );
   }
 
-  return (await response.json()) as GarminOAuth2TokenResponse;
+  const raw = (await response.json()) as GarminOAuth2TokenResponse;
+  return {
+    access_token: raw.access_token,
+    refresh_token: raw.refresh_token,
+    expiresAt: Math.floor(Date.now() / 1000) + raw.expires_in,
+  };
 }

package/src/component/garmin/private.ts

@@ -1,14 +1,11 @@
-// ─── Garmin Internal Mutations ───────────────────────────────────────────────
-// Token CRUD and pending OAuth state management.
-// Called only from garmin/public.ts and garmin/webhooks.ts.
+// ─── Garmin Internal Functions ───────────────────────────────────────────────
+// Garmin-specific internal actions (token refresh, webhook payload processing).
+// Shared CRUD (tokens, pending OAuth) lives in the root private.ts.
 
 import { v } from "convex/values";
-import {
-  internalAction,
-  internalMutation,
-  internalQuery,
-} from "../_generated/server";
+import { internalAction } from "../_generated/server";
 import { internal } from "../_generated/api";
+import type { SomaError } from "../validators/shared.js";
 import {
   garminActivityPingPayloadSchema,
   garminActivityPushPayloadSchema,
@@ -94,224 +91,6 @@ import {
   garminMenstrualCycleTrackingPushPayloadSchema,
 } from "./schemas/menstrualCycleTracking.js";
 import { transformMenstrualCycleTracking } from "./transform/menstrualCycleTracking.js";
-import { refreshToken } from "./auth";
-import type { Doc, Id } from "../_generated/dataModel";
-
-const REFRESH_BUFFER_SECONDS = 600;
-// ─── Internal Pending OAuth CRUD ─────────────────────────────────────────────
-// Temporary storage for in-progress Garmin OAuth 2.0 PKCE flows.
-// Bridges getGarminAuthUrl and completeGarminOAuth.
-
-export const storePendingOAuth = internalMutation({
-  args: {
-    provider: v.string(),
-    state: v.string(),
-    codeVerifier: v.string(),
-    userId: v.string(),
-  },
-  returns: v.null(),
-  handler: async (ctx, args) => {
-    await ctx.db.insert("pendingOAuth", {
-      ...args,
-      createdAt: Date.now(),
-    });
-    return null;
-  },
-});
-
-export const getPendingOAuth = internalQuery({
-  args: { state: v.string() },
-  handler: async (ctx, args) => {
-    return await ctx.db
-      .query("pendingOAuth")
-      .withIndex("by_state", (q) => q.eq("state", args.state))
-      .first();
-  },
-});
-
-export const deletePendingOAuth = internalMutation({
-  args: { state: v.string() },
-  returns: v.null(),
-  handler: async (ctx, args) => {
-    const pending = await ctx.db
-      .query("pendingOAuth")
-      .withIndex("by_state", (q) => q.eq("state", args.state))
-      .first();
-    if (pending) {
-      await ctx.db.delete(pending._id);
-    }
-    return null;
-  },
-});
-
-export const resolveConnectionAndAccessToken = internalAction({
-  args: {
-    userId: v.string(),
-    clientId: v.string(),
-    clientSecret: v.string(),
-  },
-  handler: async (ctx, args): Promise<{
-    connectionId: Id<"connections">;
-    accessToken: string;
-  }> => {
-    const connection: Doc<"connections"> | null = await ctx.runQuery(
-      internal.private.getConnectionByProvider,
-      { userId: args.userId, provider: "GARMIN" },
-    );
-
-    if (!connection) {
-      throw new Error(
-        `No Garmin connection found for user "${args.userId}". ` +
-        "Connect to Garmin first via getGarminAuthUrl.",
-      );
-    }
-
-    if (!connection.active) {
-      throw new Error(
-        `Garmin connection for user "${args.userId}" is inactive. Reconnect first.`,
-      );
-    }
-
-    const connectionId = connection._id;
-
-    const tokenDoc: Doc<"providerTokens"> | null = await ctx.runQuery(
-      internal.garmin.private.getTokens,
-      { connectionId },
-    );
-
-    if (!tokenDoc) {
-      throw new Error(
-        "No Garmin tokens found for this connection. " +
-        "The connection may have been created before token storage was available.",
-      );
-    }
-
-    let accessToken = tokenDoc.accessToken;
-
-    // Refresh the token if it's expired or about to expire
-    const nowSeconds = Math.floor(Date.now() / 1000);
-    if (
-      tokenDoc.expiresAt &&
-      tokenDoc.refreshToken &&
-      nowSeconds >= tokenDoc.expiresAt - REFRESH_BUFFER_SECONDS
-    ) {
-      const refreshed = await refreshToken({
-        clientId: args.clientId,
-        clientSecret: args.clientSecret,
-        refreshToken: tokenDoc.refreshToken,
-      });
-
-      accessToken = refreshed.access_token;
-      const newExpiresAt = nowSeconds + refreshed.expires_in;
-
-      const _refreshed: null = await ctx.runMutation(
-        internal.garmin.private.storeTokens,
-        {
-          connectionId,
-          accessToken: refreshed.access_token,
-          refreshToken: refreshed.refresh_token,
-          expiresAt: newExpiresAt,
-        },
-      );
-    }
-
-    return {
-      connectionId,
-      accessToken,
-    };
-  },
-});
-
-// ─── Internal Token CRUD ─────────────────────────────────────────────────────
-
-/**
- * Store OAuth 2.0 tokens for a Garmin connection.
- * Upserts by connectionId — one token record per connection.
- */
-export const storeTokens = internalMutation({
-  args: {
-    connectionId: v.id("connections"),
-    accessToken: v.string(),
-    refreshToken: v.string(),
-    expiresAt: v.number(),
-  },
-  returns: v.null(),
-  handler: async (ctx, args) => {
-    const existing = await ctx.db
-      .query("providerTokens")
-      .withIndex("by_connectionId", (q) =>
-        q.eq("connectionId", args.connectionId),
-      )
-      .first();
-
-    if (existing) {
-      await ctx.db.patch(existing._id, {
-        accessToken: args.accessToken,
-        refreshToken: args.refreshToken,
-        expiresAt: args.expiresAt,
-      });
-      return null;
-    }
-
-    await ctx.db.insert("providerTokens", {
-      connectionId: args.connectionId,
-      accessToken: args.accessToken,
-      refreshToken: args.refreshToken,
-      expiresAt: args.expiresAt,
-    });
-    return null;
-  },
-});
-
-/**
- * Get stored tokens for a connection.
- */
-export const getTokens = internalQuery({
-  args: { connectionId: v.id("connections") },
-  returns: v.union(
-    v.object({
-      _id: v.id("providerTokens"),
-      _creationTime: v.number(),
-      connectionId: v.id("connections"),
-      accessToken: v.string(),
-      refreshToken: v.optional(v.string()),
-      expiresAt: v.optional(v.number()),
-    }),
-    v.null(),
-  ),
-  handler: async (ctx, args) => {
-    return await ctx.db
-      .query("providerTokens")
-      .withIndex("by_connectionId", (q) =>
-        q.eq("connectionId", args.connectionId),
-      )
-      .first();
-  },
-});
-
-/**
- * Delete stored tokens for a connection.
- */
-export const deleteTokens = internalMutation({
-  args: { connectionId: v.id("connections") },
-  returns: v.null(),
-  handler: async (ctx, args) => {
-    const existing = await ctx.db
-      .query("providerTokens")
-      .withIndex("by_connectionId", (q) =>
-        q.eq("connectionId", args.connectionId),
-      )
-      .first();
-
-    if (existing) {
-      await ctx.db.delete(existing._id);
-    }
-    return null;
-  },
-});
-
-
-
 // ─── Activity Push Processing ───────────────────────────────────────────────
 
 /**
@@ -325,7 +104,7 @@ export const processActivityPushPayload = internalAction({
     const { activities } = garminActivityPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof activities>();
@@ -416,7 +195,7 @@ export const processActivityDetailsPushPayload = internalAction({
       garminActivityDetailsPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof activityDetails>();
@@ -507,7 +286,7 @@ export const processManuallyUpdatedActivitiesPushPayload = internalAction({
       garminManuallyUpdatedActivitiesPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof manuallyUpdatedActivities>();
@@ -600,7 +379,7 @@ export const processMoveIQPushPayload = internalAction({
     );
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof moveIQActivities>();
@@ -692,7 +471,7 @@ export const processBloodPressurePushPayload = internalAction({
       garminBloodPressurePushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof bloodPressures>();
@@ -784,7 +563,7 @@ export const processBodyCompositionsPushPayload = internalAction({
       garminBodyCompositionsPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof bodyComps>();
@@ -876,7 +655,7 @@ export const processDailiesPushPayload = internalAction({
       garminDailiesPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof dailies>();
@@ -968,7 +747,7 @@ export const processHealthSnapshotPushPayload = internalAction({
       garminHealthSnapshotPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof healthSnapshot>();
@@ -1060,7 +839,7 @@ export const processHRVSummaryPushPayload = internalAction({
       garminHRVSummaryPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof hrv>();
@@ -1152,7 +931,7 @@ export const processEpochPushPayload = internalAction({
       garminEpochPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof epochs>();
@@ -1244,7 +1023,7 @@ export const processPulseOxPushPayload = internalAction({
       garminPulseOxPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof pulseox>();
@@ -1336,7 +1115,7 @@ export const processRespirationPushPayload = internalAction({
       garminRespirationPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof allDayRespiration>();
@@ -1428,7 +1207,7 @@ export const processStressPushPayload = internalAction({
       garminStressPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof stressDetails>();
@@ -1520,7 +1299,7 @@ export const processSkinTemperaturePushPayload = internalAction({
       garminSkinTemperaturePushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof skinTemp>();
@@ -1611,7 +1390,7 @@ export const processSleepsPushPayload = internalAction({
     const { sleeps } = garminSleepsPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof sleeps>();
@@ -1701,7 +1480,7 @@ export const processUserMetricsPushPayload = internalAction({
       garminUserMetricsPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof userMetrics>();
@@ -1793,7 +1572,7 @@ export const processMenstrualCycleTrackingPushPayload = internalAction({
       garminMenstrualCycleTrackingPushPayloadSchema.parse(args.payload);
 
     const items: Array<{ connectionId: string; userId: string; data: Record<string, unknown> }> = [];
-    const errors: Array<{ type: string; id: string; message: string }> = [];
+    const errors: SomaError[] = [];
 
     // Group items by Garmin userId
     const byUser = new Map<string, typeof mct>();