@nativesquare/soma 0.6.0 → 0.7.1

package/dist/garmin/auth.js

@@ -1,155 +1,115 @@
-// ─── Garmin OAuth 1.0a Helpers ───────────────────────────────────────────────
-// Pure helper functions for the Garmin OAuth 1.0a three-legged flow.
-// Uses the Web Crypto API for HMAC-SHA1 signing and global `fetch`.
-const OAUTH_BASE_URL = "https://connectapi.garmin.com";
-const AUTH_CONFIRM_URL = "https://connect.garmin.com/oauthConfirm";
-// ─── OAuth 1.0a Signature ───────────────────────────────────────────────────
+// ─── Garmin OAuth 2.0 PKCE Helpers ──────────────────────────────────────────
+// Pure helper functions for the Garmin OAuth 2.0 PKCE flow.
+// Uses the Web Crypto API for SHA-256 challenge generation and global `fetch`.
+const AUTH_URL = "https://connect.garmin.com/oauth2Confirm";
+const TOKEN_URL = "https://diauth.garmin.com/di-oauth2-service/oauth/token";
+// ─── PKCE Helpers ───────────────────────────────────────────────────────────
+const PKCE_CHARSET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
 /**
- * Generate a random nonce for OAuth 1.0a requests.
+ * Generate a cryptographically random code verifier for PKCE.
+ * Returns a 64-character string from the unreserved character set.
  */
-export function generateNonce() {
-    const bytes = new Uint8Array(16);
+export function generateCodeVerifier(length = 64) {
+    const bytes = new Uint8Array(length);
     crypto.getRandomValues(bytes);
-    return Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("");
-}
-/**
- * Get the current Unix timestamp in seconds.
- */
-export function getTimestamp() {
-    return String(Math.floor(Date.now() / 1000));
+    return Array.from(bytes, (b) => PKCE_CHARSET[b % PKCE_CHARSET.length]).join("");
 }
 /**
- * Percent-encode a string per RFC 3986 (used by OAuth 1.0a).
- * Unlike encodeURIComponent, this also encodes `!`, `*`, `'`, `(`, `)`.
+ * Generate a random state parameter for CSRF protection.
  */
-export function percentEncode(str) {
-    return encodeURIComponent(str).replace(/[!'()*]/g, (c) => `%${c.charCodeAt(0).toString(16).toUpperCase()}`);
+export function generateState() {
+    const bytes = new Uint8Array(32);
+    crypto.getRandomValues(bytes);
+    return Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("");
 }
 /**
- * Build the OAuth 1.0a signature base string and compute the HMAC-SHA1 signature.
- *
- * @param method - HTTP method (e.g., "POST", "GET")
- * @param url - The base URL (without query string)
- * @param params - All OAuth + request parameters sorted alphabetically
- * @param consumerSecret - The application's consumer secret
- * @param tokenSecret - The token secret (empty string for request token step)
+ * Compute the S256 code challenge from a code verifier.
+ * Returns `base64url(sha256(verifier))`.
  */
-export async function buildOAuthSignature(method, url, params, consumerSecret, tokenSecret = "") {
-    const sortedKeys = Object.keys(params).sort();
-    const paramString = sortedKeys
-        .map((key) => `${percentEncode(key)}=${percentEncode(params[key])}`)
-        .join("&");
-    const signatureBaseString = [
-        method.toUpperCase(),
-        percentEncode(url),
-        percentEncode(paramString),
-    ].join("&");
-    const signingKey = `${percentEncode(consumerSecret)}&${percentEncode(tokenSecret)}`;
+export async function generateCodeChallenge(verifier) {
     const encoder = new TextEncoder();
-    const key = await crypto.subtle.importKey("raw", encoder.encode(signingKey), { name: "HMAC", hash: "SHA-1" }, false, ["sign"]);
-    const signature = await crypto.subtle.sign("HMAC", key, encoder.encode(signatureBaseString));
-    return btoa(String.fromCharCode(...new Uint8Array(signature)));
+    const digest = await crypto.subtle.digest("SHA-256", encoder.encode(verifier));
+    const base64 = btoa(String.fromCharCode(...new Uint8Array(digest)));
+    return base64.replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
 }
 /**
- * Build the `Authorization: OAuth ...` header value from OAuth parameters.
+ * Build the Garmin OAuth 2.0 authorization URL.
+ *
+ * Redirect the user to this URL to begin the OAuth flow. After the user
+ * grants access, Garmin will redirect back to `redirectUri` with `code`
+ * and `state` query parameters.
  */
-export function buildOAuthHeader(params) {
-    const entries = Object.entries(params)
-        .map(([key, value]) => `${percentEncode(key)}="${percentEncode(value)}"`)
-        .join(", ");
-    return `OAuth ${entries}`;
+export function buildAuthUrl(opts) {
+    const params = new URLSearchParams({
+        client_id: opts.clientId,
+        response_type: "code",
+        code_challenge: opts.codeChallenge,
+        code_challenge_method: "S256",
+    });
+    if (opts.redirectUri) {
+        params.set("redirect_uri", opts.redirectUri);
+    }
+    if (opts.state) {
+        params.set("state", opts.state);
+    }
+    return `${AUTH_URL}?${params.toString()}`;
 }
 /**
- * Obtain an unauthorized request token from Garmin.
+ * Exchange an authorization code for access and refresh tokens.
  *
- * This is Step 1 of the OAuth 1.0a three-legged flow:
- * 1. Your server calls this function to get a temporary request token
- * 2. Redirect the user to the returned `authUrl`
- * 3. After the user authorizes, exchange the verifier for an access token
+ * Call this from your OAuth callback endpoint after receiving the `code`
+ * query parameter from Garmin.
  *
- * @returns The request token, token secret, and the authorization URL
+ * @returns The token response including `access_token`, `refresh_token`,
+ *          `expires_in`, and `refresh_token_expires_in`.
  */
-export async function getRequestToken(opts) {
-    const url = `${OAUTH_BASE_URL}/oauth-service/oauth/request_token`;
-    const nonce = generateNonce();
-    const timestamp = getTimestamp();
-    const oauthParams = {
-        oauth_consumer_key: opts.consumerKey,
-        oauth_nonce: nonce,
-        oauth_signature_method: "HMAC-SHA1",
-        oauth_timestamp: timestamp,
-        oauth_version: "1.0",
-    };
-    if (opts.callbackUrl) {
-        oauthParams.oauth_callback = opts.callbackUrl;
+export async function exchangeCode(opts) {
+    const body = new URLSearchParams({
+        grant_type: "authorization_code",
+        client_id: opts.clientId,
+        client_secret: opts.clientSecret,
+        code: opts.code,
+        code_verifier: opts.codeVerifier,
+    });
+    if (opts.redirectUri) {
+        body.set("redirect_uri", opts.redirectUri);
     }
-    const signature = await buildOAuthSignature("POST", url, oauthParams, opts.consumerSecret);
-    oauthParams.oauth_signature = signature;
-    const response = await fetch(url, {
+    const response = await fetch(TOKEN_URL, {
         method: "POST",
-        headers: {
-            Authorization: buildOAuthHeader(oauthParams),
-        },
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body: body.toString(),
     });
     if (!response.ok) {
-        const body = await response.text().catch(() => "");
-        throw new Error(`Garmin OAuth error (getRequestToken): ${response.status} ${response.statusText} — ${body}`);
+        const text = await response.text().catch(() => "");
+        throw new Error(`Garmin OAuth error (exchangeCode): ${response.status} ${response.statusText} — ${text}`);
     }
-    const responseText = await response.text();
-    const parsed = new URLSearchParams(responseText);
-    const oauthToken = parsed.get("oauth_token");
-    const oauthTokenSecret = parsed.get("oauth_token_secret");
-    if (!oauthToken || !oauthTokenSecret) {
-        throw new Error(`Garmin OAuth error: unexpected response format — ${responseText}`);
-    }
-    const authUrl = opts.callbackUrl
-        ? `${AUTH_CONFIRM_URL}?oauth_token=${encodeURIComponent(oauthToken)}&oauth_callback=${encodeURIComponent(opts.callbackUrl)}`
-        : `${AUTH_CONFIRM_URL}?oauth_token=${encodeURIComponent(oauthToken)}`;
-    return {
-        oauthToken,
-        oauthTokenSecret,
-        authUrl,
-    };
+    return (await response.json());
 }
 /**
- * Exchange a request token + verifier for a permanent access token.
+ * Refresh an expired access token using a refresh token.
+ *
+ * Garmin access tokens expire after ~24 hours. Call this when the token
+ * is near expiry to obtain a fresh access token. A new refresh token
+ * is returned each time.
  *
- * This is Step 3 of the OAuth 1.0a three-legged flow.
- * The returned access token and secret are permanent — Garmin tokens
- * do not expire and there is no refresh flow.
+ * @returns A new token response with fresh `access_token` and `refresh_token`.
  */
-export async function getAccessToken(opts) {
-    const url = `${OAUTH_BASE_URL}/oauth-service/oauth/access_token`;
-    const nonce = generateNonce();
-    const timestamp = getTimestamp();
-    const oauthParams = {
-        oauth_consumer_key: opts.consumerKey,
-        oauth_nonce: nonce,
-        oauth_signature_method: "HMAC-SHA1",
-        oauth_timestamp: timestamp,
-        oauth_token: opts.token,
-        oauth_verifier: opts.verifier,
-        oauth_version: "1.0",
-    };
-    const signature = await buildOAuthSignature("POST", url, oauthParams, opts.consumerSecret, opts.tokenSecret);
-    oauthParams.oauth_signature = signature;
-    const response = await fetch(url, {
+export async function refreshToken(opts) {
+    const body = new URLSearchParams({
+        grant_type: "refresh_token",
+        client_id: opts.clientId,
+        client_secret: opts.clientSecret,
+        refresh_token: opts.refreshToken,
+    });
+    const response = await fetch(TOKEN_URL, {
         method: "POST",
-        headers: {
-            Authorization: buildOAuthHeader(oauthParams),
-        },
+        headers: { "Content-Type": "application/x-www-form-urlencoded" },
+        body: body.toString(),
     });
     if (!response.ok) {
-        const body = await response.text().catch(() => "");
-        throw new Error(`Garmin OAuth error (getAccessToken): ${response.status} ${response.statusText} — ${body}`);
-    }
-    const responseText = await response.text();
-    const parsed = new URLSearchParams(responseText);
-    const oauthToken = parsed.get("oauth_token");
-    const oauthTokenSecret = parsed.get("oauth_token_secret");
-    if (!oauthToken || !oauthTokenSecret) {
-        throw new Error(`Garmin OAuth error: unexpected access token response — ${responseText}`);
+        const text = await response.text().catch(() => "");
+        throw new Error(`Garmin OAuth error (refreshToken): ${response.status} ${response.statusText} — ${text}`);
     }
-    return { oauthToken, oauthTokenSecret };
+    return (await response.json());
 }
 //# sourceMappingURL=auth.js.map

package/dist/garmin/auth.js.map

@@ -1 +1 @@
-{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/garmin/auth.ts"],"names":[],"mappings":"AAAA,gFAAgF;AAChF,qEAAqE;AACrE,oEAAoE;AAOpE,MAAM,cAAc,GAAG,+BAA+B,CAAC;AACvD,MAAM,gBAAgB,GAAG,yCAAyC,CAAC;AAEnE,+EAA+E;AAE/E;;GAEG;AACH,MAAM,UAAU,aAAa;IAC3B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC9B,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC5E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY;IAC1B,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC;AAC/C,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,GAAW;IACvC,OAAO,kBAAkB,CAAC,GAAG,CAAC,CAAC,OAAO,CACpC,UAAU,EACV,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,WAAW,EAAE,EAAE,CACxD,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,MAAc,EACd,GAAW,EACX,MAA8B,EAC9B,cAAsB,EACtB,cAAsB,EAAE;IAExB,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;IAC9C,MAAM,WAAW,GAAG,UAAU;SAC3B,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,aAAa,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;SACnE,IAAI,CAAC,GAAG,CAAC,CAAC;IAEb,MAAM,mBAAmB,GAAG;QAC1B,MAAM,CAAC,WAAW,EAAE;QACpB,aAAa,CAAC,GAAG,CAAC;QAClB,aAAa,CAAC,WAAW,CAAC;KAC3B,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAEZ,MAAM,UAAU,GAAG,GAAG,aAAa,CAAC,cAAc,CAAC,IAAI,aAAa,CAAC,WAAW,CAAC,EAAE,CAAC;IACpF,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CACvC,KAAK,EACL,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,EAC1B,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,EAC/B,KAAK,EACL,CAAC,MAAM,CAAC,CACT,CAAC;IACF,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CACxC,MAAM,EACN,GAAG,EACH,OAAO,CAAC,MAAM,CAAC,mBAAmB,CAAC,CACpC,CAAC;IACF,OAAO,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;AACjE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAA8B;IAC7D,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC;SACnC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,KAAK,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC;SACxE,IAAI,CAAC,IAAI,CAAC,CAAC;IACd,OAAO,SAAS,OAAO,EAAE,CAAC;AAC5B,CAAC;AAUD;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,IAA4B;IAE5B,MAAM,GAAG,GAAG,GAAG,cAAc,oCAAoC,CAAC;IAClE,MAAM,KAAK,GAAG,aAAa,EAAE,CAAC;IAC9B,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;IAEjC,MAAM,WAAW,GAA2B;QAC1C,kBAAkB,EAAE,IAAI,CAAC,WAAW;QACpC,WAAW,EAAE,KAAK;QAClB,sBAAsB,EAAE,WAAW;QACnC,eAAe,EAAE,SAAS;QAC1B,aAAa,EAAE,KAAK;KACrB,CAAC;IAEF,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,WAAW,CAAC,cAAc,GAAG,IAAI,CAAC,WAAW,CAAC;IAChD,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,mBAAmB,CACzC,MAAM,EACN,GAAG,EACH,WAAW,EACX,IAAI,CAAC,cAAc,CACpB,CAAC;IACF,WAAW,CAAC,eAAe,GAAG,SAAS,CAAC;IAExC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAChC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,gBAAgB,CAAC,WAAW,CAAC;SAC7C;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;QACnD,MAAM,IAAI,KAAK,CACb,yCAAyC,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,MAAM,IAAI,EAAE,CAC5F,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC3C,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,CAAC;IACjD,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC7C,MAAM,gBAAgB,GAAG,MAAM,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAE1D,IAAI,CAAC,UAAU,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CACb,oDAAoD,YAAY,EAAE,CACnE,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW;QAC9B,CAAC,CAAC,GAAG,gBAAgB,gBAAgB,kBAAkB,CAAC,UAAU,CAAC,mBAAmB,kBAAkB,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE;QAC5H,CAAC,CAAC,GAAG,gBAAgB,gBAAgB,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC;IAExE,OAAO;QACL,UAAU;QACV,gBAAgB;QAChB,OAAO;KACR,CAAC;AACJ,CAAC;AAeD;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,IAA2B;IAE3B,MAAM,GAAG,GAAG,GAAG,cAAc,mCAAmC,CAAC;IACjE,MAAM,KAAK,GAAG,aAAa,EAAE,CAAC;IAC9B,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;IAEjC,MAAM,WAAW,GAA2B;QAC1C,kBAAkB,EAAE,IAAI,CAAC,WAAW;QACpC,WAAW,EAAE,KAAK;QAClB,sBAAsB,EAAE,WAAW;QACnC,eAAe,EAAE,SAAS;QAC1B,WAAW,EAAE,IAAI,CAAC,KAAK;QACvB,cAAc,EAAE,IAAI,CAAC,QAAQ;QAC7B,aAAa,EAAE,KAAK;KACrB,CAAC;IAEF,MAAM,SAAS,GAAG,MAAM,mBAAmB,CACzC,MAAM,EACN,GAAG,EACH,WAAW,EACX,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,WAAW,CACjB,CAAC;IACF,WAAW,CAAC,eAAe,GAAG,SAAS,CAAC;IAExC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAChC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,gBAAgB,CAAC,WAAW,CAAC;SAC7C;KACF,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;QACnD,MAAM,IAAI,KAAK,CACb,wCAAwC,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,MAAM,IAAI,EAAE,CAC3F,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC3C,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,CAAC;IACjD,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC7C,MAAM,gBAAgB,GAAG,MAAM,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAE1D,IAAI,CAAC,UAAU,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CACb,0DAA0D,YAAY,EAAE,CACzE,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,CAAC;AAC1C,CAAC"}
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/garmin/auth.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,4DAA4D;AAC5D,+EAA+E;AAI/E,MAAM,QAAQ,GAAG,0CAA0C,CAAC;AAC5D,MAAM,SAAS,GACb,yDAAyD,CAAC;AAE5D,+EAA+E;AAE/E,MAAM,YAAY,GAChB,oEAAoE,CAAC;AAEvE;;;GAGG;AACH,MAAM,UAAU,oBAAoB,CAAC,MAAM,GAAG,EAAE;IAC9C,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;IACrC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC9B,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CACzE,EAAE,CACH,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa;IAC3B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC9B,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC5E,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CAAC,QAAgB;IAC1D,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC/E,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IACpE,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AAC3E,CAAC;AAeD;;;;;;GAMG;AACH,MAAM,UAAU,YAAY,CAAC,IAAyB;IACpD,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;QACjC,SAAS,EAAE,IAAI,CAAC,QAAQ;QACxB,aAAa,EAAE,MAAM;QACrB,cAAc,EAAE,IAAI,CAAC,aAAa;QAClC,qBAAqB,EAAE,MAAM;KAC9B,CAAC,CAAC;IAEH,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,MAAM,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;IAC/C,CAAC;IACD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;IAClC,CAAC;IAED,OAAO,GAAG,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;AAC5C,CAAC;AAiBD;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,IAAyB;IAEzB,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;QAC/B,UAAU,EAAE,oBAAoB;QAChC,SAAS,EAAE,IAAI,CAAC,QAAQ;QACxB,aAAa,EAAE,IAAI,CAAC,YAAY;QAChC,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,aAAa,EAAE,IAAI,CAAC,YAAY;KACjC,CAAC,CAAC;IAEH,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,IAAI,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;IAC7C,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;QACtC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;KACtB,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;QACnD,MAAM,IAAI,KAAK,CACb,sCAAsC,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,MAAM,IAAI,EAAE,CACzF,CAAC;IACJ,CAAC;IAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA8B,CAAC;AAC9D,CAAC;AAaD;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,IAAyB;IAEzB,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;QAC/B,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,IAAI,CAAC,QAAQ;QACxB,aAAa,EAAE,IAAI,CAAC,YAAY;QAChC,aAAa,EAAE,IAAI,CAAC,YAAY;KACjC,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;QACtC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;KACtB,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;QACnD,MAAM,IAAI,KAAK,CACb,sCAAsC,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,MAAM,IAAI,EAAE,CACzF,CAAC;IACJ,CAAC;IAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA8B,CAAC;AAC9D,CAAC"}

package/dist/garmin/client.d.ts

@@ -1,33 +1,24 @@
-import type { GarminActivity, GarminDailySummary, GarminSleep, GarminBodyComposition, GarminMenstrualCycleData } from "./types.js";
+import type { GarminActivity, GarminDailySummary, GarminSleep, GarminBodyComposition, GarminMenstrualCycleData, GarminWorkout, GarminWorkoutSchedule } from "./types.js";
 export interface GarminClientOptions {
-    /** Your application's consumer key (from Garmin Developer Portal). */
-    consumerKey: string;
-    /** Your application's consumer secret. */
-    consumerSecret: string;
-    /** The user's permanent OAuth access token. */
+    /** The user's OAuth 2.0 access token. */
     accessToken: string;
-    /** The user's permanent OAuth token secret. */
-    tokenSecret: string;
     /**
      * Base URL of the Garmin Health API.
-     * Defaults to `https://apis.garmin.com`.
+     * @default "https://apis.garmin.com"
      */
     baseUrl?: string;
 }
 /**
  * A lightweight client for the Garmin Health API.
  *
- * All requests are signed with OAuth 1.0a. Time-range parameters
+ * All requests are authenticated with a Bearer token. Time-range parameters
  * use Unix epoch seconds for `uploadStartTimeInSeconds` and
  * `uploadEndTimeInSeconds`.
  *
  * @example
  * ```ts
  * const client = new GarminClient({
- *   consumerKey: "your_key",
- *   consumerSecret: "your_secret",
- *   accessToken: "user_token",
- *   tokenSecret: "user_secret",
+ *   accessToken: "user_access_token",
  * });
  *
  * const dailies = await client.getDailies({
@@ -37,10 +28,7 @@ export interface GarminClientOptions {
  * ```
  */
 export declare class GarminClient {
-    private readonly consumerKey;
-    private readonly consumerSecret;
     private readonly accessToken;
-    private readonly tokenSecret;
     private readonly baseUrl;
     constructor(opts: GarminClientOptions);
     /**
@@ -83,7 +71,66 @@ export declare class GarminClient {
      * @param params - Time range for the backfill
      */
     requestBackfill(summaryType: string, params: TimeRangeParams): Promise<void>;
+    /**
+     * Check which permissions the user has granted.
+     *
+     * Garmin API: `GET /userPermissions/`
+     */
+    getUserPermissions(): Promise<string[]>;
+    /**
+     * Create a workout in Garmin Connect.
+     *
+     * Garmin API: `POST /workoutportal/workout/v2`
+     * Note: uses a different base path than other Training API endpoints.
+     */
+    createWorkout(workout: GarminWorkout): Promise<GarminWorkout>;
+    /**
+     * Retrieve a workout by ID.
+     *
+     * Garmin API: `GET /training-api/workout/v2/{workoutId}`
+     */
+    getWorkout(workoutId: number): Promise<GarminWorkout>;
+    /**
+     * Update a workout by ID.
+     *
+     * Garmin API: `PUT /training-api/workout/v2/{workoutId}`
+     */
+    updateWorkout(workoutId: number, workout: GarminWorkout): Promise<GarminWorkout>;
+    /**
+     * Delete a workout by ID.
+     *
+     * Garmin API: `DELETE /training-api/workout/v2/{workoutId}`
+     */
+    deleteWorkout(workoutId: number): Promise<void>;
+    /**
+     * Schedule a workout to a specific date on the user's calendar.
+     *
+     * Garmin API: `POST /training-api/schedule/`
+     */
+    createSchedule(workoutId: number, date: string): Promise<GarminWorkoutSchedule>;
+    /**
+     * Retrieve workout schedules for a date range.
+     *
+     * Garmin API: `GET /training-api/schedule?startDate=...&endDate=...`
+     */
+    getSchedulesByDate(startDate: string, endDate: string): Promise<GarminWorkoutSchedule[]>;
+    /**
+     * Delete a workout schedule by ID.
+     *
+     * Garmin API: `DELETE /training-api/schedule/{scheduleId}`
+     */
+    deleteSchedule(scheduleId: number): Promise<void>;
+    /**
+     * Delete the user's registration with Garmin.
+     *
+     * Must be called when the user disconnects or deletes their account
+     * to comply with Garmin's API requirements.
+     */
+    deleteUserRegistration(): Promise<void>;
     private get;
+    private post;
+    private put;
+    private del;
 }
 export interface TimeRangeParams {
     /** Start of the time range as Unix epoch seconds. */

package/dist/garmin/client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/garmin/client.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EACV,cAAc,EACd,kBAAkB,EAClB,WAAW,EACX,qBAAqB,EACrB,wBAAwB,EACzB,MAAM,YAAY,CAAC;AAUpB,MAAM,WAAW,mBAAmB;IAClC,sEAAsE;IACtE,WAAW,EAAE,MAAM,CAAC;IACpB,0CAA0C;IAC1C,cAAc,EAAE,MAAM,CAAC;IACvB,+CAA+C;IAC/C,WAAW,EAAE,MAAM,CAAC;IACpB,+CAA+C;IAC/C,WAAW,EAAE,MAAM,CAAC;IACpB;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAS;IACxC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAErB,IAAI,EAAE,mBAAmB;IAUrC;;;;OAIG;IACG,UAAU,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,kBAAkB,EAAE,CAAC;IASxE;;;;OAIG;IACG,aAAa,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;IASvE;;;;OAIG;IACG,SAAS,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAShE;;;;OAIG;IACG,mBAAmB,CACvB,MAAM,EAAE,eAAe,GACtB,OAAO,CAAC,qBAAqB,EAAE,CAAC;IASnC;;;;OAIG;IACG,qBAAqB,CACzB,MAAM,EAAE,eAAe,GACtB,OAAO,CAAC,wBAAwB,EAAE,CAAC;IAStC;;;;;;;;OAQG;IACG,eAAe,CACnB,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,eAAe,GACtB,OAAO,CAAC,IAAI,CAAC;YAUF,GAAG;CAoDlB;AAID,MAAM,WAAW,eAAe;IAC9B,qDAAqD;IACrD,wBAAwB,EAAE,MAAM,CAAC;IACjC,mDAAmD;IACnD,sBAAsB,EAAE,MAAM,CAAC;CAChC;AAWD,qBAAa,cAAe,SAAQ,KAAK;aAGrB,MAAM,EAAE,MAAM;aACd,IAAI,EAAE,MAAM;gBAF5B,OAAO,EAAE,MAAM,EACC,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM;CAK/B"}
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/garmin/client.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EACV,cAAc,EACd,kBAAkB,EAClB,WAAW,EACX,qBAAqB,EACrB,wBAAwB,EACxB,aAAa,EACb,qBAAqB,EACtB,MAAM,YAAY,CAAC;AAIpB,MAAM,WAAW,mBAAmB;IAClC,yCAAyC;IACzC,WAAW,EAAE,MAAM,CAAC;IACpB;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAErB,IAAI,EAAE,mBAAmB;IAOrC;;;;OAIG;IACG,UAAU,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,kBAAkB,EAAE,CAAC;IASxE;;;;OAIG;IACG,aAAa,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;IASvE;;;;OAIG;IACG,SAAS,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAShE;;;;OAIG;IACG,mBAAmB,CACvB,MAAM,EAAE,eAAe,GACtB,OAAO,CAAC,qBAAqB,EAAE,CAAC;IASnC;;;;OAIG;IACG,qBAAqB,CACzB,MAAM,EAAE,eAAe,GACtB,OAAO,CAAC,wBAAwB,EAAE,CAAC;IAStC;;;;;;;;OAQG;IACG,eAAe,CACnB,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,eAAe,GACtB,OAAO,CAAC,IAAI,CAAC;IAUhB;;;;OAIG;IACG,kBAAkB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAI7C;;;;;OAKG;IACG,aAAa,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;IAInE;;;;OAIG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAM3D;;;;OAIG;IACG,aAAa,CACjB,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,aAAa,GACrB,OAAO,CAAC,aAAa,CAAC;IAOzB;;;;OAIG;IACG,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIrD;;;;OAIG;IACG,cAAc,CAClB,SAAS,EAAE,MAAM,EACjB,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,qBAAqB,CAAC;IAOjC;;;;OAIG;IACG,kBAAkB,CACtB,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,qBAAqB,EAAE,CAAC;IAOnC;;;;OAIG;IACG,cAAc,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAMvD;;;;;OAKG;IACG,sBAAsB,IAAI,OAAO,CAAC,IAAI,CAAC;YAqB/B,GAAG;YA8BH,IAAI;YA+BJ,GAAG;YAwBH,GAAG;CAkBlB;AAID,MAAM,WAAW,eAAe;IAC9B,qDAAqD;IACrD,wBAAwB,EAAE,MAAM,CAAC;IACjC,mDAAmD;IACnD,sBAAsB,EAAE,MAAM,CAAC;CAChC;AAWD,qBAAa,cAAe,SAAQ,KAAK;aAGrB,MAAM,EAAE,MAAM;aACd,IAAI,EAAE,MAAM;gBAF5B,OAAO,EAAE,MAAM,EACC,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM;CAK/B"}

package/dist/garmin/client.js

@@ -1,23 +1,18 @@
 // ─── Garmin Health API Client ────────────────────────────────────────────────
 // Lightweight, fetch-based client for the Garmin Health API.
-// Every request is signed with OAuth 1.0a using the consumer and user tokens.
-// Uses the Web Crypto API for HMAC-SHA1 signing and global `fetch`.
-import { generateNonce, getTimestamp, buildOAuthSignature, buildOAuthHeader, } from "./auth.js";
+// Authenticates requests with an OAuth 2.0 Bearer token.
 const DEFAULT_BASE_URL = "https://apis.garmin.com";
 /**
  * A lightweight client for the Garmin Health API.
  *
- * All requests are signed with OAuth 1.0a. Time-range parameters
+ * All requests are authenticated with a Bearer token. Time-range parameters
  * use Unix epoch seconds for `uploadStartTimeInSeconds` and
  * `uploadEndTimeInSeconds`.
  *
  * @example
  * ```ts
  * const client = new GarminClient({
- *   consumerKey: "your_key",
- *   consumerSecret: "your_secret",
- *   accessToken: "user_token",
- *   tokenSecret: "user_secret",
+ *   accessToken: "user_access_token",
  * });
  *
  * const dailies = await client.getDailies({
@@ -27,16 +22,10 @@ const DEFAULT_BASE_URL = "https://apis.garmin.com";
  * ```
  */
 export class GarminClient {
-    consumerKey;
-    consumerSecret;
     accessToken;
-    tokenSecret;
     baseUrl;
     constructor(opts) {
-        this.consumerKey = opts.consumerKey;
-        this.consumerSecret = opts.consumerSecret;
         this.accessToken = opts.accessToken;
-        this.tokenSecret = opts.tokenSecret;
         this.baseUrl = (opts.baseUrl ?? DEFAULT_BASE_URL).replace(/\/+$/, "");
     }
     // ─── Daily Summaries ────────────────────────────────────────────────────
@@ -98,6 +87,98 @@ export class GarminClient {
         const query = timeRangeQuery(params);
         await this.get(`/wellness-api/rest/backfill/${summaryType}`, query);
     }
+    // ─── Training API V2 ────────────────────────────────────────────────
+    /**
+     * Check which permissions the user has granted.
+     *
+     * Garmin API: `GET /userPermissions/`
+     */
+    async getUserPermissions() {
+        return this.get("/userPermissions/");
+    }
+    /**
+     * Create a workout in Garmin Connect.
+     *
+     * Garmin API: `POST /workoutportal/workout/v2`
+     * Note: uses a different base path than other Training API endpoints.
+     */
+    async createWorkout(workout) {
+        return this.post("/workoutportal/workout/v2", workout);
+    }
+    /**
+     * Retrieve a workout by ID.
+     *
+     * Garmin API: `GET /training-api/workout/v2/{workoutId}`
+     */
+    async getWorkout(workoutId) {
+        return this.get(`/training-api/workout/v2/${workoutId}`);
+    }
+    /**
+     * Update a workout by ID.
+     *
+     * Garmin API: `PUT /training-api/workout/v2/{workoutId}`
+     */
+    async updateWorkout(workoutId, workout) {
+        return this.put(`/training-api/workout/v2/${workoutId}`, workout);
+    }
+    /**
+     * Delete a workout by ID.
+     *
+     * Garmin API: `DELETE /training-api/workout/v2/{workoutId}`
+     */
+    async deleteWorkout(workoutId) {
+        await this.del(`/training-api/workout/v2/${workoutId}`);
+    }
+    /**
+     * Schedule a workout to a specific date on the user's calendar.
+     *
+     * Garmin API: `POST /training-api/schedule/`
+     */
+    async createSchedule(workoutId, date) {
+        return this.post("/training-api/schedule/", {
+            workoutId,
+            date,
+        });
+    }
+    /**
+     * Retrieve workout schedules for a date range.
+     *
+     * Garmin API: `GET /training-api/schedule?startDate=...&endDate=...`
+     */
+    async getSchedulesByDate(startDate, endDate) {
+        return this.get("/training-api/schedule", {
+            startDate,
+            endDate,
+        });
+    }
+    /**
+     * Delete a workout schedule by ID.
+     *
+     * Garmin API: `DELETE /training-api/schedule/{scheduleId}`
+     */
+    async deleteSchedule(scheduleId) {
+        await this.del(`/training-api/schedule/${scheduleId}`);
+    }
+    // ─── User Deregistration ──────────────────────────────────────────────
+    /**
+     * Delete the user's registration with Garmin.
+     *
+     * Must be called when the user disconnects or deletes their account
+     * to comply with Garmin's API requirements.
+     */
+    async deleteUserRegistration() {
+        const url = `${this.baseUrl}/wellness-api/rest/user/registration`;
+        const response = await fetch(url, {
+            method: "DELETE",
+            headers: {
+                Authorization: `Bearer ${this.accessToken}`,
+            },
+        });
+        if (!response.ok) {
+            const body = await response.text().catch(() => "");
+            throw new GarminApiError(`Garmin API error: ${response.status} ${response.statusText}`, response.status, body);
+        }
+    }
     // ─── Internal ─────────────────────────────────────────────────────────
     async get(path, queryParams) {
         const fullUrl = `${this.baseUrl}${path}`;
@@ -105,24 +186,10 @@ export class GarminClient {
             ? `?${new URLSearchParams(queryParams).toString()}`
             : "";
         const requestUrl = `${fullUrl}${qs}`;
-        const nonce = generateNonce();
-        const timestamp = getTimestamp();
-        const oauthParams = {
-            oauth_consumer_key: this.consumerKey,
-            oauth_nonce: nonce,
-            oauth_signature_method: "HMAC-SHA1",
-            oauth_timestamp: timestamp,
-            oauth_token: this.accessToken,
-            oauth_version: "1.0",
-        };
-        // OAuth signature must include both OAuth params and query params
-        const allParams = { ...oauthParams, ...(queryParams ?? {}) };
-        const signature = await buildOAuthSignature("GET", fullUrl, allParams, this.consumerSecret, this.tokenSecret);
-        oauthParams.oauth_signature = signature;
         const response = await fetch(requestUrl, {
             method: "GET",
             headers: {
-                Authorization: buildOAuthHeader(oauthParams),
+                Authorization: `Bearer ${this.accessToken}`,
                 Accept: "application/json",
             },
         });
@@ -132,6 +199,58 @@ export class GarminClient {
         }
         return (await response.json());
     }
+    async post(path, body) {
+        const url = `${this.baseUrl}${path}`;
+        const response = await fetch(url, {
+            method: "POST",
+            headers: {
+                Authorization: `Bearer ${this.accessToken}`,
+                "Content-Type": "application/json",
+                Accept: "application/json",
+            },
+            body: JSON.stringify(body),
+        });
+        if (!response.ok) {
+            const text = await response.text().catch(() => "");
+            const isTrainingApi = path.includes("/workoutportal/") || path.includes("/training-api/");
+            const hint = isTrainingApi && response.status === 401
+                ? " — Ensure the Garmin app is registered for the Training API program " +
+                    "and the user has WORKOUT_IMPORT permission."
+                : "";
+            throw new GarminApiError(`Garmin API error: ${response.status} ${response.statusText}${hint}`, response.status, text);
+        }
+        return (await response.json());
+    }
+    async put(path, body) {
+        const url = `${this.baseUrl}${path}`;
+        const response = await fetch(url, {
+            method: "PUT",
+            headers: {
+                Authorization: `Bearer ${this.accessToken}`,
+                "Content-Type": "application/json",
+                Accept: "application/json",
+            },
+            body: JSON.stringify(body),
+        });
+        if (!response.ok) {
+            const text = await response.text().catch(() => "");
+            throw new GarminApiError(`Garmin API error: ${response.status} ${response.statusText}`, response.status, text);
+        }
+        return (await response.json());
+    }
+    async del(path) {
+        const url = `${this.baseUrl}${path}`;
+        const response = await fetch(url, {
+            method: "DELETE",
+            headers: {
+                Authorization: `Bearer ${this.accessToken}`,
+            },
+        });
+        if (!response.ok) {
+            const text = await response.text().catch(() => "");
+            throw new GarminApiError(`Garmin API error: ${response.status} ${response.statusText}`, response.status, text);
+        }
+    }
 }
 function timeRangeQuery(params) {
     return {

package/dist/garmin/client.js.map

@@ -1 +1 @@
-{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/garmin/client.ts"],"names":[],"mappings":"AAAA,gFAAgF;AAChF,6DAA6D;AAC7D,8EAA8E;AAC9E,oEAAoE;AASpE,OAAO,EACL,aAAa,EACb,YAAY,EACZ,mBAAmB,EACnB,gBAAgB,GACjB,MAAM,WAAW,CAAC;AAEnB,MAAM,gBAAgB,GAAG,yBAAyB,CAAC;AAkBnD;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,OAAO,YAAY;IACN,WAAW,CAAS;IACpB,cAAc,CAAS;IACvB,WAAW,CAAS;IACpB,WAAW,CAAS;IACpB,OAAO,CAAS;IAEjC,YAAY,IAAyB;QACnC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACpC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,cAAc,CAAC;QAC1C,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACpC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACpC,IAAI,CAAC,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,gBAAgB,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,2EAA2E;IAE3E;;;;OAIG;IACH,KAAK,CAAC,UAAU,CAAC,MAAuB;QACtC,OAAO,IAAI,CAAC,GAAG,CACb,4BAA4B,EAC5B,cAAc,CAAC,MAAM,CAAC,CACvB,CAAC;IACJ,CAAC;IAED,2EAA2E;IAE3E;;;;OAIG;IACH,KAAK,CAAC,aAAa,CAAC,MAAuB;QACzC,OAAO,IAAI,CAAC,GAAG,CACb,+BAA+B,EAC/B,cAAc,CAAC,MAAM,CAAC,CACvB,CAAC;IACJ,CAAC;IAED,2EAA2E;IAE3E;;;;OAIG;IACH,KAAK,CAAC,SAAS,CAAC,MAAuB;QACrC,OAAO,IAAI,CAAC,GAAG,CACb,2BAA2B,EAC3B,cAAc,CAAC,MAAM,CAAC,CACvB,CAAC;IACJ,CAAC;IAED,yEAAyE;IAEzE;;;;OAIG;IACH,KAAK,CAAC,mBAAmB,CACvB,MAAuB;QAEvB,OAAO,IAAI,CAAC,GAAG,CACb,8BAA8B,EAC9B,cAAc,CAAC,MAAM,CAAC,CACvB,CAAC;IACJ,CAAC;IAED,yEAAyE;IAEzE;;;;OAIG;IACH,KAAK,CAAC,qBAAqB,CACzB,MAAuB;QAEvB,OAAO,IAAI,CAAC,GAAG,CACb,uCAAuC,EACvC,cAAc,CAAC,MAAM,CAAC,CACvB,CAAC;IACJ,CAAC;IAED,yEAAyE;IAEzE;;;;;;;;OAQG;IACH,KAAK,CAAC,eAAe,CACnB,WAAmB,EACnB,MAAuB;QAEvB,MAAM,KAAK,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;QACrC,MAAM,IAAI,CAAC,GAAG,CACZ,+BAA+B,WAAW,EAAE,EAC5C,KAAK,CACN,CAAC;IACJ,CAAC;IAED,yEAAyE;IAEjE,KAAK,CAAC,GAAG,CACf,IAAY,EACZ,WAAoC;QAEpC,MAAM,OAAO,GAAG,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,EAAE,CAAC;QACzC,MAAM,EAAE,GAAG,WAAW;YACpB,CAAC,CAAC,IAAI,IAAI,eAAe,CAAC,WAAW,CAAC,CAAC,QAAQ,EAAE,EAAE;YACnD,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,UAAU,GAAG,GAAG,OAAO,GAAG,EAAE,EAAE,CAAC;QAErC,MAAM,KAAK,GAAG,aAAa,EAAE,CAAC;QAC9B,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;QAEjC,MAAM,WAAW,GAA2B;YAC1C,kBAAkB,EAAE,IAAI,CAAC,WAAW;YACpC,WAAW,EAAE,KAAK;YAClB,sBAAsB,EAAE,WAAW;YACnC,eAAe,EAAE,SAAS;YAC1B,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,aAAa,EAAE,KAAK;SACrB,CAAC;QAEF,kEAAkE;QAClE,MAAM,SAAS,GAAG,EAAE,GAAG,WAAW,EAAE,GAAG,CAAC,WAAW,IAAI,EAAE,CAAC,EAAE,CAAC;QAC7D,MAAM,SAAS,GAAG,MAAM,mBAAmB,CACzC,KAAK,EACL,OAAO,EACP,SAAS,EACT,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,WAAW,CACjB,CAAC;QACF,WAAW,CAAC,eAAe,GAAG,SAAS,CAAC;QAExC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,UAAU,EAAE;YACvC,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,aAAa,EAAE,gBAAgB,CAAC,WAAW,CAAC;gBAC5C,MAAM,EAAE,kBAAkB;aAC3B;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YACnD,MAAM,IAAI,cAAc,CACtB,qBAAqB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,EAC7D,QAAQ,CAAC,MAAM,EACf,IAAI,CACL,CAAC;QACJ,CAAC;QAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAM,CAAC;IACtC,CAAC;CACF;AAWD,SAAS,cAAc,CAAC,MAAuB;IAC7C,OAAO;QACL,wBAAwB,EAAE,MAAM,CAAC,MAAM,CAAC,wBAAwB,CAAC;QACjE,sBAAsB,EAAE,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC;KAC9D,CAAC;AACJ,CAAC;AAED,iFAAiF;AAEjF,MAAM,OAAO,cAAe,SAAQ,KAAK;IAGrB;IACA;IAHlB,YACE,OAAe,EACC,MAAc,EACd,IAAY;QAE5B,KAAK,CAAC,OAAO,CAAC,CAAC;QAHC,WAAM,GAAN,MAAM,CAAQ;QACd,SAAI,GAAJ,IAAI,CAAQ;QAG5B,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF"}
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/garmin/client.ts"],"names":[],"mappings":"AAAA,gFAAgF;AAChF,6DAA6D;AAC7D,yDAAyD;AAYzD,MAAM,gBAAgB,GAAG,yBAAyB,CAAC;AAYnD;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,OAAO,YAAY;IACN,WAAW,CAAS;IACpB,OAAO,CAAS;IAEjC,YAAY,IAAyB;QACnC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;QACpC,IAAI,CAAC,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,gBAAgB,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,2EAA2E;IAE3E;;;;OAIG;IACH,KAAK,CAAC,UAAU,CAAC,MAAuB;QACtC,OAAO,IAAI,CAAC,GAAG,CACb,4BAA4B,EAC5B,cAAc,CAAC,MAAM,CAAC,CACvB,CAAC;IACJ,CAAC;IAED,2EAA2E;IAE3E;;;;OAIG;IACH,KAAK,CAAC,aAAa,CAAC,MAAuB;QACzC,OAAO,IAAI,CAAC,GAAG,CACb,+BAA+B,EAC/B,cAAc,CAAC,MAAM,CAAC,CACvB,CAAC;IACJ,CAAC;IAED,2EAA2E;IAE3E;;;;OAIG;IACH,KAAK,CAAC,SAAS,CAAC,MAAuB;QACrC,OAAO,IAAI,CAAC,GAAG,CACb,2BAA2B,EAC3B,cAAc,CAAC,MAAM,CAAC,CACvB,CAAC;IACJ,CAAC;IAED,yEAAyE;IAEzE;;;;OAIG;IACH,KAAK,CAAC,mBAAmB,CACvB,MAAuB;QAEvB,OAAO,IAAI,CAAC,GAAG,CACb,8BAA8B,EAC9B,cAAc,CAAC,MAAM,CAAC,CACvB,CAAC;IACJ,CAAC;IAED,yEAAyE;IAEzE;;;;OAIG;IACH,KAAK,CAAC,qBAAqB,CACzB,MAAuB;QAEvB,OAAO,IAAI,CAAC,GAAG,CACb,uCAAuC,EACvC,cAAc,CAAC,MAAM,CAAC,CACvB,CAAC;IACJ,CAAC;IAED,yEAAyE;IAEzE;;;;;;;;OAQG;IACH,KAAK,CAAC,eAAe,CACnB,WAAmB,EACnB,MAAuB;QAEvB,MAAM,KAAK,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;QACrC,MAAM,IAAI,CAAC,GAAG,CACZ,+BAA+B,WAAW,EAAE,EAC5C,KAAK,CACN,CAAC;IACJ,CAAC;IAED,uEAAuE;IAEvE;;;;OAIG;IACH,KAAK,CAAC,kBAAkB;QACtB,OAAO,IAAI,CAAC,GAAG,CAAW,mBAAmB,CAAC,CAAC;IACjD,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CAAC,OAAsB;QACxC,OAAO,IAAI,CAAC,IAAI,CAAgB,2BAA2B,EAAE,OAAO,CAAC,CAAC;IACxE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,UAAU,CAAC,SAAiB;QAChC,OAAO,IAAI,CAAC,GAAG,CACb,4BAA4B,SAAS,EAAE,CACxC,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,aAAa,CACjB,SAAiB,EACjB,OAAsB;QAEtB,OAAO,IAAI,CAAC,GAAG,CACb,4BAA4B,SAAS,EAAE,EACvC,OAAO,CACR,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,aAAa,CAAC,SAAiB;QACnC,MAAM,IAAI,CAAC,GAAG,CAAC,4BAA4B,SAAS,EAAE,CAAC,CAAC;IAC1D,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,cAAc,CAClB,SAAiB,EACjB,IAAY;QAEZ,OAAO,IAAI,CAAC,IAAI,CAAwB,yBAAyB,EAAE;YACjE,SAAS;YACT,IAAI;SACL,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,kBAAkB,CACtB,SAAiB,EACjB,OAAe;QAEf,OAAO,IAAI,CAAC,GAAG,CAA0B,wBAAwB,EAAE;YACjE,SAAS;YACT,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,cAAc,CAAC,UAAkB;QACrC,MAAM,IAAI,CAAC,GAAG,CAAC,0BAA0B,UAAU,EAAE,CAAC,CAAC;IACzD,CAAC;IAED,yEAAyE;IAEzE;;;;;OAKG;IACH,KAAK,CAAC,sBAAsB;QAC1B,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,sCAAsC,CAAC;QAClE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,IAAI,CAAC,WAAW,EAAE;aAC5C;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YACnD,MAAM,IAAI,cAAc,CACtB,qBAAqB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,EAC7D,QAAQ,CAAC,MAAM,EACf,IAAI,CACL,CAAC;QACJ,CAAC;IACH,CAAC;IAED,yEAAyE;IAEjE,KAAK,CAAC,GAAG,CACf,IAAY,EACZ,WAAoC;QAEpC,MAAM,OAAO,GAAG,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,EAAE,CAAC;QACzC,MAAM,EAAE,GAAG,WAAW;YACpB,CAAC,CAAC,IAAI,IAAI,eAAe,CAAC,WAAW,CAAC,CAAC,QAAQ,EAAE,EAAE;YACnD,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,UAAU,GAAG,GAAG,OAAO,GAAG,EAAE,EAAE,CAAC;QAErC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,UAAU,EAAE;YACvC,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,IAAI,CAAC,WAAW,EAAE;gBAC3C,MAAM,EAAE,kBAAkB;aAC3B;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YACnD,MAAM,IAAI,cAAc,CACtB,qBAAqB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,EAC7D,QAAQ,CAAC,MAAM,EACf,IAAI,CACL,CAAC;QACJ,CAAC;QAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAM,CAAC;IACtC,CAAC;IAEO,KAAK,CAAC,IAAI,CAAI,IAAY,EAAE,IAAa;QAC/C,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,IAAI,CAAC,WAAW,EAAE;gBAC3C,cAAc,EAAE,kBAAkB;gBAClC,MAAM,EAAE,kBAAkB;aAC3B;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;SAC3B,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YACnD,MAAM,aAAa,GACjB,IAAI,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;YACtE,MAAM,IAAI,GACR,aAAa,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG;gBACtC,CAAC,CAAC,sEAAsE;oBACtE,6CAA6C;gBAC/C,CAAC,CAAC,EAAE,CAAC;YACT,MAAM,IAAI,cAAc,CACtB,qBAAqB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,GAAG,IAAI,EAAE,EACpE,QAAQ,CAAC,MAAM,EACf,IAAI,CACL,CAAC;QACJ,CAAC;QAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAM,CAAC;IACtC,CAAC;IAEO,KAAK,CAAC,GAAG,CAAI,IAAY,EAAE,IAAa;QAC9C,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,IAAI,CAAC,WAAW,EAAE;gBAC3C,cAAc,EAAE,kBAAkB;gBAClC,MAAM,EAAE,kBAAkB;aAC3B;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;SAC3B,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YACnD,MAAM,IAAI,cAAc,CACtB,qBAAqB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,EAC7D,QAAQ,CAAC,MAAM,EACf,IAAI,CACL,CAAC;QACJ,CAAC;QAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAM,CAAC;IACtC,CAAC;IAEO,KAAK,CAAC,GAAG,CAAC,IAAY;QAC5B,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,GAAG,IAAI,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,QAAQ;YAChB,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,IAAI,CAAC,WAAW,EAAE;aAC5C;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YACnD,MAAM,IAAI,cAAc,CACtB,qBAAqB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,EAC7D,QAAQ,CAAC,MAAM,EACf,IAAI,CACL,CAAC;QACJ,CAAC;IACH,CAAC;CACF;AAWD,SAAS,cAAc,CAAC,MAAuB;IAC7C,OAAO;QACL,wBAAwB,EAAE,MAAM,CAAC,MAAM,CAAC,wBAAwB,CAAC;QACjE,sBAAsB,EAAE,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC;KAC9D,CAAC;AACJ,CAAC;AAED,iFAAiF;AAEjF,MAAM,OAAO,cAAe,SAAQ,KAAK;IAGrB;IACA;IAHlB,YACE,OAAe,EACC,MAAc,EACd,IAAY;QAE5B,KAAK,CAAC,OAAO,CAAC,CAAC;QAHC,WAAM,GAAN,MAAM,CAAQ;QACd,SAAI,GAAJ,IAAI,CAAQ;QAG5B,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF"}