stateCacheKey($state), [ 'user_id' => $request->user()->getKey(), ], now()->addMinutes(10)); return response()->json([ 'authorizationUrl' => $strava->authorizationUrl($state), 'scope' => config('services.strava.scope', 'read,activity:read'), ]); } public function redirectToMobileApp(Request $request): RedirectResponse { $params = collect($request->only(['code', 'error', 'scope', 'state'])) ->filter(fn ($value): bool => $value !== null && $value !== '') ->all(); $query = http_build_query($params, '', '&', PHP_QUERY_RFC3986); $url = 'dailymeal://strava/callback'.($query ? "?{$query}" : ''); return redirect()->away($url); } public function callback(StravaCallbackRequest $request, StravaClient $strava): JsonResponse { $data = $request->validated(); $state = Cache::pull($this->stateCacheKey($data['state'])); if (! is_array($state) || $state['user_id'] !== $request->user()->getKey()) { return response()->json([ 'message' => 'La connexion Strava a expiré. Relance la connexion.', ], 422); } if (isset($data['error'])) { return response()->json([ 'message' => 'Connexion Strava refusée.', ], 422); } $payload = $strava->exchangeCode($data['code']); $scopes = $this->normalizeScopes($payload['scope'] ?? $data['scope'] ?? ''); $connection = $request->user()->stravaConnection()->updateOrCreate([], [ 'athlete_id' => data_get($payload, 'athlete.id'), 'access_token' => $payload['access_token'], 'refresh_token' => $payload['refresh_token'], 'expires_at' => Carbon::createFromTimestamp((int) $payload['expires_at']), 'scopes' => $scopes, 'athlete' => $payload['athlete'] ?? null, ]); return response()->json([ 'data' => [ 'connected' => true, 'athleteId' => $connection->athlete_id, 'scopes' => $connection->scopes, 'expiresAt' => $connection->expires_at, ], ]); } public function status(Request $request): JsonResponse { $connection = $request->user()->stravaConnection; return response()->json([ 'data' => [ 'connected' => $connection !== null, 'athleteId' => $connection?->athlete_id, 'scopes' => $connection?->scopes ?? [], 'expiresAt' => $connection?->expires_at, ], ]); } public function sync(StravaSyncRequest $request, StravaClient $strava): JsonResponse { $connection = $request->user()->stravaConnection; if (! $connection) { return response()->json([ 'message' => 'Connecte Strava avant de synchroniser tes workouts.', ], 422); } if (! $this->canReadActivities($connection->scopes ?? [])) { return response()->json([ 'message' => 'La connexion Strava doit autoriser le scope activity:read ou activity:read_all.', ], 422); } $activities = $strava->activities( $connection, $request->integer('page', 1), $request->integer('per_page', 30), ); $importedCount = collect($activities) ->map(fn (array $activity): WorkoutSessions => $this->storeActivity($request, $activity)) ->count(); return response()->json([ 'data' => [ 'importedCount' => $importedCount, 'fetchedCount' => count($activities), ], ]); } private function storeActivity(Request $request, array $activity): WorkoutSessions { return $request->user()->workouts()->updateOrCreate([ 'source' => WorkoutSource::STRAVA, 'external_id' => (string) $activity['id'], ], [ 'type' => $activity['sport_type'] ?? $activity['type'] ?? 'workout', 'title' => $activity['name'] ?? 'Strava workout', 'duration_seconds' => max(1, (int) ($activity['moving_time'] ?? $activity['elapsed_time'] ?? 0)), 'calories_burned' => (int) round((float) ($activity['calories'] ?? 0)), 'distance_meters' => (int) round((float) ($activity['distance'] ?? 0)), 'started_at' => $activity['start_date'] ?? null, ]); } private function canReadActivities(array $scopes): bool { return in_array('activity:read', $scopes, true) || in_array('activity:read_all', $scopes, true); } private function normalizeScopes(string $scope): array { return Str::of($scope) ->replace(',', ' ') ->explode(' ') ->filter() ->values() ->all(); } private function stateCacheKey(string $state): string { return "strava:oauth-state:{$state}"; } }