resend 0.27.0.alpha.1 → 0.27.0.alpha.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c2285e905778c2a5332f4adc94ac29f229ed02b62645c4e074febd95202d56cc
-  data.tar.gz: 978ae7cf38ac0906c40d8af4b55aa5f0602a929bed2bc543b29500b157a94eaf
+  metadata.gz: 4133247b039437fb66f5b38abbe61c41d9cc85e007ae7ef7a00b865af21f9875
+  data.tar.gz: ab112b1b77f4f7023fe98c2ab23fa93448d1b1700d7c3ea3dbf68f78ea69e214
 SHA512:
-  metadata.gz: 6c338e6d9b06847278ba7cd9bbd146f3d0d8012d5c614418a6ef9066c931cb73b4a270a407e74dfba7e6a5a27944c1996537c720d7108d6a838f5003a2aa2b7f
-  data.tar.gz: 396fdd53a1e21840dcbd996735a8570ec7e5353a87b4ce86ccb311f9dfcdd2cfa0928a0883b0727423ed39d8f5bf30a6b7afa45e60743191fd29ca593307f3e9
+  metadata.gz: b525a8dabb6d312585fa59db58e17cf8982f3ac5603502a62046ce24211b3ba59c056361e80ac7a958d6d073cea940fece2493c320b5ac7842eed88e34b329c3
+  data.tar.gz: 38a6ce6faf1b907ee646bf53f28f8f0b67b7d1174e3a2d7fd075879c24a2399817d820ed8f0a2e19f50251f84a3ad7d2e0327a669f4e368e45f531cc3413b43a

data/lib/resend/{attachments/receiving.rb → emails/attachments.rb}

@@ -1,11 +1,11 @@
 # frozen_string_literal: true
 
 module Resend
-  module Attachments
-    # Module for receiving email attachments API operations
-    module Receiving
+  module Emails
+    # Module for sent email attachments API operations
+    module Attachments
       class << self
-        # Retrieve a single attachment from a received email
+        # Retrieve a single attachment from a sent email
         #
         # @param params [Hash] Parameters for retrieving the attachment
         # @option params [String] :id The attachment ID (required)
@@ -13,7 +13,7 @@ module Resend
         # @return [Hash] The attachment object
         #
         # @example
-        #   Resend::Attachments::Receiving.get(
+        #   Resend::Emails::Attachments.get(
         #     id: "2a0c9ce0-3112-4728-976e-47ddcd16a318",
         #     email_id: "4ef9a417-02e9-4d39-ad75-9611e0fcc33c"
         #   )
@@ -21,11 +21,11 @@ module Resend
           attachment_id = params[:id]
           email_id = params[:email_id]
 
-          path = "emails/receiving/#{email_id}/attachments/#{attachment_id}"
+          path = "emails/#{email_id}/attachments/#{attachment_id}"
           Resend::Request.new(path, {}, "get").perform
         end
 
-        # List attachments from a received email with optional pagination
+        # List attachments from a sent email with optional pagination
         #
         # @param params [Hash] Parameters for listing attachments
         # @option params [String] :email_id The email ID (required)
@@ -35,33 +35,31 @@ module Resend
         # @return [Hash] List of attachments with pagination info
         #
         # @example List all attachments
-        #   Resend::Attachments::Receiving.list(
+        #   Resend::Emails::Attachments.list(
         #     email_id: "4ef9a417-02e9-4d39-ad75-9611e0fcc33c"
         #   )
         #
         # @example List with custom limit
-        #   Resend::Attachments::Receiving.list(
+        #   Resend::Emails::Attachments.list(
         #     email_id: "4ef9a417-02e9-4d39-ad75-9611e0fcc33c",
         #     limit: 50
         #   )
         #
         # @example List with pagination
-        #   Resend::Attachments::Receiving.list(
+        #   Resend::Emails::Attachments.list(
         #     email_id: "4ef9a417-02e9-4d39-ad75-9611e0fcc33c",
         #     limit: 20,
         #     after: "attachment_id_123"
         #   )
         def list(params = {})
           email_id = params[:email_id]
-          path = "emails/receiving/#{email_id}/attachments"
+          base_path = "emails/#{email_id}/attachments"
 
-          # Build query parameters, filtering out nil values
-          query_params = {}
-          query_params[:limit] = params[:limit] if params[:limit]
-          query_params[:after] = params[:after] if params[:after]
-          query_params[:before] = params[:before] if params[:before]
+          # Extract pagination parameters
+          pagination_params = params.slice(:limit, :after, :before)
 
-          Resend::Request.new(path, query_params, "get").perform
+          path = Resend::PaginationHelper.build_paginated_path(base_path, pagination_params)
+          Resend::Request.new(path, {}, "get").perform
         end
       end
     end

data/lib/resend/emails/receiving/attachments.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+module Resend
+  module Emails
+    module Receiving
+      # Module for received email attachments API operations
+      module Attachments
+        class << self
+          # Retrieve a single attachment from a received email
+          #
+          # @param params [Hash] Parameters for retrieving the attachment
+          # @option params [String] :id The attachment ID (required)
+          # @option params [String] :email_id The email ID (required)
+          # @return [Hash] The attachment object
+          #
+          # @example
+          #   Resend::Emails::Receiving::Attachments.get(
+          #     id: "2a0c9ce0-3112-4728-976e-47ddcd16a318",
+          #     email_id: "4ef9a417-02e9-4d39-ad75-9611e0fcc33c"
+          #   )
+          def get(params = {})
+            attachment_id = params[:id]
+            email_id = params[:email_id]
+
+            path = "emails/receiving/#{email_id}/attachments/#{attachment_id}"
+            Resend::Request.new(path, {}, "get").perform
+          end
+
+          # List attachments from a received email with optional pagination
+          #
+          # @param params [Hash] Parameters for listing attachments
+          # @option params [String] :email_id The email ID (required)
+          # @option params [Integer] :limit Maximum number of attachments to return (1-100)
+          # @option params [String] :after Cursor for pagination (newer attachments)
+          # @option params [String] :before Cursor for pagination (older attachments)
+          # @return [Hash] List of attachments with pagination info
+          #
+          # @example List all attachments
+          #   Resend::Emails::Receiving::Attachments.list(
+          #     email_id: "4ef9a417-02e9-4d39-ad75-9611e0fcc33c"
+          #   )
+          #
+          # @example List with custom limit
+          #   Resend::Emails::Receiving::Attachments.list(
+          #     email_id: "4ef9a417-02e9-4d39-ad75-9611e0fcc33c",
+          #     limit: 50
+          #   )
+          #
+          # @example List with pagination
+          #   Resend::Emails::Receiving::Attachments.list(
+          #     email_id: "4ef9a417-02e9-4d39-ad75-9611e0fcc33c",
+          #     limit: 20,
+          #     after: "attachment_id_123"
+          #   )
+          def list(params = {})
+            email_id = params[:email_id]
+            base_path = "emails/receiving/#{email_id}/attachments"
+
+            # Extract pagination parameters
+            pagination_params = params.slice(:limit, :after, :before)
+
+            path = Resend::PaginationHelper.build_paginated_path(base_path, pagination_params)
+            Resend::Request.new(path, {}, "get").perform
+          end
+        end
+      end
+    end
+  end
+end

data/lib/resend/templates.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+module Resend
+  # Templates api wrapper
+  module Templates
+    class << self
+      # https://resend.com/docs/api-reference/templates/create-template
+      def create(params = {})
+        path = "templates"
+        Resend::Request.new(path, params, "post").perform
+      end
+
+      # https://resend.com/docs/api-reference/templates/get-template
+      def get(template_id = "")
+        path = "templates/#{template_id}"
+        Resend::Request.new(path, {}, "get").perform
+      end
+
+      # https://resend.com/docs/api-reference/templates/update-template
+      def update(template_id, params = {})
+        path = "templates/#{template_id}"
+        Resend::Request.new(path, params, "patch").perform
+      end
+
+      # https://resend.com/docs/api-reference/templates/publish-template
+      def publish(template_id = "")
+        path = "templates/#{template_id}/publish"
+        Resend::Request.new(path, {}, "post").perform
+      end
+
+      # https://resend.com/docs/api-reference/templates/duplicate-template
+      def duplicate(template_id = "")
+        path = "templates/#{template_id}/duplicate"
+        Resend::Request.new(path, {}, "post").perform
+      end
+
+      # https://resend.com/docs/api-reference/templates/list-templates
+      def list(params = {})
+        path = Resend::PaginationHelper.build_paginated_path("templates", params)
+        Resend::Request.new(path, {}, "get").perform
+      end
+
+      # https://resend.com/docs/api-reference/templates/delete-template
+      def remove(template_id = "")
+        path = "templates/#{template_id}"
+        Resend::Request.new(path, {}, "delete").perform
+      end
+    end
+  end
+end

data/lib/resend/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Resend
-  VERSION = "0.27.0.alpha.1"
+  VERSION = "0.27.0.alpha.2"
 end

data/lib/resend/webhooks.rb

@@ -0,0 +1,239 @@
+# frozen_string_literal: true
+
+require "openssl"
+require "base64"
+
+module Resend
+  # The Webhooks module provides methods for managing webhooks via the Resend API.
+  # Webhooks allow you to receive real-time notifications about email events.
+  #
+  # Default tolerance for timestamp validation (5 minutes)
+  WEBHOOK_TOLERANCE_SECONDS = 300
+  #
+  # @example Create a webhook
+  #   Resend::Webhooks.create(
+  #     endpoint: "https://webhook.example.com/handler",
+  #     events: ["email.sent", "email.delivered", "email.bounced"]
+  #   )
+  #
+  # @example List all webhooks
+  #   Resend::Webhooks.list
+  #
+  # @example Retrieve a specific webhook
+  #   Resend::Webhooks.get("4dd369bc-aa82-4ff3-97de-514ae3000ee0")
+  #
+  # @example Update a webhook
+  #   Resend::Webhooks.update(
+  #     webhook_id: "430eed87-632a-4ea6-90db-0aace67ec228",
+  #     endpoint: "https://new-webhook.example.com/handler",
+  #     events: ["email.sent", "email.delivered"],
+  #     status: "enabled"
+  #   )
+  #
+  # @example Delete a webhook
+  #   Resend::Webhooks.remove("4dd369bc-aa82-4ff3-97de-514ae3000ee0")
+  module Webhooks
+    class << self
+      # Create a new webhook to receive real-time notifications about email events
+      #
+      # @param params [Hash] The webhook parameters
+      # @option params [String] :endpoint The URL where webhook events will be sent (required)
+      # @option params [Array<String>] :events Array of event types to subscribe to (required)
+      #
+      # @return [Hash] The webhook object containing id, object type, and signing_secret
+      #
+      # @example
+      #   Resend::Webhooks.create(
+      #     endpoint: "https://webhook.example.com/handler",
+      #     events: ["email.sent", "email.delivered", "email.bounced"]
+      #   )
+      def create(params = {})
+        path = "webhooks"
+        Resend::Request.new(path, params, "post").perform
+      end
+
+      # Retrieve a list of webhooks for the authenticated user
+      #
+      # @param params [Hash] The pagination parameters
+      # @option params [Integer] :limit Number of webhooks to retrieve (max: 100, min: 1)
+      # @option params [String] :after The ID after which to retrieve more webhooks (for pagination)
+      # @option params [String] :before The ID before which to retrieve more webhooks (for pagination)
+      #
+      # @return [Hash] A paginated list of webhook objects
+      #
+      # @example
+      #   Resend::Webhooks.list
+      #
+      # @example With pagination
+      #   Resend::Webhooks.list(limit: 20, after: "4dd369bc-aa82-4ff3-97de-514ae3000ee0")
+      def list(params = {})
+        path = Resend::PaginationHelper.build_paginated_path("webhooks", params)
+        Resend::Request.new(path, {}, "get").perform
+      end
+
+      # Retrieve a single webhook for the authenticated user
+      #
+      # @param webhook_id [String] The webhook ID
+      #
+      # @return [Hash] The webhook object with full details
+      #
+      # @example
+      #   Resend::Webhooks.get("4dd369bc-aa82-4ff3-97de-514ae3000ee0")
+      def get(webhook_id = "")
+        path = "webhooks/#{webhook_id}"
+        Resend::Request.new(path, {}, "get").perform
+      end
+
+      # Update an existing webhook configuration
+      #
+      # @param params [Hash] The webhook update parameters
+      # @option params [String] :webhook_id The webhook ID (required)
+      # @option params [String] :endpoint The URL where webhook events will be sent
+      # @option params [Array<String>] :events Array of event types to subscribe to
+      # @option params [String] :status The webhook status ("enabled" or "disabled")
+      #
+      # @return [Hash] The updated webhook object
+      #
+      # @example
+      #   Resend::Webhooks.update(
+      #     webhook_id: "430eed87-632a-4ea6-90db-0aace67ec228",
+      #     endpoint: "https://new-webhook.example.com/handler",
+      #     events: ["email.sent", "email.delivered"],
+      #     status: "enabled"
+      #   )
+      def update(params = {})
+        webhook_id = params.delete(:webhook_id)
+        path = "webhooks/#{webhook_id}"
+        Resend::Request.new(path, params, "patch").perform
+      end
+
+      # Remove an existing webhook
+      #
+      # @param webhook_id [String] The webhook ID
+      #
+      # @return [Hash] Confirmation object with id, object type, and deleted status
+      #
+      # @example
+      #   Resend::Webhooks.remove("4dd369bc-aa82-4ff3-97de-514ae3000ee0")
+      def remove(webhook_id = "")
+        path = "webhooks/#{webhook_id}"
+        Resend::Request.new(path, {}, "delete").perform
+      end
+
+      # Verify a webhook payload using HMAC-SHA256 signature validation
+      # This validates that the webhook request came from Resend and hasn't been tampered with
+      #
+      # @param params [Hash] The webhook verification parameters
+      # @option params [String] :payload The raw webhook payload body (required)
+      # @option params [Hash] :headers The webhook headers containing svix-id, svix-timestamp,
+      #   and svix-signature (required)
+      # @option params [String] :webhook_secret The signing secret from webhook creation (required)
+      #
+      # @return [Boolean] true if verification succeeds
+      # @raise [StandardError] If verification fails or required parameters are missing
+      #
+      # @example
+      #   Resend::Webhooks.verify(
+      #     payload: request.body.read,
+      #     headers: {
+      #       svix_id: "id_1234567890abcdefghijklmnopqrstuvwxyz",
+      #       svix_timestamp: "1616161616",
+      #       svix_signature: "v1,signature_here"
+      #     },
+      #     webhook_secret: "whsec_1234567890abcdez"
+      #   )
+      def verify(params = {})
+        payload = params[:payload]
+        headers = params[:headers] || {}
+        webhook_secret = params[:webhook_secret]
+
+        validate_required_params(payload, headers, webhook_secret)
+        validate_timestamp(headers[:svix_timestamp])
+
+        signed_content = "#{headers[:svix_id]}.#{headers[:svix_timestamp]}.#{payload}"
+        decoded_secret = decode_secret(webhook_secret)
+        expected_signature = generate_signature(decoded_secret, signed_content)
+
+        verify_signature(headers[:svix_signature], expected_signature)
+      end
+
+      private
+
+      # Validate required parameters
+      def validate_required_params(payload, headers, webhook_secret)
+        validate_payload(payload)
+        validate_webhook_secret(webhook_secret)
+        validate_headers(headers)
+      end
+
+      # Validate payload is present
+      def validate_payload(payload)
+        raise "payload cannot be empty" if payload.nil? || payload.empty?
+      end
+
+      # Validate webhook secret is present
+      def validate_webhook_secret(webhook_secret)
+        raise "webhook_secret cannot be empty" if webhook_secret.nil? || webhook_secret.empty?
+      end
+
+      # Validate required headers are present
+      def validate_headers(headers)
+        raise "svix-id header is required" if headers[:svix_id].nil? || headers[:svix_id].empty?
+        raise "svix-timestamp header is required" if headers[:svix_timestamp].nil? || headers[:svix_timestamp].empty?
+        raise "svix-signature header is required" if headers[:svix_signature].nil? || headers[:svix_signature].empty?
+      end
+
+      # Validate timestamp to prevent replay attacks
+      def validate_timestamp(timestamp_header)
+        timestamp = timestamp_header.to_i
+        now = Time.now.to_i
+        diff = now - timestamp
+
+        return unless diff > WEBHOOK_TOLERANCE_SECONDS || diff < -WEBHOOK_TOLERANCE_SECONDS
+
+        raise "Timestamp outside tolerance window: difference of #{diff} seconds"
+      end
+
+      # Decode the signing secret (strip whsec_ prefix and base64 decode)
+      def decode_secret(webhook_secret)
+        secret = webhook_secret.sub(/^whsec_/, "")
+        Base64.strict_decode64(secret)
+      rescue ArgumentError => e
+        raise "Failed to decode webhook secret: #{e.message}"
+      end
+
+      # Verify signature using constant-time comparison
+      def verify_signature(signature_header, expected_signature)
+        signatures = signature_header.split(" ")
+        signatures.each do |sig|
+          parts = sig.split(",", 2)
+          next if parts.length != 2
+
+          received_signature = parts[1]
+          return true if secure_compare(expected_signature, received_signature)
+        end
+
+        raise "No matching signature found"
+      end
+
+      # Generate HMAC-SHA256 signature and return it as base64
+      def generate_signature(secret, content)
+        digest = OpenSSL::HMAC.digest("sha256", secret, content)
+        Base64.strict_encode64(digest)
+      end
+
+      # Constant-time string comparison to prevent timing attacks
+      #
+      # Note: We implement this manually for Ruby 2.7 compatibility.
+      # Ruby 3.0+ could use OpenSSL.fixed_length_secure_compare instead.
+      def secure_compare(str_a, str_b)
+        return false if str_a.nil? || str_b.nil? || str_a.bytesize != str_b.bytesize
+
+        bytes_a = str_a.unpack("C*")
+        result = 0
+        str_b.each_byte.with_index { |byte_b, i| result |= byte_b ^ bytes_a[i] }
+        result.zero?
+      end
+    end
+  end
+end

data/lib/resend.rb

@@ -20,9 +20,12 @@ require "resend/batch"
 require "resend/contacts"
 require "resend/domains"
 require "resend/emails"
+require "resend/templates"
 require "resend/emails/receiving"
-require "resend/attachments/receiving"
+require "resend/emails/attachments"
+require "resend/emails/receiving/attachments"
 require "resend/topics"
+require "resend/webhooks"
 
 # Rails
 require "resend/railtie" if defined?(Rails) && defined?(ActionMailer)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: resend
 version: !ruby/object:Gem::Version
-  version: 0.27.0.alpha.1
+  version: 0.27.0.alpha.2
 platform: ruby
 authors:
 - Derich Pacheco
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-10-27 00:00:00.000000000 Z
+date: 2025-10-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httparty
@@ -47,7 +47,6 @@ files:
 - README.md
 - lib/resend.rb
 - lib/resend/api_keys.rb
-- lib/resend/attachments/receiving.rb
 - lib/resend/audiences.rb
 - lib/resend/batch.rb
 - lib/resend/broadcasts.rb
@@ -55,14 +54,18 @@ files:
 - lib/resend/contacts.rb
 - lib/resend/domains.rb
 - lib/resend/emails.rb
+- lib/resend/emails/attachments.rb
 - lib/resend/emails/receiving.rb
+- lib/resend/emails/receiving/attachments.rb
 - lib/resend/errors.rb
 - lib/resend/mailer.rb
 - lib/resend/pagination_helper.rb
 - lib/resend/railtie.rb
 - lib/resend/request.rb
+- lib/resend/templates.rb
 - lib/resend/topics.rb
 - lib/resend/version.rb
+- lib/resend/webhooks.rb
 homepage: https://github.com/resend/resend-ruby
 licenses:
 - MIT