@contractspec/example.openbanking-powens 1.44.0

package/.turbo/turbo-build$colon$bundle.log

@@ -0,0 +1,39 @@
+$ tsdown
+ℹ tsdown v0.18.3 powered by rolldown v1.0.0-beta.57
+ℹ config file: /home/runner/work/contractspec/contractspec/packages/examples/openbanking-powens/tsdown.config.js 
+ℹ entry: src/example.ts, src/index.ts, src/docs/index.ts, src/docs/openbanking-powens.docblock.ts, src/handlers/oauth-callback.ts, src/handlers/webhook-handler.ts
+ℹ target: esnext
+ℹ tsconfig: tsconfig.json
+ℹ Build start
+ℹ Cleaning 21 files
+ℹ dist/handlers/webhook-handler.js              3.33 kB │ gzip: 1.23 kB
+ℹ dist/handlers/oauth-callback.js               2.42 kB │ gzip: 1.02 kB
+ℹ dist/docs/openbanking-powens.docblock.js      1.57 kB │ gzip: 0.76 kB
+ℹ dist/example.js                               0.88 kB │ gzip: 0.47 kB
+ℹ dist/index.js                                 0.30 kB │ gzip: 0.16 kB
+ℹ dist/docs/index.js                            0.04 kB │ gzip: 0.06 kB
+ℹ dist/handlers/webhook-handler.js.map          6.46 kB │ gzip: 2.18 kB
+ℹ dist/handlers/oauth-callback.js.map           4.84 kB │ gzip: 1.81 kB
+ℹ dist/docs/openbanking-powens.docblock.js.map  2.07 kB │ gzip: 0.94 kB
+ℹ dist/example.js.map                           1.25 kB │ gzip: 0.64 kB
+ℹ dist/handlers/webhook-handler.d.ts.map        0.17 kB │ gzip: 0.14 kB
+ℹ dist/handlers/oauth-callback.d.ts.map         0.17 kB │ gzip: 0.15 kB
+ℹ dist/example.d.ts.map                         0.14 kB │ gzip: 0.13 kB
+ℹ dist/example.d.ts                             1.12 kB │ gzip: 0.47 kB
+ℹ dist/index.d.ts                               0.25 kB │ gzip: 0.13 kB
+ℹ dist/handlers/oauth-callback.d.ts             0.22 kB │ gzip: 0.17 kB
+ℹ dist/handlers/webhook-handler.d.ts            0.21 kB │ gzip: 0.16 kB
+ℹ dist/docs/index.d.ts                          0.01 kB │ gzip: 0.03 kB
+ℹ dist/docs/openbanking-powens.docblock.d.ts    0.01 kB │ gzip: 0.03 kB
+ℹ 19 files, total: 25.46 kB
+src/handlers/webhook-handler.ts (7:44) [UNRESOLVED_IMPORT] Warning: Could not resolve 'node:crypto' in src/handlers/webhook-handler.ts
+   ╭─[ src/handlers/webhook-handler.ts:7:45 ]
+   │
+ 7 │ import { createHmac, timingSafeEqual } from 'node:crypto';
+   │                                             ──────┬──────  
+   │                                                   ╰──────── Module not found, treating it as an external dependency
+   │ 
+   │ Help: The "main" field here was ignored. Main fields must be configured explicitly when using the "neutral" platform.
+───╯
+
+✔ Build complete in 8760ms

package/.turbo/turbo-build.log

@@ -0,0 +1,40 @@
+$ bun build:types && bun build:bundle
+$ tsc --noEmit
+$ tsdown
+ℹ tsdown v0.18.3 powered by rolldown v1.0.0-beta.57
+ℹ config file: /home/runner/work/contractspec/contractspec/packages/examples/openbanking-powens/tsdown.config.js 
+ℹ entry: src/example.ts, src/index.ts, src/docs/index.ts, src/docs/openbanking-powens.docblock.ts, src/handlers/oauth-callback.ts, src/handlers/webhook-handler.ts
+ℹ target: esnext
+ℹ tsconfig: tsconfig.json
+ℹ Build start
+ℹ dist/handlers/webhook-handler.js              3.33 kB │ gzip: 1.23 kB
+ℹ dist/handlers/oauth-callback.js               2.42 kB │ gzip: 1.02 kB
+ℹ dist/docs/openbanking-powens.docblock.js      1.57 kB │ gzip: 0.76 kB
+src/handlers/webhook-handler.ts (7:44) [UNRESOLVED_IMPORT] Warning: Could not resolve 'node:crypto' in src/handlers/webhook-handler.ts
+   ╭─[ src/handlers/webhook-handler.ts:7:45 ]
+   │
+ℹ dist/example.js                               0.88 kB │ gzip: 0.47 kB
+ 7 │ import { createHmac, timingSafeEqual } from 'node:crypto';
+ℹ dist/index.js                                 0.30 kB │ gzip: 0.16 kB
+ℹ dist/docs/index.js                            0.04 kB │ gzip: 0.06 kB
+ℹ dist/handlers/webhook-handler.js.map          6.46 kB │ gzip: 2.18 kB
+ℹ dist/handlers/oauth-callback.js.map           4.84 kB │ gzip: 1.81 kB
+   │                                             ──────┬──────  
+ℹ dist/docs/openbanking-powens.docblock.js.map  2.07 kB │ gzip: 0.94 kB
+   │                                                   ╰──────── Module not found, treating it as an external dependency
+   │ 
+ℹ dist/example.js.map                           1.25 kB │ gzip: 0.64 kB
+ℹ dist/handlers/webhook-handler.d.ts.map        0.17 kB │ gzip: 0.14 kB
+ℹ dist/handlers/oauth-callback.d.ts.map         0.17 kB │ gzip: 0.15 kB
+   │ Help: The "main" field here was ignored. Main fields must be configured explicitly when using the "neutral" platform.
+ℹ dist/example.d.ts.map                         0.14 kB │ gzip: 0.13 kB
+ℹ dist/example.d.ts                             1.12 kB │ gzip: 0.47 kB
+ℹ dist/index.d.ts                               0.25 kB │ gzip: 0.13 kB
+───╯
+
+ℹ dist/handlers/oauth-callback.d.ts             0.22 kB │ gzip: 0.17 kB
+ℹ dist/handlers/webhook-handler.d.ts            0.21 kB │ gzip: 0.16 kB
+ℹ dist/docs/index.d.ts                          0.01 kB │ gzip: 0.03 kB
+ℹ dist/docs/openbanking-powens.docblock.d.ts    0.01 kB │ gzip: 0.03 kB
+ℹ 19 files, total: 25.46 kB
+✔ Build complete in 9385ms

package/CHANGELOG.md

@@ -0,0 +1,178 @@
+# @contractspec/example.openbanking-powens
+
+## 1.44.0
+
+### Minor Changes
+
+- 5f3a868: chore: isolate branding to contractspec.io
+
+### Patch Changes
+
+- Updated dependencies [5f3a868]
+  - @contractspec/integration.providers-impls@1.44.0
+  - @contractspec/lib.contracts@1.44.0
+  - @contractspec/lib.schema@1.44.0
+
+## 1.43.4
+
+### Patch Changes
+
+- 9216062: fix: cross-platform compatibility
+- Updated dependencies [9216062]
+  - @contractspec/integration.providers-impls@1.43.4
+  - @contractspec/lib.contracts@1.43.4
+  - @contractspec/lib.schema@1.43.3
+
+## 1.43.3
+
+### Patch Changes
+
+- 24d9759: improve documentation
+- Updated dependencies [24d9759]
+  - @contractspec/integration.providers-impls@1.43.3
+  - @contractspec/lib.contracts@1.43.3
+  - @contractspec/lib.schema@1.43.2
+
+## 1.43.2
+
+### Patch Changes
+
+- e147271: fix: improve stability
+- Updated dependencies [e147271]
+  - @contractspec/integration.providers-impls@1.43.2
+  - @contractspec/lib.contracts@1.43.2
+  - @contractspec/lib.schema@1.43.1
+
+## 1.43.1
+
+### Patch Changes
+
+- Updated dependencies [f28fdad]
+  - @contractspec/lib.contracts@1.43.1
+  - @contractspec/integration.providers-impls@1.43.1
+
+## 1.43.0
+
+### Minor Changes
+
+- 042d072: feat: schema declaration using json schema, including zod
+
+### Patch Changes
+
+- Updated dependencies [042d072]
+  - @contractspec/integration.providers-impls@1.43.0
+  - @contractspec/lib.contracts@1.43.0
+  - @contractspec/lib.schema@1.43.0
+
+## 1.42.10
+
+### Patch Changes
+
+- 1e6a0f1: fix: mcp server
+- Updated dependencies [1e6a0f1]
+  - @contractspec/integration.providers-impls@1.42.10
+  - @contractspec/lib.contracts@1.42.10
+  - @contractspec/lib.schema@1.42.10
+
+## 1.42.9
+
+### Patch Changes
+
+- 9281db7: fix ModelRegistry
+- Updated dependencies [9281db7]
+  - @contractspec/integration.providers-impls@1.42.9
+  - @contractspec/lib.contracts@1.42.9
+  - @contractspec/lib.schema@1.42.9
+
+## 1.42.8
+
+### Patch Changes
+
+- e07b5ac: fix
+- Updated dependencies [e07b5ac]
+  - @contractspec/integration.providers-impls@1.42.8
+  - @contractspec/lib.contracts@1.42.8
+  - @contractspec/lib.schema@1.42.8
+
+## 1.42.7
+
+### Patch Changes
+
+- e9b575d: fix release
+- Updated dependencies [e9b575d]
+  - @contractspec/integration.providers-impls@1.42.7
+  - @contractspec/lib.contracts@1.42.7
+  - @contractspec/lib.schema@1.42.7
+
+## 1.42.6
+
+### Patch Changes
+
+- 1500242: fix tooling
+- Updated dependencies [1500242]
+  - @contractspec/integration.providers-impls@1.42.6
+  - @contractspec/lib.contracts@1.42.6
+  - @contractspec/lib.schema@1.42.6
+
+## 1.42.5
+
+### Patch Changes
+
+- 1299719: fix vscode
+- Updated dependencies [1299719]
+  - @contractspec/integration.providers-impls@1.42.5
+  - @contractspec/lib.contracts@1.42.5
+  - @contractspec/lib.schema@1.42.5
+
+## 1.42.4
+
+### Patch Changes
+
+- ac28b99: fix: generate from openapi
+- Updated dependencies [ac28b99]
+  - @contractspec/integration.providers-impls@1.42.4
+  - @contractspec/lib.contracts@1.42.4
+  - @contractspec/lib.schema@1.42.4
+
+## 1.42.3
+
+### Patch Changes
+
+- 3f5d015: fix(tooling): cicd
+- Updated dependencies [3f5d015]
+  - @contractspec/integration.providers-impls@1.42.3
+  - @contractspec/lib.contracts@1.42.3
+  - @contractspec/lib.schema@1.42.3
+
+## 1.42.2
+
+### Patch Changes
+
+- 1f9ac4c: fix
+- Updated dependencies [1f9ac4c]
+  - @contractspec/integration.providers-impls@1.42.2
+  - @contractspec/lib.contracts@1.42.2
+  - @contractspec/lib.schema@1.42.2
+
+## 1.42.1
+
+### Patch Changes
+
+- f043995: Fix release
+- Updated dependencies [f043995]
+  - @contractspec/integration.providers-impls@1.42.1
+  - @contractspec/lib.contracts@1.42.1
+  - @contractspec/lib.schema@1.42.1
+
+## 1.42.0
+
+### Minor Changes
+
+- 8eefd9c: initial release
+
+### Patch Changes
+
+- Updated dependencies [8eefd9c]
+  - @contractspec/integration.providers-impls@1.42.0
+  - @contractspec/lib.contracts@1.42.0
+  - @contractspec/lib.schema@1.42.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Chaman Ventures, SASU
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/dist/docs/index.d.ts

@@ -0,0 +1 @@
+export { };

package/dist/docs/index.js

@@ -0,0 +1 @@
+import "./openbanking-powens.docblock.js";

package/dist/docs/openbanking-powens.docblock.d.ts

@@ -0,0 +1 @@
+export { };

package/dist/docs/openbanking-powens.docblock.js

@@ -0,0 +1,30 @@
+import { registerDocBlocks } from "@contractspec/lib.contracts/docs";
+
+//#region src/docs/openbanking-powens.docblock.ts
+registerDocBlocks([{
+	id: "docs.examples.openbanking-powens",
+	title: "Open Banking — Powens (example)",
+	summary: "Framework-neutral OAuth callback + webhook handler patterns for Powens, orchestrating canonical sync workflows.",
+	kind: "reference",
+	visibility: "public",
+	route: "/docs/examples/openbanking-powens",
+	tags: [
+		"openbanking",
+		"powens",
+		"integration",
+		"example"
+	],
+	body: `## What this example shows\n- OAuth callback handler: exchange auth code, map powens user, enqueue sync workflow.\n- Webhook handler: verify signature, route event → workflow, optionally refresh balances.\n\n## Guardrails\n- Secrets via secret providers/env only.\n- Verify webhook signatures.\n- Keep side effects explicit: enqueue workflows instead of mutating canonical stores inline.`
+}, {
+	id: "docs.examples.openbanking-powens.usage",
+	title: "Open Banking — Powens — Usage",
+	summary: "How to integrate the handlers in a fetch-compatible runtime.",
+	kind: "usage",
+	visibility: "public",
+	route: "/docs/examples/openbanking-powens/usage",
+	tags: ["openbanking", "usage"],
+	body: `## Usage\n- Wire \`powensOAuthCallbackHandler(req)\` at your OAuth redirect route.\n- Wire \`powensWebhookHandler(req)\` at your webhook route.\n\n## Notes\n- Replace the fake stores with your app-layer persistence.\n- Enqueue ContractSpec workflows for canonical upserts and telemetry.`
+}]);
+
+//#endregion
+//# sourceMappingURL=openbanking-powens.docblock.js.map

package/dist/docs/openbanking-powens.docblock.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"openbanking-powens.docblock.js","names":[],"sources":["../../src/docs/openbanking-powens.docblock.ts"],"sourcesContent":["import type { DocBlock } from '@contractspec/lib.contracts/docs';\nimport { registerDocBlocks } from '@contractspec/lib.contracts/docs';\n\nconst blocks: DocBlock[] = [\n  {\n    id: 'docs.examples.openbanking-powens',\n    title: 'Open Banking — Powens (example)',\n    summary:\n      'Framework-neutral OAuth callback + webhook handler patterns for Powens, orchestrating canonical sync workflows.',\n    kind: 'reference',\n    visibility: 'public',\n    route: '/docs/examples/openbanking-powens',\n    tags: ['openbanking', 'powens', 'integration', 'example'],\n    body: `## What this example shows\\n- OAuth callback handler: exchange auth code, map powens user, enqueue sync workflow.\\n- Webhook handler: verify signature, route event → workflow, optionally refresh balances.\\n\\n## Guardrails\\n- Secrets via secret providers/env only.\\n- Verify webhook signatures.\\n- Keep side effects explicit: enqueue workflows instead of mutating canonical stores inline.`,\n  },\n  {\n    id: 'docs.examples.openbanking-powens.usage',\n    title: 'Open Banking — Powens — Usage',\n    summary: 'How to integrate the handlers in a fetch-compatible runtime.',\n    kind: 'usage',\n    visibility: 'public',\n    route: '/docs/examples/openbanking-powens/usage',\n    tags: ['openbanking', 'usage'],\n    body: `## Usage\\n- Wire \\`powensOAuthCallbackHandler(req)\\` at your OAuth redirect route.\\n- Wire \\`powensWebhookHandler(req)\\` at your webhook route.\\n\\n## Notes\\n- Replace the fake stores with your app-layer persistence.\\n- Enqueue ContractSpec workflows for canonical upserts and telemetry.`,\n  },\n];\n\nregisterDocBlocks(blocks);\n"],"mappings":";;;AA2BA,kBAxB2B,CACzB;CACE,IAAI;CACJ,OAAO;CACP,SACE;CACF,MAAM;CACN,YAAY;CACZ,OAAO;CACP,MAAM;EAAC;EAAe;EAAU;EAAe;EAAU;CACzD,MAAM;CACP,EACD;CACE,IAAI;CACJ,OAAO;CACP,SAAS;CACT,MAAM;CACN,YAAY;CACZ,OAAO;CACP,MAAM,CAAC,eAAe,QAAQ;CAC9B,MAAM;CACP,CACF,CAEwB"}

package/dist/example.d.ts

@@ -0,0 +1,34 @@
+//#region src/example.d.ts
+declare const example: {
+  readonly id: "openbanking-powens";
+  readonly title: "Open Banking — Powens";
+  readonly summary: "OAuth callback + webhook handler patterns for Powens open banking integration (provider + workflow orchestration).";
+  readonly tags: readonly ["openbanking", "powens", "oauth", "webhooks", "integrations"];
+  readonly kind: "integration";
+  readonly visibility: "public";
+  readonly docs: {
+    readonly rootDocId: "docs.examples.openbanking-powens";
+    readonly usageDocId: "docs.examples.openbanking-powens.usage";
+  };
+  readonly entrypoints: {
+    readonly packageName: "@contractspec/example.openbanking-powens";
+    readonly docs: "./docs";
+  };
+  readonly surfaces: {
+    readonly templates: true;
+    readonly sandbox: {
+      readonly enabled: true;
+      readonly modes: readonly ["markdown", "specs"];
+    };
+    readonly studio: {
+      readonly enabled: true;
+      readonly installable: true;
+    };
+    readonly mcp: {
+      readonly enabled: true;
+    };
+  };
+};
+//#endregion
+export { example as default };
+//# sourceMappingURL=example.d.ts.map

package/dist/example.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"example.d.ts","names":[],"sources":["../src/example.ts"],"sourcesContent":[],"mappings":";cAAM;EAAA,SAAA,EAsBI,EAAA,oBAAA"}

package/dist/example.js

@@ -0,0 +1,40 @@
+//#region src/example.ts
+const example = {
+	id: "openbanking-powens",
+	title: "Open Banking — Powens",
+	summary: "OAuth callback + webhook handler patterns for Powens open banking integration (provider + workflow orchestration).",
+	tags: [
+		"openbanking",
+		"powens",
+		"oauth",
+		"webhooks",
+		"integrations"
+	],
+	kind: "integration",
+	visibility: "public",
+	docs: {
+		rootDocId: "docs.examples.openbanking-powens",
+		usageDocId: "docs.examples.openbanking-powens.usage"
+	},
+	entrypoints: {
+		packageName: "@contractspec/example.openbanking-powens",
+		docs: "./docs"
+	},
+	surfaces: {
+		templates: true,
+		sandbox: {
+			enabled: true,
+			modes: ["markdown", "specs"]
+		},
+		studio: {
+			enabled: true,
+			installable: true
+		},
+		mcp: { enabled: true }
+	}
+};
+var example_default = example;
+
+//#endregion
+export { example_default as default };
+//# sourceMappingURL=example.js.map

package/dist/example.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"example.js","names":[],"sources":["../src/example.ts"],"sourcesContent":["const example = {\n  id: 'openbanking-powens',\n  title: 'Open Banking — Powens',\n  summary:\n    'OAuth callback + webhook handler patterns for Powens open banking integration (provider + workflow orchestration).',\n  tags: ['openbanking', 'powens', 'oauth', 'webhooks', 'integrations'],\n  kind: 'integration',\n  visibility: 'public',\n  docs: {\n    rootDocId: 'docs.examples.openbanking-powens',\n    usageDocId: 'docs.examples.openbanking-powens.usage',\n  },\n  entrypoints: {\n    packageName: '@contractspec/example.openbanking-powens',\n    docs: './docs',\n  },\n  surfaces: {\n    templates: true,\n    sandbox: { enabled: true, modes: ['markdown', 'specs'] },\n    studio: { enabled: true, installable: true },\n    mcp: { enabled: true },\n  },\n} as const;\n\nexport default example;\n"],"mappings":";AAAA,MAAM,UAAU;CACd,IAAI;CACJ,OAAO;CACP,SACE;CACF,MAAM;EAAC;EAAe;EAAU;EAAS;EAAY;EAAe;CACpE,MAAM;CACN,YAAY;CACZ,MAAM;EACJ,WAAW;EACX,YAAY;EACb;CACD,aAAa;EACX,aAAa;EACb,MAAM;EACP;CACD,UAAU;EACR,WAAW;EACX,SAAS;GAAE,SAAS;GAAM,OAAO,CAAC,YAAY,QAAQ;GAAE;EACxD,QAAQ;GAAE,SAAS;GAAM,aAAa;GAAM;EAC5C,KAAK,EAAE,SAAS,MAAM;EACvB;CACF;AAED,sBAAe"}

package/dist/handlers/oauth-callback.d.ts

@@ -0,0 +1,5 @@
+//#region src/handlers/oauth-callback.d.ts
+declare function powensOAuthCallbackHandler(req: Request): Promise<Response>;
+//#endregion
+export { powensOAuthCallbackHandler };
+//# sourceMappingURL=oauth-callback.d.ts.map

package/dist/handlers/oauth-callback.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-callback.d.ts","names":[],"sources":["../../src/handlers/oauth-callback.ts"],"sourcesContent":[],"mappings":";iBASsB,0BAAA,MAAgC,UAAO,QAAA"}

package/dist/handlers/oauth-callback.js

@@ -0,0 +1,64 @@
+import { PowensOpenBankingProvider } from "@contractspec/integration.providers-impls/impls/powens-openbanking";
+
+//#region src/handlers/oauth-callback.ts
+/**
+* Example OAuth callback handler for Powens (open banking).
+*
+* This example stays framework-neutral: it operates on the standard `Request`
+* type so it can be used in Next.js, Elysia, or any fetch-compatible runtime.
+*/
+async function powensOAuthCallbackHandler(req) {
+	const url = new URL(req.url);
+	const code = url.searchParams.get("code");
+	const state = url.searchParams.get("state");
+	const userUuid = url.searchParams.get("user_uuid");
+	if (!code || !state || !userUuid) return new Response("Missing Powens OAuth params", { status: 400 });
+	const connection = await getConnectionByState(state);
+	if (!connection) return new Response("Unknown Powens OAuth state", { status: 404 });
+	const secrets = await getPowensSecretsForConnection(connection.meta.id);
+	const preview = await new PowensOpenBankingProvider({
+		clientId: secrets.clientId,
+		clientSecret: secrets.clientSecret,
+		apiKey: secrets.apiKey,
+		environment: connection.config.environment,
+		baseUrl: connection.config.baseUrl
+	}).listAccounts({
+		tenantId: connection.meta.tenantId,
+		connectionId: connection.meta.id,
+		userId: userUuid
+	});
+	await connection.storePowensUser({
+		tenantUserId: connection.meta.tenantUserId,
+		powensUserUuid: userUuid,
+		authCode: code
+	});
+	await enqueueWorkflow("pfo.workflow.sync-openbanking-accounts", {
+		tenantId: connection.meta.tenantId,
+		userUuid,
+		connectionId: connection.meta.id,
+		previewAccounts: preview.accounts
+	});
+	const redirectBase = process.env.APP_DASHBOARD_URL ?? "";
+	return Response.redirect(`${redirectBase}/banking/linked?tenant=${connection.meta.tenantId}`, 302);
+}
+async function getConnectionByState(state) {
+	return fakeDatabase.connections.find((conn) => conn.state === state) ?? null;
+}
+async function getPowensSecretsForConnection(connectionId) {
+	const secret = fakeSecretStore[connectionId];
+	if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);
+	return secret;
+}
+async function enqueueWorkflow(name, input) {
+	await fakeWorkflowQueue.enqueue({
+		name,
+		input
+	});
+}
+const fakeDatabase = { connections: [] };
+const fakeSecretStore = {};
+const fakeWorkflowQueue = { enqueue: async (_payload) => {} };
+
+//#endregion
+export { powensOAuthCallbackHandler };
+//# sourceMappingURL=oauth-callback.js.map

package/dist/handlers/oauth-callback.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-callback.js","names":["fakeSecretStore: Record<string, ExamplePowensSecrets>"],"sources":["../../src/handlers/oauth-callback.ts"],"sourcesContent":["/**\n * Example OAuth callback handler for Powens (open banking).\n *\n * This example stays framework-neutral: it operates on the standard `Request`\n * type so it can be used in Next.js, Elysia, or any fetch-compatible runtime.\n */\nimport { PowensOpenBankingProvider } from '@contractspec/integration.providers-impls/impls/powens-openbanking';\nimport type { PowensEnvironment } from '@contractspec/integration.providers-impls/impls/powens-client';\n\nexport async function powensOAuthCallbackHandler(req: Request) {\n  const url = new URL(req.url);\n  const code = url.searchParams.get('code');\n  const state = url.searchParams.get('state');\n  const userUuid = url.searchParams.get('user_uuid');\n\n  if (!code || !state || !userUuid) {\n    return new Response('Missing Powens OAuth params', { status: 400 });\n  }\n\n  const connection = await getConnectionByState(state);\n  if (!connection) {\n    return new Response('Unknown Powens OAuth state', { status: 404 });\n  }\n\n  const secrets = await getPowensSecretsForConnection(connection.meta.id);\n\n  const provider = new PowensOpenBankingProvider({\n    clientId: secrets.clientId,\n    clientSecret: secrets.clientSecret,\n    apiKey: secrets.apiKey,\n    environment: connection.config.environment as PowensEnvironment,\n    baseUrl: connection.config.baseUrl as string | undefined,\n  });\n\n  const preview = await provider.listAccounts({\n    tenantId: connection.meta.tenantId,\n    connectionId: connection.meta.id,\n    userId: userUuid,\n  });\n\n  await connection.storePowensUser({\n    tenantUserId: connection.meta.tenantUserId,\n    powensUserUuid: userUuid,\n    authCode: code,\n  });\n\n  await enqueueWorkflow('pfo.workflow.sync-openbanking-accounts', {\n    tenantId: connection.meta.tenantId,\n    userUuid,\n    connectionId: connection.meta.id,\n    previewAccounts: preview.accounts,\n  });\n\n  const redirectBase = process.env.APP_DASHBOARD_URL ?? '';\n  return Response.redirect(\n    `${redirectBase}/banking/linked?tenant=${connection.meta.tenantId}`,\n    302\n  );\n}\n\ninterface ExamplePowensSecrets {\n  clientId: string;\n  clientSecret: string;\n  apiKey?: string;\n}\n\ninterface ExampleIntegrationConnection {\n  meta: {\n    id: string;\n    tenantId: string;\n    tenantUserId: string;\n  };\n  config: {\n    environment: PowensEnvironment;\n    baseUrl?: string;\n  };\n  storePowensUser(input: {\n    tenantUserId: string;\n    powensUserUuid: string;\n    authCode: string;\n  }): Promise<void>;\n}\n\nasync function getConnectionByState(\n  state: string\n): Promise<ExampleIntegrationConnection | null> {\n  const record = fakeDatabase.connections.find((conn) => conn.state === state);\n  return record ?? null;\n}\n\nasync function getPowensSecretsForConnection(\n  connectionId: string\n): Promise<ExamplePowensSecrets> {\n  const secret = fakeSecretStore[connectionId];\n  if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);\n  return secret;\n}\n\nasync function enqueueWorkflow(name: string, input: Record<string, unknown>) {\n  await fakeWorkflowQueue.enqueue({ name, input });\n}\n\nconst fakeDatabase = {\n  connections: [] as (ExampleIntegrationConnection & { state: string })[],\n};\n\nconst fakeSecretStore: Record<string, ExamplePowensSecrets> = {};\n\nconst fakeWorkflowQueue = {\n  enqueue: async (_payload: Record<string, unknown>) => {\n    /* no-op */\n  },\n};\n"],"mappings":";;;;;;;;;AASA,eAAsB,2BAA2B,KAAc;CAC7D,MAAM,MAAM,IAAI,IAAI,IAAI,IAAI;CAC5B,MAAM,OAAO,IAAI,aAAa,IAAI,OAAO;CACzC,MAAM,QAAQ,IAAI,aAAa,IAAI,QAAQ;CAC3C,MAAM,WAAW,IAAI,aAAa,IAAI,YAAY;AAElD,KAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,SACtB,QAAO,IAAI,SAAS,+BAA+B,EAAE,QAAQ,KAAK,CAAC;CAGrE,MAAM,aAAa,MAAM,qBAAqB,MAAM;AACpD,KAAI,CAAC,WACH,QAAO,IAAI,SAAS,8BAA8B,EAAE,QAAQ,KAAK,CAAC;CAGpE,MAAM,UAAU,MAAM,8BAA8B,WAAW,KAAK,GAAG;CAUvE,MAAM,UAAU,MARC,IAAI,0BAA0B;EAC7C,UAAU,QAAQ;EAClB,cAAc,QAAQ;EACtB,QAAQ,QAAQ;EAChB,aAAa,WAAW,OAAO;EAC/B,SAAS,WAAW,OAAO;EAC5B,CAAC,CAE6B,aAAa;EAC1C,UAAU,WAAW,KAAK;EAC1B,cAAc,WAAW,KAAK;EAC9B,QAAQ;EACT,CAAC;AAEF,OAAM,WAAW,gBAAgB;EAC/B,cAAc,WAAW,KAAK;EAC9B,gBAAgB;EAChB,UAAU;EACX,CAAC;AAEF,OAAM,gBAAgB,0CAA0C;EAC9D,UAAU,WAAW,KAAK;EAC1B;EACA,cAAc,WAAW,KAAK;EAC9B,iBAAiB,QAAQ;EAC1B,CAAC;CAEF,MAAM,eAAe,QAAQ,IAAI,qBAAqB;AACtD,QAAO,SAAS,SACd,GAAG,aAAa,yBAAyB,WAAW,KAAK,YACzD,IACD;;AA0BH,eAAe,qBACb,OAC8C;AAE9C,QADe,aAAa,YAAY,MAAM,SAAS,KAAK,UAAU,MAAM,IAC3D;;AAGnB,eAAe,8BACb,cAC+B;CAC/B,MAAM,SAAS,gBAAgB;AAC/B,KAAI,CAAC,OAAQ,OAAM,IAAI,MAAM,8BAA8B,eAAe;AAC1E,QAAO;;AAGT,eAAe,gBAAgB,MAAc,OAAgC;AAC3E,OAAM,kBAAkB,QAAQ;EAAE;EAAM;EAAO,CAAC;;AAGlD,MAAM,eAAe,EACnB,aAAa,EAAE,EAChB;AAED,MAAMA,kBAAwD,EAAE;AAEhE,MAAM,oBAAoB,EACxB,SAAS,OAAO,aAAsC,IAGvD"}

package/dist/handlers/webhook-handler.d.ts

@@ -0,0 +1,5 @@
+//#region src/handlers/webhook-handler.d.ts
+declare function powensWebhookHandler(req: Request): Promise<Response>;
+//#endregion
+export { powensWebhookHandler };
+//# sourceMappingURL=webhook-handler.d.ts.map

package/dist/handlers/webhook-handler.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"webhook-handler.d.ts","names":[],"sources":["../../src/handlers/webhook-handler.ts"],"sourcesContent":[],"mappings":";iBAUsB,oBAAA,MAA0B,UAAO,QAAA"}

package/dist/handlers/webhook-handler.js

@@ -0,0 +1,88 @@
+import { PowensOpenBankingProvider } from "@contractspec/integration.providers-impls/impls/powens-openbanking";
+import { createHmac, timingSafeEqual } from "node:crypto";
+
+//#region src/handlers/webhook-handler.ts
+/**
+* Example Powens webhook handler (fetch-compatible).
+*
+* Verifies signature, then enqueues the canonical workflows to keep the ledger
+* in sync. Unknown events are ignored (or can be recorded by the app layer).
+*/
+async function powensWebhookHandler(req) {
+	const signature = req.headers.get("x-powens-signature");
+	const stateHeader = req.headers.get("x-powens-state");
+	const payload = await req.text();
+	if (!signature || !stateHeader) return new Response("Missing Powens signature headers", { status: 400 });
+	const connection = await getConnectionByState(stateHeader);
+	if (!connection) return new Response("Unknown Powens state header", { status: 404 });
+	const secrets = await getPowensSecretsForConnection(connection.meta.id);
+	if (!verifySignature(payload, signature, secrets.webhookSecret)) return new Response("Invalid Powens webhook signature", { status: 401 });
+	const event = JSON.parse(payload);
+	const provider = new PowensOpenBankingProvider({
+		clientId: secrets.clientId,
+		clientSecret: secrets.clientSecret,
+		apiKey: secrets.apiKey,
+		environment: connection.config.environment,
+		baseUrl: connection.config.baseUrl
+	});
+	switch (event.type) {
+		case "connection.updated":
+		case "user.sync.completed":
+			await enqueueWorkflow("pfo.workflow.sync-openbanking-accounts", {
+				tenantId: connection.meta.tenantId,
+				connectionId: connection.meta.id,
+				userUuid: event.user_uuid
+			});
+			break;
+		case "transactions.created":
+		case "transactions.updated":
+			await enqueueWorkflow("pfo.workflow.sync-openbanking-transactions", {
+				tenantId: connection.meta.tenantId,
+				connectionId: connection.meta.id,
+				userUuid: event.user_uuid,
+				accountId: event.account_uuid
+			});
+			break;
+		default: await logUnmappedEvent(event);
+	}
+	if (event.account_uuid) await provider.getBalances({
+		tenantId: connection.meta.tenantId,
+		connectionId: connection.meta.id,
+		accountId: event.account_uuid
+	});
+	return new Response("OK", { status: 200 });
+}
+function verifySignature(payload, signature, secret) {
+	const digest = createHmac("sha256", secret).update(payload).digest("hex");
+	const a = Buffer.from(digest, "hex");
+	const b = Buffer.from(signature, "hex");
+	return a.length === b.length && timingSafeEqual(a, b);
+}
+async function getConnectionByState(state) {
+	return fakeDatabase.connections.find((conn) => conn.state === state) ?? null;
+}
+async function getPowensSecretsForConnection(connectionId) {
+	const secret = fakeSecretStore[connectionId];
+	if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);
+	return secret;
+}
+async function enqueueWorkflow(name, input) {
+	await fakeWorkflowQueue.enqueue({
+		name,
+		input
+	});
+}
+async function logUnmappedEvent(_event) {
+	await fakeTelemetryLogger.record({
+		event: "openbanking.webhook.unmapped",
+		payload: "redacted"
+	});
+}
+const fakeDatabase = { connections: [] };
+const fakeSecretStore = {};
+const fakeWorkflowQueue = { enqueue: async (_payload) => {} };
+const fakeTelemetryLogger = { record: async (_payload) => {} };
+
+//#endregion
+export { powensWebhookHandler };
+//# sourceMappingURL=webhook-handler.js.map

package/dist/handlers/webhook-handler.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"webhook-handler.js","names":["fakeSecretStore: Record<string, ExamplePowensSecrets>"],"sources":["../../src/handlers/webhook-handler.ts"],"sourcesContent":["/**\n * Example Powens webhook handler (fetch-compatible).\n *\n * Verifies signature, then enqueues the canonical workflows to keep the ledger\n * in sync. Unknown events are ignored (or can be recorded by the app layer).\n */\nimport { createHmac, timingSafeEqual } from 'node:crypto';\nimport { PowensOpenBankingProvider } from '@contractspec/integration.providers-impls/impls/powens-openbanking';\nimport type { PowensEnvironment } from '@contractspec/integration.providers-impls/impls/powens-client';\n\nexport async function powensWebhookHandler(req: Request) {\n  const signature = req.headers.get('x-powens-signature');\n  const stateHeader = req.headers.get('x-powens-state');\n  const payload = await req.text();\n\n  if (!signature || !stateHeader) {\n    return new Response('Missing Powens signature headers', { status: 400 });\n  }\n\n  const connection = await getConnectionByState(stateHeader);\n  if (!connection) {\n    return new Response('Unknown Powens state header', { status: 404 });\n  }\n\n  const secrets = await getPowensSecretsForConnection(connection.meta.id);\n  if (!verifySignature(payload, signature, secrets.webhookSecret)) {\n    return new Response('Invalid Powens webhook signature', { status: 401 });\n  }\n\n  const event = JSON.parse(payload) as PowensWebhookEvent;\n  const provider = new PowensOpenBankingProvider({\n    clientId: secrets.clientId,\n    clientSecret: secrets.clientSecret,\n    apiKey: secrets.apiKey,\n    environment: connection.config.environment as PowensEnvironment,\n    baseUrl: connection.config.baseUrl as string | undefined,\n  });\n\n  switch (event.type) {\n    case 'connection.updated':\n    case 'user.sync.completed': {\n      await enqueueWorkflow('pfo.workflow.sync-openbanking-accounts', {\n        tenantId: connection.meta.tenantId,\n        connectionId: connection.meta.id,\n        userUuid: event.user_uuid,\n      });\n      break;\n    }\n    case 'transactions.created':\n    case 'transactions.updated': {\n      await enqueueWorkflow('pfo.workflow.sync-openbanking-transactions', {\n        tenantId: connection.meta.tenantId,\n        connectionId: connection.meta.id,\n        userUuid: event.user_uuid,\n        accountId: event.account_uuid,\n      });\n      break;\n    }\n    default:\n      await logUnmappedEvent(event);\n  }\n\n  if (event.account_uuid) {\n    await provider.getBalances({\n      tenantId: connection.meta.tenantId,\n      connectionId: connection.meta.id,\n      accountId: event.account_uuid,\n    });\n  }\n\n  return new Response('OK', { status: 200 });\n}\n\ninterface PowensWebhookEvent {\n  type: string;\n  user_uuid: string;\n  connection_uuid: string;\n  account_uuid?: string;\n}\n\ninterface ExamplePowensSecrets {\n  clientId: string;\n  clientSecret: string;\n  apiKey?: string;\n  webhookSecret: string;\n}\n\ninterface ExampleIntegrationConnection {\n  meta: {\n    id: string;\n    tenantId: string;\n  };\n  config: {\n    environment: PowensEnvironment;\n    baseUrl?: string;\n  };\n}\n\nfunction verifySignature(payload: string, signature: string, secret: string) {\n  const digest = createHmac('sha256', secret).update(payload).digest('hex');\n  const a = Buffer.from(digest, 'hex');\n  const b = Buffer.from(signature, 'hex');\n  return a.length === b.length && timingSafeEqual(a, b);\n}\n\nasync function getConnectionByState(\n  state: string\n): Promise<ExampleIntegrationConnection | null> {\n  return fakeDatabase.connections.find((conn) => conn.state === state) ?? null;\n}\n\nasync function getPowensSecretsForConnection(\n  connectionId: string\n): Promise<ExamplePowensSecrets> {\n  const secret = fakeSecretStore[connectionId];\n  if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);\n  return secret;\n}\n\nasync function enqueueWorkflow(name: string, input: Record<string, unknown>) {\n  await fakeWorkflowQueue.enqueue({ name, input });\n}\n\nasync function logUnmappedEvent(_event: PowensWebhookEvent) {\n  await fakeTelemetryLogger.record({\n    event: 'openbanking.webhook.unmapped',\n    payload: 'redacted',\n  });\n}\n\nconst fakeDatabase = {\n  connections: [] as (ExampleIntegrationConnection & { state: string })[],\n};\n\nconst fakeSecretStore: Record<string, ExamplePowensSecrets> = {};\n\nconst fakeWorkflowQueue = {\n  enqueue: async (_payload: Record<string, unknown>) => {\n    /* no-op */\n  },\n};\n\nconst fakeTelemetryLogger = {\n  record: async (_payload: Record<string, unknown>) => {\n    /* no-op */\n  },\n};\n"],"mappings":";;;;;;;;;;AAUA,eAAsB,qBAAqB,KAAc;CACvD,MAAM,YAAY,IAAI,QAAQ,IAAI,qBAAqB;CACvD,MAAM,cAAc,IAAI,QAAQ,IAAI,iBAAiB;CACrD,MAAM,UAAU,MAAM,IAAI,MAAM;AAEhC,KAAI,CAAC,aAAa,CAAC,YACjB,QAAO,IAAI,SAAS,oCAAoC,EAAE,QAAQ,KAAK,CAAC;CAG1E,MAAM,aAAa,MAAM,qBAAqB,YAAY;AAC1D,KAAI,CAAC,WACH,QAAO,IAAI,SAAS,+BAA+B,EAAE,QAAQ,KAAK,CAAC;CAGrE,MAAM,UAAU,MAAM,8BAA8B,WAAW,KAAK,GAAG;AACvE,KAAI,CAAC,gBAAgB,SAAS,WAAW,QAAQ,cAAc,CAC7D,QAAO,IAAI,SAAS,oCAAoC,EAAE,QAAQ,KAAK,CAAC;CAG1E,MAAM,QAAQ,KAAK,MAAM,QAAQ;CACjC,MAAM,WAAW,IAAI,0BAA0B;EAC7C,UAAU,QAAQ;EAClB,cAAc,QAAQ;EACtB,QAAQ,QAAQ;EAChB,aAAa,WAAW,OAAO;EAC/B,SAAS,WAAW,OAAO;EAC5B,CAAC;AAEF,SAAQ,MAAM,MAAd;EACE,KAAK;EACL,KAAK;AACH,SAAM,gBAAgB,0CAA0C;IAC9D,UAAU,WAAW,KAAK;IAC1B,cAAc,WAAW,KAAK;IAC9B,UAAU,MAAM;IACjB,CAAC;AACF;EAEF,KAAK;EACL,KAAK;AACH,SAAM,gBAAgB,8CAA8C;IAClE,UAAU,WAAW,KAAK;IAC1B,cAAc,WAAW,KAAK;IAC9B,UAAU,MAAM;IAChB,WAAW,MAAM;IAClB,CAAC;AACF;EAEF,QACE,OAAM,iBAAiB,MAAM;;AAGjC,KAAI,MAAM,aACR,OAAM,SAAS,YAAY;EACzB,UAAU,WAAW,KAAK;EAC1B,cAAc,WAAW,KAAK;EAC9B,WAAW,MAAM;EAClB,CAAC;AAGJ,QAAO,IAAI,SAAS,MAAM,EAAE,QAAQ,KAAK,CAAC;;AA4B5C,SAAS,gBAAgB,SAAiB,WAAmB,QAAgB;CAC3E,MAAM,SAAS,WAAW,UAAU,OAAO,CAAC,OAAO,QAAQ,CAAC,OAAO,MAAM;CACzE,MAAM,IAAI,OAAO,KAAK,QAAQ,MAAM;CACpC,MAAM,IAAI,OAAO,KAAK,WAAW,MAAM;AACvC,QAAO,EAAE,WAAW,EAAE,UAAU,gBAAgB,GAAG,EAAE;;AAGvD,eAAe,qBACb,OAC8C;AAC9C,QAAO,aAAa,YAAY,MAAM,SAAS,KAAK,UAAU,MAAM,IAAI;;AAG1E,eAAe,8BACb,cAC+B;CAC/B,MAAM,SAAS,gBAAgB;AAC/B,KAAI,CAAC,OAAQ,OAAM,IAAI,MAAM,8BAA8B,eAAe;AAC1E,QAAO;;AAGT,eAAe,gBAAgB,MAAc,OAAgC;AAC3E,OAAM,kBAAkB,QAAQ;EAAE;EAAM;EAAO,CAAC;;AAGlD,eAAe,iBAAiB,QAA4B;AAC1D,OAAM,oBAAoB,OAAO;EAC/B,OAAO;EACP,SAAS;EACV,CAAC;;AAGJ,MAAM,eAAe,EACnB,aAAa,EAAE,EAChB;AAED,MAAMA,kBAAwD,EAAE;AAEhE,MAAM,oBAAoB,EACxB,SAAS,OAAO,aAAsC,IAGvD;AAED,MAAM,sBAAsB,EAC1B,QAAQ,OAAO,aAAsC,IAGtD"}

package/dist/index.d.ts

@@ -0,0 +1,4 @@
+import example from "./example.js";
+import { powensOAuthCallbackHandler } from "./handlers/oauth-callback.js";
+import { powensWebhookHandler } from "./handlers/webhook-handler.js";
+export { example, powensOAuthCallbackHandler, powensWebhookHandler };

package/dist/index.js

@@ -0,0 +1,6 @@
+import example_default from "./example.js";
+import { powensOAuthCallbackHandler } from "./handlers/oauth-callback.js";
+import { powensWebhookHandler } from "./handlers/webhook-handler.js";
+import "./docs/index.js";
+
+export { example_default as example, powensOAuthCallbackHandler, powensWebhookHandler };