@contractspec/example.openbanking-powens 1.57.0 → 1.58.0

package/.turbo/turbo-build.log

@@ -1,45 +1,25 @@
-$ bun build:types && bun build:bundle
-$ tsc --noEmit
-$ tsdown
-ℹ tsdown v0.20.3 powered by rolldown v1.0.0-rc.3
-ℹ config file: /home/runner/work/contractspec/contractspec/packages/examples/openbanking-powens/tsdown.config.js 
-ℹ entry: src/example.ts, src/index.ts, src/docs/index.ts, src/docs/openbanking-powens.docblock.ts, src/handlers/oauth-callback.ts, src/handlers/webhook-handler.ts
-ℹ target: esnext
-ℹ tsconfig: tsconfig.json
-ℹ Build start
-ℹ dist/handlers/webhook-handler.js              3.32 kB │ gzip: 1.23 kB
-ℹ dist/handlers/oauth-callback.js               2.42 kB │ gzip: 1.02 kB
-ℹ dist/docs/openbanking-powens.docblock.js      1.57 kB │ gzip: 0.76 kB
-ℹ dist/example.js                               1.03 kB │ gzip: 0.54 kB
-ℹ dist/index.js                                 0.28 kB │ gzip: 0.15 kB
-ℹ dist/docs/index.js                            0.04 kB │ gzip: 0.06 kB
-ℹ dist/handlers/webhook-handler.js.map          6.40 kB │ gzip: 2.17 kB
-ℹ dist/handlers/oauth-callback.js.map           4.79 kB │ gzip: 1.80 kB
-ℹ dist/docs/openbanking-powens.docblock.js.map  2.07 kB │ gzip: 0.94 kB
-ℹ dist/example.js.map                           1.50 kB │ gzip: 0.74 kB
-ℹ dist/handlers/webhook-handler.d.ts.map        0.17 kB │ gzip: 0.15 kB
-ℹ dist/handlers/oauth-callback.d.ts.map         0.17 kB │ gzip: 0.15 kB
-ℹ dist/example.d.ts.map                         0.13 kB │ gzip: 0.13 kB
-ℹ dist/example.d.ts                             0.25 kB │ gzip: 0.17 kB
-ℹ dist/index.d.ts                               0.25 kB │ gzip: 0.13 kB
-ℹ dist/handlers/oauth-callback.d.ts             0.22 kB │ gzip: 0.17 kB
-ℹ dist/handlers/webhook-handler.d.ts            0.21 kB │ gzip: 0.16 kB
-ℹ dist/docs/index.d.ts                          0.01 kB │ gzip: 0.03 kB
-ℹ dist/docs/openbanking-powens.docblock.d.ts    0.01 kB │ gzip: 0.03 kB
-ℹ 19 files, total: 24.84 kB
-src/handlers/webhook-handler.ts (7:44) [UNRESOLVED_IMPORT] Warning: Could not resolve 'crypto' in src/handlers/webhook-handler.ts
-   ╭─[ src/handlers/webhook-handler.ts:7:45 ]
-   │
- 7 │ import { createHmac, timingSafeEqual } from 'crypto';
-   │                                             ────┬───  
-   │                                                 ╰───── Module not found, treating it as an external dependency
-   │ 
-   │ Help: The "main" field here was ignored. Main fields must be configured explicitly when using the "neutral" platform.
-───╯
+$ contractspec-bun-build prebuild
+$ bun run prebuild && bun run build:bundle && bun run build:types
+$ contractspec-bun-build prebuild
+$ contractspec-bun-build transpile
+[contractspec-bun-build] transpile target=bun root=src entries=6
+Bundled 6 modules in 11ms
 
-[PLUGIN_TIMINGS] Warning: Your build spent significant time in plugins. Here is a breakdown:
-  - tsdown:external (62%)
-  - rolldown-plugin-dts:generate (37%)
-See https://rolldown.rs/options/checks#plugintimings for more details.
+  docs/index.js                        1.57 KB  (entry point)
+  ./index.js                           8.1 KB   (entry point)
+  docs/openbanking-powens.docblock.js  1.57 KB  (entry point)
+  ./example.js                         1.0 KB   (entry point)
+  handlers/oauth-callback.js           2.26 KB  (entry point)
+  handlers/webhook-handler.js          3.22 KB  (entry point)
 
-✔ Build complete in 20958ms
+[contractspec-bun-build] transpile target=node root=src entries=6
+Bundled 6 modules in 7ms
+
+  docs/index.js                        1.55 KB  (entry point)
+  ./index.js                           8.1 KB   (entry point)
+  docs/openbanking-powens.docblock.js  1.55 KB  (entry point)
+  ./example.js                         1.0 KB   (entry point)
+  handlers/oauth-callback.js           2.26 KB  (entry point)
+  handlers/webhook-handler.js          3.21 KB  (entry point)
+
+$ contractspec-bun-build types

package/.turbo/turbo-prebuild.log

@@ -0,0 +1 @@
+$ contractspec-bun-build prebuild

package/CHANGELOG.md

@@ -1,5 +1,18 @@
 # @contractspec/example.openbanking-powens
 
+## 1.58.0
+
+### Minor Changes
+
+- d1f0fd0: chore: Migrate non-app package builds from tsdown to shared Bun tooling, add `@contractspec/tool.bun`, and standardize `prebuild`/`build`/`typecheck` with platform-aware exports and `tsc` declaration emission into `dist`.
+
+### Patch Changes
+
+- Updated dependencies [d1f0fd0]
+- Updated dependencies [4355a9e]
+  - @contractspec/integration.providers-impls@1.58.0
+  - @contractspec/lib.contracts@1.58.0
+
 ## 1.57.0
 
 ### Minor Changes

package/dist/docs/index.d.ts

@@ -1 +1,2 @@
-export { };
+import './openbanking-powens.docblock';
+//# sourceMappingURL=index.d.ts.map

package/dist/docs/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/docs/index.ts"],"names":[],"mappings":"AAAA,OAAO,+BAA+B,CAAC"}

package/dist/docs/index.js

@@ -1 +1,39 @@
-import "./openbanking-powens.docblock.js";
+// @bun
+// src/docs/openbanking-powens.docblock.ts
+import { registerDocBlocks } from "@contractspec/lib.contracts/docs";
+var blocks = [
+  {
+    id: "docs.examples.openbanking-powens",
+    title: "Open Banking \u2014 Powens (example)",
+    summary: "Framework-neutral OAuth callback + webhook handler patterns for Powens, orchestrating canonical sync workflows.",
+    kind: "reference",
+    visibility: "public",
+    route: "/docs/examples/openbanking-powens",
+    tags: ["openbanking", "powens", "integration", "example"],
+    body: `## What this example shows
+- OAuth callback handler: exchange auth code, map powens user, enqueue sync workflow.
+- Webhook handler: verify signature, route event \u2192 workflow, optionally refresh balances.
+
+## Guardrails
+- Secrets via secret providers/env only.
+- Verify webhook signatures.
+- Keep side effects explicit: enqueue workflows instead of mutating canonical stores inline.`
+  },
+  {
+    id: "docs.examples.openbanking-powens.usage",
+    title: "Open Banking \u2014 Powens \u2014 Usage",
+    summary: "How to integrate the handlers in a fetch-compatible runtime.",
+    kind: "usage",
+    visibility: "public",
+    route: "/docs/examples/openbanking-powens/usage",
+    tags: ["openbanking", "usage"],
+    body: `## Usage
+- Wire \`powensOAuthCallbackHandler(req)\` at your OAuth redirect route.
+- Wire \`powensWebhookHandler(req)\` at your webhook route.
+
+## Notes
+- Replace the fake stores with your app-layer persistence.
+- Enqueue ContractSpec workflows for canonical upserts and telemetry.`
+  }
+];
+registerDocBlocks(blocks);

package/dist/docs/openbanking-powens.docblock.d.ts

@@ -1 +1,2 @@
-export { };
+export {};
+//# sourceMappingURL=openbanking-powens.docblock.d.ts.map

package/dist/docs/openbanking-powens.docblock.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"openbanking-powens.docblock.d.ts","sourceRoot":"","sources":["../../src/docs/openbanking-powens.docblock.ts"],"names":[],"mappings":""}

package/dist/docs/openbanking-powens.docblock.js

@@ -1,30 +1,39 @@
+// @bun
+// src/docs/openbanking-powens.docblock.ts
 import { registerDocBlocks } from "@contractspec/lib.contracts/docs";
+var blocks = [
+  {
+    id: "docs.examples.openbanking-powens",
+    title: "Open Banking \u2014 Powens (example)",
+    summary: "Framework-neutral OAuth callback + webhook handler patterns for Powens, orchestrating canonical sync workflows.",
+    kind: "reference",
+    visibility: "public",
+    route: "/docs/examples/openbanking-powens",
+    tags: ["openbanking", "powens", "integration", "example"],
+    body: `## What this example shows
+- OAuth callback handler: exchange auth code, map powens user, enqueue sync workflow.
+- Webhook handler: verify signature, route event \u2192 workflow, optionally refresh balances.
 
-//#region src/docs/openbanking-powens.docblock.ts
-registerDocBlocks([{
-	id: "docs.examples.openbanking-powens",
-	title: "Open Banking — Powens (example)",
-	summary: "Framework-neutral OAuth callback + webhook handler patterns for Powens, orchestrating canonical sync workflows.",
-	kind: "reference",
-	visibility: "public",
-	route: "/docs/examples/openbanking-powens",
-	tags: [
-		"openbanking",
-		"powens",
-		"integration",
-		"example"
-	],
-	body: `## What this example shows\n- OAuth callback handler: exchange auth code, map powens user, enqueue sync workflow.\n- Webhook handler: verify signature, route event → workflow, optionally refresh balances.\n\n## Guardrails\n- Secrets via secret providers/env only.\n- Verify webhook signatures.\n- Keep side effects explicit: enqueue workflows instead of mutating canonical stores inline.`
-}, {
-	id: "docs.examples.openbanking-powens.usage",
-	title: "Open Banking — Powens — Usage",
-	summary: "How to integrate the handlers in a fetch-compatible runtime.",
-	kind: "usage",
-	visibility: "public",
-	route: "/docs/examples/openbanking-powens/usage",
-	tags: ["openbanking", "usage"],
-	body: `## Usage\n- Wire \`powensOAuthCallbackHandler(req)\` at your OAuth redirect route.\n- Wire \`powensWebhookHandler(req)\` at your webhook route.\n\n## Notes\n- Replace the fake stores with your app-layer persistence.\n- Enqueue ContractSpec workflows for canonical upserts and telemetry.`
-}]);
+## Guardrails
+- Secrets via secret providers/env only.
+- Verify webhook signatures.
+- Keep side effects explicit: enqueue workflows instead of mutating canonical stores inline.`
+  },
+  {
+    id: "docs.examples.openbanking-powens.usage",
+    title: "Open Banking \u2014 Powens \u2014 Usage",
+    summary: "How to integrate the handlers in a fetch-compatible runtime.",
+    kind: "usage",
+    visibility: "public",
+    route: "/docs/examples/openbanking-powens/usage",
+    tags: ["openbanking", "usage"],
+    body: `## Usage
+- Wire \`powensOAuthCallbackHandler(req)\` at your OAuth redirect route.
+- Wire \`powensWebhookHandler(req)\` at your webhook route.
 
-//#endregion
-//# sourceMappingURL=openbanking-powens.docblock.js.map
+## Notes
+- Replace the fake stores with your app-layer persistence.
+- Enqueue ContractSpec workflows for canonical upserts and telemetry.`
+  }
+];
+registerDocBlocks(blocks);

package/dist/example.d.ts

@@ -1,7 +1,3 @@
-import * as _contractspec_lib_contracts0 from "@contractspec/lib.contracts";
-
-//#region src/example.d.ts
-declare const example: _contractspec_lib_contracts0.ExampleSpec;
-//#endregion
-export { example as default };
+declare const example: import("@contractspec/lib.contracts").ExampleSpec;
+export default example;
 //# sourceMappingURL=example.d.ts.map

package/dist/example.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"example.d.ts","names":[],"sources":["../src/example.ts"],"mappings":";;;cAEM,OAAA,EA2BJ,4BAAA,CA3BW,WAAA"}
+{"version":3,"file":"example.d.ts","sourceRoot":"","sources":["../src/example.ts"],"names":[],"mappings":"AAEA,QAAA,MAAM,OAAO,mDA2BX,CAAC;AAEH,eAAe,OAAO,CAAC"}

package/dist/example.js

@@ -1,46 +1,34 @@
+// @bun
+// src/example.ts
 import { defineExample } from "@contractspec/lib.contracts";
-
-//#region src/example.ts
-const example = defineExample({
-	meta: {
-		key: "openbanking-powens",
-		version: "1.0.0",
-		title: "Open Banking — Powens",
-		description: "OAuth callback + webhook handler patterns for Powens open banking integration (provider + workflow orchestration).",
-		kind: "integration",
-		visibility: "public",
-		stability: "experimental",
-		owners: ["@platform.core"],
-		tags: [
-			"openbanking",
-			"powens",
-			"oauth",
-			"webhooks",
-			"integrations"
-		]
-	},
-	docs: {
-		rootDocId: "docs.examples.openbanking-powens",
-		usageDocId: "docs.examples.openbanking-powens.usage"
-	},
-	entrypoints: {
-		packageName: "@contractspec/example.openbanking-powens",
-		docs: "./docs"
-	},
-	surfaces: {
-		templates: true,
-		sandbox: {
-			enabled: true,
-			modes: ["markdown", "specs"]
-		},
-		studio: {
-			enabled: true,
-			installable: true
-		},
-		mcp: { enabled: true }
-	}
+var example = defineExample({
+  meta: {
+    key: "openbanking-powens",
+    version: "1.0.0",
+    title: "Open Banking \u2014 Powens",
+    description: "OAuth callback + webhook handler patterns for Powens open banking integration (provider + workflow orchestration).",
+    kind: "integration",
+    visibility: "public",
+    stability: "experimental",
+    owners: ["@platform.core"],
+    tags: ["openbanking", "powens", "oauth", "webhooks", "integrations"]
+  },
+  docs: {
+    rootDocId: "docs.examples.openbanking-powens",
+    usageDocId: "docs.examples.openbanking-powens.usage"
+  },
+  entrypoints: {
+    packageName: "@contractspec/example.openbanking-powens",
+    docs: "./docs"
+  },
+  surfaces: {
+    templates: true,
+    sandbox: { enabled: true, modes: ["markdown", "specs"] },
+    studio: { enabled: true, installable: true },
+    mcp: { enabled: true }
+  }
 });
-
-//#endregion
-export { example as default };
-//# sourceMappingURL=example.js.map
+var example_default = example;
+export {
+  example_default as default
+};

package/dist/handlers/oauth-callback.d.ts

@@ -1,5 +1,2 @@
-//#region src/handlers/oauth-callback.d.ts
-declare function powensOAuthCallbackHandler(req: Request): Promise<Response>;
-//#endregion
-export { powensOAuthCallbackHandler };
+export declare function powensOAuthCallbackHandler(req: Request): Promise<Response>;
 //# sourceMappingURL=oauth-callback.d.ts.map

package/dist/handlers/oauth-callback.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"oauth-callback.d.ts","names":[],"sources":["../../src/handlers/oauth-callback.ts"],"mappings":";iBASsB,0BAAA,CAA2B,GAAA,EAAK,OAAA,GAAO,OAAA,CAAA,QAAA"}
+{"version":3,"file":"oauth-callback.d.ts","sourceRoot":"","sources":["../../src/handlers/oauth-callback.ts"],"names":[],"mappings":"AASA,wBAAsB,0BAA0B,CAAC,GAAG,EAAE,OAAO,qBAiD5D"}

package/dist/handlers/oauth-callback.js

@@ -1,64 +1,65 @@
+// @bun
+// src/handlers/oauth-callback.ts
 import { PowensOpenBankingProvider } from "@contractspec/integration.providers-impls/impls/powens-openbanking";
-
-//#region src/handlers/oauth-callback.ts
-/**
-* Example OAuth callback handler for Powens (open banking).
-*
-* This example stays framework-neutral: it operates on the standard `Request`
-* type so it can be used in Next.js, Elysia, or any fetch-compatible runtime.
-*/
 async function powensOAuthCallbackHandler(req) {
-	const url = new URL(req.url);
-	const code = url.searchParams.get("code");
-	const state = url.searchParams.get("state");
-	const userUuid = url.searchParams.get("user_uuid");
-	if (!code || !state || !userUuid) return new Response("Missing Powens OAuth params", { status: 400 });
-	const connection = await getConnectionByState(state);
-	if (!connection) return new Response("Unknown Powens OAuth state", { status: 404 });
-	const secrets = await getPowensSecretsForConnection(connection.meta.id);
-	const preview = await new PowensOpenBankingProvider({
-		clientId: secrets.clientId,
-		clientSecret: secrets.clientSecret,
-		apiKey: secrets.apiKey,
-		environment: connection.config.environment,
-		baseUrl: connection.config.baseUrl
-	}).listAccounts({
-		tenantId: connection.meta.tenantId,
-		connectionId: connection.meta.id,
-		userId: userUuid
-	});
-	await connection.storePowensUser({
-		tenantUserId: connection.meta.tenantUserId,
-		powensUserUuid: userUuid,
-		authCode: code
-	});
-	await enqueueWorkflow("pfo.workflow.sync-openbanking-accounts", {
-		tenantId: connection.meta.tenantId,
-		userUuid,
-		connectionId: connection.meta.id,
-		previewAccounts: preview.accounts
-	});
-	const redirectBase = process.env.APP_DASHBOARD_URL ?? "";
-	return Response.redirect(`${redirectBase}/banking/linked?tenant=${connection.meta.tenantId}`, 302);
+  const url = new URL(req.url);
+  const code = url.searchParams.get("code");
+  const state = url.searchParams.get("state");
+  const userUuid = url.searchParams.get("user_uuid");
+  if (!code || !state || !userUuid) {
+    return new Response("Missing Powens OAuth params", { status: 400 });
+  }
+  const connection = await getConnectionByState(state);
+  if (!connection) {
+    return new Response("Unknown Powens OAuth state", { status: 404 });
+  }
+  const secrets = await getPowensSecretsForConnection(connection.meta.id);
+  const provider = new PowensOpenBankingProvider({
+    clientId: secrets.clientId,
+    clientSecret: secrets.clientSecret,
+    apiKey: secrets.apiKey,
+    environment: connection.config.environment,
+    baseUrl: connection.config.baseUrl
+  });
+  const preview = await provider.listAccounts({
+    tenantId: connection.meta.tenantId,
+    connectionId: connection.meta.id,
+    userId: userUuid
+  });
+  await connection.storePowensUser({
+    tenantUserId: connection.meta.tenantUserId,
+    powensUserUuid: userUuid,
+    authCode: code
+  });
+  await enqueueWorkflow("pfo.workflow.sync-openbanking-accounts", {
+    tenantId: connection.meta.tenantId,
+    userUuid,
+    connectionId: connection.meta.id,
+    previewAccounts: preview.accounts
+  });
+  const redirectBase = process.env.APP_DASHBOARD_URL ?? "";
+  return Response.redirect(`${redirectBase}/banking/linked?tenant=${connection.meta.tenantId}`, 302);
 }
 async function getConnectionByState(state) {
-	return fakeDatabase.connections.find((conn) => conn.state === state) ?? null;
+  const record = fakeDatabase.connections.find((conn) => conn.state === state);
+  return record ?? null;
 }
 async function getPowensSecretsForConnection(connectionId) {
-	const secret = fakeSecretStore[connectionId];
-	if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);
-	return secret;
+  const secret = fakeSecretStore[connectionId];
+  if (!secret)
+    throw new Error(`Missing Powens secrets for ${connectionId}`);
+  return secret;
 }
 async function enqueueWorkflow(name, input) {
-	await fakeWorkflowQueue.enqueue({
-		name,
-		input
-	});
+  await fakeWorkflowQueue.enqueue({ name, input });
 }
-const fakeDatabase = { connections: [] };
-const fakeSecretStore = {};
-const fakeWorkflowQueue = { enqueue: async (_payload) => {} };
-
-//#endregion
-export { powensOAuthCallbackHandler };
-//# sourceMappingURL=oauth-callback.js.map
+var fakeDatabase = {
+  connections: []
+};
+var fakeSecretStore = {};
+var fakeWorkflowQueue = {
+  enqueue: async (_payload) => {}
+};
+export {
+  powensOAuthCallbackHandler
+};

package/dist/handlers/webhook-handler.d.ts

@@ -1,5 +1,2 @@
-//#region src/handlers/webhook-handler.d.ts
-declare function powensWebhookHandler(req: Request): Promise<Response>;
-//#endregion
-export { powensWebhookHandler };
+export declare function powensWebhookHandler(req: Request): Promise<Response>;
 //# sourceMappingURL=webhook-handler.d.ts.map

package/dist/handlers/webhook-handler.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"webhook-handler.d.ts","names":[],"sources":["../../src/handlers/webhook-handler.ts"],"mappings":";iBAUsB,oBAAA,CAAqB,GAAA,EAAK,OAAA,GAAO,OAAA,CAAA,QAAA"}
+{"version":3,"file":"webhook-handler.d.ts","sourceRoot":"","sources":["../../src/handlers/webhook-handler.ts"],"names":[],"mappings":"AAUA,wBAAsB,oBAAoB,CAAC,GAAG,EAAE,OAAO,qBA6DtD"}

package/dist/handlers/webhook-handler.js

@@ -1,88 +1,96 @@
-import { PowensOpenBankingProvider } from "@contractspec/integration.providers-impls/impls/powens-openbanking";
+// @bun
+// src/handlers/webhook-handler.ts
 import { createHmac, timingSafeEqual } from "crypto";
-
-//#region src/handlers/webhook-handler.ts
-/**
-* Example Powens webhook handler (fetch-compatible).
-*
-* Verifies signature, then enqueues the canonical workflows to keep the ledger
-* in sync. Unknown events are ignored (or can be recorded by the app layer).
-*/
+import { PowensOpenBankingProvider } from "@contractspec/integration.providers-impls/impls/powens-openbanking";
 async function powensWebhookHandler(req) {
-	const signature = req.headers.get("x-powens-signature");
-	const stateHeader = req.headers.get("x-powens-state");
-	const payload = await req.text();
-	if (!signature || !stateHeader) return new Response("Missing Powens signature headers", { status: 400 });
-	const connection = await getConnectionByState(stateHeader);
-	if (!connection) return new Response("Unknown Powens state header", { status: 404 });
-	const secrets = await getPowensSecretsForConnection(connection.meta.id);
-	if (!verifySignature(payload, signature, secrets.webhookSecret)) return new Response("Invalid Powens webhook signature", { status: 401 });
-	const event = JSON.parse(payload);
-	const provider = new PowensOpenBankingProvider({
-		clientId: secrets.clientId,
-		clientSecret: secrets.clientSecret,
-		apiKey: secrets.apiKey,
-		environment: connection.config.environment,
-		baseUrl: connection.config.baseUrl
-	});
-	switch (event.type) {
-		case "connection.updated":
-		case "user.sync.completed":
-			await enqueueWorkflow("pfo.workflow.sync-openbanking-accounts", {
-				tenantId: connection.meta.tenantId,
-				connectionId: connection.meta.id,
-				userUuid: event.user_uuid
-			});
-			break;
-		case "transactions.created":
-		case "transactions.updated":
-			await enqueueWorkflow("pfo.workflow.sync-openbanking-transactions", {
-				tenantId: connection.meta.tenantId,
-				connectionId: connection.meta.id,
-				userUuid: event.user_uuid,
-				accountId: event.account_uuid
-			});
-			break;
-		default: await logUnmappedEvent(event);
-	}
-	if (event.account_uuid) await provider.getBalances({
-		tenantId: connection.meta.tenantId,
-		connectionId: connection.meta.id,
-		accountId: event.account_uuid
-	});
-	return new Response("OK", { status: 200 });
+  const signature = req.headers.get("x-powens-signature");
+  const stateHeader = req.headers.get("x-powens-state");
+  const payload = await req.text();
+  if (!signature || !stateHeader) {
+    return new Response("Missing Powens signature headers", { status: 400 });
+  }
+  const connection = await getConnectionByState(stateHeader);
+  if (!connection) {
+    return new Response("Unknown Powens state header", { status: 404 });
+  }
+  const secrets = await getPowensSecretsForConnection(connection.meta.id);
+  if (!verifySignature(payload, signature, secrets.webhookSecret)) {
+    return new Response("Invalid Powens webhook signature", { status: 401 });
+  }
+  const event = JSON.parse(payload);
+  const provider = new PowensOpenBankingProvider({
+    clientId: secrets.clientId,
+    clientSecret: secrets.clientSecret,
+    apiKey: secrets.apiKey,
+    environment: connection.config.environment,
+    baseUrl: connection.config.baseUrl
+  });
+  switch (event.type) {
+    case "connection.updated":
+    case "user.sync.completed": {
+      await enqueueWorkflow("pfo.workflow.sync-openbanking-accounts", {
+        tenantId: connection.meta.tenantId,
+        connectionId: connection.meta.id,
+        userUuid: event.user_uuid
+      });
+      break;
+    }
+    case "transactions.created":
+    case "transactions.updated": {
+      await enqueueWorkflow("pfo.workflow.sync-openbanking-transactions", {
+        tenantId: connection.meta.tenantId,
+        connectionId: connection.meta.id,
+        userUuid: event.user_uuid,
+        accountId: event.account_uuid
+      });
+      break;
+    }
+    default:
+      await logUnmappedEvent(event);
+  }
+  if (event.account_uuid) {
+    await provider.getBalances({
+      tenantId: connection.meta.tenantId,
+      connectionId: connection.meta.id,
+      accountId: event.account_uuid
+    });
+  }
+  return new Response("OK", { status: 200 });
 }
 function verifySignature(payload, signature, secret) {
-	const digest = createHmac("sha256", secret).update(payload).digest("hex");
-	const a = Buffer.from(digest, "hex");
-	const b = Buffer.from(signature, "hex");
-	return a.length === b.length && timingSafeEqual(a, b);
+  const digest = createHmac("sha256", secret).update(payload).digest("hex");
+  const a = Buffer.from(digest, "hex");
+  const b = Buffer.from(signature, "hex");
+  return a.length === b.length && timingSafeEqual(a, b);
 }
 async function getConnectionByState(state) {
-	return fakeDatabase.connections.find((conn) => conn.state === state) ?? null;
+  return fakeDatabase.connections.find((conn) => conn.state === state) ?? null;
 }
 async function getPowensSecretsForConnection(connectionId) {
-	const secret = fakeSecretStore[connectionId];
-	if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);
-	return secret;
+  const secret = fakeSecretStore[connectionId];
+  if (!secret)
+    throw new Error(`Missing Powens secrets for ${connectionId}`);
+  return secret;
 }
 async function enqueueWorkflow(name, input) {
-	await fakeWorkflowQueue.enqueue({
-		name,
-		input
-	});
+  await fakeWorkflowQueue.enqueue({ name, input });
 }
 async function logUnmappedEvent(_event) {
-	await fakeTelemetryLogger.record({
-		event: "openbanking.webhook.unmapped",
-		payload: "redacted"
-	});
+  await fakeTelemetryLogger.record({
+    event: "openbanking.webhook.unmapped",
+    payload: "redacted"
+  });
 }
-const fakeDatabase = { connections: [] };
-const fakeSecretStore = {};
-const fakeWorkflowQueue = { enqueue: async (_payload) => {} };
-const fakeTelemetryLogger = { record: async (_payload) => {} };
-
-//#endregion
-export { powensWebhookHandler };
-//# sourceMappingURL=webhook-handler.js.map
+var fakeDatabase = {
+  connections: []
+};
+var fakeSecretStore = {};
+var fakeWorkflowQueue = {
+  enqueue: async (_payload) => {}
+};
+var fakeTelemetryLogger = {
+  record: async (_payload) => {}
+};
+export {
+  powensWebhookHandler
+};