@contractspec/example.openbanking-powens 3.7.5 → 3.7.7

package/.turbo/turbo-build.log

@@ -3,7 +3,7 @@ $ bun run prebuild && bun run build:bundle && bun run build:types
 $ contractspec-bun-build prebuild
 $ contractspec-bun-build transpile
 [contractspec-bun-build] transpile target=bun root=src entries=7 noBundle=false
-Bundled 7 modules in 42ms
+Bundled 7 modules in 15ms
 
   docs/index.js                        1.58 KB  (entry point)
   ./index.js                           8.80 KB  (entry point)
@@ -14,7 +14,7 @@ Bundled 7 modules in 42ms
   ./openbanking-powens.feature.js      0.72 KB  (entry point)
 
 [contractspec-bun-build] transpile target=node root=src entries=7 noBundle=false
-Bundled 7 modules in 52ms
+Bundled 7 modules in 27ms
 
   docs/index.js                        1.56 KB  (entry point)
   ./index.js                           8.78 KB  (entry point)

package/AGENTS.md

@@ -1,30 +1,53 @@
-# AI Agent Guide -- `@contractspec/example.openbanking-powens`
+# AI Agent Guide — `@contractspec/example.openbanking-powens`
 
 Scope: `packages/examples/openbanking-powens/*`
 
-OpenBanking Powens example: OAuth callback + webhook handler patterns for provider integration.
+OpenBanking Powens example: OAuth callback + webhook handler patterns (provider + workflows).
 
 ## Quick Context
 
-- **Layer**: example
-- **Related Packages**: `integration.providers-impls`, `lib.contracts-spec`
+- Layer: `example`.
+- Package visibility: published package.
+- Primary consumers are example explorers, template authors, and documentation readers.
+- Related packages: `@contractspec/integration.providers-impls`, `@contractspec/lib.contracts-spec`, `@contractspec/tool.bun`, `@contractspec/tool.typescript`.
 
-## What This Demonstrates
+## Architecture
 
-- OAuth callback handler pattern for open banking
-- Webhook handler for asynchronous bank event ingestion
-- Provider integration via contracts-integrations
+- `src/docs/` contains docblocks and documentation-facing exports.
+- `src/example.ts` is the runnable example entrypoint.
+- `src/handlers/` contains handlers or demo adapters wired to contract surfaces.
+- `src/index.ts` is the root public barrel and package entrypoint.
+- `src/openbanking-powens.feature.ts` defines a feature entrypoint.
 
-## Public Exports
+## Public Surface
 
-- `.` -- root barrel
-- `./handlers/oauth-callback` -- OAuth flow handler
-- `./handlers/webhook-handler` -- webhook ingestion
-- `./docs`, `./example`
+- Export `.` resolves through `./src/index.ts`.
+- Export `./docs` resolves through `./src/docs/index.ts`.
+- Export `./docs/openbanking-powens.docblock` resolves through `./src/docs/openbanking-powens.docblock.ts`.
+- Export `./example` resolves through `./src/example.ts`.
+- Export `./handlers/oauth-callback` resolves through `./src/handlers/oauth-callback.ts`.
+- Export `./handlers/webhook-handler` resolves through `./src/handlers/webhook-handler.ts`.
+- Export `./openbanking-powens.feature` resolves through `./src/openbanking-powens.feature.ts`.
+
+## Guardrails
+
+- Keep the example package demonstrative, buildable, and aligned with the exported feature surface.
+- Do not add hidden production assumptions that are not actually implemented in the example.
+- Changes here can affect downstream packages such as `@contractspec/integration.providers-impls`, `@contractspec/lib.contracts-spec`, `@contractspec/tool.bun`, `@contractspec/tool.typescript`.
+- Changes here can affect downstream packages such as `@contractspec/integration.providers-impls`, `@contractspec/lib.contracts-spec`, `@contractspec/tool.bun`, `@contractspec/tool.typescript`.
 
 ## Local Commands
 
-- Build: `bun run build`
-- Dev: `bun run dev`
-- Test: `bun test --pass-with-no-tests`
-- Typecheck: `bun run typecheck`
+- `bun run dev` — contractspec-bun-build dev
+- `bun run build` — bun run prebuild && bun run build:bundle && bun run build:types
+- `bun run test` — bun test --pass-with-no-tests
+- `bun run lint` — bun lint:fix
+- `bun run lint:check` — biome check .
+- `bun run lint:fix` — biome check --write --unsafe --only=nursery/useSortedClasses . && biome check --write .
+- `bun run typecheck` — tsc --noEmit
+- `bun run publish:pkg` — bun publish --tolerate-republish --ignore-scripts --verbose
+- `bun run publish:pkg:canary` — bun publish:pkg --tag canary
+- `bun run clean` — rimraf dist .turbo
+- `bun run build:bundle` — contractspec-bun-build transpile
+- `bun run build:types` — contractspec-bun-build types
+- `bun run prebuild` — contractspec-bun-build prebuild

package/CHANGELOG.md

@@ -1,5 +1,14 @@
 # @contractspec/example.openbanking-powens
 
+## 3.7.6
+
+### Patch Changes
+
+- fix: release manifest
+- Updated dependencies
+  - @contractspec/integration.providers-impls@3.7.6
+  - @contractspec/lib.contracts-spec@3.7.6
+
 ## 3.7.5
 
 ### Patch Changes

package/README.md

@@ -1,32 +1,69 @@
 # @contractspec/example.openbanking-powens
 
-Website: https://contractspec.io/
+Website: https://contractspec.io
 
-**OAuth callback + webhook handler patterns**
-
-OpenBanking Powens example: OAuth callback + webhook handler patterns. Framework-neutral handlers operate on standard `Request` for use in Next.js, Elysia, or any fetch-compatible runtime.
+**OpenBanking Powens example: OAuth callback + webhook handler patterns (provider + workflows).**
 
 ## What This Demonstrates
 
-- OAuth callback handler for Powens open banking
-- Webhook handler for Powens events
-- Example spec with provider and workflow orchestration
+- OAuth callback handler pattern for open banking.
+- Webhook handler for asynchronous bank event ingestion.
+- Provider integration via contracts-integrations.
+- `src/docs/` contains docblocks and documentation-facing exports.
+- `src/handlers/` contains handlers or demo adapters wired to contract surfaces.
+- `src/docs/` contains docblocks and documentation-facing exports.
 
-## Exports
+## Running Locally
 
-- `.` — main entry (registers docs, exports example and handlers)
-- `./docs` — doc blocks
-- `./example` — example metadata
-- `./handlers/oauth-callback` — OAuth callback handler
-- `./handlers/webhook-handler` — webhook handler
+From `packages/examples/openbanking-powens`:
+- `bun run dev`
+- `bun run build`
+- `bun run test`
+- `bun run typecheck`
 
 ## Usage
 
-```ts
-import { powensOAuthCallbackHandler } from "@contractspec/example.openbanking-powens/handlers/oauth-callback";
-import { powensWebhookHandler } from "@contractspec/example.openbanking-powens/handlers/webhook-handler";
+Use `@contractspec/example.openbanking-powens` as a reference implementation, or import its exported surfaces into a workspace that composes ContractSpec examples and bundles.
+
+## Architecture
+
+- `src/docs/` contains docblocks and documentation-facing exports.
+- `src/example.ts` is the runnable example entrypoint.
+- `src/handlers/` contains handlers or demo adapters wired to contract surfaces.
+- `src/index.ts` is the root public barrel and package entrypoint.
+- `src/openbanking-powens.feature.ts` defines a feature entrypoint.
+
+## Public Entry Points
+
+- Export `.` resolves through `./src/index.ts`.
+- Export `./docs` resolves through `./src/docs/index.ts`.
+- Export `./docs/openbanking-powens.docblock` resolves through `./src/docs/openbanking-powens.docblock.ts`.
+- Export `./example` resolves through `./src/example.ts`.
+- Export `./handlers/oauth-callback` resolves through `./src/handlers/oauth-callback.ts`.
+- Export `./handlers/webhook-handler` resolves through `./src/handlers/webhook-handler.ts`.
+- Export `./openbanking-powens.feature` resolves through `./src/openbanking-powens.feature.ts`.
+
+## Local Commands
+
+- `bun run dev` — contractspec-bun-build dev
+- `bun run build` — bun run prebuild && bun run build:bundle && bun run build:types
+- `bun run test` — bun test --pass-with-no-tests
+- `bun run lint` — bun lint:fix
+- `bun run lint:check` — biome check .
+- `bun run lint:fix` — biome check --write --unsafe --only=nursery/useSortedClasses . && biome check --write .
+- `bun run typecheck` — tsc --noEmit
+- `bun run publish:pkg` — bun publish --tolerate-republish --ignore-scripts --verbose
+- `bun run publish:pkg:canary` — bun publish:pkg --tag canary
+- `bun run clean` — rimraf dist .turbo
+- `bun run build:bundle` — contractspec-bun-build transpile
+- `bun run build:types` — contractspec-bun-build types
+- `bun run prebuild` — contractspec-bun-build prebuild
+
+## Recent Updates
+
+- Replace eslint+prettier by biomejs to optimize speed.
+- Missing contract layers.
+
+## Notes
 
-// Wire into your framework (Next.js, Elysia, etc.)
-// GET /api/oauth/callback → powensOAuthCallbackHandler
-// POST /api/webhooks/powens → powensWebhookHandler
-```
+- Works alongside `@contractspec/integration.providers-impls`, `@contractspec/lib.contracts-spec`, `@contractspec/tool.bun`, `@contractspec/tool.typescript`.

package/dist/handlers/oauth-callback.d.ts

@@ -1 +1,7 @@
+/**
+ * Example OAuth callback handler for Powens (open banking).
+ *
+ * This example stays framework-neutral: it operates on the standard `Request`
+ * type so it can be used in Next.js, Elysia, or any fetch-compatible runtime.
+ */
 export declare function powensOAuthCallbackHandler(req: Request): Promise<Response>;

package/dist/handlers/webhook-handler.d.ts

@@ -1 +1,7 @@
+/**
+ * Example Powens webhook handler (fetch-compatible).
+ *
+ * Verifies signature, then enqueues the canonical workflows to keep the ledger
+ * in sync. Unknown events are ignored (or can be recorded by the app layer).
+ */
 export declare function powensWebhookHandler(req: Request): Promise<Response>;

package/dist/handlers/webhook-handler.js

@@ -1,7 +1,7 @@
 // @bun
 // src/handlers/webhook-handler.ts
-import { createHmac, timingSafeEqual } from "crypto";
 import { PowensOpenBankingProvider } from "@contractspec/integration.providers-impls/impls/powens-openbanking";
+import { createHmac, timingSafeEqual } from "crypto";
 async function powensWebhookHandler(req) {
   const signature = req.headers.get("x-powens-signature");
   const stateHeader = req.headers.get("x-powens-state");

package/dist/index.d.ts

@@ -1,5 +1,5 @@
+export { default as example } from './example';
 export * from './handlers/oauth-callback';
 export * from './handlers/webhook-handler';
 export * from './openbanking-powens.feature';
-export { default as example } from './example';
 import './docs';

package/dist/index.js

@@ -131,8 +131,8 @@ var fakeWorkflowQueue = {
 };
 
 // src/handlers/webhook-handler.ts
-import { createHmac, timingSafeEqual } from "crypto";
 import { PowensOpenBankingProvider as PowensOpenBankingProvider2 } from "@contractspec/integration.providers-impls/impls/powens-openbanking";
+import { createHmac, timingSafeEqual } from "crypto";
 async function powensWebhookHandler(req) {
   const signature = req.headers.get("x-powens-signature");
   const stateHeader = req.headers.get("x-powens-state");

package/dist/node/handlers/webhook-handler.js

@@ -1,6 +1,6 @@
 // src/handlers/webhook-handler.ts
-import { createHmac, timingSafeEqual } from "crypto";
 import { PowensOpenBankingProvider } from "@contractspec/integration.providers-impls/impls/powens-openbanking";
+import { createHmac, timingSafeEqual } from "crypto";
 async function powensWebhookHandler(req) {
   const signature = req.headers.get("x-powens-signature");
   const stateHeader = req.headers.get("x-powens-state");

package/dist/node/index.js

@@ -130,8 +130,8 @@ var fakeWorkflowQueue = {
 };
 
 // src/handlers/webhook-handler.ts
-import { createHmac, timingSafeEqual } from "crypto";
 import { PowensOpenBankingProvider as PowensOpenBankingProvider2 } from "@contractspec/integration.providers-impls/impls/powens-openbanking";
+import { createHmac, timingSafeEqual } from "crypto";
 async function powensWebhookHandler(req) {
   const signature = req.headers.get("x-powens-signature");
   const stateHeader = req.headers.get("x-powens-state");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contractspec/example.openbanking-powens",
-  "version": "3.7.5",
+  "version": "3.7.7",
   "description": "OpenBanking Powens example: OAuth callback + webhook handler patterns (provider + workflows).",
   "type": "module",
   "types": "./dist/index.d.ts",
@@ -57,20 +57,20 @@
     "dev": "contractspec-bun-build dev",
     "clean": "rimraf dist .turbo",
     "lint": "bun lint:fix",
-    "lint:fix": "eslint src --fix",
-    "lint:check": "eslint src",
+    "lint:fix": "biome check --write --unsafe --only=nursery/useSortedClasses . && biome check --write .",
+    "lint:check": "biome check .",
     "test": "bun test --pass-with-no-tests",
     "prebuild": "contractspec-bun-build prebuild",
     "typecheck": "tsc --noEmit"
   },
   "dependencies": {
-    "@contractspec/integration.providers-impls": "3.7.5",
-    "@contractspec/lib.contracts-spec": "3.7.5"
+    "@contractspec/integration.providers-impls": "3.7.7",
+    "@contractspec/lib.contracts-spec": "4.0.0"
   },
   "devDependencies": {
-    "@contractspec/tool.typescript": "3.7.5",
+    "@contractspec/tool.typescript": "3.7.6",
     "typescript": "^5.9.3",
-    "@contractspec/tool.bun": "3.7.5"
+    "@contractspec/tool.bun": "3.7.6"
   },
   "publishConfig": {
     "access": "public",

package/src/docs/openbanking-powens.docblock.ts

@@ -2,27 +2,27 @@ import type { DocBlock } from '@contractspec/lib.contracts-spec/docs';
 import { registerDocBlocks } from '@contractspec/lib.contracts-spec/docs';
 
 const blocks: DocBlock[] = [
-  {
-    id: 'docs.examples.openbanking-powens',
-    title: 'Open Banking — Powens (example)',
-    summary:
-      'Framework-neutral OAuth callback + webhook handler patterns for Powens, orchestrating canonical sync workflows.',
-    kind: 'reference',
-    visibility: 'public',
-    route: '/docs/examples/openbanking-powens',
-    tags: ['openbanking', 'powens', 'integration', 'example'],
-    body: `## What this example shows\n- OAuth callback handler: exchange auth code, map powens user, enqueue sync workflow.\n- Webhook handler: verify signature, route event → workflow, optionally refresh balances.\n\n## Guardrails\n- Secrets via secret providers/env only.\n- Verify webhook signatures.\n- Keep side effects explicit: enqueue workflows instead of mutating canonical stores inline.`,
-  },
-  {
-    id: 'docs.examples.openbanking-powens.usage',
-    title: 'Open Banking — Powens — Usage',
-    summary: 'How to integrate the handlers in a fetch-compatible runtime.',
-    kind: 'usage',
-    visibility: 'public',
-    route: '/docs/examples/openbanking-powens/usage',
-    tags: ['openbanking', 'usage'],
-    body: `## Usage\n- Wire \`powensOAuthCallbackHandler(req)\` at your OAuth redirect route.\n- Wire \`powensWebhookHandler(req)\` at your webhook route.\n\n## Notes\n- Replace the fake stores with your app-layer persistence.\n- Enqueue ContractSpec workflows for canonical upserts and telemetry.`,
-  },
+	{
+		id: 'docs.examples.openbanking-powens',
+		title: 'Open Banking — Powens (example)',
+		summary:
+			'Framework-neutral OAuth callback + webhook handler patterns for Powens, orchestrating canonical sync workflows.',
+		kind: 'reference',
+		visibility: 'public',
+		route: '/docs/examples/openbanking-powens',
+		tags: ['openbanking', 'powens', 'integration', 'example'],
+		body: `## What this example shows\n- OAuth callback handler: exchange auth code, map powens user, enqueue sync workflow.\n- Webhook handler: verify signature, route event → workflow, optionally refresh balances.\n\n## Guardrails\n- Secrets via secret providers/env only.\n- Verify webhook signatures.\n- Keep side effects explicit: enqueue workflows instead of mutating canonical stores inline.`,
+	},
+	{
+		id: 'docs.examples.openbanking-powens.usage',
+		title: 'Open Banking — Powens — Usage',
+		summary: 'How to integrate the handlers in a fetch-compatible runtime.',
+		kind: 'usage',
+		visibility: 'public',
+		route: '/docs/examples/openbanking-powens/usage',
+		tags: ['openbanking', 'usage'],
+		body: `## Usage\n- Wire \`powensOAuthCallbackHandler(req)\` at your OAuth redirect route.\n- Wire \`powensWebhookHandler(req)\` at your webhook route.\n\n## Notes\n- Replace the fake stores with your app-layer persistence.\n- Enqueue ContractSpec workflows for canonical upserts and telemetry.`,
+	},
 ];
 
 registerDocBlocks(blocks);

package/src/example.ts

@@ -1,32 +1,32 @@
 import { defineExample } from '@contractspec/lib.contracts-spec';
 
 const example = defineExample({
-  meta: {
-    key: 'openbanking-powens',
-    version: '1.0.0',
-    title: 'Open Banking — Powens',
-    description:
-      'OAuth callback + webhook handler patterns for Powens open banking integration (provider + workflow orchestration).',
-    kind: 'integration',
-    visibility: 'public',
-    stability: 'experimental',
-    owners: ['@platform.core'],
-    tags: ['openbanking', 'powens', 'oauth', 'webhooks', 'integrations'],
-  },
-  docs: {
-    rootDocId: 'docs.examples.openbanking-powens',
-    usageDocId: 'docs.examples.openbanking-powens.usage',
-  },
-  entrypoints: {
-    packageName: '@contractspec/example.openbanking-powens',
-    docs: './docs',
-  },
-  surfaces: {
-    templates: true,
-    sandbox: { enabled: true, modes: ['markdown', 'specs'] },
-    studio: { enabled: true, installable: true },
-    mcp: { enabled: true },
-  },
+	meta: {
+		key: 'openbanking-powens',
+		version: '1.0.0',
+		title: 'Open Banking — Powens',
+		description:
+			'OAuth callback + webhook handler patterns for Powens open banking integration (provider + workflow orchestration).',
+		kind: 'integration',
+		visibility: 'public',
+		stability: 'experimental',
+		owners: ['@platform.core'],
+		tags: ['openbanking', 'powens', 'oauth', 'webhooks', 'integrations'],
+	},
+	docs: {
+		rootDocId: 'docs.examples.openbanking-powens',
+		usageDocId: 'docs.examples.openbanking-powens.usage',
+	},
+	entrypoints: {
+		packageName: '@contractspec/example.openbanking-powens',
+		docs: './docs',
+	},
+	surfaces: {
+		templates: true,
+		sandbox: { enabled: true, modes: ['markdown', 'specs'] },
+		studio: { enabled: true, installable: true },
+		mcp: { enabled: true },
+	},
 });
 
 export default example;

package/src/handlers/oauth-callback.ts

@@ -4,110 +4,111 @@
  * This example stays framework-neutral: it operates on the standard `Request`
  * type so it can be used in Next.js, Elysia, or any fetch-compatible runtime.
  */
-import { PowensOpenBankingProvider } from '@contractspec/integration.providers-impls/impls/powens-openbanking';
+
 import type { PowensEnvironment } from '@contractspec/integration.providers-impls/impls/powens-client';
+import { PowensOpenBankingProvider } from '@contractspec/integration.providers-impls/impls/powens-openbanking';
 
 export async function powensOAuthCallbackHandler(req: Request) {
-  const url = new URL(req.url);
-  const code = url.searchParams.get('code');
-  const state = url.searchParams.get('state');
-  const userUuid = url.searchParams.get('user_uuid');
-
-  if (!code || !state || !userUuid) {
-    return new Response('Missing Powens OAuth params', { status: 400 });
-  }
-
-  const connection = await getConnectionByState(state);
-  if (!connection) {
-    return new Response('Unknown Powens OAuth state', { status: 404 });
-  }
-
-  const secrets = await getPowensSecretsForConnection(connection.meta.id);
-
-  const provider = new PowensOpenBankingProvider({
-    clientId: secrets.clientId,
-    clientSecret: secrets.clientSecret,
-    apiKey: secrets.apiKey,
-    environment: connection.config.environment as PowensEnvironment,
-    baseUrl: connection.config.baseUrl as string | undefined,
-  });
-
-  const preview = await provider.listAccounts({
-    tenantId: connection.meta.tenantId,
-    connectionId: connection.meta.id,
-    userId: userUuid,
-  });
-
-  await connection.storePowensUser({
-    tenantUserId: connection.meta.tenantUserId,
-    powensUserUuid: userUuid,
-    authCode: code,
-  });
-
-  await enqueueWorkflow('pfo.workflow.sync-openbanking-accounts', {
-    tenantId: connection.meta.tenantId,
-    userUuid,
-    connectionId: connection.meta.id,
-    previewAccounts: preview.accounts,
-  });
-
-  const redirectBase = process.env.APP_DASHBOARD_URL ?? '';
-  return Response.redirect(
-    `${redirectBase}/banking/linked?tenant=${connection.meta.tenantId}`,
-    302
-  );
+	const url = new URL(req.url);
+	const code = url.searchParams.get('code');
+	const state = url.searchParams.get('state');
+	const userUuid = url.searchParams.get('user_uuid');
+
+	if (!code || !state || !userUuid) {
+		return new Response('Missing Powens OAuth params', { status: 400 });
+	}
+
+	const connection = await getConnectionByState(state);
+	if (!connection) {
+		return new Response('Unknown Powens OAuth state', { status: 404 });
+	}
+
+	const secrets = await getPowensSecretsForConnection(connection.meta.id);
+
+	const provider = new PowensOpenBankingProvider({
+		clientId: secrets.clientId,
+		clientSecret: secrets.clientSecret,
+		apiKey: secrets.apiKey,
+		environment: connection.config.environment as PowensEnvironment,
+		baseUrl: connection.config.baseUrl as string | undefined,
+	});
+
+	const preview = await provider.listAccounts({
+		tenantId: connection.meta.tenantId,
+		connectionId: connection.meta.id,
+		userId: userUuid,
+	});
+
+	await connection.storePowensUser({
+		tenantUserId: connection.meta.tenantUserId,
+		powensUserUuid: userUuid,
+		authCode: code,
+	});
+
+	await enqueueWorkflow('pfo.workflow.sync-openbanking-accounts', {
+		tenantId: connection.meta.tenantId,
+		userUuid,
+		connectionId: connection.meta.id,
+		previewAccounts: preview.accounts,
+	});
+
+	const redirectBase = process.env.APP_DASHBOARD_URL ?? '';
+	return Response.redirect(
+		`${redirectBase}/banking/linked?tenant=${connection.meta.tenantId}`,
+		302
+	);
 }
 
 interface ExamplePowensSecrets {
-  clientId: string;
-  clientSecret: string;
-  apiKey?: string;
+	clientId: string;
+	clientSecret: string;
+	apiKey?: string;
 }
 
 interface ExampleIntegrationConnection {
-  meta: {
-    id: string;
-    tenantId: string;
-    tenantUserId: string;
-  };
-  config: {
-    environment: PowensEnvironment;
-    baseUrl?: string;
-  };
-  storePowensUser(input: {
-    tenantUserId: string;
-    powensUserUuid: string;
-    authCode: string;
-  }): Promise<void>;
+	meta: {
+		id: string;
+		tenantId: string;
+		tenantUserId: string;
+	};
+	config: {
+		environment: PowensEnvironment;
+		baseUrl?: string;
+	};
+	storePowensUser(input: {
+		tenantUserId: string;
+		powensUserUuid: string;
+		authCode: string;
+	}): Promise<void>;
 }
 
 async function getConnectionByState(
-  state: string
+	state: string
 ): Promise<ExampleIntegrationConnection | null> {
-  const record = fakeDatabase.connections.find((conn) => conn.state === state);
-  return record ?? null;
+	const record = fakeDatabase.connections.find((conn) => conn.state === state);
+	return record ?? null;
 }
 
 async function getPowensSecretsForConnection(
-  connectionId: string
+	connectionId: string
 ): Promise<ExamplePowensSecrets> {
-  const secret = fakeSecretStore[connectionId];
-  if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);
-  return secret;
+	const secret = fakeSecretStore[connectionId];
+	if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);
+	return secret;
 }
 
 async function enqueueWorkflow(name: string, input: Record<string, unknown>) {
-  await fakeWorkflowQueue.enqueue({ name, input });
+	await fakeWorkflowQueue.enqueue({ name, input });
 }
 
 const fakeDatabase = {
-  connections: [] as (ExampleIntegrationConnection & { state: string })[],
+	connections: [] as (ExampleIntegrationConnection & { state: string })[],
 };
 
 const fakeSecretStore: Record<string, ExamplePowensSecrets> = {};
 
 const fakeWorkflowQueue = {
-  enqueue: async (_payload: Record<string, unknown>) => {
-    /* no-op */
-  },
+	enqueue: async (_payload: Record<string, unknown>) => {
+		/* no-op */
+	},
 };

package/src/handlers/webhook-handler.ts

@@ -4,144 +4,145 @@
  * Verifies signature, then enqueues the canonical workflows to keep the ledger
  * in sync. Unknown events are ignored (or can be recorded by the app layer).
  */
-import { createHmac, timingSafeEqual } from 'crypto';
-import { PowensOpenBankingProvider } from '@contractspec/integration.providers-impls/impls/powens-openbanking';
+
 import type { PowensEnvironment } from '@contractspec/integration.providers-impls/impls/powens-client';
+import { PowensOpenBankingProvider } from '@contractspec/integration.providers-impls/impls/powens-openbanking';
+import { createHmac, timingSafeEqual } from 'crypto';
 
 export async function powensWebhookHandler(req: Request) {
-  const signature = req.headers.get('x-powens-signature');
-  const stateHeader = req.headers.get('x-powens-state');
-  const payload = await req.text();
-
-  if (!signature || !stateHeader) {
-    return new Response('Missing Powens signature headers', { status: 400 });
-  }
-
-  const connection = await getConnectionByState(stateHeader);
-  if (!connection) {
-    return new Response('Unknown Powens state header', { status: 404 });
-  }
-
-  const secrets = await getPowensSecretsForConnection(connection.meta.id);
-  if (!verifySignature(payload, signature, secrets.webhookSecret)) {
-    return new Response('Invalid Powens webhook signature', { status: 401 });
-  }
-
-  const event = JSON.parse(payload) as PowensWebhookEvent;
-  const provider = new PowensOpenBankingProvider({
-    clientId: secrets.clientId,
-    clientSecret: secrets.clientSecret,
-    apiKey: secrets.apiKey,
-    environment: connection.config.environment as PowensEnvironment,
-    baseUrl: connection.config.baseUrl as string | undefined,
-  });
-
-  switch (event.type) {
-    case 'connection.updated':
-    case 'user.sync.completed': {
-      await enqueueWorkflow('pfo.workflow.sync-openbanking-accounts', {
-        tenantId: connection.meta.tenantId,
-        connectionId: connection.meta.id,
-        userUuid: event.user_uuid,
-      });
-      break;
-    }
-    case 'transactions.created':
-    case 'transactions.updated': {
-      await enqueueWorkflow('pfo.workflow.sync-openbanking-transactions', {
-        tenantId: connection.meta.tenantId,
-        connectionId: connection.meta.id,
-        userUuid: event.user_uuid,
-        accountId: event.account_uuid,
-      });
-      break;
-    }
-    default:
-      await logUnmappedEvent(event);
-  }
-
-  if (event.account_uuid) {
-    await provider.getBalances({
-      tenantId: connection.meta.tenantId,
-      connectionId: connection.meta.id,
-      accountId: event.account_uuid,
-    });
-  }
-
-  return new Response('OK', { status: 200 });
+	const signature = req.headers.get('x-powens-signature');
+	const stateHeader = req.headers.get('x-powens-state');
+	const payload = await req.text();
+
+	if (!signature || !stateHeader) {
+		return new Response('Missing Powens signature headers', { status: 400 });
+	}
+
+	const connection = await getConnectionByState(stateHeader);
+	if (!connection) {
+		return new Response('Unknown Powens state header', { status: 404 });
+	}
+
+	const secrets = await getPowensSecretsForConnection(connection.meta.id);
+	if (!verifySignature(payload, signature, secrets.webhookSecret)) {
+		return new Response('Invalid Powens webhook signature', { status: 401 });
+	}
+
+	const event = JSON.parse(payload) as PowensWebhookEvent;
+	const provider = new PowensOpenBankingProvider({
+		clientId: secrets.clientId,
+		clientSecret: secrets.clientSecret,
+		apiKey: secrets.apiKey,
+		environment: connection.config.environment as PowensEnvironment,
+		baseUrl: connection.config.baseUrl as string | undefined,
+	});
+
+	switch (event.type) {
+		case 'connection.updated':
+		case 'user.sync.completed': {
+			await enqueueWorkflow('pfo.workflow.sync-openbanking-accounts', {
+				tenantId: connection.meta.tenantId,
+				connectionId: connection.meta.id,
+				userUuid: event.user_uuid,
+			});
+			break;
+		}
+		case 'transactions.created':
+		case 'transactions.updated': {
+			await enqueueWorkflow('pfo.workflow.sync-openbanking-transactions', {
+				tenantId: connection.meta.tenantId,
+				connectionId: connection.meta.id,
+				userUuid: event.user_uuid,
+				accountId: event.account_uuid,
+			});
+			break;
+		}
+		default:
+			await logUnmappedEvent(event);
+	}
+
+	if (event.account_uuid) {
+		await provider.getBalances({
+			tenantId: connection.meta.tenantId,
+			connectionId: connection.meta.id,
+			accountId: event.account_uuid,
+		});
+	}
+
+	return new Response('OK', { status: 200 });
 }
 
 interface PowensWebhookEvent {
-  type: string;
-  user_uuid: string;
-  connection_uuid: string;
-  account_uuid?: string;
+	type: string;
+	user_uuid: string;
+	connection_uuid: string;
+	account_uuid?: string;
 }
 
 interface ExamplePowensSecrets {
-  clientId: string;
-  clientSecret: string;
-  apiKey?: string;
-  webhookSecret: string;
+	clientId: string;
+	clientSecret: string;
+	apiKey?: string;
+	webhookSecret: string;
 }
 
 interface ExampleIntegrationConnection {
-  meta: {
-    id: string;
-    tenantId: string;
-  };
-  config: {
-    environment: PowensEnvironment;
-    baseUrl?: string;
-  };
+	meta: {
+		id: string;
+		tenantId: string;
+	};
+	config: {
+		environment: PowensEnvironment;
+		baseUrl?: string;
+	};
 }
 
 function verifySignature(payload: string, signature: string, secret: string) {
-  const digest = createHmac('sha256', secret).update(payload).digest('hex');
-  const a = Buffer.from(digest, 'hex');
-  const b = Buffer.from(signature, 'hex');
-  return a.length === b.length && timingSafeEqual(a, b);
+	const digest = createHmac('sha256', secret).update(payload).digest('hex');
+	const a = Buffer.from(digest, 'hex');
+	const b = Buffer.from(signature, 'hex');
+	return a.length === b.length && timingSafeEqual(a, b);
 }
 
 async function getConnectionByState(
-  state: string
+	state: string
 ): Promise<ExampleIntegrationConnection | null> {
-  return fakeDatabase.connections.find((conn) => conn.state === state) ?? null;
+	return fakeDatabase.connections.find((conn) => conn.state === state) ?? null;
 }
 
 async function getPowensSecretsForConnection(
-  connectionId: string
+	connectionId: string
 ): Promise<ExamplePowensSecrets> {
-  const secret = fakeSecretStore[connectionId];
-  if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);
-  return secret;
+	const secret = fakeSecretStore[connectionId];
+	if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);
+	return secret;
 }
 
 async function enqueueWorkflow(name: string, input: Record<string, unknown>) {
-  await fakeWorkflowQueue.enqueue({ name, input });
+	await fakeWorkflowQueue.enqueue({ name, input });
 }
 
 async function logUnmappedEvent(_event: PowensWebhookEvent) {
-  await fakeTelemetryLogger.record({
-    event: 'openbanking.webhook.unmapped',
-    payload: 'redacted',
-  });
+	await fakeTelemetryLogger.record({
+		event: 'openbanking.webhook.unmapped',
+		payload: 'redacted',
+	});
 }
 
 const fakeDatabase = {
-  connections: [] as (ExampleIntegrationConnection & { state: string })[],
+	connections: [] as (ExampleIntegrationConnection & { state: string })[],
 };
 
 const fakeSecretStore: Record<string, ExamplePowensSecrets> = {};
 
 const fakeWorkflowQueue = {
-  enqueue: async (_payload: Record<string, unknown>) => {
-    /* no-op */
-  },
+	enqueue: async (_payload: Record<string, unknown>) => {
+		/* no-op */
+	},
 };
 
 const fakeTelemetryLogger = {
-  record: async (_payload: Record<string, unknown>) => {
-    /* no-op */
-  },
+	record: async (_payload: Record<string, unknown>) => {
+		/* no-op */
+	},
 };

package/src/index.ts

@@ -1,5 +1,5 @@
+export { default as example } from './example';
 export * from './handlers/oauth-callback';
 export * from './handlers/webhook-handler';
 export * from './openbanking-powens.feature';
-export { default as example } from './example';
 import './docs';

package/src/openbanking-powens.feature.ts

@@ -1,24 +1,24 @@
 import { defineFeature } from '@contractspec/lib.contracts-spec';
 
 export const OpenbankingPowensFeature = defineFeature({
-  meta: {
-    key: 'openbanking-powens',
-    version: '1.0.0',
-    title: 'Open Banking - Powens',
-    description:
-      'Powens open banking OAuth callback and webhook handler patterns',
-    domain: 'integration',
-    owners: ['@examples'],
-    tags: ['openbanking', 'powens', 'oauth', 'webhooks'],
-    stability: 'experimental',
-  },
+	meta: {
+		key: 'openbanking-powens',
+		version: '1.0.0',
+		title: 'Open Banking - Powens',
+		description:
+			'Powens open banking OAuth callback and webhook handler patterns',
+		domain: 'integration',
+		owners: ['@examples'],
+		tags: ['openbanking', 'powens', 'oauth', 'webhooks'],
+		stability: 'experimental',
+	},
 
-  integrations: [
-    { key: 'openbanking-powens.integration.powens', version: '1.0.0' },
-  ],
+	integrations: [
+		{ key: 'openbanking-powens.integration.powens', version: '1.0.0' },
+	],
 
-  docs: [
-    'docs.examples.openbanking-powens',
-    'docs.examples.openbanking-powens.usage',
-  ],
+	docs: [
+		'docs.examples.openbanking-powens',
+		'docs.examples.openbanking-powens.usage',
+	],
 });

package/tsconfig.json

@@ -1,11 +1,9 @@
 {
-  "extends": "@contractspec/tool.typescript/react-library.json",
-  "include": ["src"],
-  "exclude": ["node_modules", "dist"],
-  "compilerOptions": {
-    "rootDir": "src",
-    "outDir": "dist"
-  }
+	"extends": "@contractspec/tool.typescript/react-library.json",
+	"include": ["src"],
+	"exclude": ["node_modules", "dist"],
+	"compilerOptions": {
+		"rootDir": "src",
+		"outDir": "dist"
+	}
 }
-
-

package/tsdown.config.js

@@ -1,5 +1,5 @@
 import { defineConfig, moduleLibrary } from '@contractspec/tool.bun';
 
 export default defineConfig(() => ({
-  ...moduleLibrary,
+	...moduleLibrary,
 }));