@develit-services/notification 0.5.1 → 0.6.1

package/README.md

@@ -35,6 +35,7 @@ Bindings:
 | Email | Ecomail | Aktivni |
 | SMS | Twilio | Aktivni |
 | Slack | Slack Webhook | Aktivni |
+| Webhook | WebhookConnector | Aktivni |
 | Push | - | Neimplementovano |
 
 ## Queue processing
@@ -51,10 +52,11 @@ NOTIFICATIONS_QUEUE
   │
   ▼
 Queue handler (switch dle type)
-  ├─ email  → _sendEmail()
-  ├─ sms    → _sendSms()
-  ├─ slack  → sendSlackNotification()
-  └─ push   → _sendPushNotification() (501)
+  ├─ email   → _sendEmail()
+  ├─ sms     → _sendSms()
+  ├─ slack   → sendSlackNotification()
+  ├─ webhook → _sendWebhook()
+  └─ push    → _sendPushNotification() (501)
   │
   ├─ success → message.ack()
   └─ error   → message.retry() (exponential backoff, base 60s)
@@ -68,7 +70,7 @@ Queue handler (switch dle type)
 
 ```typescript
 {
-  type: 'email' | 'sms' | 'pushNotification' | 'slack'
+  type: 'email' | 'sms' | 'pushNotification' | 'slack' | 'webhook'
   metadata: {
     userAgent?: string
     ip?: string
@@ -79,6 +81,7 @@ Queue handler (switch dle type)
     sms?: ISms
     pushNotification?: IPushNotification
     slack?: ISlack
+    webhook?: IWebhook
   }
 }
 ```
@@ -103,6 +106,53 @@ Provider pro SMS pres Twilio Messaging Service.
 
 Odesilani notifikaci pres Slack Incoming Webhook. Timeout 3s.
 
+### Webhook (HTTP callback)
+
+Odesilani podepsanych HTTP POST callbacku na URL zadanou callerem. Timeout 10s.
+
+Kazdy webhook je automaticky podepsan RSA-PKCS1-v1_5 (SHA-256) podpisem. Privatni klic se nacita ze Secrets Store (`NOTIFICATION_SERVICE_WEBHOOK_SIGNING_KEY`). Podpis se odesila v hlavicce `X-Webhook-Signature` (base64).
+
+#### Generovani klicu
+
+```bash
+# Private key (base64, jedna radka) → ulozit do Secrets Store jako NOTIFICATION_SERVICE_WEBHOOK_SIGNING_KEY
+openssl genrsa 4096 2>/dev/null | base64 -w0
+
+# Public key z private key → poskytnout prijemcum webhooku v API docs
+echo "<PRIVATE_KEY_BASE64>" | base64 -d | openssl rsa -pubout 2>/dev/null | base64 -w0
+```
+
+> Na macOS pouzit `base64` bez `-w0` (macOS verze nevypisuje newlines).
+
+#### Overeni podpisu na strane prijemce
+
+Podpis je `RSA-PKCS1-v1_5` se `SHA-256`, odeslany v hlavicce `X-Webhook-Signature` jako base64 string. Overeni:
+
+```bash
+# Ulozit raw body requestu do souboru
+echo -n '{"type":"payment.created","data":{...}}' > body.json
+
+# Dekodovat podpis z hlavicky
+echo -n "<hodnota X-Webhook-Signature>" | base64 -d > signature.bin
+
+# Overit
+openssl dgst -sha256 -verify webhook_public.pem -signature signature.bin body.json
+# Vystup: "Verified OK" nebo "Verification Failure"
+```
+
+Nebo programove (Node.js):
+
+```javascript
+const crypto = require('crypto')
+
+function verifyWebhook(rawBody, signatureBase64, publicKeyBase64) {
+  const publicKey = Buffer.from(publicKeyBase64, 'base64').toString('utf-8')
+  const verifier = crypto.createVerify('RSA-SHA256')
+  verifier.update(rawBody)
+  return verifier.verify(publicKey, signatureBase64, 'base64')
+}
+```
+
 ## RPC akce
 
 Notification service je **RPC worker** - vsechny akce dostupne pres Cloudflare Worker binding.
@@ -115,6 +165,7 @@ Notification service je **RPC worker** - vsechny akce dostupne pres Cloudflare W
 | `public-send-email-sync` | Odesle email primo (sync) |
 | `public-send-sms` | Zaradi SMS do fronty (async) |
 | `send-slack-notification` | Odesle Slack notifikaci (sync) |
+| `send-webhook` | Zaradi webhook do fronty (async) |
 
 ### Interni akce
 
@@ -122,6 +173,7 @@ Notification service je **RPC worker** - vsechny akce dostupne pres Cloudflare W
 |------|-------|
 | `private-send-email` | Odesle email pres konektor + audit log |
 | `private-send-sms` | Odesle SMS pres konektor + audit log |
+| `private-send-webhook` | Odesle webhook pres konektor + audit log |
 | `send-push-notification` | Neimplementovano (501) |
 
 ### Vstupy
@@ -145,6 +197,8 @@ metadata: {
 
 **Slack** podporuje: `message`.
 
+**Webhook** podporuje: `url`, `payload` (libovolny JSON objekt), `headers` (volitelne custom HTTP headers).
+
 ## Audit logging
 
 Kazdy uspesne odeslany email a SMS se zaznamenava do audit logu.
@@ -177,6 +231,9 @@ Format: `{CATEGORY}-N-{NUMBER}`
 | `CONN-N-03` | 502 | Twilio: failed to send SMS |
 | `CONN-N-04` | 502 | Slack: failed to send notification |
 | `CONN-N-05` | 504 | Slack: request timed out |
+| `CONN-N-06` | 502 | Webhook: delivery failed |
+| `CONN-N-07` | 504 | Webhook: request timed out |
 | `VALID-N-01` | 404 | Unsupported email provider |
 | `VALID-N-02` | 404 | Unsupported SMS provider |
 | `SYS-N-01` | 501 | Push notifications not implemented |
+| `SYS-N-02` | 500 | Webhook signing key not configured |

package/dist/database/schema.cjs

@@ -1,9 +1,7 @@
 'use strict';
 
-const database_schema = require('../shared/notification.4b3eUEIG.cjs');
-require('@develit-io/backend-sdk');
-require('drizzle-orm/sqlite-core');
+const schema = {
+	__proto__: null
+};
 
-
-
-exports.auditLog = database_schema.auditLog;
+exports.schema = schema;

package/dist/database/schema.d.cts

@@ -1,2 +1,6 @@
-export { a as auditLog } from '../shared/notification.BWLPh6Gb.cjs';
-import 'drizzle-orm/sqlite-core';
+declare namespace schema {
+  export {
+  };
+}
+
+export { schema as s };

package/dist/database/schema.d.mts

@@ -1,2 +1,6 @@
-export { a as auditLog } from '../shared/notification.BWLPh6Gb.mjs';
-import 'drizzle-orm/sqlite-core';
+declare namespace schema {
+  export {
+  };
+}
+
+export { schema as s };

package/dist/database/schema.d.ts

@@ -1,2 +1,6 @@
-export { a as auditLog } from '../shared/notification.BWLPh6Gb.js';
-import 'drizzle-orm/sqlite-core';
+declare namespace schema {
+  export {
+  };
+}
+
+export { schema as s };

package/dist/database/schema.mjs

@@ -1,3 +1,5 @@
-export { a as auditLog } from '../shared/notification.C0X8Orrh.mjs';
-import '@develit-io/backend-sdk';
-import 'drizzle-orm/sqlite-core';
+const schema = {
+	__proto__: null
+};
+
+export { schema as s };

package/dist/export/worker.cjs

@@ -3,10 +3,11 @@
 Object.defineProperty(exports, '__esModule', { value: true });
 
 const backendSdk = require('@develit-io/backend-sdk');
-const database_schema = require('../shared/notification.4b3eUEIG.cjs');
+const database_schema = require('../database/schema.cjs');
 require('drizzle-orm');
 require('drizzle-orm/sqlite-core');
-const slack_connector = require('../shared/notification.B0pktSz9.cjs');
+const webhook_connector = require('../shared/notification.BLPB8Ib2.cjs');
+require('@develit-io/backend-sdk/signature');
 const cloudflare_workers = require('cloudflare:workers');
 const d1 = require('drizzle-orm/d1');
 require('zod');
@@ -16,7 +17,7 @@ require('twilio');
 const tables = database_schema.schema;
 
 const initiateEmailConnector = async (provider, apiKey, smtpHost, senderEmail, senderName) => {
-  const connector = [slack_connector.EcomailConnector].find(
+  const connector = [webhook_connector.EcomailConnector].find(
     (conn) => conn.providerName === provider
   );
   if (!connector)
@@ -33,34 +34,12 @@ const initiateEmailConnector = async (provider, apiKey, smtpHost, senderEmail, s
   });
 };
 
-const createAuditLogCommand = async ({
-  db,
-  auditLog: {
-    event,
-    description,
-    initiatorService,
-    initiatorUserId,
-    ip,
-    userAgent
-  }
-}) => {
-  const command = db.insert(tables.auditLog).values({
-    id: backendSdk.uuidv4(),
-    createdAt: /* @__PURE__ */ new Date(),
-    event,
-    description,
-    ip,
-    userAgent,
-    initiatorService,
-    initiatorUserId
-  });
-  return {
-    command
-  };
-};
+function generateEmailKVPattern(recipient) {
+  return `email:${recipient}:`;
+}
 
 const initiateSmsConnector = async (provider, accountId, authToken, serviceId) => {
-  const connector = [slack_connector.TwilioConnector].find(
+  const connector = [webhook_connector.TwilioConnector].find(
     (conn) => conn.providerName === provider
   );
   if (!connector)
@@ -91,7 +70,7 @@ let NotificationServiceBase = class extends backendSdk.develitWorker(
 ) {
   constructor(ctx, env) {
     super(ctx, env);
-    this.slackConnector = new slack_connector.SlackConnector(this.env.SLACK_WEBHOOK);
+    this.slackConnector = new webhook_connector.SlackConnector(this.env.SLACK_WEBHOOK);
     this.db = d1.drizzle(this.env.NOTIFICATION_D1, { schema: tables });
   }
   async queue(batch) {
@@ -121,6 +100,12 @@ let NotificationServiceBase = class extends backendSdk.develitWorker(
             metadata
           });
           break;
+        case "webhook":
+          notificationAction = async () => this._sendWebhook({
+            webhook: payload.webhook,
+            metadata
+          });
+          break;
         default:
           this.logError({ error: `Unknown notification type: ${type}` });
           message.retry();
@@ -137,7 +122,7 @@ let NotificationServiceBase = class extends backendSdk.develitWorker(
   }
   async _sendEmail(input) {
     return this.handleAction(
-      { data: input, schema: slack_connector.sendEmailInputSchema },
+      { data: input, schema: webhook_connector.sendEmailInputSchema },
       { successMessage: "Email sent." },
       async (params) => {
         const {
@@ -145,7 +130,7 @@ let NotificationServiceBase = class extends backendSdk.develitWorker(
           metadata: {
             ip,
             userAgent,
-            initiator: { service: service2, userId }
+            initiator: { userId }
           }
         } = params;
         if (!this.emailConnector) {
@@ -160,26 +145,35 @@ let NotificationServiceBase = class extends backendSdk.develitWorker(
           );
         }
         await this.emailConnector.sendEmail(email);
-        const { command } = await createAuditLogCommand({
-          db: this.db,
-          auditLog: {
-            id: backendSdk.uuidv4(),
-            event: "EMAIL",
-            ip,
-            initiatorService: service2,
-            initiatorUserId: userId,
+        try {
+          await this.pushToQueue(this.env.AUDIT_LOGS_QUEUE, {
+            logType: "event",
+            service: "notification",
+            correlationId: backendSdk.uuidv4(),
+            eventType: "notification.email_sent",
+            actorUserId: userId,
+            actorEmail: userId || "SYSTEM",
+            targetType: "email",
+            targetId: email.to,
+            sourceIp: ip,
             userAgent,
-            description: JSON.stringify(input)
-          }
-        });
-        await this.db.batch([command]);
+            outcome: "success",
+            description: `Email sent to ${email.to}`,
+            details: JSON.stringify({
+              subject: email.subject,
+              templateId: email.templateId
+            })
+          });
+        } catch (e) {
+          console.error("Failed to push email audit log", e);
+        }
         return {};
       }
     );
   }
   async _sendSms(input) {
     return this.handleAction(
-      { data: input, schema: slack_connector.sendSmsInputSchema },
+      { data: input, schema: webhook_connector.sendSmsInputSchema },
       { successMessage: "Sms sent." },
       async (params) => {
         const {
@@ -187,7 +181,7 @@ let NotificationServiceBase = class extends backendSdk.develitWorker(
           metadata: {
             ip,
             userAgent,
-            initiator: { service: service2, userId }
+            initiator: { userId }
           }
         } = params;
         if (!this.smsConnector) {
@@ -205,26 +199,32 @@ let NotificationServiceBase = class extends backendSdk.develitWorker(
           );
         }
         await this.smsConnector.sendSms({ message, to });
-        const { command } = await createAuditLogCommand({
-          db: this.db,
-          auditLog: {
-            id: backendSdk.uuidv4(),
-            event: "SMS",
-            ip,
+        try {
+          await this.pushToQueue(this.env.AUDIT_LOGS_QUEUE, {
+            logType: "event",
+            service: "notification",
+            correlationId: backendSdk.uuidv4(),
+            eventType: "notification.sms_sent",
+            actorUserId: userId,
+            actorEmail: userId || "SYSTEM",
+            targetType: "sms",
+            targetId: to,
+            sourceIp: ip,
             userAgent,
-            initiatorService: service2,
-            initiatorUserId: userId,
-            description: JSON.stringify(input)
-          }
-        });
-        await this.db.batch([command]);
+            outcome: "success",
+            description: `SMS sent to ${to}`,
+            details: JSON.stringify({ message })
+          });
+        } catch (e) {
+          console.error("Failed to push sms audit log", e);
+        }
         return {};
       }
     );
   }
   async sendEmail(input) {
     return this.handleAction(
-      { data: input, schema: slack_connector.sendEmailInputSchema },
+      { data: input, schema: webhook_connector.sendEmailInputSchema },
       { successMessage: "Email sent." },
       async (params) => {
         const { email, metadata } = params;
@@ -244,7 +244,7 @@ let NotificationServiceBase = class extends backendSdk.develitWorker(
   }
   async sendEmailSync(input) {
     return this.handleAction(
-      { data: input, schema: slack_connector.sendEmailInputSchema },
+      { data: input, schema: webhook_connector.sendEmailInputSchema },
       { successMessage: "Email sent." },
       async (params) => {
         const { email, metadata } = params;
@@ -257,7 +257,7 @@ let NotificationServiceBase = class extends backendSdk.develitWorker(
   }
   async sendSms(input) {
     return this.handleAction(
-      { data: input, schema: slack_connector.sendSmsInputSchema },
+      { data: input, schema: webhook_connector.sendSmsInputSchema },
       { successMessage: "SMS sent." },
       async (params) => {
         const {
@@ -294,16 +294,225 @@ let NotificationServiceBase = class extends backendSdk.develitWorker(
     return this.handleAction(
       {
         data: input,
-        schema: slack_connector.sendSlackInputSchema
+        schema: webhook_connector.sendSlackInputSchema
       },
       { successMessage: "Slack sent." },
       async (params) => {
-        const { slack } = params;
+        const { slack, metadata } = params;
         await this.slackConnector.sendNotificationToAllSlack(slack.message);
+        await this.pushToQueue(this.env.AUDIT_LOGS_QUEUE, {
+          logType: "event",
+          service: "notification",
+          correlationId: backendSdk.uuidv4(),
+          eventType: "notification.slack_sent",
+          actorUserId: metadata?.initiator?.userId,
+          actorEmail: metadata?.initiator?.userId || "SYSTEM",
+          targetType: "slack",
+          targetId: "all-channels",
+          sourceIp: metadata?.ip,
+          userAgent: metadata?.userAgent,
+          outcome: "success",
+          description: "Slack notification sent",
+          details: JSON.stringify({
+            message: slack.message
+          })
+        });
+        return {};
+      }
+    );
+  }
+  async sendWebhook(input) {
+    return this.handleAction(
+      { data: input, schema: webhook_connector.sendWebhookInputSchema },
+      { successMessage: "Webhook queued." },
+      async (params) => {
+        const { webhook, metadata } = params;
+        await this.pushToQueue(
+          this.env.NOTIFICATIONS_QUEUE,
+          {
+            type: "webhook",
+            payload: {
+              webhook
+            },
+            metadata
+          }
+        );
+        return {};
+      }
+    );
+  }
+  async _sendWebhook(input) {
+    return this.handleAction(
+      { data: input, schema: webhook_connector.sendWebhookInputSchema },
+      { successMessage: "Webhook sent." },
+      async (params) => {
+        const {
+          webhook,
+          metadata: {
+            ip,
+            userAgent,
+            initiator: { userId }
+          }
+        } = params;
+        if (!this.webhookConnector) {
+          const privateKey = (await this.env.SECRETS_STORE.get({
+            secretName: "NOTIFICATION_SERVICE_WEBHOOK_SIGNING_KEY"
+          })).data?.secretValue;
+          if (!privateKey) {
+            throw backendSdk.createInternalError(null, {
+              message: "NOTIFICATION_SERVICE_WEBHOOK_SIGNING_KEY is not configured",
+              code: "SYS-N-02",
+              status: 500
+            });
+          }
+          this.webhookConnector = new webhook_connector.WebhookConnector(privateKey);
+        }
+        await this.webhookConnector.sendWebhook(webhook);
+        try {
+          await this.pushToQueue(this.env.AUDIT_LOGS_QUEUE, {
+            logType: "event",
+            service: "notification",
+            correlationId: backendSdk.uuidv4(),
+            eventType: "notification.webhook_sent",
+            actorUserId: userId,
+            actorEmail: userId || "SYSTEM",
+            targetType: "webhook",
+            targetId: webhook.url,
+            sourceIp: ip,
+            userAgent,
+            outcome: "success",
+            description: `Webhook sent to ${webhook.url}`,
+            details: JSON.stringify({
+              url: webhook.url
+            })
+          });
+        } catch (e) {
+          console.error("Failed to push webhook audit log", e);
+        }
         return {};
       }
     );
   }
+  async getReceivedEmails(input) {
+    return this.handleAction(
+      {
+        data: input,
+        schema: webhook_connector.getReceivedEmailsInputSchema
+      },
+      { successMessage: "Emails retrieved." },
+      async (params) => {
+        const { recipient, limit, includeContent } = params;
+        if (!this.env.RECEIVED_EMAILS_KV) {
+          throw new Error("RECEIVED_EMAILS_KV binding is not configured");
+        }
+        const pattern = generateEmailKVPattern(recipient);
+        const list = await this.env.RECEIVED_EMAILS_KV.list({
+          prefix: pattern,
+          limit
+        });
+        const emails = [];
+        for (const key of list.keys) {
+          const emailData = await this.env.RECEIVED_EMAILS_KV.get(
+            key.name,
+            "json"
+          );
+          if (emailData) {
+            const email = emailData;
+            if (!includeContent) {
+              delete email.text;
+              delete email.html;
+              delete email.raw;
+            }
+            emails.push(email);
+          }
+        }
+        emails.sort(
+          (a, b) => new Date(b.receivedAt).getTime() - new Date(a.receivedAt).getTime()
+        );
+        return {
+          emails,
+          count: emails.length
+        };
+      }
+    );
+  }
+  async waitForEmail(input) {
+    return this.handleAction(
+      {
+        data: input,
+        schema: webhook_connector.waitForEmailInputSchema
+      },
+      { successMessage: "Email check completed." },
+      async (params) => {
+        const { recipient, subject, timeout, pollInterval } = params;
+        if (!this.env.RECEIVED_EMAILS_KV) {
+          throw new Error("RECEIVED_EMAILS_KV binding is not configured");
+        }
+        const maxTimeout = Math.min(timeout || 5e3, 5e3);
+        const safeInterval = Math.max(pollInterval || 500, 100);
+        const startTime = Date.now();
+        const maxIterations = Math.ceil(maxTimeout / safeInterval);
+        let iterations = 0;
+        while (Date.now() - startTime < maxTimeout && iterations < maxIterations) {
+          const pattern = generateEmailKVPattern(recipient);
+          const list = await this.env.RECEIVED_EMAILS_KV.list({
+            prefix: pattern,
+            limit: 50
+          });
+          for (const key of list.keys) {
+            const emailData = await this.env.RECEIVED_EMAILS_KV.get(
+              key.name,
+              "json"
+            );
+            if (emailData) {
+              const email = emailData;
+              if (!subject || email.subject.includes(subject)) {
+                return {
+                  email,
+                  found: true
+                };
+              }
+            }
+          }
+          iterations++;
+          if (iterations < maxIterations && Date.now() - startTime < maxTimeout - safeInterval) {
+            await new Promise((resolve) => setTimeout(resolve, safeInterval));
+          }
+        }
+        return {
+          email: null,
+          found: false
+        };
+      }
+    );
+  }
+  async clearReceivedEmails(input) {
+    return this.handleAction(
+      {
+        data: input,
+        schema: webhook_connector.clearReceivedEmailsInputSchema
+      },
+      { successMessage: "Emails cleared." },
+      async (params) => {
+        const { recipient } = params;
+        if (!this.env.RECEIVED_EMAILS_KV) {
+          throw new Error("RECEIVED_EMAILS_KV binding is not configured");
+        }
+        const pattern = generateEmailKVPattern(recipient);
+        const list = await this.env.RECEIVED_EMAILS_KV.list({
+          prefix: pattern
+        });
+        let deleted = 0;
+        for (const key of list.keys) {
+          await this.env.RECEIVED_EMAILS_KV.delete(key.name);
+          deleted++;
+        }
+        return {
+          deleted
+        };
+      }
+    );
+  }
 };
 __decorateClass([
   backendSdk.cloudflareQueue({ baseDelay: 60 })
@@ -315,13 +524,13 @@ __decorateClass([
   backendSdk.action("private-send-sms")
 ], NotificationServiceBase.prototype, "_sendSms", 1);
 __decorateClass([
-  backendSdk.action("public-send-email")
+  backendSdk.action("send-email")
 ], NotificationServiceBase.prototype, "sendEmail", 1);
 __decorateClass([
-  backendSdk.action("public-send-email-sync")
+  backendSdk.action("send-email-sync")
 ], NotificationServiceBase.prototype, "sendEmailSync", 1);
 __decorateClass([
-  backendSdk.action("public-send-sms")
+  backendSdk.action("send-sms")
 ], NotificationServiceBase.prototype, "sendSms", 1);
 __decorateClass([
   backendSdk.action("send-push-notification")
@@ -329,6 +538,21 @@ __decorateClass([
 __decorateClass([
   backendSdk.action("send-slack-notification")
 ], NotificationServiceBase.prototype, "sendSlackNotification", 1);
+__decorateClass([
+  backendSdk.action("send-webhook")
+], NotificationServiceBase.prototype, "sendWebhook", 1);
+__decorateClass([
+  backendSdk.action("private-send-webhook")
+], NotificationServiceBase.prototype, "_sendWebhook", 1);
+__decorateClass([
+  backendSdk.action("get-received-emails")
+], NotificationServiceBase.prototype, "getReceivedEmails", 1);
+__decorateClass([
+  backendSdk.action("wait-for-email")
+], NotificationServiceBase.prototype, "waitForEmail", 1);
+__decorateClass([
+  backendSdk.action("clear-received-emails")
+], NotificationServiceBase.prototype, "clearReceivedEmails", 1);
 NotificationServiceBase = __decorateClass([
   backendSdk.service("notification")
 ], NotificationServiceBase);