@lssm/example.openbanking-powens 0.0.0-canary-20251217060834 → 0.0.0-canary-20251217072406

package/.turbo/turbo-build$colon$bundle.log

@@ -5,20 +5,52 @@ $ tsdown
 ℹ target: esnext
 ℹ tsconfig: tsconfig.json
 ℹ Build start
-ℹ Cleaning 14 files
-ℹ dist/handlers/webhook-handler.js            1.86 kB │ gzip: 0.85 kB
-ℹ dist/docs/openbanking-powens.docblock.js    1.35 kB │ gzip: 0.68 kB
-ℹ dist/handlers/oauth-callback.js             1.29 kB │ gzip: 0.67 kB
-ℹ dist/example.js                             0.62 kB │ gzip: 0.37 kB
-ℹ dist/index.js                               0.27 kB │ gzip: 0.16 kB
-ℹ dist/docs/index.js                          0.04 kB │ gzip: 0.06 kB
-ℹ dist/example.d.ts                           1.07 kB │ gzip: 0.44 kB
-ℹ dist/index.d.ts                             0.25 kB │ gzip: 0.13 kB
-ℹ dist/handlers/oauth-callback.d.ts           0.17 kB │ gzip: 0.14 kB
-ℹ dist/handlers/webhook-handler.d.ts          0.16 kB │ gzip: 0.14 kB
-ℹ dist/docs/index.d.ts                        0.01 kB │ gzip: 0.03 kB
-ℹ dist/docs/openbanking-powens.docblock.d.ts  0.01 kB │ gzip: 0.03 kB
-ℹ 12 files, total: 7.11 kB
+ℹ Cleaning 62 files
+ℹ dist/handlers/webhook-handler.js                                                3.28 kB │ gzip: 1.21 kB
+ℹ dist/handlers/oauth-callback.js                                                 2.37 kB │ gzip: 1.00 kB
+ℹ dist/docs/openbanking-powens.docblock.js                                        1.57 kB │ gzip: 0.75 kB
+ℹ dist/example.js                                                                 0.84 kB │ gzip: 0.44 kB
+ℹ dist/index.js                                                                   0.30 kB │ gzip: 0.16 kB
+ℹ dist/docs/index.js                                                              0.04 kB │ gzip: 0.06 kB
+ℹ dist/libs/contracts/dist/docs/accessibility_wcag_compliance_specs.docblock.js  16.91 kB │ gzip: 7.23 kB
+ℹ dist/libs/contracts/dist/docs/tech/schema/README.docblock.js                   11.21 kB │ gzip: 4.33 kB
+ℹ dist/libs/contracts/dist/docs/tech/lifecycle-stage-system.docblock.js           9.96 kB │ gzip: 3.83 kB
+ℹ dist/libs/contracts/dist/docs/tech/llm/llm-integration.docblock.js              9.53 kB │ gzip: 3.50 kB
+ℹ dist/libs/contracts/dist/docs/tech/PHASE_1_QUICKSTART.docblock.js               9.22 kB │ gzip: 2.77 kB
+ℹ dist/integrations/providers-impls/dist/impls/powens-openbanking.js              7.06 kB │ gzip: 1.87 kB
+ℹ dist/libs/contracts/dist/docs/tech/PHASE_3_AUTO_EVOLUTION.docblock.js           6.16 kB │ gzip: 2.65 kB
+ℹ dist/libs/contracts/dist/docs/tech/templates/runtime.docblock.js                5.85 kB │ gzip: 2.66 kB
+ℹ dist/integrations/providers-impls/dist/impls/powens-client.js                   5.81 kB │ gzip: 1.89 kB
+ℹ dist/libs/contracts/dist/docs/tech/workflows/overview.docblock.js               5.66 kB │ gzip: 2.34 kB
+ℹ dist/libs/contracts/dist/docs/tech/PHASE_5_ZERO_TOUCH_OPERATIONS.docblock.js    4.62 kB │ gzip: 2.13 kB
+ℹ dist/libs/contracts/dist/docs/tech/telemetry-ingest.docblock.js                 4.16 kB │ gzip: 1.78 kB
+ℹ dist/libs/contracts/dist/docs/tech/vscode-extension.docblock.js                 3.85 kB │ gzip: 1.47 kB
+ℹ dist/libs/contracts/dist/docs/PUBLISHING.docblock.js                            3.62 kB │ gzip: 1.65 kB
+ℹ dist/libs/contracts/dist/docs/tech/auth/better-auth-nextjs.docblock.js          3.60 kB │ gzip: 1.53 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/learning-journeys.docblock.js         3.33 kB │ gzip: 1.47 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/platform-admin-panel.docblock.js      3.30 kB │ gzip: 1.42 kB
+ℹ dist/libs/contracts/dist/docs/tech/PHASE_2_AI_NATIVE_OPERATIONS.docblock.js     3.25 kB │ gzip: 1.59 kB
+ℹ dist/libs/contracts/dist/docs/tech/PHASE_4_PERSONALIZATION_ENGINE.docblock.js   3.13 kB │ gzip: 1.47 kB
+ℹ dist/libs/contracts/dist/docs/tech/presentation-runtime.docblock.js             2.97 kB │ gzip: 1.38 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/project-routing.docblock.js           2.75 kB │ gzip: 1.22 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/team-invitations.docblock.js          2.40 kB │ gzip: 1.13 kB
+ℹ dist/libs/contracts/dist/docs/presentations.js                                  2.18 kB │ gzip: 0.77 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/workspaces.docblock.js                2.13 kB │ gzip: 1.02 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/learning-events.docblock.js           2.04 kB │ gzip: 0.97 kB
+ℹ dist/libs/contracts/dist/docs/tech/contracts/openapi-export.docblock.js         1.96 kB │ gzip: 0.97 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/project-access-teams.docblock.js      1.85 kB │ gzip: 0.87 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/workspace-ops.docblock.js             1.73 kB │ gzip: 0.82 kB
+ℹ dist/libs/contracts/dist/docs/index.js                                          1.58 kB │ gzip: 0.51 kB
+ℹ dist/libs/contracts/dist/docs/tech/mcp-endpoints.docblock.js                    1.46 kB │ gzip: 0.77 kB
+ℹ dist/libs/contracts/dist/docs/registry.js                                       1.25 kB │ gzip: 0.56 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/sandbox-unlogged.docblock.js          1.14 kB │ gzip: 0.65 kB
+ℹ dist/example.d.ts                                                               1.07 kB │ gzip: 0.44 kB
+ℹ dist/index.d.ts                                                                 0.25 kB │ gzip: 0.13 kB
+ℹ dist/handlers/oauth-callback.d.ts                                               0.17 kB │ gzip: 0.14 kB
+ℹ dist/handlers/webhook-handler.d.ts                                              0.16 kB │ gzip: 0.14 kB
+ℹ dist/docs/index.d.ts                                                            0.01 kB │ gzip: 0.03 kB
+ℹ dist/docs/openbanking-powens.docblock.d.ts                                      0.01 kB │ gzip: 0.03 kB
+ℹ 44 files, total: 155.76 kB
 [UNRESOLVED_IMPORT] Warning: Could not resolve 'node:crypto' in src/handlers/webhook-handler.ts
    ╭─[ src/handlers/webhook-handler.ts:7:45 ]
    │
@@ -29,4 +61,14 @@ $ tsdown
    │ Help: The "main" field here was ignored. Main fields must be configured explicitly when using the "neutral" platform.
 ───╯
 
-✔ Build complete in 14547ms
+[UNRESOLVED_IMPORT] Warning: Could not resolve 'node:url' in ../../integrations/providers-impls/dist/impls/powens-client.js
+   ╭─[ ../../integrations/providers-impls/dist/impls/powens-client.js:1:21 ]
+   │
+ 1 │ import { URL } from "node:url";
+   │                     ─────┬────  
+   │                          ╰────── Module not found, treating it as an external dependency
+   │ 
+   │ Help: The "main" field here was ignored. Main fields must be configured explicitly when using the "neutral" platform.
+───╯
+
+✔ Build complete in 15225ms

package/.turbo/turbo-build.log

@@ -6,19 +6,51 @@ $ tsdown
 ℹ target: esnext
 ℹ tsconfig: tsconfig.json
 ℹ Build start
-ℹ dist/handlers/webhook-handler.js            1.86 kB │ gzip: 0.85 kB
-ℹ dist/docs/openbanking-powens.docblock.js    1.35 kB │ gzip: 0.68 kB
-ℹ dist/handlers/oauth-callback.js             1.29 kB │ gzip: 0.67 kB
-ℹ dist/example.js                             0.62 kB │ gzip: 0.37 kB
-ℹ dist/index.js                               0.27 kB │ gzip: 0.16 kB
-ℹ dist/docs/index.js                          0.04 kB │ gzip: 0.06 kB
-ℹ dist/example.d.ts                           1.07 kB │ gzip: 0.44 kB
-ℹ dist/index.d.ts                             0.25 kB │ gzip: 0.13 kB
-ℹ dist/handlers/oauth-callback.d.ts           0.17 kB │ gzip: 0.14 kB
-ℹ dist/handlers/webhook-handler.d.ts          0.16 kB │ gzip: 0.14 kB
-ℹ dist/docs/index.d.ts                        0.01 kB │ gzip: 0.03 kB
-ℹ dist/docs/openbanking-powens.docblock.d.ts  0.01 kB │ gzip: 0.03 kB
-ℹ 12 files, total: 7.11 kB
+ℹ dist/handlers/webhook-handler.js                                                3.28 kB │ gzip: 1.21 kB
+ℹ dist/handlers/oauth-callback.js                                                 2.37 kB │ gzip: 1.00 kB
+ℹ dist/docs/openbanking-powens.docblock.js                                        1.57 kB │ gzip: 0.75 kB
+ℹ dist/example.js                                                                 0.84 kB │ gzip: 0.44 kB
+ℹ dist/index.js                                                                   0.30 kB │ gzip: 0.16 kB
+ℹ dist/docs/index.js                                                              0.04 kB │ gzip: 0.06 kB
+ℹ dist/libs/contracts/dist/docs/accessibility_wcag_compliance_specs.docblock.js  16.91 kB │ gzip: 7.23 kB
+ℹ dist/libs/contracts/dist/docs/tech/schema/README.docblock.js                   11.21 kB │ gzip: 4.33 kB
+ℹ dist/libs/contracts/dist/docs/tech/lifecycle-stage-system.docblock.js           9.96 kB │ gzip: 3.83 kB
+ℹ dist/libs/contracts/dist/docs/tech/llm/llm-integration.docblock.js              9.53 kB │ gzip: 3.50 kB
+ℹ dist/libs/contracts/dist/docs/tech/PHASE_1_QUICKSTART.docblock.js               9.22 kB │ gzip: 2.77 kB
+ℹ dist/integrations/providers-impls/dist/impls/powens-openbanking.js              7.06 kB │ gzip: 1.87 kB
+ℹ dist/libs/contracts/dist/docs/tech/PHASE_3_AUTO_EVOLUTION.docblock.js           6.16 kB │ gzip: 2.65 kB
+ℹ dist/libs/contracts/dist/docs/tech/templates/runtime.docblock.js                5.85 kB │ gzip: 2.66 kB
+ℹ dist/integrations/providers-impls/dist/impls/powens-client.js                   5.81 kB │ gzip: 1.89 kB
+ℹ dist/libs/contracts/dist/docs/tech/workflows/overview.docblock.js               5.66 kB │ gzip: 2.34 kB
+ℹ dist/libs/contracts/dist/docs/tech/PHASE_5_ZERO_TOUCH_OPERATIONS.docblock.js    4.62 kB │ gzip: 2.13 kB
+ℹ dist/libs/contracts/dist/docs/tech/telemetry-ingest.docblock.js                 4.16 kB │ gzip: 1.78 kB
+ℹ dist/libs/contracts/dist/docs/tech/vscode-extension.docblock.js                 3.85 kB │ gzip: 1.47 kB
+ℹ dist/libs/contracts/dist/docs/PUBLISHING.docblock.js                            3.62 kB │ gzip: 1.65 kB
+ℹ dist/libs/contracts/dist/docs/tech/auth/better-auth-nextjs.docblock.js          3.60 kB │ gzip: 1.53 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/learning-journeys.docblock.js         3.33 kB │ gzip: 1.47 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/platform-admin-panel.docblock.js      3.30 kB │ gzip: 1.42 kB
+ℹ dist/libs/contracts/dist/docs/tech/PHASE_2_AI_NATIVE_OPERATIONS.docblock.js     3.25 kB │ gzip: 1.59 kB
+ℹ dist/libs/contracts/dist/docs/tech/PHASE_4_PERSONALIZATION_ENGINE.docblock.js   3.13 kB │ gzip: 1.47 kB
+ℹ dist/libs/contracts/dist/docs/tech/presentation-runtime.docblock.js             2.97 kB │ gzip: 1.38 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/project-routing.docblock.js           2.75 kB │ gzip: 1.22 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/team-invitations.docblock.js          2.40 kB │ gzip: 1.13 kB
+ℹ dist/libs/contracts/dist/docs/presentations.js                                  2.18 kB │ gzip: 0.77 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/workspaces.docblock.js                2.13 kB │ gzip: 1.02 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/learning-events.docblock.js           2.04 kB │ gzip: 0.97 kB
+ℹ dist/libs/contracts/dist/docs/tech/contracts/openapi-export.docblock.js         1.96 kB │ gzip: 0.97 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/project-access-teams.docblock.js      1.85 kB │ gzip: 0.87 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/workspace-ops.docblock.js             1.73 kB │ gzip: 0.82 kB
+ℹ dist/libs/contracts/dist/docs/index.js                                          1.58 kB │ gzip: 0.51 kB
+ℹ dist/libs/contracts/dist/docs/tech/mcp-endpoints.docblock.js                    1.46 kB │ gzip: 0.77 kB
+ℹ dist/libs/contracts/dist/docs/registry.js                                       1.25 kB │ gzip: 0.56 kB
+ℹ dist/libs/contracts/dist/docs/tech/studio/sandbox-unlogged.docblock.js          1.14 kB │ gzip: 0.65 kB
+ℹ dist/example.d.ts                                                               1.07 kB │ gzip: 0.44 kB
+ℹ dist/index.d.ts                                                                 0.25 kB │ gzip: 0.13 kB
+ℹ dist/handlers/oauth-callback.d.ts                                               0.17 kB │ gzip: 0.14 kB
+ℹ dist/handlers/webhook-handler.d.ts                                              0.16 kB │ gzip: 0.14 kB
+ℹ dist/docs/index.d.ts                                                            0.01 kB │ gzip: 0.03 kB
+ℹ dist/docs/openbanking-powens.docblock.d.ts                                      0.01 kB │ gzip: 0.03 kB
+ℹ 44 files, total: 155.76 kB
 [UNRESOLVED_IMPORT] Warning: Could not resolve 'node:crypto' in src/handlers/webhook-handler.ts
    ╭─[ src/handlers/webhook-handler.ts:7:45 ]
    │
@@ -29,5 +61,15 @@ $ tsdown
    │ Help: The "main" field here was ignored. Main fields must be configured explicitly when using the "neutral" platform.
 ───╯
 
-✔ Build complete in 5848ms
+[UNRESOLVED_IMPORT] Warning: Could not resolve 'node:url' in ../../integrations/providers-impls/dist/impls/powens-client.js
+   ╭─[ ../../integrations/providers-impls/dist/impls/powens-client.js:1:21 ]
+   │
+ 1 │ import { URL } from "node:url";
+   │                     ─────┬────  
+   │                          ╰────── Module not found, treating it as an external dependency
+   │ 
+   │ Help: The "main" field here was ignored. Main fields must be configured explicitly when using the "neutral" platform.
+───╯
+
+✔ Build complete in 12876ms
 $ tsc --noEmit

package/CHANGELOG.md

@@ -1,6 +1,6 @@
 # @lssm/example.openbanking-powens
 
-## 0.0.0-canary-20251217060834
+## 0.0.0-canary-20251217072406
 
 ### Minor Changes
 
@@ -9,5 +9,6 @@
 ### Patch Changes
 
 - Updated dependencies [66a5dfd]
-  - @lssm/integration.providers-impls@0.0.0-canary-20251217060834
-  - @lssm/lib.contracts@0.0.0-canary-20251217060834
+  - @lssm/integration.providers-impls@0.0.0-canary-20251217072406
+  - @lssm/lib.contracts@0.0.0-canary-20251217072406
+  - @lssm/lib.schema@0.0.0-canary-20251217072406

package/dist/docs/index.js

@@ -1 +1 @@
-import"./openbanking-powens.docblock.js";
+import "./openbanking-powens.docblock.js";

package/dist/docs/openbanking-powens.docblock.js

@@ -1,14 +1,30 @@
-import{registerDocBlocks as e}from"@lssm/lib.contracts/docs";e([{id:`docs.examples.openbanking-powens`,title:`Open Banking — Powens (example)`,summary:`Framework-neutral OAuth callback + webhook handler patterns for Powens, orchestrating canonical sync workflows.`,kind:`reference`,visibility:`public`,route:`/docs/examples/openbanking-powens`,tags:[`openbanking`,`powens`,`integration`,`example`],body:`## What this example shows
-- OAuth callback handler: exchange auth code, map powens user, enqueue sync workflow.
-- Webhook handler: verify signature, route event → workflow, optionally refresh balances.
+import { registerDocBlocks } from "../libs/contracts/dist/docs/registry.js";
+import "../libs/contracts/dist/docs/index.js";
 
-## Guardrails
-- Secrets via secret providers/env only.
-- Verify webhook signatures.
-- Keep side effects explicit: enqueue workflows instead of mutating canonical stores inline.`},{id:`docs.examples.openbanking-powens.usage`,title:`Open Banking — Powens — Usage`,summary:`How to integrate the handlers in a fetch-compatible runtime.`,kind:`usage`,visibility:`public`,route:`/docs/examples/openbanking-powens/usage`,tags:[`openbanking`,`usage`],body:`## Usage
-- Wire \`powensOAuthCallbackHandler(req)\` at your OAuth redirect route.
-- Wire \`powensWebhookHandler(req)\` at your webhook route.
+//#region src/docs/openbanking-powens.docblock.ts
+registerDocBlocks([{
+	id: "docs.examples.openbanking-powens",
+	title: "Open Banking — Powens (example)",
+	summary: "Framework-neutral OAuth callback + webhook handler patterns for Powens, orchestrating canonical sync workflows.",
+	kind: "reference",
+	visibility: "public",
+	route: "/docs/examples/openbanking-powens",
+	tags: [
+		"openbanking",
+		"powens",
+		"integration",
+		"example"
+	],
+	body: `## What this example shows\n- OAuth callback handler: exchange auth code, map powens user, enqueue sync workflow.\n- Webhook handler: verify signature, route event → workflow, optionally refresh balances.\n\n## Guardrails\n- Secrets via secret providers/env only.\n- Verify webhook signatures.\n- Keep side effects explicit: enqueue workflows instead of mutating canonical stores inline.`
+}, {
+	id: "docs.examples.openbanking-powens.usage",
+	title: "Open Banking — Powens — Usage",
+	summary: "How to integrate the handlers in a fetch-compatible runtime.",
+	kind: "usage",
+	visibility: "public",
+	route: "/docs/examples/openbanking-powens/usage",
+	tags: ["openbanking", "usage"],
+	body: `## Usage\n- Wire \`powensOAuthCallbackHandler(req)\` at your OAuth redirect route.\n- Wire \`powensWebhookHandler(req)\` at your webhook route.\n\n## Notes\n- Replace the fake stores with your app-layer persistence.\n- Enqueue ContractSpec workflows for canonical upserts and telemetry.`
+}]);
 
-## Notes
-- Replace the fake stores with your app-layer persistence.
-- Enqueue ContractSpec workflows for canonical upserts and telemetry.`}]);
+//#endregion

package/dist/example.js

@@ -1 +1,39 @@
-var e={id:`openbanking-powens`,title:`Open Banking — Powens`,summary:`OAuth callback + webhook handler patterns for Powens open banking integration (provider + workflow orchestration).`,tags:[`openbanking`,`powens`,`oauth`,`webhooks`,`integrations`],kind:`integration`,visibility:`public`,docs:{rootDocId:`docs.examples.openbanking-powens`,usageDocId:`docs.examples.openbanking-powens.usage`},entrypoints:{packageName:`@lssm/example.openbanking-powens`,docs:`./docs`},surfaces:{templates:!0,sandbox:{enabled:!0,modes:[`markdown`,`specs`]},studio:{enabled:!0,installable:!0},mcp:{enabled:!0}}};export{e as default};
+//#region src/example.ts
+const example = {
+	id: "openbanking-powens",
+	title: "Open Banking — Powens",
+	summary: "OAuth callback + webhook handler patterns for Powens open banking integration (provider + workflow orchestration).",
+	tags: [
+		"openbanking",
+		"powens",
+		"oauth",
+		"webhooks",
+		"integrations"
+	],
+	kind: "integration",
+	visibility: "public",
+	docs: {
+		rootDocId: "docs.examples.openbanking-powens",
+		usageDocId: "docs.examples.openbanking-powens.usage"
+	},
+	entrypoints: {
+		packageName: "@lssm/example.openbanking-powens",
+		docs: "./docs"
+	},
+	surfaces: {
+		templates: true,
+		sandbox: {
+			enabled: true,
+			modes: ["markdown", "specs"]
+		},
+		studio: {
+			enabled: true,
+			installable: true
+		},
+		mcp: { enabled: true }
+	}
+};
+var example_default = example;
+
+//#endregion
+export { example_default as default };

package/dist/handlers/oauth-callback.js

@@ -1 +1,63 @@
-import{PowensOpenBankingProvider as e}from"@lssm/integration.providers-impls/impls/powens-openbanking";async function t(t){let a=new URL(t.url),o=a.searchParams.get(`code`),s=a.searchParams.get(`state`),c=a.searchParams.get(`user_uuid`);if(!o||!s||!c)return new Response(`Missing Powens OAuth params`,{status:400});let l=await n(s);if(!l)return new Response(`Unknown Powens OAuth state`,{status:404});let u=await r(l.meta.id),d=await new e({clientId:u.clientId,clientSecret:u.clientSecret,apiKey:u.apiKey,environment:l.config.environment,baseUrl:l.config.baseUrl}).listAccounts({tenantId:l.meta.tenantId,connectionId:l.meta.id,userId:c});await l.storePowensUser({tenantUserId:l.meta.tenantUserId,powensUserUuid:c,authCode:o}),await i(`pfo.workflow.sync-openbanking-accounts`,{tenantId:l.meta.tenantId,userUuid:c,connectionId:l.meta.id,previewAccounts:d.accounts});let f=process.env.APP_DASHBOARD_URL??``;return Response.redirect(`${f}/banking/linked?tenant=${l.meta.tenantId}`,302)}async function n(e){return a.connections.find(t=>t.state===e)??null}async function r(e){let t=o[e];if(!t)throw Error(`Missing Powens secrets for ${e}`);return t}async function i(e,t){await s.enqueue({name:e,input:t})}const a={connections:[]},o={},s={enqueue:async e=>{}};export{t as powensOAuthCallbackHandler};
+import { PowensOpenBankingProvider } from "../integrations/providers-impls/dist/impls/powens-openbanking.js";
+
+//#region src/handlers/oauth-callback.ts
+/**
+* Example OAuth callback handler for Powens (open banking).
+*
+* This example stays framework-neutral: it operates on the standard `Request`
+* type so it can be used in Next.js, Elysia, or any fetch-compatible runtime.
+*/
+async function powensOAuthCallbackHandler(req) {
+	const url = new URL(req.url);
+	const code = url.searchParams.get("code");
+	const state = url.searchParams.get("state");
+	const userUuid = url.searchParams.get("user_uuid");
+	if (!code || !state || !userUuid) return new Response("Missing Powens OAuth params", { status: 400 });
+	const connection = await getConnectionByState(state);
+	if (!connection) return new Response("Unknown Powens OAuth state", { status: 404 });
+	const secrets = await getPowensSecretsForConnection(connection.meta.id);
+	const preview = await new PowensOpenBankingProvider({
+		clientId: secrets.clientId,
+		clientSecret: secrets.clientSecret,
+		apiKey: secrets.apiKey,
+		environment: connection.config.environment,
+		baseUrl: connection.config.baseUrl
+	}).listAccounts({
+		tenantId: connection.meta.tenantId,
+		connectionId: connection.meta.id,
+		userId: userUuid
+	});
+	await connection.storePowensUser({
+		tenantUserId: connection.meta.tenantUserId,
+		powensUserUuid: userUuid,
+		authCode: code
+	});
+	await enqueueWorkflow("pfo.workflow.sync-openbanking-accounts", {
+		tenantId: connection.meta.tenantId,
+		userUuid,
+		connectionId: connection.meta.id,
+		previewAccounts: preview.accounts
+	});
+	const redirectBase = process.env.APP_DASHBOARD_URL ?? "";
+	return Response.redirect(`${redirectBase}/banking/linked?tenant=${connection.meta.tenantId}`, 302);
+}
+async function getConnectionByState(state) {
+	return fakeDatabase.connections.find((conn) => conn.state === state) ?? null;
+}
+async function getPowensSecretsForConnection(connectionId) {
+	const secret = fakeSecretStore[connectionId];
+	if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);
+	return secret;
+}
+async function enqueueWorkflow(name, input) {
+	await fakeWorkflowQueue.enqueue({
+		name,
+		input
+	});
+}
+const fakeDatabase = { connections: [] };
+const fakeSecretStore = {};
+const fakeWorkflowQueue = { enqueue: async (_payload) => {} };
+
+//#endregion
+export { powensOAuthCallbackHandler };

package/dist/handlers/webhook-handler.js

@@ -1 +1,87 @@
-import{PowensOpenBankingProvider as e}from"@lssm/integration.providers-impls/impls/powens-openbanking";import{createHmac as t,timingSafeEqual as n}from"node:crypto";async function r(t){let n=t.headers.get(`x-powens-signature`),r=t.headers.get(`x-powens-state`),l=await t.text();if(!n||!r)return new Response(`Missing Powens signature headers`,{status:400});let u=await a(r);if(!u)return new Response(`Unknown Powens state header`,{status:404});let d=await o(u.meta.id);if(!i(l,n,d.webhookSecret))return new Response(`Invalid Powens webhook signature`,{status:401});let f=JSON.parse(l),p=new e({clientId:d.clientId,clientSecret:d.clientSecret,apiKey:d.apiKey,environment:u.config.environment,baseUrl:u.config.baseUrl});switch(f.type){case`connection.updated`:case`user.sync.completed`:await s(`pfo.workflow.sync-openbanking-accounts`,{tenantId:u.meta.tenantId,connectionId:u.meta.id,userUuid:f.user_uuid});break;case`transactions.created`:case`transactions.updated`:await s(`pfo.workflow.sync-openbanking-transactions`,{tenantId:u.meta.tenantId,connectionId:u.meta.id,userUuid:f.user_uuid,accountId:f.account_uuid});break;default:await c(f)}return f.account_uuid&&await p.getBalances({tenantId:u.meta.tenantId,connectionId:u.meta.id,accountId:f.account_uuid}),new Response(`OK`,{status:200})}function i(e,r,i){let a=t(`sha256`,i).update(e).digest(`hex`),o=Buffer.from(a,`hex`),s=Buffer.from(r,`hex`);return o.length===s.length&&n(o,s)}async function a(e){return l.connections.find(t=>t.state===e)??null}async function o(e){let t=u[e];if(!t)throw Error(`Missing Powens secrets for ${e}`);return t}async function s(e,t){await d.enqueue({name:e,input:t})}async function c(e){await f.record({event:`openbanking.webhook.unmapped`,payload:`redacted`})}const l={connections:[]},u={},d={enqueue:async e=>{}},f={record:async e=>{}};export{r as powensWebhookHandler};
+import { PowensOpenBankingProvider } from "../integrations/providers-impls/dist/impls/powens-openbanking.js";
+import { createHmac, timingSafeEqual } from "node:crypto";
+
+//#region src/handlers/webhook-handler.ts
+/**
+* Example Powens webhook handler (fetch-compatible).
+*
+* Verifies signature, then enqueues the canonical workflows to keep the ledger
+* in sync. Unknown events are ignored (or can be recorded by the app layer).
+*/
+async function powensWebhookHandler(req) {
+	const signature = req.headers.get("x-powens-signature");
+	const stateHeader = req.headers.get("x-powens-state");
+	const payload = await req.text();
+	if (!signature || !stateHeader) return new Response("Missing Powens signature headers", { status: 400 });
+	const connection = await getConnectionByState(stateHeader);
+	if (!connection) return new Response("Unknown Powens state header", { status: 404 });
+	const secrets = await getPowensSecretsForConnection(connection.meta.id);
+	if (!verifySignature(payload, signature, secrets.webhookSecret)) return new Response("Invalid Powens webhook signature", { status: 401 });
+	const event = JSON.parse(payload);
+	const provider = new PowensOpenBankingProvider({
+		clientId: secrets.clientId,
+		clientSecret: secrets.clientSecret,
+		apiKey: secrets.apiKey,
+		environment: connection.config.environment,
+		baseUrl: connection.config.baseUrl
+	});
+	switch (event.type) {
+		case "connection.updated":
+		case "user.sync.completed":
+			await enqueueWorkflow("pfo.workflow.sync-openbanking-accounts", {
+				tenantId: connection.meta.tenantId,
+				connectionId: connection.meta.id,
+				userUuid: event.user_uuid
+			});
+			break;
+		case "transactions.created":
+		case "transactions.updated":
+			await enqueueWorkflow("pfo.workflow.sync-openbanking-transactions", {
+				tenantId: connection.meta.tenantId,
+				connectionId: connection.meta.id,
+				userUuid: event.user_uuid,
+				accountId: event.account_uuid
+			});
+			break;
+		default: await logUnmappedEvent(event);
+	}
+	if (event.account_uuid) await provider.getBalances({
+		tenantId: connection.meta.tenantId,
+		connectionId: connection.meta.id,
+		accountId: event.account_uuid
+	});
+	return new Response("OK", { status: 200 });
+}
+function verifySignature(payload, signature, secret) {
+	const digest = createHmac("sha256", secret).update(payload).digest("hex");
+	const a = Buffer.from(digest, "hex");
+	const b = Buffer.from(signature, "hex");
+	return a.length === b.length && timingSafeEqual(a, b);
+}
+async function getConnectionByState(state) {
+	return fakeDatabase.connections.find((conn) => conn.state === state) ?? null;
+}
+async function getPowensSecretsForConnection(connectionId) {
+	const secret = fakeSecretStore[connectionId];
+	if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);
+	return secret;
+}
+async function enqueueWorkflow(name, input) {
+	await fakeWorkflowQueue.enqueue({
+		name,
+		input
+	});
+}
+async function logUnmappedEvent(_event) {
+	await fakeTelemetryLogger.record({
+		event: "openbanking.webhook.unmapped",
+		payload: "redacted"
+	});
+}
+const fakeDatabase = { connections: [] };
+const fakeSecretStore = {};
+const fakeWorkflowQueue = { enqueue: async (_payload) => {} };
+const fakeTelemetryLogger = { record: async (_payload) => {} };
+
+//#endregion
+export { powensWebhookHandler };

package/dist/index.js

@@ -1 +1,6 @@
-import e from"./example.js";import{powensOAuthCallbackHandler as t}from"./handlers/oauth-callback.js";import{powensWebhookHandler as n}from"./handlers/webhook-handler.js";import"./docs/index.js";export{e as example,t as powensOAuthCallbackHandler,n as powensWebhookHandler};
+import example_default from "./example.js";
+import { powensOAuthCallbackHandler } from "./handlers/oauth-callback.js";
+import { powensWebhookHandler } from "./handlers/webhook-handler.js";
+import "./docs/index.js";
+
+export { example_default as example, powensOAuthCallbackHandler, powensWebhookHandler };

package/dist/integrations/providers-impls/dist/impls/powens-client.js

@@ -0,0 +1,171 @@
+import { URL } from "node:url";
+
+//#region ../../integrations/providers-impls/dist/impls/powens-client.js
+const POWENS_BASE_URL = {
+	sandbox: "https://api-sandbox.powens.com/v2",
+	production: "https://api.powens.com/v2"
+};
+var PowensClientError = class extends Error {
+	status;
+	code;
+	requestId;
+	response;
+	constructor(message, status, code, requestId, response) {
+		super(message);
+		this.name = "PowensClientError";
+		this.status = status;
+		this.code = code;
+		this.requestId = requestId;
+		this.response = response;
+	}
+};
+var PowensClient = class {
+	clientId;
+	clientSecret;
+	apiKey;
+	fetchImpl;
+	logger;
+	defaultTimeoutMs;
+	token;
+	baseUrl;
+	constructor(options) {
+		this.clientId = options.clientId;
+		this.clientSecret = options.clientSecret;
+		this.apiKey = options.apiKey;
+		this.fetchImpl = options.fetchImpl ?? fetch;
+		this.logger = options.logger;
+		this.defaultTimeoutMs = options.defaultTimeoutMs ?? 15e3;
+		this.baseUrl = options.baseUrl ?? POWENS_BASE_URL[options.environment] ?? POWENS_BASE_URL.production;
+	}
+	async listAccounts(params) {
+		const searchParams = {
+			cursor: params.cursor,
+			limit: params.limit,
+			include_balances: params.includeBalances,
+			institution_uuid: params.institutionUuid
+		};
+		return await this.request({
+			method: "GET",
+			path: `/users/${encodeURIComponent(params.userUuid)}/accounts`,
+			searchParams
+		});
+	}
+	async getAccount(accountUuid) {
+		return this.request({
+			method: "GET",
+			path: `/accounts/${encodeURIComponent(accountUuid)}`
+		});
+	}
+	async listTransactions(params) {
+		const searchParams = {
+			cursor: params.cursor,
+			limit: params.limit,
+			from: params.from,
+			to: params.to,
+			include_pending: params.includePending
+		};
+		return this.request({
+			method: "GET",
+			path: `/accounts/${encodeURIComponent(params.accountUuid)}/transactions`,
+			searchParams
+		});
+	}
+	async getBalances(accountUuid) {
+		return this.request({
+			method: "GET",
+			path: `/accounts/${encodeURIComponent(accountUuid)}/balances`
+		});
+	}
+	async getConnectionStatus(connectionUuid) {
+		return this.request({
+			method: "GET",
+			path: `/connections/${encodeURIComponent(connectionUuid)}`
+		});
+	}
+	async request(options) {
+		const url = new URL(options.path, this.baseUrl);
+		if (options.searchParams) for (const [key, value] of Object.entries(options.searchParams)) {
+			if (value === void 0 || value === null) continue;
+			url.searchParams.set(key, String(value));
+		}
+		const headers = {
+			Accept: "application/json",
+			"Content-Type": "application/json",
+			...options.headers
+		};
+		if (this.apiKey) headers["x-api-key"] = this.apiKey;
+		if (!options.skipAuth) headers.Authorization = `Bearer ${await this.ensureAccessToken()}`;
+		const controller = new AbortController();
+		const timeout = setTimeout(() => controller.abort(), options.timeoutMs ?? this.defaultTimeoutMs);
+		try {
+			const response = await this.fetchImpl(url, {
+				method: options.method,
+				headers,
+				body: options.body ? JSON.stringify(options.body) : void 0,
+				signal: controller.signal
+			});
+			const requestId = response.headers.get("x-request-id") ?? void 0;
+			if (!response.ok) {
+				let errorBody;
+				try {
+					errorBody = await response.json();
+				} catch {}
+				const errorObject = typeof errorBody === "object" && errorBody !== null ? errorBody : void 0;
+				const message = typeof errorObject?.message === "string" ? errorObject.message : `Powens API request failed with status ${response.status}`;
+				const code = typeof errorObject?.code === "string" ? errorObject.code : void 0;
+				throw new PowensClientError(message, response.status, code, requestId, errorBody);
+			}
+			if (response.status === 204) return;
+			try {
+				return await response.json();
+			} catch (error) {
+				this.logger?.error?.("[PowensClient] Failed to parse JSON response", error);
+				throw new PowensClientError("Failed to parse Powens response payload as JSON", response.status, void 0, requestId);
+			}
+		} catch (error) {
+			if (error instanceof PowensClientError) throw error;
+			if (error.name === "AbortError") throw new PowensClientError(`Powens API request timed out after ${options.timeoutMs ?? this.defaultTimeoutMs}ms`, 408);
+			this.logger?.error?.("[PowensClient] Request failed", error);
+			throw new PowensClientError(error.message ?? "Powens API request failed", 500);
+		} finally {
+			clearTimeout(timeout);
+		}
+	}
+	async ensureAccessToken() {
+		if (this.token && Date.now() < this.token.expiresAt - 5e3) return this.token.accessToken;
+		this.token = await this.fetchAccessToken();
+		return this.token.accessToken;
+	}
+	async fetchAccessToken() {
+		const url = new URL("/oauth/token", this.baseUrl);
+		const basicAuth = Buffer.from(`${this.clientId}:${this.clientSecret}`, "utf-8").toString("base64");
+		const response = await this.fetchImpl(url, {
+			method: "POST",
+			headers: {
+				Authorization: `Basic ${basicAuth}`,
+				"Content-Type": "application/x-www-form-urlencoded",
+				Accept: "application/json"
+			},
+			body: new URLSearchParams({ grant_type: "client_credentials" }).toString()
+		});
+		if (!response.ok) {
+			let errorBody;
+			try {
+				errorBody = await response.json();
+			} catch {}
+			const errorObject = typeof errorBody === "object" && errorBody !== null ? errorBody : void 0;
+			throw new PowensClientError(typeof errorObject?.error_description === "string" ? errorObject.error_description : "Failed to obtain Powens access token", response.status, void 0, void 0, errorBody);
+		}
+		const payload = await response.json();
+		const expiresAt = Date.now() + payload.expires_in * 1e3;
+		this.logger?.debug?.("[PowensClient] Received access token", { expiresIn: payload.expires_in });
+		return {
+			accessToken: payload.access_token,
+			expiresAt,
+			scope: payload.scope
+		};
+	}
+};
+
+//#endregion
+export { PowensClient, PowensClientError };