@lssm/example.openbanking-powens 0.0.0-canary-20251217083314 → 1.41.0

package/.turbo/turbo-build.log

@@ -1,29 +1,27 @@
-
-$ bun build:bundle && bun build:types
-$ tsdown
-ℹ tsdown v0.17.4 powered by rolldown v1.0.0-beta.53
-ℹ config file: /Users/tboutron/Documents/clients/lssm/monorepo-lssm/packages/contractspec/packages/examples/openbanking-powens/tsdown.config.js (unrun)
-ℹ entry: src/example.ts, src/index.ts, src/docs/index.ts, src/docs/openbanking-powens.docblock.ts, src/handlers/oauth-callback.ts, src/handlers/webhook-handler.ts
-ℹ target: esnext
-ℹ tsconfig: tsconfig.json
-ℹ Build start
-ℹ Cleaning 8 files
-ℹ dist/handlers/webhook-handler.js          1.86 kB │ gzip: 0.85 kB
-ℹ dist/docs/openbanking-powens.docblock.js  1.35 kB │ gzip: 0.68 kB
-ℹ dist/handlers/oauth-callback.js           1.29 kB │ gzip: 0.67 kB
-ℹ dist/example.js                           0.62 kB │ gzip: 0.37 kB
-ℹ dist/index.js                             0.27 kB │ gzip: 0.16 kB
-ℹ dist/docs/index.js                        0.04 kB │ gzip: 0.06 kB
-ℹ 6 files, total: 5.43 kB
-[UNRESOLVED_IMPORT] Warning: Could not resolve 'node:crypto' in src/handlers/webhook-handler.ts
-   ╭─[ src/handlers/webhook-handler.ts:7:45 ]
-   │
- 7 │ import { createHmac, timingSafeEqual } from 'node:crypto';
-   │                                             ──────┬──────  
-   │                                                   ╰──────── Module not found, treating it as an external dependency
-   │ 
-   │ Help: The "main" field here was ignored. Main fields must be configured explicitly when using the "neutral" platform.
-───╯
-
-✔ Build complete in 121ms
-$ tsc --noEmit
+$ bun build:bundle && bun build:types
+$ tsdown
+ℹ tsdown v0.17.4 powered by rolldown v1.0.0-beta.53
+ℹ config file: /home/runner/work/contractspec/contractspec/packages/examples/openbanking-powens/tsdown.config.js 
+ℹ entry: src/example.ts, src/index.ts, src/docs/index.ts, src/docs/openbanking-powens.docblock.ts, src/handlers/oauth-callback.ts, src/handlers/webhook-handler.ts
+ℹ target: esnext
+ℹ tsconfig: tsconfig.json
+ℹ Build start
+ℹ dist/handlers/webhook-handler.js          1.86 kB │ gzip: 0.85 kB
+ℹ dist/docs/openbanking-powens.docblock.js  1.35 kB │ gzip: 0.68 kB
+ℹ dist/handlers/oauth-callback.js           1.29 kB │ gzip: 0.67 kB
+ℹ dist/example.js                           0.62 kB │ gzip: 0.37 kB
+ℹ dist/index.js                             0.27 kB │ gzip: 0.16 kB
+ℹ dist/docs/index.js                        0.04 kB │ gzip: 0.06 kB
+ℹ 6 files, total: 5.43 kB
+✔ Build complete in 52ms
+[UNRESOLVED_IMPORT] Warning: Could not resolve 'node:crypto' in src/handlers/webhook-handler.ts
+   ╭─[ src/handlers/webhook-handler.ts:7:45 ]
+   │
+ 7 │ import { createHmac, timingSafeEqual } from 'node:crypto';
+   │                                             ──────┬──────  
+   │                                                   ╰──────── Module not found, treating it as an external dependency
+   │ 
+   │ Help: The "main" field here was ignored. Main fields must be configured explicitly when using the "neutral" platform.
+───╯
+
+$ tsc --noEmit

package/dist/docs/index.js

@@ -1 +1 @@
-import "./openbanking-powens.docblock.js";
+import"./openbanking-powens.docblock.js";

package/dist/docs/openbanking-powens.docblock.js

@@ -1,30 +1,14 @@
-import { registerDocBlocks } from "../libs/contracts/dist/docs/registry.js";
-import "../libs/contracts/dist/docs/index.js";
+import{registerDocBlocks as e}from"@lssm/lib.contracts/docs";e([{id:`docs.examples.openbanking-powens`,title:`Open Banking — Powens (example)`,summary:`Framework-neutral OAuth callback + webhook handler patterns for Powens, orchestrating canonical sync workflows.`,kind:`reference`,visibility:`public`,route:`/docs/examples/openbanking-powens`,tags:[`openbanking`,`powens`,`integration`,`example`],body:`## What this example shows
+- OAuth callback handler: exchange auth code, map powens user, enqueue sync workflow.
+- Webhook handler: verify signature, route event → workflow, optionally refresh balances.
 
-//#region src/docs/openbanking-powens.docblock.ts
-registerDocBlocks([{
-	id: "docs.examples.openbanking-powens",
-	title: "Open Banking — Powens (example)",
-	summary: "Framework-neutral OAuth callback + webhook handler patterns for Powens, orchestrating canonical sync workflows.",
-	kind: "reference",
-	visibility: "public",
-	route: "/docs/examples/openbanking-powens",
-	tags: [
-		"openbanking",
-		"powens",
-		"integration",
-		"example"
-	],
-	body: `## What this example shows\n- OAuth callback handler: exchange auth code, map powens user, enqueue sync workflow.\n- Webhook handler: verify signature, route event → workflow, optionally refresh balances.\n\n## Guardrails\n- Secrets via secret providers/env only.\n- Verify webhook signatures.\n- Keep side effects explicit: enqueue workflows instead of mutating canonical stores inline.`
-}, {
-	id: "docs.examples.openbanking-powens.usage",
-	title: "Open Banking — Powens — Usage",
-	summary: "How to integrate the handlers in a fetch-compatible runtime.",
-	kind: "usage",
-	visibility: "public",
-	route: "/docs/examples/openbanking-powens/usage",
-	tags: ["openbanking", "usage"],
-	body: `## Usage\n- Wire \`powensOAuthCallbackHandler(req)\` at your OAuth redirect route.\n- Wire \`powensWebhookHandler(req)\` at your webhook route.\n\n## Notes\n- Replace the fake stores with your app-layer persistence.\n- Enqueue ContractSpec workflows for canonical upserts and telemetry.`
-}]);
+## Guardrails
+- Secrets via secret providers/env only.
+- Verify webhook signatures.
+- Keep side effects explicit: enqueue workflows instead of mutating canonical stores inline.`},{id:`docs.examples.openbanking-powens.usage`,title:`Open Banking — Powens — Usage`,summary:`How to integrate the handlers in a fetch-compatible runtime.`,kind:`usage`,visibility:`public`,route:`/docs/examples/openbanking-powens/usage`,tags:[`openbanking`,`usage`],body:`## Usage
+- Wire \`powensOAuthCallbackHandler(req)\` at your OAuth redirect route.
+- Wire \`powensWebhookHandler(req)\` at your webhook route.
 
-//#endregion
+## Notes
+- Replace the fake stores with your app-layer persistence.
+- Enqueue ContractSpec workflows for canonical upserts and telemetry.`}]);

package/dist/example.js

@@ -1,39 +1 @@
-//#region src/example.ts
-const example = {
-	id: "openbanking-powens",
-	title: "Open Banking — Powens",
-	summary: "OAuth callback + webhook handler patterns for Powens open banking integration (provider + workflow orchestration).",
-	tags: [
-		"openbanking",
-		"powens",
-		"oauth",
-		"webhooks",
-		"integrations"
-	],
-	kind: "integration",
-	visibility: "public",
-	docs: {
-		rootDocId: "docs.examples.openbanking-powens",
-		usageDocId: "docs.examples.openbanking-powens.usage"
-	},
-	entrypoints: {
-		packageName: "@lssm/example.openbanking-powens",
-		docs: "./docs"
-	},
-	surfaces: {
-		templates: true,
-		sandbox: {
-			enabled: true,
-			modes: ["markdown", "specs"]
-		},
-		studio: {
-			enabled: true,
-			installable: true
-		},
-		mcp: { enabled: true }
-	}
-};
-var example_default = example;
-
-//#endregion
-export { example_default as default };
+var e={id:`openbanking-powens`,title:`Open Banking — Powens`,summary:`OAuth callback + webhook handler patterns for Powens open banking integration (provider + workflow orchestration).`,tags:[`openbanking`,`powens`,`oauth`,`webhooks`,`integrations`],kind:`integration`,visibility:`public`,docs:{rootDocId:`docs.examples.openbanking-powens`,usageDocId:`docs.examples.openbanking-powens.usage`},entrypoints:{packageName:`@lssm/example.openbanking-powens`,docs:`./docs`},surfaces:{templates:!0,sandbox:{enabled:!0,modes:[`markdown`,`specs`]},studio:{enabled:!0,installable:!0},mcp:{enabled:!0}}};export{e as default};

package/dist/handlers/oauth-callback.js

@@ -1,63 +1 @@
-import { PowensOpenBankingProvider } from "../integrations/providers-impls/dist/impls/powens-openbanking.js";
-
-//#region src/handlers/oauth-callback.ts
-/**
-* Example OAuth callback handler for Powens (open banking).
-*
-* This example stays framework-neutral: it operates on the standard `Request`
-* type so it can be used in Next.js, Elysia, or any fetch-compatible runtime.
-*/
-async function powensOAuthCallbackHandler(req) {
-	const url = new URL(req.url);
-	const code = url.searchParams.get("code");
-	const state = url.searchParams.get("state");
-	const userUuid = url.searchParams.get("user_uuid");
-	if (!code || !state || !userUuid) return new Response("Missing Powens OAuth params", { status: 400 });
-	const connection = await getConnectionByState(state);
-	if (!connection) return new Response("Unknown Powens OAuth state", { status: 404 });
-	const secrets = await getPowensSecretsForConnection(connection.meta.id);
-	const preview = await new PowensOpenBankingProvider({
-		clientId: secrets.clientId,
-		clientSecret: secrets.clientSecret,
-		apiKey: secrets.apiKey,
-		environment: connection.config.environment,
-		baseUrl: connection.config.baseUrl
-	}).listAccounts({
-		tenantId: connection.meta.tenantId,
-		connectionId: connection.meta.id,
-		userId: userUuid
-	});
-	await connection.storePowensUser({
-		tenantUserId: connection.meta.tenantUserId,
-		powensUserUuid: userUuid,
-		authCode: code
-	});
-	await enqueueWorkflow("pfo.workflow.sync-openbanking-accounts", {
-		tenantId: connection.meta.tenantId,
-		userUuid,
-		connectionId: connection.meta.id,
-		previewAccounts: preview.accounts
-	});
-	const redirectBase = process.env.APP_DASHBOARD_URL ?? "";
-	return Response.redirect(`${redirectBase}/banking/linked?tenant=${connection.meta.tenantId}`, 302);
-}
-async function getConnectionByState(state) {
-	return fakeDatabase.connections.find((conn) => conn.state === state) ?? null;
-}
-async function getPowensSecretsForConnection(connectionId) {
-	const secret = fakeSecretStore[connectionId];
-	if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);
-	return secret;
-}
-async function enqueueWorkflow(name, input) {
-	await fakeWorkflowQueue.enqueue({
-		name,
-		input
-	});
-}
-const fakeDatabase = { connections: [] };
-const fakeSecretStore = {};
-const fakeWorkflowQueue = { enqueue: async (_payload) => {} };
-
-//#endregion
-export { powensOAuthCallbackHandler };
+import{PowensOpenBankingProvider as e}from"@lssm/integration.providers-impls/impls/powens-openbanking";async function t(t){let a=new URL(t.url),o=a.searchParams.get(`code`),s=a.searchParams.get(`state`),c=a.searchParams.get(`user_uuid`);if(!o||!s||!c)return new Response(`Missing Powens OAuth params`,{status:400});let l=await n(s);if(!l)return new Response(`Unknown Powens OAuth state`,{status:404});let u=await r(l.meta.id),d=await new e({clientId:u.clientId,clientSecret:u.clientSecret,apiKey:u.apiKey,environment:l.config.environment,baseUrl:l.config.baseUrl}).listAccounts({tenantId:l.meta.tenantId,connectionId:l.meta.id,userId:c});await l.storePowensUser({tenantUserId:l.meta.tenantUserId,powensUserUuid:c,authCode:o}),await i(`pfo.workflow.sync-openbanking-accounts`,{tenantId:l.meta.tenantId,userUuid:c,connectionId:l.meta.id,previewAccounts:d.accounts});let f=process.env.APP_DASHBOARD_URL??``;return Response.redirect(`${f}/banking/linked?tenant=${l.meta.tenantId}`,302)}async function n(e){return a.connections.find(t=>t.state===e)??null}async function r(e){let t=o[e];if(!t)throw Error(`Missing Powens secrets for ${e}`);return t}async function i(e,t){await s.enqueue({name:e,input:t})}const a={connections:[]},o={},s={enqueue:async e=>{}};export{t as powensOAuthCallbackHandler};

package/dist/handlers/webhook-handler.js

@@ -1,87 +1 @@
-import { PowensOpenBankingProvider } from "../integrations/providers-impls/dist/impls/powens-openbanking.js";
-import { createHmac, timingSafeEqual } from "node:crypto";
-
-//#region src/handlers/webhook-handler.ts
-/**
-* Example Powens webhook handler (fetch-compatible).
-*
-* Verifies signature, then enqueues the canonical workflows to keep the ledger
-* in sync. Unknown events are ignored (or can be recorded by the app layer).
-*/
-async function powensWebhookHandler(req) {
-	const signature = req.headers.get("x-powens-signature");
-	const stateHeader = req.headers.get("x-powens-state");
-	const payload = await req.text();
-	if (!signature || !stateHeader) return new Response("Missing Powens signature headers", { status: 400 });
-	const connection = await getConnectionByState(stateHeader);
-	if (!connection) return new Response("Unknown Powens state header", { status: 404 });
-	const secrets = await getPowensSecretsForConnection(connection.meta.id);
-	if (!verifySignature(payload, signature, secrets.webhookSecret)) return new Response("Invalid Powens webhook signature", { status: 401 });
-	const event = JSON.parse(payload);
-	const provider = new PowensOpenBankingProvider({
-		clientId: secrets.clientId,
-		clientSecret: secrets.clientSecret,
-		apiKey: secrets.apiKey,
-		environment: connection.config.environment,
-		baseUrl: connection.config.baseUrl
-	});
-	switch (event.type) {
-		case "connection.updated":
-		case "user.sync.completed":
-			await enqueueWorkflow("pfo.workflow.sync-openbanking-accounts", {
-				tenantId: connection.meta.tenantId,
-				connectionId: connection.meta.id,
-				userUuid: event.user_uuid
-			});
-			break;
-		case "transactions.created":
-		case "transactions.updated":
-			await enqueueWorkflow("pfo.workflow.sync-openbanking-transactions", {
-				tenantId: connection.meta.tenantId,
-				connectionId: connection.meta.id,
-				userUuid: event.user_uuid,
-				accountId: event.account_uuid
-			});
-			break;
-		default: await logUnmappedEvent(event);
-	}
-	if (event.account_uuid) await provider.getBalances({
-		tenantId: connection.meta.tenantId,
-		connectionId: connection.meta.id,
-		accountId: event.account_uuid
-	});
-	return new Response("OK", { status: 200 });
-}
-function verifySignature(payload, signature, secret) {
-	const digest = createHmac("sha256", secret).update(payload).digest("hex");
-	const a = Buffer.from(digest, "hex");
-	const b = Buffer.from(signature, "hex");
-	return a.length === b.length && timingSafeEqual(a, b);
-}
-async function getConnectionByState(state) {
-	return fakeDatabase.connections.find((conn) => conn.state === state) ?? null;
-}
-async function getPowensSecretsForConnection(connectionId) {
-	const secret = fakeSecretStore[connectionId];
-	if (!secret) throw new Error(`Missing Powens secrets for ${connectionId}`);
-	return secret;
-}
-async function enqueueWorkflow(name, input) {
-	await fakeWorkflowQueue.enqueue({
-		name,
-		input
-	});
-}
-async function logUnmappedEvent(_event) {
-	await fakeTelemetryLogger.record({
-		event: "openbanking.webhook.unmapped",
-		payload: "redacted"
-	});
-}
-const fakeDatabase = { connections: [] };
-const fakeSecretStore = {};
-const fakeWorkflowQueue = { enqueue: async (_payload) => {} };
-const fakeTelemetryLogger = { record: async (_payload) => {} };
-
-//#endregion
-export { powensWebhookHandler };
+import{PowensOpenBankingProvider as e}from"@lssm/integration.providers-impls/impls/powens-openbanking";import{createHmac as t,timingSafeEqual as n}from"node:crypto";async function r(t){let n=t.headers.get(`x-powens-signature`),r=t.headers.get(`x-powens-state`),l=await t.text();if(!n||!r)return new Response(`Missing Powens signature headers`,{status:400});let u=await a(r);if(!u)return new Response(`Unknown Powens state header`,{status:404});let d=await o(u.meta.id);if(!i(l,n,d.webhookSecret))return new Response(`Invalid Powens webhook signature`,{status:401});let f=JSON.parse(l),p=new e({clientId:d.clientId,clientSecret:d.clientSecret,apiKey:d.apiKey,environment:u.config.environment,baseUrl:u.config.baseUrl});switch(f.type){case`connection.updated`:case`user.sync.completed`:await s(`pfo.workflow.sync-openbanking-accounts`,{tenantId:u.meta.tenantId,connectionId:u.meta.id,userUuid:f.user_uuid});break;case`transactions.created`:case`transactions.updated`:await s(`pfo.workflow.sync-openbanking-transactions`,{tenantId:u.meta.tenantId,connectionId:u.meta.id,userUuid:f.user_uuid,accountId:f.account_uuid});break;default:await c(f)}return f.account_uuid&&await p.getBalances({tenantId:u.meta.tenantId,connectionId:u.meta.id,accountId:f.account_uuid}),new Response(`OK`,{status:200})}function i(e,r,i){let a=t(`sha256`,i).update(e).digest(`hex`),o=Buffer.from(a,`hex`),s=Buffer.from(r,`hex`);return o.length===s.length&&n(o,s)}async function a(e){return l.connections.find(t=>t.state===e)??null}async function o(e){let t=u[e];if(!t)throw Error(`Missing Powens secrets for ${e}`);return t}async function s(e,t){await d.enqueue({name:e,input:t})}async function c(e){await f.record({event:`openbanking.webhook.unmapped`,payload:`redacted`})}const l={connections:[]},u={},d={enqueue:async e=>{}},f={record:async e=>{}};export{r as powensWebhookHandler};

package/dist/index.js

@@ -1,6 +1 @@
-import example_default from "./example.js";
-import { powensOAuthCallbackHandler } from "./handlers/oauth-callback.js";
-import { powensWebhookHandler } from "./handlers/webhook-handler.js";
-import "./docs/index.js";
-
-export { example_default as example, powensOAuthCallbackHandler, powensWebhookHandler };
+import e from"./example.js";import{powensOAuthCallbackHandler as t}from"./handlers/oauth-callback.js";import{powensWebhookHandler as n}from"./handlers/webhook-handler.js";import"./docs/index.js";export{e as example,t as powensOAuthCallbackHandler,n as powensWebhookHandler};

package/package.json

@@ -1,22 +1,20 @@
 {
   "name": "@lssm/example.openbanking-powens",
-  "version": "0.0.0-canary-20251217083314",
+  "version": "1.41.0",
   "description": "OpenBanking Powens example: OAuth callback + webhook handler patterns (provider + workflows).",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "exports": {
-    ".": "./dist/index.js",
-    "./docs": "./dist/docs/index.js",
-    "./docs/openbanking-powens.docblock": "./dist/docs/openbanking-powens.docblock.js",
-    "./example": "./dist/example.js",
-    "./handlers/oauth-callback": "./dist/handlers/oauth-callback.js",
-    "./handlers/webhook-handler": "./dist/handlers/webhook-handler.js",
+    ".": "./src/index.ts",
+    "./docs": "./src/docs/index.ts",
+    "./docs/openbanking-powens.docblock": "./src/docs/openbanking-powens.docblock.ts",
+    "./example": "./src/example.ts",
+    "./handlers/oauth-callback": "./src/handlers/oauth-callback.ts",
+    "./handlers/webhook-handler": "./src/handlers/webhook-handler.ts",
     "./*": "./*"
   },
   "scripts": {
-    "publish:pkg": "bun publish --tolerate-republish --ignore-scripts --verbose",
-    "publish:pkg:canary": "bun publish:pkg --tag canary",
     "build": "bun build:bundle && bun build:types",
     "build:bundle": "tsdown",
     "build:types": "tsc --noEmit",
@@ -28,13 +26,12 @@
     "test": "bun test"
   },
   "dependencies": {
-    "@lssm/integration.providers-impls": "0.0.0-canary-20251217083314",
-    "@lssm/lib.schema": "0.0.0-canary-20251217083314",
-    "@lssm/lib.contracts": "0.0.0-canary-20251217083314"
+    "@lssm/integration.providers-impls": "workspace:*",
+    "@lssm/lib.contracts": "workspace:*"
   },
   "devDependencies": {
-    "@lssm/tool.tsdown": "0.0.0-canary-20251217083314",
-    "@lssm/tool.typescript": "0.0.0-canary-20251217083314",
+    "@lssm/tool.tsdown": "workspace:*",
+    "@lssm/tool.typescript": "workspace:*",
     "tsdown": "^0.17.4",
     "typescript": "^5.9.3"
   },