@team-plain/webhooks 0.1.0

package/dist/errors.d.ts

@@ -0,0 +1,10 @@
+export declare abstract class PlainWebhookError extends Error {
+}
+export declare class PlainWebhookSignatureVerificationError extends PlainWebhookError {
+}
+export declare class PlainWebhookVersionMismatchError extends PlainWebhookError {
+    constructor(error: string, payloadVersion: string);
+}
+export declare class PlainWebhookPayloadError extends PlainWebhookError {
+}
+//# sourceMappingURL=errors.d.ts.map

package/dist/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA,8BAAsB,iBAAkB,SAAQ,KAAK;CAAG;AAExD,qBAAa,sCAAuC,SAAQ,iBAAiB;CAAG;AAEhF,qBAAa,gCAAiC,SAAQ,iBAAiB;gBACzD,KAAK,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM;CAKlD;AAED,qBAAa,wBAAyB,SAAQ,iBAAiB;CAAG"}

package/dist/errors.js

@@ -0,0 +1,12 @@
+export class PlainWebhookError extends Error {
+}
+export class PlainWebhookSignatureVerificationError extends PlainWebhookError {
+}
+export class PlainWebhookVersionMismatchError extends PlainWebhookError {
+    constructor(error, payloadVersion) {
+        super(`The webhook payload (version=${payloadVersion}) is incompatible with the current version of the SDK. Please upgrade both the SDK and the webhook target to the latest version. Refer to https://www.plain.com/docs/api-reference/webhooks/versions for more information. Original error: ${error}`);
+    }
+}
+export class PlainWebhookPayloadError extends PlainWebhookError {
+}
+//# sourceMappingURL=errors.js.map

package/dist/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA,MAAM,OAAgB,iBAAkB,SAAQ,KAAK;CAAG;AAExD,MAAM,OAAO,sCAAuC,SAAQ,iBAAiB;CAAG;AAEhF,MAAM,OAAO,gCAAiC,SAAQ,iBAAiB;IACrE,YAAY,KAAa,EAAE,cAAsB;QAC/C,KAAK,CACH,gCAAgC,cAAc,8OAA8O,KAAK,EAAE,CACpS,CAAC;IACJ,CAAC;CACF;AAED,MAAM,OAAO,wBAAyB,SAAQ,iBAAiB;CAAG"}

package/dist/index.d.ts

@@ -0,0 +1,6 @@
+export { parsePlainWebhook } from "./parse.js";
+export { verifyPlainWebhook } from "./verify.js";
+export { PlainWebhookError, PlainWebhookSignatureVerificationError, PlainWebhookVersionMismatchError, PlainWebhookPayloadError, } from "./errors.js";
+export type { Result } from "./result.js";
+export type { CustomerChangedPayload, CustomerCreatedPublicEventPayload, CustomerDeletedPublicEventPayload, CustomerGroupChangedPayload, CustomerGroupMembershipsChangedPayload, CustomerUpdatedPublicEventPayload, ThreadAssignmentTransitionedPublicEventPayload, ThreadChatSentPublicEventPayload, ThreadCreatedPublicEventPayload, ThreadEmailReceivedPublicEventPayload, ThreadEmailSentPublicEventPayload, ThreadFieldCreatedPublicEventPayload, ThreadFieldDeletedPublicEventPayload, ThreadFieldUpdatedPublicEventPayload, ThreadLabelsChangedPublicEventPayload, ThreadPriorityChangedPublicEventPayload, ThreadServiceLevelAgreementStatusTransitionedPayload, ThreadSlackMessageReceivedEventPayload, ThreadSlackMessageSentEventPayload, ThreadStatusTransitionedPublicEventPayload, TimelineEntryChangedPayload, WebhooksSchemaDefinition, } from "./webhook-schema.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAC/C,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AACjD,OAAO,EACL,iBAAiB,EACjB,sCAAsC,EACtC,gCAAgC,EAChC,wBAAwB,GACzB,MAAM,aAAa,CAAC;AACrB,YAAY,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAE1C,YAAY,EACV,sBAAsB,EACtB,iCAAiC,EACjC,iCAAiC,EACjC,2BAA2B,EAC3B,sCAAsC,EACtC,iCAAiC,EACjC,8CAA8C,EAC9C,gCAAgC,EAChC,+BAA+B,EAC/B,qCAAqC,EACrC,iCAAiC,EACjC,oCAAoC,EACpC,oCAAoC,EACpC,oCAAoC,EACpC,qCAAqC,EACrC,uCAAuC,EACvC,oDAAoD,EACpD,sCAAsC,EACtC,kCAAkC,EAClC,0CAA0C,EAC1C,2BAA2B,EAC3B,wBAAwB,GACzB,MAAM,qBAAqB,CAAC"}

package/dist/index.js

@@ -0,0 +1,4 @@
+export { parsePlainWebhook } from "./parse.js";
+export { verifyPlainWebhook } from "./verify.js";
+export { PlainWebhookError, PlainWebhookSignatureVerificationError, PlainWebhookVersionMismatchError, PlainWebhookPayloadError, } from "./errors.js";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAC/C,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AACjD,OAAO,EACL,iBAAiB,EACjB,sCAAsC,EACtC,gCAAgC,EAChC,wBAAwB,GACzB,MAAM,aAAa,CAAC"}

package/dist/parse.d.ts

@@ -0,0 +1,5 @@
+import { type Result } from "./result.js";
+import { PlainWebhookPayloadError } from "./errors.js";
+import type { WebhooksSchemaDefinition } from "./webhook-schema.js";
+export declare function parsePlainWebhook(unknownPayload: unknown): Result<WebhooksSchemaDefinition, PlainWebhookPayloadError>;
+//# sourceMappingURL=parse.d.ts.map

package/dist/parse.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"parse.d.ts","sourceRoot":"","sources":["../src/parse.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,KAAK,MAAM,EAAS,MAAM,aAAa,CAAC;AACjD,OAAO,EAEL,wBAAwB,EAEzB,MAAM,aAAa,CAAC;AACrB,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,qBAAqB,CAAC;AAGpE,wBAAgB,iBAAiB,CAC/B,cAAc,EAAE,OAAO,GACtB,MAAM,CAAC,wBAAwB,EAAE,wBAAwB,CAAC,CAuC5D"}

package/dist/parse.js

@@ -0,0 +1,102 @@
+import { Ajv } from "ajv";
+import _addFormats from "ajv-formats";
+// ajv-formats is CJS — under nodenext the default import resolves to the module namespace
+const addFormats = _addFormats;
+import { isErr } from "./result.js";
+import { PlainWebhookPayloadError, PlainWebhookVersionMismatchError, } from "./errors.js";
+import webhookSchema from "./webhook-schema.json" with { type: "json" };
+export function parsePlainWebhook(unknownPayload) {
+    const payloadResult = (() => {
+        if (typeof unknownPayload === "string") {
+            try {
+                return { data: JSON.parse(unknownPayload) };
+            }
+            catch (_e) {
+                return {
+                    error: new PlainWebhookPayloadError("The webhook payload is not a valid JSON object."),
+                };
+            }
+        }
+        return { data: unknownPayload };
+    })();
+    if (isErr(payloadResult)) {
+        return payloadResult;
+    }
+    const payload = payloadResult.data;
+    const ajv = new Ajv({
+        unicodeRegExp: false,
+    });
+    addFormats(ajv);
+    if (ajv.validate(webhookSchema, payload)) {
+        return { data: payload };
+    }
+    try {
+        return { error: getParseError(payload, ajv.errorsText()) };
+    }
+    catch (_e) {
+        return {
+            error: new PlainWebhookPayloadError(`Failed to parse the webhook payload: ${ajv.errorsText()}`),
+        };
+    }
+}
+function getParseError(payload, originalAjvError) {
+    const errorMessage = getErrorMessageForHumans(payload, originalAjvError);
+    if (isVersionMismatch(payload)) {
+        return new PlainWebhookVersionMismatchError(errorMessage, getPayloadVersion(payload) ?? "unknown");
+    }
+    return new PlainWebhookPayloadError(errorMessage);
+}
+function isVersionMismatch(payload) {
+    const schemaVersion = getSchemaVersion();
+    return typeof schemaVersion === "string" && schemaVersion !== getPayloadVersion(payload);
+}
+function getErrorMessageForHumans(payload, originalAjvError) {
+    try {
+        const eventType = payload.type;
+        if (typeof eventType !== "string") {
+            return originalAjvError;
+        }
+        const payloadDefinitionKey = (() => {
+            for (const [key, definition] of Object.entries(webhookSchema.definitions)) {
+                if (definition?.properties?.eventType?.const === eventType) {
+                    return key;
+                }
+            }
+            return null;
+        })();
+        if (payloadDefinitionKey === null) {
+            return originalAjvError;
+        }
+        const updatedSchema = {
+            ...webhookSchema,
+            properties: {
+                ...webhookSchema.properties,
+                payload: {
+                    $ref: `#/definitions/${payloadDefinitionKey}`,
+                },
+            },
+        };
+        const ajv = new Ajv({
+            unicodeRegExp: false,
+        });
+        addFormats(ajv);
+        if (ajv.validate(updatedSchema, payload)) {
+            return originalAjvError;
+        }
+        return ajv.errorsText();
+    }
+    catch (_e) {
+        return originalAjvError;
+    }
+}
+function getPayloadVersion(payload) {
+    const metadata = payload?.webhookMetadata;
+    const ret = metadata?.webhookTargetVersion;
+    return typeof ret === "string" ? ret : null;
+}
+function getSchemaVersion() {
+    const ret = webhookSchema?.definitions?.webhookMetadata?.properties?.webhookTargetVersion
+        ?.const;
+    return typeof ret === "string" ? ret : null;
+}
+//# sourceMappingURL=parse.js.map

package/dist/parse.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"parse.js","sourceRoot":"","sources":["../src/parse.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,EAAE,MAAM,KAAK,CAAC;AAC1B,OAAO,WAAW,MAAM,aAAa,CAAC;AAEtC,0FAA0F;AAC1F,MAAM,UAAU,GAAG,WAAoD,CAAC;AAExE,OAAO,EAAe,KAAK,EAAE,MAAM,aAAa,CAAC;AACjD,OAAO,EAEL,wBAAwB,EACxB,gCAAgC,GACjC,MAAM,aAAa,CAAC;AAErB,OAAO,aAAa,MAAM,uBAAuB,CAAC,OAAO,IAAI,EAAE,MAAM,EAAE,CAAC;AAExE,MAAM,UAAU,iBAAiB,CAC/B,cAAuB;IAEvB,MAAM,aAAa,GAAG,CAAC,GAAG,EAAE;QAC1B,IAAI,OAAO,cAAc,KAAK,QAAQ,EAAE,CAAC;YACvC,IAAI,CAAC;gBACH,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;YAC9C,CAAC;YAAC,OAAO,EAAE,EAAE,CAAC;gBACZ,OAAO;oBACL,KAAK,EAAE,IAAI,wBAAwB,CAAC,iDAAiD,CAAC;iBACvF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC;IAClC,CAAC,CAAC,EAAE,CAAC;IAEL,IAAI,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC;QACzB,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC;IAEnC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC;QAClB,aAAa,EAAE,KAAK;KACrB,CAAC,CAAC;IACH,UAAU,CAAC,GAAG,CAAC,CAAC;IAEhB,IAAI,GAAG,CAAC,QAAQ,CAA2B,aAAa,EAAE,OAAO,CAAC,EAAE,CAAC;QACnE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IAC3B,CAAC;IAED,IAAI,CAAC;QACH,OAAO,EAAE,KAAK,EAAE,aAAa,CAAC,OAAO,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC,EAAE,CAAC;IAC7D,CAAC;IAAC,OAAO,EAAE,EAAE,CAAC;QACZ,OAAO;YACL,KAAK,EAAE,IAAI,wBAAwB,CACjC,wCAAwC,GAAG,CAAC,UAAU,EAAE,EAAE,CAC3D;SACF,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CACpB,OAAgC,EAChC,gBAAwB;IAExB,MAAM,YAAY,GAAG,wBAAwB,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;IAEzE,IAAI,iBAAiB,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/B,OAAO,IAAI,gCAAgC,CACzC,YAAY,EACZ,iBAAiB,CAAC,OAAO,CAAC,IAAI,SAAS,CACxC,CAAC;IACJ,CAAC;IAED,OAAO,IAAI,wBAAwB,CAAC,YAAY,CAAC,CAAC;AACpD,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAgC;IACzD,MAAM,aAAa,GAAG,gBAAgB,EAAE,CAAC;IACzC,OAAO,OAAO,aAAa,KAAK,QAAQ,IAAI,aAAa,KAAK,iBAAiB,CAAC,OAAO,CAAC,CAAC;AAC3F,CAAC;AAED,SAAS,wBAAwB,CAC/B,OAAgC,EAChC,gBAAwB;IAExB,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;QAC/B,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;YAClC,OAAO,gBAAgB,CAAC;QAC1B,CAAC;QAED,MAAM,oBAAoB,GAAG,CAAC,GAAG,EAAE;YACjC,KAAK,MAAM,CAAC,GAAG,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAC3C,aAAqC,CAAC,WAAW,CACnD,EAAE,CAAC;gBACF,IAAK,UAAkB,EAAE,UAAU,EAAE,SAAS,EAAE,KAAK,KAAK,SAAS,EAAE,CAAC;oBACpE,OAAO,GAAG,CAAC;gBACb,CAAC;YACH,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC,EAAE,CAAC;QAEL,IAAI,oBAAoB,KAAK,IAAI,EAAE,CAAC;YAClC,OAAO,gBAAgB,CAAC;QAC1B,CAAC;QAED,MAAM,aAAa,GAAG;YACpB,GAAG,aAAa;YAChB,UAAU,EAAE;gBACV,GAAI,aAAqC,CAAC,UAAU;gBACpD,OAAO,EAAE;oBACP,IAAI,EAAE,iBAAiB,oBAAoB,EAAE;iBAC9C;aACF;SACF,CAAC;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC;YAClB,aAAa,EAAE,KAAK;SACrB,CAAC,CAAC;QACH,UAAU,CAAC,GAAG,CAAC,CAAC;QAEhB,IAAI,GAAG,CAAC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC,EAAE,CAAC;YACzC,OAAO,gBAAgB,CAAC;QAC1B,CAAC;QAED,OAAO,GAAG,CAAC,UAAU,EAAE,CAAC;IAC1B,CAAC;IAAC,OAAO,EAAE,EAAE,CAAC;QACZ,OAAO,gBAAgB,CAAC;IAC1B,CAAC;AACH,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAgC;IACzD,MAAM,QAAQ,GAAI,OAAe,EAAE,eAAe,CAAC;IACnD,MAAM,GAAG,GAAG,QAAQ,EAAE,oBAAoB,CAAC;IAC3C,OAAO,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;AAC9C,CAAC;AAED,SAAS,gBAAgB;IACvB,MAAM,GAAG,GAAI,aAAqB,EAAE,WAAW,EAAE,eAAe,EAAE,UAAU,EAAE,oBAAoB;QAChG,EAAE,KAAK,CAAC;IACV,OAAO,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;AAC9C,CAAC"}

package/dist/result.d.ts

@@ -0,0 +1,12 @@
+type Data<T> = {
+    data: T;
+    error?: never;
+};
+type Err<U> = {
+    data?: never;
+    error: U;
+};
+export type Result<T, U> = NonNullable<Data<T> | Err<U>>;
+export declare const isErr: <T, U>(result: Result<T, U>) => result is Err<U>;
+export {};
+//# sourceMappingURL=result.d.ts.map

package/dist/result.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"result.d.ts","sourceRoot":"","sources":["../src/result.ts"],"names":[],"mappings":"AAAA,KAAK,IAAI,CAAC,CAAC,IAAI;IACb,IAAI,EAAE,CAAC,CAAC;IACR,KAAK,CAAC,EAAE,KAAK,CAAC;CACf,CAAC;AAEF,KAAK,GAAG,CAAC,CAAC,IAAI;IACZ,IAAI,CAAC,EAAE,KAAK,CAAC;IACb,KAAK,EAAE,CAAC,CAAC;CACV,CAAC;AAEF,MAAM,MAAM,MAAM,CAAC,CAAC,EAAE,CAAC,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AAEzD,eAAO,MAAM,KAAK,GAAI,CAAC,EAAE,CAAC,EAAE,QAAQ,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,KAAG,MAAM,IAAI,GAAG,CAAC,CAAC,CAEjE,CAAC"}

package/dist/result.js

@@ -0,0 +1,4 @@
+export const isErr = (result) => {
+    return !!result.error;
+};
+//# sourceMappingURL=result.js.map

package/dist/result.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"result.js","sourceRoot":"","sources":["../src/result.ts"],"names":[],"mappings":"AAYA,MAAM,CAAC,MAAM,KAAK,GAAG,CAAO,MAAoB,EAAoB,EAAE;IACpE,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;AACxB,CAAC,CAAC"}

package/dist/verify.d.ts

@@ -0,0 +1,14 @@
+import { type Result } from "./result.js";
+import { type PlainWebhookError } from "./errors.js";
+import type { WebhooksSchemaDefinition } from "./webhook-schema.js";
+/**
+ * Verifies and validates a Plain webhook payload.
+ *
+ * @param payload - The raw request body.
+ * @param signature - The value of the 'Plain-Request-Signature' header.
+ * @param secret - Your Plain webhook signing secret.
+ * @param tolerance - (Optional) Maximum allowed difference in seconds between the timestamp and the current time. Defaults to 300 seconds. This is helpful to prevent replay attacks.
+ * @returns A Result object containing the validated payload or an error.
+ */
+export declare function verifyPlainWebhook(payloadRaw: string, signature: string, secret: string, tolerance?: number): Result<WebhooksSchemaDefinition, PlainWebhookError>;
+//# sourceMappingURL=verify.d.ts.map

package/dist/verify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,KAAK,MAAM,EAAS,MAAM,aAAa,CAAC;AACjD,OAAO,EACL,KAAK,iBAAiB,EAGvB,MAAM,aAAa,CAAC;AAErB,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,qBAAqB,CAAC;AAEpE;;;;;;;;GAQG;AACH,wBAAgB,kBAAkB,CAChC,UAAU,EAAE,MAAM,EAClB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,SAAS,SAAM,GACd,MAAM,CAAC,wBAAwB,EAAE,iBAAiB,CAAC,CAgCrD"}

package/dist/verify.js

@@ -0,0 +1,65 @@
+import * as crypto from "node:crypto";
+import { isErr } from "./result.js";
+import { PlainWebhookPayloadError, PlainWebhookSignatureVerificationError, } from "./errors.js";
+import { parsePlainWebhook } from "./parse.js";
+/**
+ * Verifies and validates a Plain webhook payload.
+ *
+ * @param payload - The raw request body.
+ * @param signature - The value of the 'Plain-Request-Signature' header.
+ * @param secret - Your Plain webhook signing secret.
+ * @param tolerance - (Optional) Maximum allowed difference in seconds between the timestamp and the current time. Defaults to 300 seconds. This is helpful to prevent replay attacks.
+ * @returns A Result object containing the validated payload or an error.
+ */
+export function verifyPlainWebhook(payloadRaw, signature, secret, tolerance = 300) {
+    const signatureVerificationResult = verifyWebhookSignature(payloadRaw, signature, secret);
+    if (isErr(signatureVerificationResult)) {
+        return signatureVerificationResult;
+    }
+    const payloadResult = parsePlainWebhook(payloadRaw);
+    if (isErr(payloadResult)) {
+        return payloadResult;
+    }
+    const payload = payloadResult.data;
+    const timestamp = Date.parse(payload.webhookMetadata.webhookDeliveryAttemptTimestamp);
+    if (Number.isNaN(timestamp)) {
+        return {
+            error: new PlainWebhookPayloadError(`Invalid timestamp provided in the webhook payload: ${timestamp}. This is likely a bug in the Plain API (eventId: ${payload.id}).`),
+        };
+    }
+    const currentTime = Date.now();
+    if (Math.abs(currentTime - timestamp) > tolerance * 1000) {
+        return {
+            error: new PlainWebhookSignatureVerificationError(`The timestamp provided in the webhook payload is too far in the past. The maximum allowed difference is ${tolerance} seconds.`),
+        };
+    }
+    return { data: payload };
+}
+function verifyWebhookSignature(payload, signature, secret) {
+    if (payload.length === 0) {
+        return {
+            error: new PlainWebhookSignatureVerificationError("No webhook payload was provided."),
+        };
+    }
+    if (signature.length === 0) {
+        return {
+            error: new PlainWebhookSignatureVerificationError('No signature header value was provided. Please pass the value of the "Plain-Request-Signature" header.'),
+        };
+    }
+    if (secret.length === 0) {
+        return {
+            error: new PlainWebhookSignatureVerificationError("No webhook secret was provided. You can find your webhook secret in your workspace settings."),
+        };
+    }
+    const expectedSignature = crypto
+        .createHmac("sha256", secret)
+        .update(payload, "utf8")
+        .digest("hex");
+    if (signature !== expectedSignature) {
+        return {
+            error: new PlainWebhookSignatureVerificationError("The signature provided is invalid."),
+        };
+    }
+    return { data: true };
+}
+//# sourceMappingURL=verify.js.map

package/dist/verify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.js","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AAEtC,OAAO,EAAe,KAAK,EAAE,MAAM,aAAa,CAAC;AACjD,OAAO,EAEL,wBAAwB,EACxB,sCAAsC,GACvC,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAG/C;;;;;;;;GAQG;AACH,MAAM,UAAU,kBAAkB,CAChC,UAAkB,EAClB,SAAiB,EACjB,MAAc,EACd,SAAS,GAAG,GAAG;IAEf,MAAM,2BAA2B,GAAG,sBAAsB,CAAC,UAAU,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;IAC1F,IAAI,KAAK,CAAC,2BAA2B,CAAC,EAAE,CAAC;QACvC,OAAO,2BAA2B,CAAC;IACrC,CAAC;IAED,MAAM,aAAa,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;IACpD,IAAI,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC;QACzB,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC;IACnC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,eAAe,CAAC,+BAA+B,CAAC,CAAC;IAEtF,IAAI,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5B,OAAO;YACL,KAAK,EAAE,IAAI,wBAAwB,CACjC,sDAAsD,SAAS,qDAAqD,OAAO,CAAC,EAAE,IAAI,CACnI;SACF,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC/B,IAAI,IAAI,CAAC,GAAG,CAAC,WAAW,GAAG,SAAS,CAAC,GAAG,SAAS,GAAG,IAAI,EAAE,CAAC;QACzD,OAAO;YACL,KAAK,EAAE,IAAI,sCAAsC,CAC/C,2GAA2G,SAAS,WAAW,CAChI;SACF,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;AAC3B,CAAC;AAED,SAAS,sBAAsB,CAC7B,OAAe,EACf,SAAiB,EACjB,MAAc;IAEd,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO;YACL,KAAK,EAAE,IAAI,sCAAsC,CAAC,kCAAkC,CAAC;SACtF,CAAC;IACJ,CAAC;IAED,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,OAAO;YACL,KAAK,EAAE,IAAI,sCAAsC,CAC/C,wGAAwG,CACzG;SACF,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO;YACL,KAAK,EAAE,IAAI,sCAAsC,CAC/C,8FAA8F,CAC/F;SACF,CAAC;IACJ,CAAC;IAED,MAAM,iBAAiB,GAAG,MAAM;SAC7B,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC;SAC5B,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC;SACvB,MAAM,CAAC,KAAK,CAAC,CAAC;IAEjB,IAAI,SAAS,KAAK,iBAAiB,EAAE,CAAC;QACpC,OAAO;YACL,KAAK,EAAE,IAAI,sCAAsC,CAAC,oCAAoC,CAAC;SACxF,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACxB,CAAC"}