forge-core 0.9.0

Core types and traits for the Forge framework
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147

use std::future::Future;
use std::pin::Pin;
use std::time::Duration;

use serde::{Deserialize, Serialize};
use serde_json::Value;

use crate::error::Result;

use super::context::WebhookContext;
use super::signature::{IdempotencyConfig, SignatureConfig};

/// Trait for FORGE webhook handlers.
///
/// Webhooks are HTTP endpoints that receive external events (e.g., from Stripe, GitHub).
/// They support signature validation, idempotency, and bypass authentication.
pub trait ForgeWebhook: Send + Sync + 'static {
    /// Get webhook metadata.
    fn info() -> WebhookInfo;

    /// Execute the webhook handler.
    ///
    /// # Arguments
    /// * `ctx` - Webhook context with db, http, and dispatch capabilities
    /// * `payload` - The raw JSON payload from the request body
    fn execute(
        ctx: &WebhookContext,
        payload: Value,
    ) -> Pin<Box<dyn Future<Output = Result<WebhookResult>> + Send + '_>>;
}

/// Webhook metadata.
#[derive(Debug, Clone)]
pub struct WebhookInfo {
    /// Webhook name (used for identification).
    pub name: &'static str,
    /// URL path for the webhook (e.g., "/webhooks/stripe").
    pub path: &'static str,
    /// Signature validation configuration.
    pub signature: Option<SignatureConfig>,
    /// Allow unsigned requests for this webhook.
    ///
    /// Defaults to `false` for security. Only enable for trusted internal callers.
    pub allow_unsigned: bool,
    /// Idempotency configuration.
    pub idempotency: Option<IdempotencyConfig>,
    /// Request timeout.
    pub timeout: Duration,
    /// Default timeout for outbound HTTP requests made by the webhook.
    pub http_timeout: Option<Duration>,
}

impl Default for WebhookInfo {
    fn default() -> Self {
        Self {
            name: "",
            path: "",
            signature: None,
            allow_unsigned: false,
            idempotency: None,
            timeout: Duration::from_secs(30),
            http_timeout: None,
        }
    }
}

/// Result returned by webhook handlers.
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(tag = "status")]
pub enum WebhookResult {
    /// Request processed successfully (HTTP 200).
    #[serde(rename = "ok")]
    Ok,
    /// Request accepted for async processing (HTTP 202).
    #[serde(rename = "accepted")]
    Accepted,
    /// Custom response with specific status and body.
    #[serde(rename = "custom")]
    Custom {
        /// HTTP status code.
        status_code: u16,
        /// Response body.
        body: Value,
    },
}

impl WebhookResult {
    /// Get the HTTP status code for this result.
    pub fn status_code(&self) -> u16 {
        match self {
            Self::Ok => 200,
            Self::Accepted => 202,
            Self::Custom { status_code, .. } => *status_code,
        }
    }

    /// Get the response body.
    pub fn body(&self) -> Value {
        match self {
            Self::Ok => serde_json::json!({"status": "ok"}),
            Self::Accepted => serde_json::json!({"status": "accepted"}),
            Self::Custom { body, .. } => body.clone(),
        }
    }
}

#[cfg(test)]
#[allow(clippy::unwrap_used, clippy::indexing_slicing)]
mod tests {
    use super::*;

    #[test]
    fn test_default_webhook_info() {
        let info = WebhookInfo::default();
        assert!(info.signature.is_none());
        assert!(!info.allow_unsigned);
        assert!(info.idempotency.is_none());
        assert_eq!(info.timeout, Duration::from_secs(30));
        assert_eq!(info.http_timeout, None);
    }

    #[test]
    fn test_webhook_result_status_codes() {
        assert_eq!(WebhookResult::Ok.status_code(), 200);
        assert_eq!(WebhookResult::Accepted.status_code(), 202);
        assert_eq!(
            WebhookResult::Custom {
                status_code: 400,
                body: serde_json::json!({"error": "bad request"})
            }
            .status_code(),
            400
        );
    }

    #[test]
    fn test_webhook_result_body() {
        assert_eq!(
            WebhookResult::Ok.body(),
            serde_json::json!({"status": "ok"})
        );
        assert_eq!(
            WebhookResult::Accepted.body(),
            serde_json::json!({"status": "accepted"})
        );
    }
}