fraiseql-server 2.0.0-alpha.1

HTTP server for FraiseQL v2 GraphQL engine
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106

//! Testing seams for webhook dependencies.
//!
//! All external dependencies are abstracted behind traits for easy testing.

use async_trait::async_trait;
use serde_json::Value;
use sqlx::{Postgres, Transaction};

use super::{Result, signature::SignatureError};

/// Signature verification abstraction for testing
#[async_trait]
pub trait SignatureVerifier: Send + Sync {
    /// Provider name (e.g., "stripe", "github")
    fn name(&self) -> &'static str;

    /// Header name containing the signature
    fn signature_header(&self) -> &'static str;

    /// Verify the signature
    ///
    /// # Arguments
    ///
    /// * `payload` - Raw request body bytes
    /// * `signature` - Signature from header
    /// * `secret` - Webhook signing secret
    /// * `timestamp` - Optional timestamp from headers (for replay protection)
    ///
    /// # Returns
    ///
    /// `Ok(true)` if signature is valid, `Ok(false)` if invalid, `Err` for format errors
    fn verify(
        &self,
        payload: &[u8],
        signature: &str,
        secret: &str,
        timestamp: Option<&str>,
    ) -> std::result::Result<bool, SignatureError>;

    /// Optional: Extract timestamp from signature or headers
    fn extract_timestamp(&self, _signature: &str) -> Option<i64> {
        None
    }
}

/// Idempotency store abstraction for testing
#[async_trait]
pub trait IdempotencyStore: Send + Sync {
    /// Check if event has already been processed
    async fn check(&self, provider: &str, event_id: &str) -> Result<bool>;

    /// Record processed event
    async fn record(
        &self,
        provider: &str,
        event_id: &str,
        event_type: &str,
        status: &str,
    ) -> Result<uuid::Uuid>;

    /// Update event status
    async fn update_status(
        &self,
        provider: &str,
        event_id: &str,
        status: &str,
        error: Option<&str>,
    ) -> Result<()>;
}

/// Secret provider abstraction for testing
#[async_trait]
pub trait SecretProvider: Send + Sync {
    /// Get webhook secret by name
    async fn get_secret(&self, name: &str) -> Result<String>;
}

/// Event handler abstraction for testing
#[async_trait]
pub trait EventHandler: Send + Sync {
    /// Handle webhook event by calling database function
    async fn handle(
        &self,
        function_name: &str,
        params: Value,
        tx: &mut Transaction<'_, Postgres>,
    ) -> Result<Value>;
}

/// Clock abstraction for testing timestamp validation
pub trait Clock: Send + Sync {
    /// Get current Unix timestamp
    fn now(&self) -> i64;
}

/// System clock implementation
pub struct SystemClock;

impl Clock for SystemClock {
    fn now(&self) -> i64 {
        std::time::SystemTime::now()
            .duration_since(std::time::UNIX_EPOCH)
            .unwrap()
            .as_secs() as i64
    }
}