feat: add paypal-webhooks skill#50
Merged
Merged
Conversation
3 tasks
PayPal uses certificate-based RSA-SHA256 webhook signing rather than HMAC. This skill implements the offline self-verify path (fetch + cache the cert from paypal-cert-url, verify transmissionId|transmissionTime|webhookId|crc32(body) against the cert's public key) and documents the postback verify-webhook-signature API as an alternative. Includes Express, Next.js App Router, and FastAPI examples with end-to-end tests that generate test RSA key pairs and preload the cert cache (47 tests total, all passing). https://claude.ai/code/session_01NNTgQRJss1V7gyzzJ9rjnB
Adds the PayPal row to the Provider Skills table in README.md and a providers.yaml entry (docs URLs, notes, testScenario) so the "Validate New Provider" CI workflow finds the integration files. The integrations were previously only on the prep branch (PR #40); moving them onto each feat PR makes the 12 generated PRs independently mergeable in any order. https://claude.ai/code/session_01NNTgQRJss1V7gyzzJ9rjnB
…ce arg Applies the new project convention from PR #40: use `npx hookdeck-cli listen <port> <source> --path /webhooks/<source>` everywhere instead of `hookdeck listen <port> --path /webhooks/<source>`. Skips the global-install prereq (webhook-skills is provider-neutral) and passes the required `[source]` positional so the command is copy-paste- runnable without falling into an interactive prompt. https://claude.ai/code/session_01NNTgQRJss1V7gyzzJ9rjnB
leggetter
force-pushed
the
feat/paypal-webhooks
branch
from
6ac9e1b to
459b2cf
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a complete
paypal-webhooksprovider skill. PayPal uses certificate-based RSA-SHA256 webhook signing (not HMAC) — this skill implements the offline self-verify path and documents the postback API as an alternative.What's included
skills/paypal-webhooks/SKILL.md— entry pointskills/paypal-webhooks/references/— overview, setup, verification (both paths)skills/paypal-webhooks/examples/— Express, Next.js App Router, FastAPI handlers (47 passing tests across the three)Notes
paypal-transmission-id,paypal-transmission-time,paypal-transmission-sig,paypal-cert-url,paypal-auth-algo(SHA256withRSA)paypal-cert-url(must resolve to apaypal.comdomain)CRC32(raw_body)transmissionId|transmissionTime|webhookId|crc32(body)/v1/notifications/verify-webhook-signature(requires OAuth access token)PAYMENT.CAPTURE.COMPLETED,PAYMENT.SALE.COMPLETED,PAYMENT.CAPTURE.REFUNDED,BILLING.SUBSCRIPTION.CREATED,CHECKOUT.ORDER.APPROVEDTest plan
cd skills/paypal-webhooks/examples/express && npm testcd skills/paypal-webhooks/examples/nextjs && npm testcd skills/paypal-webhooks/examples/fastapi && pytest test_webhook.py -vGeneration details
./scripts/generate-skills.sh generatewith--config providers.yaml(entry added in PR docs: IS_SANDBOX=1 generator note + normative Hookdeck CLI invocation #40)claude-opus-4-7https://claude.ai/code/session_01NNTgQRJss1V7gyzzJ9rjnB
Generated by Claude Code