refactor(webhooks): rename misleading SecretHash to ProtectedSecret

src/Host/FSH.Starter.Migrations.PostgreSQL/Webhooks/20260624152035_RenameWebhookSecretHashToProtectedSecret.cs

@@ -0,0 +1,30 @@
+using Microsoft.EntityFrameworkCore.Migrations;
+
+#nullable disable
+
+namespace FSH.Starter.Migrations.PostgreSQL.Webhooks
+{
+    /// <inheritdoc />
+    public partial class RenameWebhookSecretHashToProtectedSecret : Migration
+    {
+        /// <inheritdoc />
+        protected override void Up(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.RenameColumn(
+                name: "SecretHash",
+                schema: "webhooks",
+                table: "Subscriptions",
+                newName: "ProtectedSecret");
+        }
+
+        /// <inheritdoc />
+        protected override void Down(MigrationBuilder migrationBuilder)
+        {
+            migrationBuilder.RenameColumn(
+                name: "ProtectedSecret",
+                schema: "webhooks",
+                table: "Subscriptions",
+                newName: "SecretHash");
+        }
+    }
+}

src/Host/FSH.Starter.Migrations.PostgreSQL/Webhooks/WebhookDbContextModelSnapshot.cs

@@ -18,7 +18,7 @@ protected override void BuildModel(ModelBuilder modelBuilder)
 #pragma warning disable 612, 618
             modelBuilder
                 .HasDefaultSchema("webhooks")
-                .HasAnnotation("ProductVersion", "10.0.5")
+                .HasAnnotation("ProductVersion", "10.0.8")
                 .HasAnnotation("Relational:MaxIdentifierLength", 63);
 
             NpgsqlModelBuilderExtensions.UseIdentityByDefaultColumns(modelBuilder);
@@ -89,7 +89,7 @@ protected override void BuildModel(ModelBuilder modelBuilder)
                     b.Property<bool>("IsActive")
                         .HasColumnType("boolean");
 
-                    b.Property<string>("SecretHash")
+                    b.Property<string>("ProtectedSecret")
                         .HasMaxLength(512)
                         .HasColumnType("character varying(512)");
 

src/Modules/Webhooks/Modules.Webhooks/Data/WebhookSubscriptionConfiguration.cs

@@ -15,7 +15,7 @@ public void Configure(EntityTypeBuilder<WebhookSubscription> builder)
         builder.HasKey(x => x.Id);
         builder.Property(x => x.Url).IsRequired().HasMaxLength(2048);
         builder.Property(x => x.EventsCsv).IsRequired().HasMaxLength(4096);
-        builder.Property(x => x.SecretHash).HasMaxLength(512);
+        builder.Property(x => x.ProtectedSecret).HasMaxLength(512);
         builder.HasIndex(x => x.IsActive);
         builder.Ignore(x => x.DomainEvents);
     }

src/Modules/Webhooks/Modules.Webhooks/Domain/WebhookSubscription.cs

@@ -6,13 +6,13 @@ public sealed class WebhookSubscription : BaseEntity<Guid>
 {
     public string Url { get; private set; } = default!;
     public string EventsCsv { get; private set; } = default!;
-    public string? SecretHash { get; private set; }
+    public string? ProtectedSecret { get; private set; }
     public bool IsActive { get; private set; } = true;
     public DateTime CreatedAtUtc { get; private set; }
 
     private WebhookSubscription() { }
 
-    public static WebhookSubscription Create(string url, string[] events, string? secretHash)
+    public static WebhookSubscription Create(string url, string[] events, string? protectedSecret)
     {
         ArgumentNullException.ThrowIfNull(url);
         ArgumentNullException.ThrowIfNull(events);
@@ -22,7 +22,7 @@ public static WebhookSubscription Create(string url, string[] events, string? se
             Id = Guid.CreateVersion7(),
             Url = url,
             EventsCsv = string.Join(',', events),
-            SecretHash = secretHash,
+            ProtectedSecret = protectedSecret,
             IsActive = true,
             CreatedAtUtc = TimeProvider.System.GetUtcNow().UtcDateTime
         };

src/Modules/Webhooks/Modules.Webhooks/Features/v1/TestWebhookSubscription/TestWebhookSubscriptionCommandHandler.cs

@@ -33,7 +33,7 @@ public async ValueTask<bool> Handle(TestWebhookSubscriptionCommand command, Canc
         await deliveryService.DeliverAsync(
             subscription.Id,
             subscription.Url,
-            secretProtector.Unprotect(subscription.SecretHash),
+            secretProtector.Unprotect(subscription.ProtectedSecret),
             "webhook.test",
             testPayload,
             cancellationToken).ConfigureAwait(false);

src/Modules/Webhooks/Modules.Webhooks/Services/IWebhookDeliveryService.cs

@@ -2,5 +2,5 @@ namespace FSH.Modules.Webhooks.Services;
 
 public interface IWebhookDeliveryService
 {
-    Task DeliverAsync(Guid subscriptionId, string url, string? secretHash, string eventType, string payloadJson, CancellationToken ct = default);
+    Task DeliverAsync(Guid subscriptionId, string url, string? signingSecret, string eventType, string payloadJson, CancellationToken ct = default);
 }

src/Modules/Webhooks/Modules.Webhooks/Services/WebhookDeliveryService.cs

@@ -14,7 +14,7 @@ public sealed class WebhookDeliveryService(
     public async Task DeliverAsync(
         Guid subscriptionId,
         string url,
-        string? secretHash,
+        string? signingSecret,
         string eventType,
         string payloadJson,
         CancellationToken ct = default)
@@ -26,9 +26,9 @@ public async Task DeliverAsync(
         {
             using var content = new StringContent(payloadJson, Encoding.UTF8, new MediaTypeHeaderValue("application/json"));
 
-            if (!string.IsNullOrEmpty(secretHash))
+            if (!string.IsNullOrEmpty(signingSecret))
             {
-                var signature = WebhookPayloadSigner.Sign(payloadJson, secretHash);
+                var signature = WebhookPayloadSigner.Sign(payloadJson, signingSecret);
                 content.Headers.Add("X-Webhook-Signature", signature);
             }
 

src/Modules/Webhooks/Modules.Webhooks/Services/WebhookDispatchJob.cs

@@ -103,7 +103,7 @@ public async Task DispatchAsync(
         try
         {
             using var content = new StringContent(payloadJson, Encoding.UTF8, new MediaTypeHeaderValue("application/json"));
-            var signingSecret = _secretProtector.Unprotect(subscription.SecretHash);
+            var signingSecret = _secretProtector.Unprotect(subscription.ProtectedSecret);
             if (!string.IsNullOrEmpty(signingSecret))
             {
                 content.Headers.Add("X-Webhook-Signature", WebhookPayloadSigner.Sign(payloadJson, signingSecret));

src/Tests/Integration.Tests/Tests/Webhooks/WebhookDeliveryTests.cs

@@ -257,7 +257,7 @@ public async Task DeliverAsync_Should_RecordRowWithoutSignature_When_NoSecretCon
         await service.DeliverAsync(
             subscriptionId,
             "https://no-secret.invalid/hook",
-            secretHash: null,
+            signingSecret: null,
             eventType: "manual.event",
             payloadJson: "{\"manual\":true}",
             ct: CancellationToken.None);

src/Tests/Integration.Tests/Tests/Webhooks/WebhookSubscriptionDomainTests.cs

@@ -29,7 +29,7 @@ public void MatchesEvent_Should_ReturnTrue_When_EventIsInList()
         var subscription = WebhookSubscription.Create(
             "https://example.com/hook",
             new[] { "user.created", "user.updated" },
-            secretHash: null);
+            protectedSecret: null);
 
         // Act & Assert
         subscription.MatchesEvent("user.updated").ShouldBeTrue();
@@ -42,7 +42,7 @@ public void GetEvents_Should_ReturnAllConfiguredEvents_When_MultipleSubscribed()
         var subscription = WebhookSubscription.Create(
             "https://example.com/hook",
             new[] { "a.one", "b.two", "c.three" },
-            secretHash: null);
+            protectedSecret: null);
 
         // Act
         var events = subscription.GetEvents();
@@ -62,7 +62,7 @@ public void MatchesEvent_Should_BeCaseInsensitive_When_CasingDiffers()
         var subscription = WebhookSubscription.Create(
             "https://example.com/hook",
             new[] { "User.Created" },
-            secretHash: null);
+            protectedSecret: null);
 
         // Act & Assert — exact-name matching ignores case.
         subscription.MatchesEvent("user.created").ShouldBeTrue();
@@ -76,7 +76,7 @@ public void MatchesEvent_Should_MatchAnything_When_WildcardSubscribed()
         var subscription = WebhookSubscription.Create(
             "https://example.com/hook",
             new[] { "*" },
-            secretHash: null);
+            protectedSecret: null);
 
         // Act & Assert
         subscription.MatchesEvent("any.unconfigured.event").ShouldBeTrue();
@@ -90,7 +90,7 @@ public void MatchesEvent_Should_ReturnFalse_When_EventNotSubscribed()
         var subscription = WebhookSubscription.Create(
             "https://example.com/hook",
             new[] { "user.created" },
-            secretHash: null);
+            protectedSecret: null);
 
         // Act & Assert
         subscription.MatchesEvent("user.deleted").ShouldBeFalse();
@@ -104,7 +104,7 @@ public void GetEvents_Should_TrimAndDropEmptyEntries_When_CsvHasWhitespaceAndBla
         var subscription = WebhookSubscription.Create(
             "https://example.com/hook",
             new[] { "  spaced.event  ", "", "  ", "tight.event" },
-            secretHash: null);
+            protectedSecret: null);
 
         // Act
         var events = subscription.GetEvents();
@@ -123,7 +123,7 @@ public void Deactivate_Should_SetIsActiveFalse_When_Called()
         var subscription = WebhookSubscription.Create(
             "https://example.com/hook",
             new[] { "user.created" },
-            secretHash: null);
+            protectedSecret: null);
         subscription.IsActive.ShouldBeTrue();
 
         // Act
@@ -140,12 +140,12 @@ public void Create_Should_PopulateFields_And_GenerateId_When_Valid()
         var subscription = WebhookSubscription.Create(
             "https://example.com/hook",
             new[] { "user.created" },
-            secretHash: "hashed-secret");
+            protectedSecret: "protected-secret");
 
         // Assert
         subscription.Id.ShouldNotBe(Guid.Empty);
         subscription.Url.ShouldBe("https://example.com/hook");
-        subscription.SecretHash.ShouldBe("hashed-secret");
+        subscription.ProtectedSecret.ShouldBe("protected-secret");
         subscription.IsActive.ShouldBeTrue();
         subscription.CreatedAtUtc.ShouldNotBe(default);
     }

src/Tests/Webhooks.Tests/Domain/WebhookSubscriptionTests.cs

@@ -12,22 +12,22 @@ public void Create_Should_Populate_Fields_And_Default_Active_When_Valid()
         var sub = WebhookSubscription.Create(
             "https://example.com/hook",
             ["user.created", "user.deleted"],
-            "hashed-secret");
+            "protected-secret");
 
         sub.Url.ShouldBe("https://example.com/hook");
         sub.EventsCsv.ShouldBe("user.created,user.deleted");
-        sub.SecretHash.ShouldBe("hashed-secret");
+        sub.ProtectedSecret.ShouldBe("protected-secret");
         sub.IsActive.ShouldBeTrue();
         sub.Id.ShouldNotBe(Guid.Empty);
         sub.CreatedAtUtc.ShouldNotBe(default);
     }
 
     [Fact]
-    public void Create_Should_Allow_Null_SecretHash()
+    public void Create_Should_Allow_Null_ProtectedSecret()
     {
-        var sub = WebhookSubscription.Create("https://example.com", ["a"], secretHash: null);
+        var sub = WebhookSubscription.Create("https://example.com", ["a"], protectedSecret: null);
 
-        sub.SecretHash.ShouldBeNull();
+        sub.ProtectedSecret.ShouldBeNull();
     }
 
     [Fact]