[MAP-24] Add Golang webhook server example

[tl-marco-tormento]

#47 for Golang, including jwks fetch caching.

Golang webhook server example

A http server than can receive and verify signed TrueLayer webhooks.

Run

Run the server.

go run main.go

Send a valid webhook that was signed for path /hook/d7a2c49d-110a-4ed2-a07d-8fdb3ea6424b.

curl -iX POST -H "Content-Type: application/json" \
    -H "X-Tl-Webhook-Timestamp: 2022-03-11T14:00:33Z" \
    -H "Tl-Signature: eyJhbGciOiJFUzUxMiIsImtpZCI6IjFmYzBlNTlmLWIzMzUtNDdjYS05OWE5LTczNzQ5NTc1NmE1OCIsInRsX3ZlcnNpb24iOiIyIiwidGxfaGVhZGVycyI6IngtdGwtd2ViaG9vay10aW1lc3RhbXAiLCJqa3UiOiJodHRwczovL3dlYmhvb2tzLnRydWVsYXllci5jb20vLndlbGwta25vd24vandrcyJ9..AE_QsBRhnsMkcRzd42wvY1e2HruUhkOgjuZKktGH_WmbD7rBzoaEHUuF36IxyyvCbLajd3MBExNmzjbrOQsGaspwAI5DcGVMFLKUhB7ZzUlTP9up3eNUrdwWyyfBWDQb-qmEuLnrhFDJvgCXEqlV5OLrt-O7LaRAJ4f9KHsZLQ_j2vPC" \
    -d "{\"event_type\":\"payout_settled\",\"event_schema_version\":1,\"event_id\":\"8fb9fb4e-bb2b-400b-af64-59e5dde74bad\",\"event_body\":{\"transaction_id\":\"c34c8721-66a9-49f6-a229-284efcf88a02\",\"settled_at\":\"2022-03-11T14:00:32.933000Z\"}}" \
    http://localhost:7000/hook/d7a2c49d-110a-4ed2-a07d-8fdb3ea6424b

Modifying the X-Tl-Webhook-Timestamp header, the body or the path will cause the above signature to be invalid.

[tl-marco-tormento]

If anyone knows about a better http cache...
This is not actively maintained but it does the job.

[alexheretic]

Where's the readme?

Actually related to that, you should also add links to the main go README too, like

• truelayer-signing/csharp/README.md

  Line 18 in f7b7a25

  See [full example](./examples/sign-request/).

• truelayer-signing/csharp/README.md

  Line 41 in f7b7a25

  See [webhook server example](./examples/webhook-server/).

[tl-flavio-barinas]

Looks good. Just a couple of questions.

[onatm]

Looking good! I've just made a couple of suggestions.