feat: add build.rs pubkey embedding and webhook license/v1 endpoints

services/license-webhook-ingress/src/main/java/cn/craftlabs/platform/webhook/license/LicenseController.java

@@ -0,0 +1,61 @@
+package cn.craftlabs.platform.webhook.license;
+
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+import java.util.Map;
+
+@RestController
+@RequestMapping("/license/v1")
+public class LicenseController {
+
+    @PostMapping("/activate")
+    public ResponseEntity<Map<String, Object>> activate(
+            @RequestHeader(value = "Authorization", required = false) String auth,
+            @RequestHeader(value = "X-Craft-Nonce", required = false) String nonce,
+            @RequestHeader(value = "X-Craft-Timestamp", required = false) String timestamp,
+            @RequestHeader(value = "X-Craft-Signature", required = false) String signature,
+            @RequestBody Map<String, Object> request) {
+
+        // Phase 1 MVP: accept all activations
+        String licenseKey = (String) request.getOrDefault("license_key", "unknown");
+        @SuppressWarnings("unchecked")
+        Map<String, Object> fp = (Map<String, Object>) request.get("device_fingerprint");
+        String deviceHash = fp != null ? (String) fp.getOrDefault("composite_hash", "HC-unknown") : "HC-unknown";
+
+        Map<String, Object> response = new java.util.HashMap<>();
+        response.put("status", "activated");
+        response.put("device_id", deviceHash);
+        response.put("license_payload", "{\"placeholder\":true,\"note\":\"replace with real license JSON\"}");
+        return ResponseEntity.ok(response);
+    }
+
+    @PostMapping("/heartbeat")
+    public ResponseEntity<Map<String, Object>> heartbeat(
+            @RequestHeader(value = "Authorization", required = false) String auth,
+            @RequestHeader(value = "X-Craft-Nonce", required = false) String nonce,
+            @RequestHeader(value = "X-Craft-Timestamp", required = false) String timestamp,
+            @RequestHeader(value = "X-Craft-Signature", required = false) String signature,
+            @RequestBody Map<String, Object> request) {
+
+        Map<String, Object> response = new java.util.HashMap<>();
+        response.put("status", "ok");
+        response.put("lease_renewed_until", java.time.Instant.now().plus(java.time.Duration.ofHours(24)).toString());
+        response.put("update_available", false);
+        return ResponseEntity.ok(response);
+    }
+
+    @PostMapping("/check")
+    public ResponseEntity<Map<String, Object>> check(@RequestBody Map<String, Object> request) {
+        Map<String, Object> response = new java.util.HashMap<>();
+        response.put("status", "valid");
+        response.put("not_after", java.time.Instant.now().plus(java.time.Duration.ofDays(365)).toString());
+        return ResponseEntity.ok(response);
+    }
+
+    @PostMapping("/release")
+    public ResponseEntity<Map<String, Object>> release(@RequestBody Map<String, Object> request) {
+        Map<String, Object> response = new java.util.HashMap<>();
+        response.put("status", "released");
+        return ResponseEntity.ok(response);
+    }
+}