Replace node crypto with Web Crypto API for webhook signature verification

[przemek-commerce-ui]

Currently this package can't be used on edge enviroments because of node crypto module being used to verify webhook signature. the same feature can be implemented using Web Crypto API.

example implementation

export const createHmacSha256 = async (
  key: string,
  message: string,
): Promise<string> => {
  const enc = new TextEncoder()

  const cryptoKey = await crypto.subtle.importKey(
    'raw',
    enc.encode(key),
    {
      name: 'HMAC',
      hash: 'SHA-256',
    },
    false,
    ['sign'],
  )

  const signature = await crypto.subtle.sign(
    'HMAC',
    cryptoKey,
    enc.encode(message),
  )

  // Convert the signature (ArrayBuffer) to a hex string
  return Array.from(new Uint8Array(signature))
    .map((b) => b.toString(16).padStart(2, '0'))
    .join('')
}

[vaneworks]

+1 For this, this is forcing unwanted workarounds for backends like Convex as well