WebhookParser class requires significant improvement

1. It is incomplete because it does not allow callers to obtain the metadata embedded in the webhook (in particular the webhook ID).
2. It conflates the responsibilities of parsing and signature validation - I should be able to parse a webhook **without** validating its signature.