Class: X402::CdpFacilitatorAuth
- Inherits:
-
Object
- Object
- X402::CdpFacilitatorAuth
- Defined in:
- lib/x402/cdp_facilitator_auth.rb
Overview
Bearer JWT auth for the Coinbase CDP facilitator, mirroring @coinbase/cdp-sdk generateJwt: per-request, URI-bound claims, signed with ES256 (PEM EC key) or EdDSA (base64 Ed25519 seed+public key).
Applied automatically by FacilitatorClient when the configured facilitator
host is api.cdp.coinbase.com. Credentials come from config.cdp_api_key_id
and config.cdp_api_key_secret (or the CDP_API_KEY_ID / CDP_API_KEY_SECRET
env vars CDP's own SDKs use). Other facilitators are untouched.
Constant Summary collapse
- CDP_HOST =
"api.cdp.coinbase.com"- EXPIRY_SECONDS =
120
Class Method Summary collapse
Class Method Details
.headers_for(facilitator_url:, http_method:, endpoint:) ⇒ Object
20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 |
# File 'lib/x402/cdp_facilitator_auth.rb', line 20 def headers_for(facilitator_url:, http_method:, endpoint:) uri = URI(facilitator_url) return {} unless uri.host == CDP_HOST config = X402.configuration key_id = config.cdp_api_key_id secret = config.cdp_api_key_secret if key_id.nil? || key_id.empty? || secret.nil? || secret.empty? X402.logger.error( "[x402] CDP facilitator requires cdp_api_key_id and cdp_api_key_secret " \ "(or CDP_API_KEY_ID / CDP_API_KEY_SECRET); sending the request unauthenticated", ) return {} end jwt = bearer_jwt( key_id: key_id, secret: secret, http_method: http_method, request_host: uri.host, request_path: "#{uri.path}/#{endpoint}", ) jwt ? { "Authorization" => "Bearer #{jwt}" } : {} end |