@coinbase/cdp-sdk 1.3.2 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +6 -0
- package/_cjs/auth/index.js +1 -0
- package/_cjs/auth/index.js.map +1 -1
- package/_cjs/auth/utils/http.js +2 -0
- package/_cjs/auth/utils/http.js.map +1 -1
- package/_cjs/auth/utils/index.js +1 -0
- package/_cjs/auth/utils/index.js.map +1 -1
- package/_cjs/auth/utils/jwt.js +16 -6
- package/_cjs/auth/utils/jwt.js.map +1 -1
- package/_cjs/auth/utils/ws.js +31 -0
- package/_cjs/auth/utils/ws.js.map +1 -0
- package/_cjs/version.js +1 -1
- package/_esm/auth/index.js +1 -0
- package/_esm/auth/index.js.map +1 -1
- package/_esm/auth/utils/http.js +2 -1
- package/_esm/auth/utils/http.js.map +1 -1
- package/_esm/auth/utils/index.js +1 -0
- package/_esm/auth/utils/index.js.map +1 -1
- package/_esm/auth/utils/jwt.js +16 -6
- package/_esm/auth/utils/jwt.js.map +1 -1
- package/_esm/auth/utils/ws.js +28 -0
- package/_esm/auth/utils/ws.js.map +1 -0
- package/_esm/version.js +1 -1
- package/_types/auth/index.d.ts +1 -0
- package/_types/auth/index.d.ts.map +1 -1
- package/_types/auth/utils/http.d.ts +12 -0
- package/_types/auth/utils/http.d.ts.map +1 -1
- package/_types/auth/utils/index.d.ts +1 -0
- package/_types/auth/utils/index.d.ts.map +1 -1
- package/_types/auth/utils/jwt.d.ts +13 -7
- package/_types/auth/utils/jwt.d.ts.map +1 -1
- package/_types/auth/utils/ws.d.ts +45 -0
- package/_types/auth/utils/ws.d.ts.map +1 -0
- package/_types/version.d.ts +1 -1
- package/auth/README.md +18 -3
- package/auth/index.ts +1 -0
- package/auth/utils/http.ts +7 -1
- package/auth/utils/index.ts +1 -0
- package/auth/utils/jwt.ts +36 -13
- package/auth/utils/ws.ts +76 -0
- package/package.json +1 -1
- package/version.ts +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,11 @@
|
|
|
1
1
|
# CDP SDK Changelog
|
|
2
2
|
|
|
3
|
+
## 1.4.0
|
|
4
|
+
|
|
5
|
+
### Minor Changes
|
|
6
|
+
|
|
7
|
+
- [#75](https://github.com/coinbase/cdp-sdk/pull/75) [`bb056f6`](https://github.com/coinbase/cdp-sdk/commit/bb056f60c3873a399f8721a953edeaed2a868d76) Thanks [@derek-cb](https://github.com/derek-cb)! - Added the ability to generate JWTs intended for Websocket connections Added the ability to pass the "audience" JWT claim as an optional param
|
|
8
|
+
|
|
3
9
|
## 1.3.2
|
|
4
10
|
|
|
5
11
|
### Patch Changes
|
package/_cjs/auth/index.js
CHANGED
|
@@ -41,4 +41,5 @@ const axiosHooks = __importStar(require("./hooks/axios/index.js"));
|
|
|
41
41
|
exports.axiosHooks = axiosHooks;
|
|
42
42
|
__exportStar(require("./utils/http.js"), exports);
|
|
43
43
|
__exportStar(require("./utils/jwt.js"), exports);
|
|
44
|
+
__exportStar(require("./utils/ws.js"), exports);
|
|
44
45
|
//# sourceMappingURL=index.js.map
|
package/_cjs/auth/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../auth/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,mEAAqD;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../auth/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,mEAAqD;AAK5C,gCAAU;AAHnB,kDAAgC;AAChC,iDAA+B;AAC/B,gDAA8B"}
|
package/_cjs/auth/utils/http.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.getAuthHeaders = getAuthHeaders;
|
|
4
|
+
exports.getCorrelationData = getCorrelationData;
|
|
4
5
|
const jwt_js_1 = require("./jwt.js");
|
|
5
6
|
const version_js_1 = require("../../version.js");
|
|
6
7
|
/**
|
|
@@ -19,6 +20,7 @@ async function getAuthHeaders(options) {
|
|
|
19
20
|
requestHost: options.requestHost,
|
|
20
21
|
requestPath: options.requestPath,
|
|
21
22
|
expiresIn: options.expiresIn,
|
|
23
|
+
audience: options.audience,
|
|
22
24
|
});
|
|
23
25
|
headers["Authorization"] = `Bearer ${jwt}`;
|
|
24
26
|
headers["Content-Type"] = "application/json";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"http.js","sourceRoot":"","sources":["../../../auth/utils/http.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"http.js","sourceRoot":"","sources":["../../../auth/utils/http.ts"],"names":[],"mappings":";;AA6EA,wCAwCC;AAsBD,gDAYC;AAvJD,qCAA0D;AAC1D,iDAA2C;AAsE3C;;;;;GAKG;AACI,KAAK,UAAU,cAAc,CAClC,OAA8B;IAE9B,MAAM,OAAO,GAA2B,EAAE,CAAC;IAE3C,6BAA6B;IAC7B,MAAM,GAAG,GAAG,MAAM,IAAA,oBAAW,EAAC;QAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;KAC3B,CAAC,CAAC;IACH,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,GAAG,EAAE,CAAC;IAC3C,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;IAE7C,4BAA4B;IAC5B,IAAI,kBAAkB,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QACnE,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CACb,4IAA4I,CAC7I,CAAC;QACJ,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,IAAA,0BAAiB,EAAC;YAC9C,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,aAAa,EAAE,OAAO,CAAC,aAAa;YACpC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,EAAE;SACvC,CAAC,CAAC;QACH,OAAO,CAAC,eAAe,CAAC,GAAG,eAAe,CAAC;IAC7C,CAAC;IAED,uBAAuB;IACvB,OAAO,CAAC,qBAAqB,CAAC,GAAG,kBAAkB,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAE3F,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;;GAMG;AACH,SAAS,kBAAkB,CAAC,aAAqB,EAAE,WAAmB;IACpE,OAAO,CACL,WAAW,EAAE,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,aAAa,KAAK,MAAM,IAAI,aAAa,KAAK,QAAQ,CAAC,CAC/F,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,kBAAkB,CAAC,MAAe,EAAE,aAAsB;IACxE,MAAM,IAAI,GAAG;QACX,WAAW,EAAE,oBAAO;QACpB,YAAY,EAAE,YAAY;QAC1B,MAAM,EAAE,MAAM,IAAI,UAAU;KAC7B,CAAC;IACF,IAAI,aAAa,EAAE,CAAC;QAClB,IAAI,CAAC,gBAAgB,CAAC,GAAG,aAAa,CAAC;IACzC,CAAC;IACD,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC;SACrB,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,IAAI,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;SACrD,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC"}
|
package/_cjs/auth/utils/index.js
CHANGED
|
@@ -16,4 +16,5 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
17
|
__exportStar(require("./http.js"), exports);
|
|
18
18
|
__exportStar(require("./jwt.js"), exports);
|
|
19
|
+
__exportStar(require("./ws.js"), exports);
|
|
19
20
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../auth/utils/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,4CAA0B;AAC1B,2CAAyB"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../auth/utils/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,4CAA0B;AAC1B,2CAAyB;AACzB,0CAAwB"}
|
package/_cjs/auth/utils/jwt.js
CHANGED
|
@@ -41,7 +41,9 @@ const jose_1 = require("jose");
|
|
|
41
41
|
const errors_js_1 = require("../errors.js");
|
|
42
42
|
/**
|
|
43
43
|
* Generates a JWT (also known as a Bearer token) for authenticating with Coinbase's REST APIs.
|
|
44
|
-
* Supports both EC (ES256) and Ed25519 (EdDSA) keys.
|
|
44
|
+
* Supports both EC (ES256) and Ed25519 (EdDSA) keys. Also supports JWTs meant for
|
|
45
|
+
* websocket connections by allowing requestMethod, requestHost, and requestPath to all be
|
|
46
|
+
* null, in which case the 'uris' claim is omitted from the JWT.
|
|
45
47
|
*
|
|
46
48
|
* @param options - The configuration options for generating the JWT
|
|
47
49
|
* @returns The generated JWT (Bearer token) string
|
|
@@ -55,19 +57,27 @@ async function generateJwt(options) {
|
|
|
55
57
|
if (!options.apiKeySecret) {
|
|
56
58
|
throw new Error("Private key is required");
|
|
57
59
|
}
|
|
58
|
-
if
|
|
59
|
-
|
|
60
|
+
// Check if we have a REST API request or a websocket connection
|
|
61
|
+
const hasAllRequestParams = Boolean(options.requestMethod && options.requestHost && options.requestPath);
|
|
62
|
+
const hasNoRequestParams = (options.requestMethod === undefined || options.requestMethod === null) &&
|
|
63
|
+
(options.requestHost === undefined || options.requestHost === null) &&
|
|
64
|
+
(options.requestPath === undefined || options.requestPath === null);
|
|
65
|
+
// Ensure we either have all request parameters or none (for websocket)
|
|
66
|
+
if (!hasAllRequestParams && !hasNoRequestParams) {
|
|
67
|
+
throw new Error("Either all request details (method, host, path) must be provided, or all must be null for JWTs intended for websocket connections");
|
|
60
68
|
}
|
|
61
69
|
const now = Math.floor(Date.now() / 1000);
|
|
62
70
|
const expiresIn = options.expiresIn || 120; // Default to 120 seconds if not specified
|
|
63
|
-
const uri = `${options.requestMethod} ${options.requestHost}${options.requestPath}`;
|
|
64
71
|
// Prepare the JWT payload
|
|
65
72
|
const claims = {
|
|
66
73
|
sub: options.apiKeyId,
|
|
67
74
|
iss: "cdp",
|
|
68
|
-
aud: ["cdp_service"],
|
|
69
|
-
uris: [uri],
|
|
75
|
+
aud: options.audience || ["cdp_service"],
|
|
70
76
|
};
|
|
77
|
+
// Add the uris claim only for REST API requests
|
|
78
|
+
if (hasAllRequestParams) {
|
|
79
|
+
claims.uris = [`${options.requestMethod} ${options.requestHost}${options.requestPath}`];
|
|
80
|
+
}
|
|
71
81
|
// Generate random nonce for the header
|
|
72
82
|
const randomNonce = nonce();
|
|
73
83
|
// Determine if we're using EC or Edwards key based on the key format
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.js","sourceRoot":"","sources":["../../../auth/utils/jwt.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"jwt.js","sourceRoot":"","sources":["../../../auth/utils/jwt.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAuGA,kCAiEC;AAWD,8CAiCC;AApND,+CAAiC;AACjC,mCAA0C;AAE1C,+BAAmE;AAEnE,4CAA0F;AAwF1F;;;;;;;;;GASG;AACI,KAAK,UAAU,WAAW,CAAC,OAAmB;IACnD,+BAA+B;IAC/B,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IAC1C,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IAED,gEAAgE;IAChE,MAAM,mBAAmB,GAAG,OAAO,CACjC,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,WAAW,CACpE,CAAC;IACF,MAAM,kBAAkB,GACtB,CAAC,OAAO,CAAC,aAAa,KAAK,SAAS,IAAI,OAAO,CAAC,aAAa,KAAK,IAAI,CAAC;QACvE,CAAC,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,IAAI,CAAC;QACnE,CAAC,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,IAAI,CAAC,CAAC;IAEtE,uEAAuE;IACvE,IAAI,CAAC,mBAAmB,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CACb,mIAAmI,CACpI,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,GAAG,CAAC,CAAC,0CAA0C;IAEtF,0BAA0B;IAC1B,MAAM,MAAM,GAAe;QACzB,GAAG,EAAE,OAAO,CAAC,QAAQ;QACrB,GAAG,EAAE,KAAK;QACV,GAAG,EAAE,OAAO,CAAC,QAAQ,IAAI,CAAC,aAAa,CAAC;KACzC,CAAC;IAEF,gDAAgD;IAChD,IAAI,mBAAmB,EAAE,CAAC;QACxB,MAAM,CAAC,IAAI,GAAG,CAAC,GAAG,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;IAC1F,CAAC;IAED,uCAAuC;IACvC,MAAM,WAAW,GAAG,KAAK,EAAE,CAAC;IAE5B,qEAAqE;IACrE,IAAI,YAAY,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QACvC,OAAO,MAAM,UAAU,CACrB,OAAO,CAAC,YAAY,EACpB,OAAO,CAAC,QAAQ,EAChB,MAAM,EACN,GAAG,EACH,SAAS,EACT,WAAW,CACZ,CAAC;IACJ,CAAC;SAAM,IAAI,iBAAiB,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QACnD,OAAO,MAAM,eAAe,CAC1B,OAAO,CAAC,YAAY,EACpB,OAAO,CAAC,QAAQ,EAChB,MAAM,EACN,GAAG,EACH,SAAS,EACT,WAAW,CACZ,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;IAC1F,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACI,KAAK,UAAU,iBAAiB,CAAC,OAAyB;IAC/D,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;QAC1B,MAAM,IAAI,sCAA0B,CAAC,8BAA8B,CAAC,CAAC;IACvE,CAAC;IAED,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IACpF,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAe;QACzB,IAAI,EAAE,CAAC,GAAG,CAAC;KACZ,CAAC;IAEF,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChD,MAAM,CAAC,GAAG,GAAG,OAAO,CAAC,WAAW,CAAC;IACnC,CAAC;IAED,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,IAAA,yBAAgB,EAAC;YAC7B,GAAG,EAAE,OAAO,CAAC,YAAY;YACzB,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,OAAO;YACb,QAAQ,EAAE,QAAQ;SACnB,CAAC,CAAC;QAEH,OAAO,MAAM,IAAI,cAAO,CAAC,MAAM,CAAC;aAC7B,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;aAChD,WAAW,CAAC,GAAG,CAAC;aAChB,YAAY,CAAC,GAAG,CAAC;aACjB,MAAM,CAAC,KAAK,EAAE,CAAC;aACf,IAAI,CAAC,KAAK,CAAC,CAAC;IACjB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,0CAA8B,CAAC,+BAA+B,GAAG,KAAK,CAAC,CAAC;IACpF,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,iBAAiB,CAAC,GAAW;IACpC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAC3C,OAAO,OAAO,CAAC,MAAM,KAAK,EAAE,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,YAAY,CAAC,GAAW;IAC/B,IAAI,CAAC;QACH,iEAAiE;QACjE,MAAM,GAAG,GAAG,IAAA,yBAAgB,EAAC,GAAG,CAAC,CAAC;QAClC,+DAA+D;QAC/D,OAAO,GAAG,CAAC,iBAAiB,KAAK,IAAI,CAAC;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;;;;GAWG;AACH,KAAK,UAAU,UAAU,CACvB,UAAkB,EAClB,OAAe,EACf,MAAkB,EAClB,GAAW,EACX,SAAiB,EACjB,KAAa;IAEb,IAAI,CAAC;QACH,0BAA0B;QAC1B,MAAM,MAAM,GAAG,IAAA,yBAAgB,EAAC,UAAU,CAAC,CAAC;QAC5C,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC;QAE5E,6BAA6B;QAC7B,MAAM,KAAK,GAAG,MAAM,IAAA,kBAAW,EAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAEnD,0BAA0B;QAC1B,OAAO,MAAM,IAAI,cAAO,CAAC,MAAM,CAAC;aAC7B,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;aACrE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;aAC5B,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;aAC7B,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,SAAS,CAAC,CAAC;aAC9C,IAAI,CAAC,KAAK,CAAC,CAAC;IACjB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,8BAA+B,KAAe,CAAC,OAAO,EAAE,CAAC,CAAC;IAC5E,CAAC;AACH,CAAC;AAED;;;;;;;;;;;GAWG;AACH,KAAK,UAAU,eAAe,CAC5B,UAAkB,EAClB,OAAe,EACf,MAAkB,EAClB,GAAW,EACX,SAAiB,EACjB,KAAa;IAEb,IAAI,CAAC;QACH,8EAA8E;QAC9E,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAClD,IAAI,OAAO,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACrC,MAAM,SAAS,GAAG,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAEvC,qCAAqC;QACrC,MAAM,GAAG,GAAG;YACV,GAAG,EAAE,KAAK;YACV,GAAG,EAAE,SAAS;YACd,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC7B,CAAC,EAAE,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC;SACnC,CAAC;QAEF,6BAA6B;QAC7B,MAAM,GAAG,GAAG,MAAM,IAAA,gBAAS,EAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE1C,0BAA0B;QAC1B,OAAO,MAAM,IAAI,cAAO,CAAC,MAAM,CAAC;aAC7B,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;aACrE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;aAC5B,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;aAC7B,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,SAAS,CAAC,CAAC;aAC9C,IAAI,CAAC,GAAG,CAAC,CAAC;IACf,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,mCAAoC,KAAe,CAAC,OAAO,EAAE,CAAC,CAAC;IACjF,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,KAAK;IACZ,OAAO,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAChD,CAAC"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.getWebSocketAuthHeaders = getWebSocketAuthHeaders;
|
|
4
|
+
const http_js_1 = require("./http.js");
|
|
5
|
+
const jwt_js_1 = require("./jwt.js");
|
|
6
|
+
/**
|
|
7
|
+
* Gets authentication headers for a WebSocket connection.
|
|
8
|
+
*
|
|
9
|
+
* @param options - The configuration options for generating WebSocket auth headers
|
|
10
|
+
* @returns Object containing the authentication headers
|
|
11
|
+
*/
|
|
12
|
+
async function getWebSocketAuthHeaders(options) {
|
|
13
|
+
const headers = {};
|
|
14
|
+
// Generate and add JWT token without request parameters for WebSocket
|
|
15
|
+
const jwt = await (0, jwt_js_1.generateJwt)({
|
|
16
|
+
apiKeyId: options.apiKeyId,
|
|
17
|
+
apiKeySecret: options.apiKeySecret,
|
|
18
|
+
// All request parameters are null for WebSocket
|
|
19
|
+
requestMethod: null,
|
|
20
|
+
requestHost: null,
|
|
21
|
+
requestPath: null,
|
|
22
|
+
expiresIn: options.expiresIn,
|
|
23
|
+
audience: options.audience,
|
|
24
|
+
});
|
|
25
|
+
headers["Authorization"] = `Bearer ${jwt}`;
|
|
26
|
+
headers["Content-Type"] = "application/json";
|
|
27
|
+
// Add correlation data
|
|
28
|
+
headers["Correlation-Context"] = (0, http_js_1.getCorrelationData)(options.source, options.sourceVersion);
|
|
29
|
+
return headers;
|
|
30
|
+
}
|
|
31
|
+
//# sourceMappingURL=ws.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ws.js","sourceRoot":"","sources":["../../../auth/utils/ws.ts"],"names":[],"mappings":";;AAoDA,0DAuBC;AA3ED,uCAA+C;AAC/C,qCAAuC;AA6CvC;;;;;GAKG;AACI,KAAK,UAAU,uBAAuB,CAC3C,OAAuC;IAEvC,MAAM,OAAO,GAA2B,EAAE,CAAC;IAE3C,sEAAsE;IACtE,MAAM,GAAG,GAAG,MAAM,IAAA,oBAAW,EAAC;QAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,gDAAgD;QAChD,aAAa,EAAE,IAAI;QACnB,WAAW,EAAE,IAAI;QACjB,WAAW,EAAE,IAAI;QACjB,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;KAC3B,CAAC,CAAC;IACH,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,GAAG,EAAE,CAAC;IAC3C,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;IAE7C,uBAAuB;IACvB,OAAO,CAAC,qBAAqB,CAAC,GAAG,IAAA,4BAAkB,EAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAE3F,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
package/_cjs/version.js
CHANGED
package/_esm/auth/index.js
CHANGED
package/_esm/auth/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,UAAU,MAAM,wBAAwB,CAAC;AAErD,cAAc,iBAAiB,CAAC;AAChC,cAAc,gBAAgB,CAAC;AAC/B,OAAO,EAAE,UAAU,EAAE,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,UAAU,MAAM,wBAAwB,CAAC;AAErD,cAAc,iBAAiB,CAAC;AAChC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,eAAe,CAAC;AAC9B,OAAO,EAAE,UAAU,EAAE,CAAC"}
|
package/_esm/auth/utils/http.js
CHANGED
|
@@ -16,6 +16,7 @@ export async function getAuthHeaders(options) {
|
|
|
16
16
|
requestHost: options.requestHost,
|
|
17
17
|
requestPath: options.requestPath,
|
|
18
18
|
expiresIn: options.expiresIn,
|
|
19
|
+
audience: options.audience,
|
|
19
20
|
});
|
|
20
21
|
headers["Authorization"] = `Bearer ${jwt}`;
|
|
21
22
|
headers["Content-Type"] = "application/json";
|
|
@@ -54,7 +55,7 @@ function requiresWalletAuth(requestMethod, requestPath) {
|
|
|
54
55
|
* @param sourceVersion - The version of the source making the request
|
|
55
56
|
* @returns Encoded correlation data as a query string
|
|
56
57
|
*/
|
|
57
|
-
function getCorrelationData(source, sourceVersion) {
|
|
58
|
+
export function getCorrelationData(source, sourceVersion) {
|
|
58
59
|
const data = {
|
|
59
60
|
sdk_version: version,
|
|
60
61
|
sdk_language: "typescript",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"http.js","sourceRoot":"","sources":["../../../auth/utils/http.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAC1D,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"http.js","sourceRoot":"","sources":["../../../auth/utils/http.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AAC1D,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAsE3C;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,OAA8B;IAE9B,MAAM,OAAO,GAA2B,EAAE,CAAC;IAE3C,6BAA6B;IAC7B,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC;QAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;KAC3B,CAAC,CAAC;IACH,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,GAAG,EAAE,CAAC;IAC3C,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;IAE7C,4BAA4B;IAC5B,IAAI,kBAAkB,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QACnE,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CACb,4IAA4I,CAC7I,CAAC;QACJ,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,iBAAiB,CAAC;YAC9C,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,aAAa,EAAE,OAAO,CAAC,aAAa;YACpC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,EAAE;SACvC,CAAC,CAAC;QACH,OAAO,CAAC,eAAe,CAAC,GAAG,eAAe,CAAC;IAC7C,CAAC;IAED,uBAAuB;IACvB,OAAO,CAAC,qBAAqB,CAAC,GAAG,kBAAkB,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAE3F,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;;GAMG;AACH,SAAS,kBAAkB,CAAC,aAAqB,EAAE,WAAmB;IACpE,OAAO,CACL,WAAW,EAAE,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,aAAa,KAAK,MAAM,IAAI,aAAa,KAAK,QAAQ,CAAC,CAC/F,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,kBAAkB,CAAC,MAAe,EAAE,aAAsB;IACxE,MAAM,IAAI,GAAG;QACX,WAAW,EAAE,OAAO;QACpB,YAAY,EAAE,YAAY;QAC1B,MAAM,EAAE,MAAM,IAAI,UAAU;KAC7B,CAAC;IACF,IAAI,aAAa,EAAE,CAAC;QAClB,IAAI,CAAC,gBAAgB,CAAC,GAAG,aAAa,CAAC;IACzC,CAAC;IACD,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC;SACrB,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,IAAI,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;SACrD,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC"}
|
package/_esm/auth/utils/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../auth/utils/index.ts"],"names":[],"mappings":"AAAA,cAAc,WAAW,CAAC;AAC1B,cAAc,UAAU,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../auth/utils/index.ts"],"names":[],"mappings":"AAAA,cAAc,WAAW,CAAC;AAC1B,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC"}
|
package/_esm/auth/utils/jwt.js
CHANGED
|
@@ -4,7 +4,9 @@ import { SignJWT, importPKCS8, importJWK } from "jose";
|
|
|
4
4
|
import { InvalidWalletSecretFormatError, UndefinedWalletSecretError } from "../errors.js";
|
|
5
5
|
/**
|
|
6
6
|
* Generates a JWT (also known as a Bearer token) for authenticating with Coinbase's REST APIs.
|
|
7
|
-
* Supports both EC (ES256) and Ed25519 (EdDSA) keys.
|
|
7
|
+
* Supports both EC (ES256) and Ed25519 (EdDSA) keys. Also supports JWTs meant for
|
|
8
|
+
* websocket connections by allowing requestMethod, requestHost, and requestPath to all be
|
|
9
|
+
* null, in which case the 'uris' claim is omitted from the JWT.
|
|
8
10
|
*
|
|
9
11
|
* @param options - The configuration options for generating the JWT
|
|
10
12
|
* @returns The generated JWT (Bearer token) string
|
|
@@ -18,19 +20,27 @@ export async function generateJwt(options) {
|
|
|
18
20
|
if (!options.apiKeySecret) {
|
|
19
21
|
throw new Error("Private key is required");
|
|
20
22
|
}
|
|
21
|
-
if
|
|
22
|
-
|
|
23
|
+
// Check if we have a REST API request or a websocket connection
|
|
24
|
+
const hasAllRequestParams = Boolean(options.requestMethod && options.requestHost && options.requestPath);
|
|
25
|
+
const hasNoRequestParams = (options.requestMethod === undefined || options.requestMethod === null) &&
|
|
26
|
+
(options.requestHost === undefined || options.requestHost === null) &&
|
|
27
|
+
(options.requestPath === undefined || options.requestPath === null);
|
|
28
|
+
// Ensure we either have all request parameters or none (for websocket)
|
|
29
|
+
if (!hasAllRequestParams && !hasNoRequestParams) {
|
|
30
|
+
throw new Error("Either all request details (method, host, path) must be provided, or all must be null for JWTs intended for websocket connections");
|
|
23
31
|
}
|
|
24
32
|
const now = Math.floor(Date.now() / 1000);
|
|
25
33
|
const expiresIn = options.expiresIn || 120; // Default to 120 seconds if not specified
|
|
26
|
-
const uri = `${options.requestMethod} ${options.requestHost}${options.requestPath}`;
|
|
27
34
|
// Prepare the JWT payload
|
|
28
35
|
const claims = {
|
|
29
36
|
sub: options.apiKeyId,
|
|
30
37
|
iss: "cdp",
|
|
31
|
-
aud: ["cdp_service"],
|
|
32
|
-
uris: [uri],
|
|
38
|
+
aud: options.audience || ["cdp_service"],
|
|
33
39
|
};
|
|
40
|
+
// Add the uris claim only for REST API requests
|
|
41
|
+
if (hasAllRequestParams) {
|
|
42
|
+
claims.uris = [`${options.requestMethod} ${options.requestHost}${options.requestPath}`];
|
|
43
|
+
}
|
|
34
44
|
// Generate random nonce for the header
|
|
35
45
|
const randomNonce = nonce();
|
|
36
46
|
// Determine if we're using EC or Edwards key based on the key format
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.js","sourceRoot":"","sources":["../../../auth/utils/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAC;AAE1C,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,SAAS,EAAc,MAAM,MAAM,CAAC;AAEnE,OAAO,EAAE,8BAA8B,EAAE,0BAA0B,EAAE,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"jwt.js","sourceRoot":"","sources":["../../../auth/utils/jwt.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,EAAE,gBAAgB,EAAE,MAAM,QAAQ,CAAC;AAE1C,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,SAAS,EAAc,MAAM,MAAM,CAAC;AAEnE,OAAO,EAAE,8BAA8B,EAAE,0BAA0B,EAAE,MAAM,cAAc,CAAC;AAwF1F;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,OAAmB;IACnD,+BAA+B;IAC/B,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;IAC1C,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IAED,gEAAgE;IAChE,MAAM,mBAAmB,GAAG,OAAO,CACjC,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,WAAW,CACpE,CAAC;IACF,MAAM,kBAAkB,GACtB,CAAC,OAAO,CAAC,aAAa,KAAK,SAAS,IAAI,OAAO,CAAC,aAAa,KAAK,IAAI,CAAC;QACvE,CAAC,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,IAAI,CAAC;QACnE,CAAC,OAAO,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,CAAC,WAAW,KAAK,IAAI,CAAC,CAAC;IAEtE,uEAAuE;IACvE,IAAI,CAAC,mBAAmB,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CACb,mIAAmI,CACpI,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,GAAG,CAAC,CAAC,0CAA0C;IAEtF,0BAA0B;IAC1B,MAAM,MAAM,GAAe;QACzB,GAAG,EAAE,OAAO,CAAC,QAAQ;QACrB,GAAG,EAAE,KAAK;QACV,GAAG,EAAE,OAAO,CAAC,QAAQ,IAAI,CAAC,aAAa,CAAC;KACzC,CAAC;IAEF,gDAAgD;IAChD,IAAI,mBAAmB,EAAE,CAAC;QACxB,MAAM,CAAC,IAAI,GAAG,CAAC,GAAG,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;IAC1F,CAAC;IAED,uCAAuC;IACvC,MAAM,WAAW,GAAG,KAAK,EAAE,CAAC;IAE5B,qEAAqE;IACrE,IAAI,YAAY,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QACvC,OAAO,MAAM,UAAU,CACrB,OAAO,CAAC,YAAY,EACpB,OAAO,CAAC,QAAQ,EAChB,MAAM,EACN,GAAG,EACH,SAAS,EACT,WAAW,CACZ,CAAC;IACJ,CAAC;SAAM,IAAI,iBAAiB,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QACnD,OAAO,MAAM,eAAe,CAC1B,OAAO,CAAC,YAAY,EACpB,OAAO,CAAC,QAAQ,EAChB,MAAM,EACN,GAAG,EACH,SAAS,EACT,WAAW,CACZ,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;IAC1F,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,OAAyB;IAC/D,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;QAC1B,MAAM,IAAI,0BAA0B,CAAC,8BAA8B,CAAC,CAAC;IACvE,CAAC;IAED,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IACpF,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAE1C,MAAM,MAAM,GAAe;QACzB,IAAI,EAAE,CAAC,GAAG,CAAC;KACZ,CAAC;IAEF,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChD,MAAM,CAAC,GAAG,GAAG,OAAO,CAAC,WAAW,CAAC;IACnC,CAAC;IAED,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,gBAAgB,CAAC;YAC7B,GAAG,EAAE,OAAO,CAAC,YAAY;YACzB,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,OAAO;YACb,QAAQ,EAAE,QAAQ;SACnB,CAAC,CAAC;QAEH,OAAO,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;aAC7B,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC;aAChD,WAAW,CAAC,GAAG,CAAC;aAChB,YAAY,CAAC,GAAG,CAAC;aACjB,MAAM,CAAC,KAAK,EAAE,CAAC;aACf,IAAI,CAAC,KAAK,CAAC,CAAC;IACjB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,8BAA8B,CAAC,+BAA+B,GAAG,KAAK,CAAC,CAAC;IACpF,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,iBAAiB,CAAC,GAAW;IACpC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAC3C,OAAO,OAAO,CAAC,MAAM,KAAK,EAAE,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,YAAY,CAAC,GAAW;IAC/B,IAAI,CAAC;QACH,iEAAiE;QACjE,MAAM,GAAG,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;QAClC,+DAA+D;QAC/D,OAAO,GAAG,CAAC,iBAAiB,KAAK,IAAI,CAAC;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;;;;GAWG;AACH,KAAK,UAAU,UAAU,CACvB,UAAkB,EAClB,OAAe,EACf,MAAkB,EAClB,GAAW,EACX,SAAiB,EACjB,KAAa;IAEb,IAAI,CAAC;QACH,0BAA0B;QAC1B,MAAM,MAAM,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;QAC5C,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC;QAE5E,6BAA6B;QAC7B,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAEnD,0BAA0B;QAC1B,OAAO,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;aAC7B,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;aACrE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;aAC5B,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;aAC7B,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,SAAS,CAAC,CAAC;aAC9C,IAAI,CAAC,KAAK,CAAC,CAAC;IACjB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,8BAA+B,KAAe,CAAC,OAAO,EAAE,CAAC,CAAC;IAC5E,CAAC;AACH,CAAC;AAED;;;;;;;;;;;GAWG;AACH,KAAK,UAAU,eAAe,CAC5B,UAAkB,EAClB,OAAe,EACf,MAAkB,EAClB,GAAW,EACX,SAAiB,EACjB,KAAa;IAEb,IAAI,CAAC;QACH,8EAA8E;QAC9E,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAClD,IAAI,OAAO,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACrC,MAAM,SAAS,GAAG,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAEvC,qCAAqC;QACrC,MAAM,GAAG,GAAG;YACV,GAAG,EAAE,KAAK;YACV,GAAG,EAAE,SAAS;YACd,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC7B,CAAC,EAAE,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC;SACnC,CAAC;QAEF,6BAA6B;QAC7B,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAE1C,0BAA0B;QAC1B,OAAO,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC;aAC7B,kBAAkB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,OAAO,EAAE,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;aACrE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;aAC5B,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;aAC7B,iBAAiB,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,SAAS,CAAC,CAAC;aAC9C,IAAI,CAAC,GAAG,CAAC,CAAC;IACf,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,mCAAoC,KAAe,CAAC,OAAO,EAAE,CAAC,CAAC;IACjF,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,KAAK;IACZ,OAAO,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAChD,CAAC"}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
import { getCorrelationData } from "./http.js";
|
|
2
|
+
import { generateJwt } from "./jwt.js";
|
|
3
|
+
/**
|
|
4
|
+
* Gets authentication headers for a WebSocket connection.
|
|
5
|
+
*
|
|
6
|
+
* @param options - The configuration options for generating WebSocket auth headers
|
|
7
|
+
* @returns Object containing the authentication headers
|
|
8
|
+
*/
|
|
9
|
+
export async function getWebSocketAuthHeaders(options) {
|
|
10
|
+
const headers = {};
|
|
11
|
+
// Generate and add JWT token without request parameters for WebSocket
|
|
12
|
+
const jwt = await generateJwt({
|
|
13
|
+
apiKeyId: options.apiKeyId,
|
|
14
|
+
apiKeySecret: options.apiKeySecret,
|
|
15
|
+
// All request parameters are null for WebSocket
|
|
16
|
+
requestMethod: null,
|
|
17
|
+
requestHost: null,
|
|
18
|
+
requestPath: null,
|
|
19
|
+
expiresIn: options.expiresIn,
|
|
20
|
+
audience: options.audience,
|
|
21
|
+
});
|
|
22
|
+
headers["Authorization"] = `Bearer ${jwt}`;
|
|
23
|
+
headers["Content-Type"] = "application/json";
|
|
24
|
+
// Add correlation data
|
|
25
|
+
headers["Correlation-Context"] = getCorrelationData(options.source, options.sourceVersion);
|
|
26
|
+
return headers;
|
|
27
|
+
}
|
|
28
|
+
//# sourceMappingURL=ws.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ws.js","sourceRoot":"","sources":["../../../auth/utils/ws.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAC;AAC/C,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AA6CvC;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,OAAuC;IAEvC,MAAM,OAAO,GAA2B,EAAE,CAAC;IAE3C,sEAAsE;IACtE,MAAM,GAAG,GAAG,MAAM,WAAW,CAAC;QAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,gDAAgD;QAChD,aAAa,EAAE,IAAI;QACnB,WAAW,EAAE,IAAI;QACjB,WAAW,EAAE,IAAI;QACjB,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;KAC3B,CAAC,CAAC;IACH,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,GAAG,EAAE,CAAC;IAC3C,OAAO,CAAC,cAAc,CAAC,GAAG,kBAAkB,CAAC;IAE7C,uBAAuB;IACvB,OAAO,CAAC,qBAAqB,CAAC,GAAG,kBAAkB,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAE3F,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
package/_esm/version.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export const version = "1.
|
|
1
|
+
export const version = "1.4.0";
|
|
2
2
|
//# sourceMappingURL=version.js.map
|
package/_types/auth/index.d.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,UAAU,MAAM,wBAAwB,CAAC;AAErD,cAAc,iBAAiB,CAAC;AAChC,cAAc,gBAAgB,CAAC;AAC/B,OAAO,EAAE,UAAU,EAAE,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../auth/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,UAAU,MAAM,wBAAwB,CAAC;AAErD,cAAc,iBAAiB,CAAC;AAChC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,eAAe,CAAC;AAC9B,OAAO,EAAE,UAAU,EAAE,CAAC"}
|
|
@@ -50,6 +50,10 @@ export interface GetAuthHeadersOptions {
|
|
|
50
50
|
* Optional expiration time in seconds (defaults to 120)
|
|
51
51
|
*/
|
|
52
52
|
expiresIn?: number;
|
|
53
|
+
/**
|
|
54
|
+
* Optional audience claim for the JWT
|
|
55
|
+
*/
|
|
56
|
+
audience?: string[];
|
|
53
57
|
}
|
|
54
58
|
/**
|
|
55
59
|
* Gets authentication headers for a request.
|
|
@@ -58,4 +62,12 @@ export interface GetAuthHeadersOptions {
|
|
|
58
62
|
* @returns Object containing the authentication headers
|
|
59
63
|
*/
|
|
60
64
|
export declare function getAuthHeaders(options: GetAuthHeadersOptions): Promise<Record<string, string>>;
|
|
65
|
+
/**
|
|
66
|
+
* Returns encoded correlation data including the SDK version and language.
|
|
67
|
+
*
|
|
68
|
+
* @param source - The source identifier for the request
|
|
69
|
+
* @param sourceVersion - The version of the source making the request
|
|
70
|
+
* @returns Encoded correlation data as a query string
|
|
71
|
+
*/
|
|
72
|
+
export declare function getCorrelationData(source?: string, sourceVersion?: string): string;
|
|
61
73
|
//# sourceMappingURL=http.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"http.d.ts","sourceRoot":"","sources":["../../../auth/utils/http.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC;;;;;;OAMG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;;;;OAMG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"http.d.ts","sourceRoot":"","sources":["../../../auth/utils/http.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC;;;;;;OAMG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;;;;OAMG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB;;OAEG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;CACrB;AAED;;;;;GAKG;AACH,wBAAsB,cAAc,CAClC,OAAO,EAAE,qBAAqB,GAC7B,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAsCjC;AAeD;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,MAAM,GAAG,MAAM,CAYlF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../auth/utils/index.ts"],"names":[],"mappings":"AAAA,cAAc,WAAW,CAAC;AAC1B,cAAc,UAAU,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../auth/utils/index.ts"],"names":[],"mappings":"AAAA,cAAc,WAAW,CAAC;AAC1B,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC"}
|
|
@@ -23,21 +23,25 @@ export interface JwtOptions {
|
|
|
23
23
|
*/
|
|
24
24
|
apiKeySecret: string;
|
|
25
25
|
/**
|
|
26
|
-
* The HTTP method for the request (e.g. 'GET', 'POST')
|
|
26
|
+
* The HTTP method for the request (e.g. 'GET', 'POST'), or null for JWTs intended for websocket connections
|
|
27
27
|
*/
|
|
28
|
-
requestMethod
|
|
28
|
+
requestMethod?: string | null;
|
|
29
29
|
/**
|
|
30
|
-
* The host for the request (e.g. 'api.cdp.coinbase.com')
|
|
30
|
+
* The host for the request (e.g. 'api.cdp.coinbase.com'), or null for JWTs intended for websocket connections
|
|
31
31
|
*/
|
|
32
|
-
requestHost
|
|
32
|
+
requestHost?: string | null;
|
|
33
33
|
/**
|
|
34
|
-
* The path for the request (e.g. '/platform/v1/wallets')
|
|
34
|
+
* The path for the request (e.g. '/platform/v1/wallets'), or null for JWTs intended for websocket connections
|
|
35
35
|
*/
|
|
36
|
-
requestPath
|
|
36
|
+
requestPath?: string | null;
|
|
37
37
|
/**
|
|
38
38
|
* Optional expiration time in seconds (defaults to 120)
|
|
39
39
|
*/
|
|
40
40
|
expiresIn?: number;
|
|
41
|
+
/**
|
|
42
|
+
* Optional audience claim for the JWT
|
|
43
|
+
*/
|
|
44
|
+
audience?: string[];
|
|
41
45
|
}
|
|
42
46
|
/**
|
|
43
47
|
* WalletJwtOptions contains configuration for Wallet Auth JWT generation.
|
|
@@ -69,7 +73,9 @@ export interface WalletJwtOptions {
|
|
|
69
73
|
}
|
|
70
74
|
/**
|
|
71
75
|
* Generates a JWT (also known as a Bearer token) for authenticating with Coinbase's REST APIs.
|
|
72
|
-
* Supports both EC (ES256) and Ed25519 (EdDSA) keys.
|
|
76
|
+
* Supports both EC (ES256) and Ed25519 (EdDSA) keys. Also supports JWTs meant for
|
|
77
|
+
* websocket connections by allowing requestMethod, requestHost, and requestPath to all be
|
|
78
|
+
* null, in which case the 'uris' claim is omitted from the JWT.
|
|
73
79
|
*
|
|
74
80
|
* @param options - The configuration options for generating the JWT
|
|
75
81
|
* @returns The generated JWT (Bearer token) string
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../../auth/utils/jwt.ts"],"names":[],"mappings":"AAOA;;;;;;GAMG;AACH,MAAM,WAAW,UAAU;IACzB;;;;;;OAMG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;;;;OAMG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../../../auth/utils/jwt.ts"],"names":[],"mappings":"AAOA;;;;;;GAMG;AACH,MAAM,WAAW,UAAU;IACzB;;;;;;OAMG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;;;;OAMG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE9B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE5B;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE5B;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;CACrB;AAED;;;;;GAKG;AACH,MAAM,WAAW,gBAAgB;IAC/B;;OAEG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IAEtB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IACH,WAAW,EAAE,MAAM,CAAC;IAEpB;;OAEG;IAEH,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAClC;AAED;;;;;;;;;GASG;AACH,wBAAsB,WAAW,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CAiEtE;AAED;;;;;;;;GAQG;AACH,wBAAsB,iBAAiB,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,MAAM,CAAC,CAiClF"}
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Options for generating WebSocket authentication headers.
|
|
3
|
+
*/
|
|
4
|
+
export interface GetWebSocketAuthHeadersOptions {
|
|
5
|
+
/**
|
|
6
|
+
* The API key ID
|
|
7
|
+
*
|
|
8
|
+
* Examples:
|
|
9
|
+
* 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
|
|
10
|
+
* 'organizations/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/apiKeys/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
|
|
11
|
+
*/
|
|
12
|
+
apiKeyId: string;
|
|
13
|
+
/**
|
|
14
|
+
* The API key secret
|
|
15
|
+
*
|
|
16
|
+
* Examples:
|
|
17
|
+
* 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==' (Edwards key (Ed25519))
|
|
18
|
+
* '-----BEGIN EC PRIVATE KEY-----\n...\n...\n...==\n-----END EC PRIVATE KEY-----\n' (EC key (ES256))
|
|
19
|
+
*/
|
|
20
|
+
apiKeySecret: string;
|
|
21
|
+
/**
|
|
22
|
+
* The source identifier for the request
|
|
23
|
+
*/
|
|
24
|
+
source?: string;
|
|
25
|
+
/**
|
|
26
|
+
* The version of the source making the request
|
|
27
|
+
*/
|
|
28
|
+
sourceVersion?: string;
|
|
29
|
+
/**
|
|
30
|
+
* Optional expiration time in seconds (defaults to 120)
|
|
31
|
+
*/
|
|
32
|
+
expiresIn?: number;
|
|
33
|
+
/**
|
|
34
|
+
* Optional audience claim for the JWT
|
|
35
|
+
*/
|
|
36
|
+
audience?: string[];
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* Gets authentication headers for a WebSocket connection.
|
|
40
|
+
*
|
|
41
|
+
* @param options - The configuration options for generating WebSocket auth headers
|
|
42
|
+
* @returns Object containing the authentication headers
|
|
43
|
+
*/
|
|
44
|
+
export declare function getWebSocketAuthHeaders(options: GetWebSocketAuthHeadersOptions): Promise<Record<string, string>>;
|
|
45
|
+
//# sourceMappingURL=ws.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ws.d.ts","sourceRoot":"","sources":["../../../auth/utils/ws.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,MAAM,WAAW,8BAA8B;IAC7C;;;;;;OAMG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;;;;OAMG;IACH,YAAY,EAAE,MAAM,CAAC;IAErB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;CACrB;AAED;;;;;GAKG;AACH,wBAAsB,uBAAuB,CAC3C,OAAO,EAAE,8BAA8B,GACtC,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAqBjC"}
|
package/_types/version.d.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export declare const version = "1.
|
|
1
|
+
export declare const version = "1.4.0";
|
|
2
2
|
//# sourceMappingURL=version.d.ts.map
|
package/auth/README.md
CHANGED
|
@@ -25,6 +25,7 @@ npm install @coinbase/cdp-sdk
|
|
|
25
25
|
```typescript
|
|
26
26
|
import { generateJwt } from "@coinbase/cdp-sdk/auth";
|
|
27
27
|
|
|
28
|
+
// For REST (HTTP) requests
|
|
28
29
|
const jwt = await generateJwt({
|
|
29
30
|
apiKeyId: "YOUR_API_KEY_ID",
|
|
30
31
|
apiKeySecret: "YOUR_API_KEY_SECRET",
|
|
@@ -35,6 +36,18 @@ const jwt = await generateJwt({
|
|
|
35
36
|
});
|
|
36
37
|
|
|
37
38
|
console.log(jwt);
|
|
39
|
+
|
|
40
|
+
// For websocket connections
|
|
41
|
+
const websocketJwt = await generateJwt({
|
|
42
|
+
apiKeyId: "YOUR_API_KEY_ID",
|
|
43
|
+
apiKeySecret: "YOUR_API_KEY_SECRET",
|
|
44
|
+
requestMethod: null,
|
|
45
|
+
requestHost: null,
|
|
46
|
+
requestPath: null,
|
|
47
|
+
expiresIn: 120, // optional (defaults to 120 seconds)
|
|
48
|
+
});
|
|
49
|
+
|
|
50
|
+
console.log(websocketJwt);
|
|
38
51
|
```
|
|
39
52
|
|
|
40
53
|
For information about the above parameters, please refer to the [Authentication parameters](#authentication-parameters) section.
|
|
@@ -138,8 +151,10 @@ The following table provides more context of many of the authentication paramete
|
|
|
138
151
|
| :-- | :-- | :-- |
|
|
139
152
|
| `apiKeyId` | true | The unique identifier for your API key. Supported formats are:<br/>- `xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx`<br/>- `organizations/{orgId}/apiKeys/{keyId}` |
|
|
140
153
|
| `apiKeySecret` | true | Your API key secret. Supported formats are:<br/>- Edwards key (Ed25519): `xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==`<br/>- Elliptic Curve key (ES256): `-----BEGIN EC PRIVATE KEY-----\n...\n...\n...==\n-----END EC PRIVATE KEY-----\n` |
|
|
141
|
-
| `requestMethod` | true | The HTTP method for the API request you're authenticating (ie, `GET`, `POST`, `PUT`, `DELETE`). |
|
|
142
|
-
| `requestHost` | true | The API host you're calling (ie, `api.cdp.coinbase.com`). |
|
|
143
|
-
| `requestPath` | true | The path of the specific API endpoint you're calling (ie, `/platform/v1/wallets`). |
|
|
154
|
+
| `requestMethod` | true* | The HTTP method for the API request you're authenticating (ie, `GET`, `POST`, `PUT`, `DELETE`). Can be `null` for JWTs intended for websocket connections. |
|
|
155
|
+
| `requestHost` | true* | The API host you're calling (ie, `api.cdp.coinbase.com`). Can be `null` for JWTs intended for websocket connections. |
|
|
156
|
+
| `requestPath` | true* | The path of the specific API endpoint you're calling (ie, `/platform/v1/wallets`). Can be `null` for JWTs intended for websocket connections. |
|
|
144
157
|
| `requestBody` | false | Optional request body data. |
|
|
145
158
|
| `expiresIn` | false | The JWT expiration time in seconds. After this time, the JWT will no longer be valid, and a new one must be generated. Defaults to `120` (ie, 2 minutes) if not specified. |
|
|
159
|
+
|
|
160
|
+
\* Either all three request parameters (`requestMethod`, `requestHost`, and `requestPath`) must be provided for REST API requests, or all three must be `null` for JWTs intended for websocket connections.
|
package/auth/index.ts
CHANGED
package/auth/utils/http.ts
CHANGED
|
@@ -62,6 +62,11 @@ export interface GetAuthHeadersOptions {
|
|
|
62
62
|
* Optional expiration time in seconds (defaults to 120)
|
|
63
63
|
*/
|
|
64
64
|
expiresIn?: number;
|
|
65
|
+
|
|
66
|
+
/**
|
|
67
|
+
* Optional audience claim for the JWT
|
|
68
|
+
*/
|
|
69
|
+
audience?: string[];
|
|
65
70
|
}
|
|
66
71
|
|
|
67
72
|
/**
|
|
@@ -83,6 +88,7 @@ export async function getAuthHeaders(
|
|
|
83
88
|
requestHost: options.requestHost,
|
|
84
89
|
requestPath: options.requestPath,
|
|
85
90
|
expiresIn: options.expiresIn,
|
|
91
|
+
audience: options.audience,
|
|
86
92
|
});
|
|
87
93
|
headers["Authorization"] = `Bearer ${jwt}`;
|
|
88
94
|
headers["Content-Type"] = "application/json";
|
|
@@ -131,7 +137,7 @@ function requiresWalletAuth(requestMethod: string, requestPath: string): boolean
|
|
|
131
137
|
* @param sourceVersion - The version of the source making the request
|
|
132
138
|
* @returns Encoded correlation data as a query string
|
|
133
139
|
*/
|
|
134
|
-
function getCorrelationData(source?: string, sourceVersion?: string): string {
|
|
140
|
+
export function getCorrelationData(source?: string, sourceVersion?: string): string {
|
|
135
141
|
const data = {
|
|
136
142
|
sdk_version: version,
|
|
137
143
|
sdk_language: "typescript",
|
package/auth/utils/index.ts
CHANGED
package/auth/utils/jwt.ts
CHANGED
|
@@ -32,24 +32,29 @@ export interface JwtOptions {
|
|
|
32
32
|
apiKeySecret: string;
|
|
33
33
|
|
|
34
34
|
/**
|
|
35
|
-
* The HTTP method for the request (e.g. 'GET', 'POST')
|
|
35
|
+
* The HTTP method for the request (e.g. 'GET', 'POST'), or null for JWTs intended for websocket connections
|
|
36
36
|
*/
|
|
37
|
-
requestMethod
|
|
37
|
+
requestMethod?: string | null;
|
|
38
38
|
|
|
39
39
|
/**
|
|
40
|
-
* The host for the request (e.g. 'api.cdp.coinbase.com')
|
|
40
|
+
* The host for the request (e.g. 'api.cdp.coinbase.com'), or null for JWTs intended for websocket connections
|
|
41
41
|
*/
|
|
42
|
-
requestHost
|
|
42
|
+
requestHost?: string | null;
|
|
43
43
|
|
|
44
44
|
/**
|
|
45
|
-
* The path for the request (e.g. '/platform/v1/wallets')
|
|
45
|
+
* The path for the request (e.g. '/platform/v1/wallets'), or null for JWTs intended for websocket connections
|
|
46
46
|
*/
|
|
47
|
-
requestPath
|
|
47
|
+
requestPath?: string | null;
|
|
48
48
|
|
|
49
49
|
/**
|
|
50
50
|
* Optional expiration time in seconds (defaults to 120)
|
|
51
51
|
*/
|
|
52
52
|
expiresIn?: number;
|
|
53
|
+
|
|
54
|
+
/**
|
|
55
|
+
* Optional audience claim for the JWT
|
|
56
|
+
*/
|
|
57
|
+
audience?: string[];
|
|
53
58
|
}
|
|
54
59
|
|
|
55
60
|
/**
|
|
@@ -88,7 +93,9 @@ export interface WalletJwtOptions {
|
|
|
88
93
|
|
|
89
94
|
/**
|
|
90
95
|
* Generates a JWT (also known as a Bearer token) for authenticating with Coinbase's REST APIs.
|
|
91
|
-
* Supports both EC (ES256) and Ed25519 (EdDSA) keys.
|
|
96
|
+
* Supports both EC (ES256) and Ed25519 (EdDSA) keys. Also supports JWTs meant for
|
|
97
|
+
* websocket connections by allowing requestMethod, requestHost, and requestPath to all be
|
|
98
|
+
* null, in which case the 'uris' claim is omitted from the JWT.
|
|
92
99
|
*
|
|
93
100
|
* @param options - The configuration options for generating the JWT
|
|
94
101
|
* @returns The generated JWT (Bearer token) string
|
|
@@ -102,22 +109,38 @@ export async function generateJwt(options: JwtOptions): Promise<string> {
|
|
|
102
109
|
if (!options.apiKeySecret) {
|
|
103
110
|
throw new Error("Private key is required");
|
|
104
111
|
}
|
|
105
|
-
|
|
106
|
-
|
|
112
|
+
|
|
113
|
+
// Check if we have a REST API request or a websocket connection
|
|
114
|
+
const hasAllRequestParams = Boolean(
|
|
115
|
+
options.requestMethod && options.requestHost && options.requestPath,
|
|
116
|
+
);
|
|
117
|
+
const hasNoRequestParams =
|
|
118
|
+
(options.requestMethod === undefined || options.requestMethod === null) &&
|
|
119
|
+
(options.requestHost === undefined || options.requestHost === null) &&
|
|
120
|
+
(options.requestPath === undefined || options.requestPath === null);
|
|
121
|
+
|
|
122
|
+
// Ensure we either have all request parameters or none (for websocket)
|
|
123
|
+
if (!hasAllRequestParams && !hasNoRequestParams) {
|
|
124
|
+
throw new Error(
|
|
125
|
+
"Either all request details (method, host, path) must be provided, or all must be null for JWTs intended for websocket connections",
|
|
126
|
+
);
|
|
107
127
|
}
|
|
108
128
|
|
|
109
129
|
const now = Math.floor(Date.now() / 1000);
|
|
110
130
|
const expiresIn = options.expiresIn || 120; // Default to 120 seconds if not specified
|
|
111
|
-
const uri = `${options.requestMethod} ${options.requestHost}${options.requestPath}`;
|
|
112
131
|
|
|
113
132
|
// Prepare the JWT payload
|
|
114
|
-
const claims = {
|
|
133
|
+
const claims: JWTPayload = {
|
|
115
134
|
sub: options.apiKeyId,
|
|
116
135
|
iss: "cdp",
|
|
117
|
-
aud: ["cdp_service"],
|
|
118
|
-
uris: [uri],
|
|
136
|
+
aud: options.audience || ["cdp_service"],
|
|
119
137
|
};
|
|
120
138
|
|
|
139
|
+
// Add the uris claim only for REST API requests
|
|
140
|
+
if (hasAllRequestParams) {
|
|
141
|
+
claims.uris = [`${options.requestMethod} ${options.requestHost}${options.requestPath}`];
|
|
142
|
+
}
|
|
143
|
+
|
|
121
144
|
// Generate random nonce for the header
|
|
122
145
|
const randomNonce = nonce();
|
|
123
146
|
|
package/auth/utils/ws.ts
ADDED
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
import { getCorrelationData } from "./http.js";
|
|
2
|
+
import { generateJwt } from "./jwt.js";
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* Options for generating WebSocket authentication headers.
|
|
6
|
+
*/
|
|
7
|
+
export interface GetWebSocketAuthHeadersOptions {
|
|
8
|
+
/**
|
|
9
|
+
* The API key ID
|
|
10
|
+
*
|
|
11
|
+
* Examples:
|
|
12
|
+
* 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
|
|
13
|
+
* 'organizations/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/apiKeys/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
|
|
14
|
+
*/
|
|
15
|
+
apiKeyId: string;
|
|
16
|
+
|
|
17
|
+
/**
|
|
18
|
+
* The API key secret
|
|
19
|
+
*
|
|
20
|
+
* Examples:
|
|
21
|
+
* 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==' (Edwards key (Ed25519))
|
|
22
|
+
* '-----BEGIN EC PRIVATE KEY-----\n...\n...\n...==\n-----END EC PRIVATE KEY-----\n' (EC key (ES256))
|
|
23
|
+
*/
|
|
24
|
+
apiKeySecret: string;
|
|
25
|
+
|
|
26
|
+
/**
|
|
27
|
+
* The source identifier for the request
|
|
28
|
+
*/
|
|
29
|
+
source?: string;
|
|
30
|
+
|
|
31
|
+
/**
|
|
32
|
+
* The version of the source making the request
|
|
33
|
+
*/
|
|
34
|
+
sourceVersion?: string;
|
|
35
|
+
|
|
36
|
+
/**
|
|
37
|
+
* Optional expiration time in seconds (defaults to 120)
|
|
38
|
+
*/
|
|
39
|
+
expiresIn?: number;
|
|
40
|
+
|
|
41
|
+
/**
|
|
42
|
+
* Optional audience claim for the JWT
|
|
43
|
+
*/
|
|
44
|
+
audience?: string[];
|
|
45
|
+
}
|
|
46
|
+
|
|
47
|
+
/**
|
|
48
|
+
* Gets authentication headers for a WebSocket connection.
|
|
49
|
+
*
|
|
50
|
+
* @param options - The configuration options for generating WebSocket auth headers
|
|
51
|
+
* @returns Object containing the authentication headers
|
|
52
|
+
*/
|
|
53
|
+
export async function getWebSocketAuthHeaders(
|
|
54
|
+
options: GetWebSocketAuthHeadersOptions,
|
|
55
|
+
): Promise<Record<string, string>> {
|
|
56
|
+
const headers: Record<string, string> = {};
|
|
57
|
+
|
|
58
|
+
// Generate and add JWT token without request parameters for WebSocket
|
|
59
|
+
const jwt = await generateJwt({
|
|
60
|
+
apiKeyId: options.apiKeyId,
|
|
61
|
+
apiKeySecret: options.apiKeySecret,
|
|
62
|
+
// All request parameters are null for WebSocket
|
|
63
|
+
requestMethod: null,
|
|
64
|
+
requestHost: null,
|
|
65
|
+
requestPath: null,
|
|
66
|
+
expiresIn: options.expiresIn,
|
|
67
|
+
audience: options.audience,
|
|
68
|
+
});
|
|
69
|
+
headers["Authorization"] = `Bearer ${jwt}`;
|
|
70
|
+
headers["Content-Type"] = "application/json";
|
|
71
|
+
|
|
72
|
+
// Add correlation data
|
|
73
|
+
headers["Correlation-Context"] = getCorrelationData(options.source, options.sourceVersion);
|
|
74
|
+
|
|
75
|
+
return headers;
|
|
76
|
+
}
|
package/package.json
CHANGED
package/version.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
export const version = "1.
|
|
1
|
+
export const version = "1.4.0";
|