Module BSV::Auth::AuthHeaders ¶

BRC-104 HTTP header name constants and filtering helpers.

Provides the canonical header names used in BSV auth HTTP transport, matching the Go SDK's brc104/auth_http_headers.go exactly.

Header filtering: * Requests: content-type (normalised), authorization, x-bsv- (excl. x-bsv-auth-) * Responses: authorization, x-bsv- (excl. x-bsv-auth-) — content-type is NOT signed

Both {.filter_request_headers} and {.filter_response_headers} return sorted key, value : pairs ready for payload serialisation.

Constants¶

AUTH_PREFIX ¶

Common prefix for all BSV auth headers.

BSV_PREFIX ¶

Prefix for all BSV custom headers (non-auth).

IDENTITY_KEY ¶

Sender's identity public key (compressed hex).

MESSAGE_TYPE ¶

Message type string (e.g. 'general', 'initialRequest').

NONCE ¶

Sender's nonce.

PAYMENT ¶

Raw payment transaction (hex or base64).

PAYMENT_DERIVATION_PREFIX ¶

BIP-32 derivation prefix for payment key.

PAYMENT_PREFIX ¶

Prefix for BSV payment headers (excluded from signed payload).

PAYMENT_SATOSHIS_REQUIRED ¶

Number of satoshis required for payment.

PAYMENT_VERSION ¶

Payment protocol version.

REQUESTED_CERTIFICATES ¶

Requested certificate set (JSON-encoded).

REQUEST_ID ¶

Request ID for correlation (base64-encoded 32 bytes).

SIGNATURE ¶

ECDSA/Schnorr signature (hex-encoded).

VERSION ¶

Protocol version header.

YOUR_NONCE ¶

Recipient's nonce (echoed back for mutual verification).

Public Class Methods¶

extract_auth_headers(headers) ¶

Extracts x-bsv-auth-* headers from a hash and returns a structured hash with symbolised keys derived from the header name suffix.

For example, x-bsv-auth-identity-key becomes :identity_key. - @param headers [Hash] incoming headers hash (keys may be mixed case) - @return [Hash] symbolised auth header values; only present keys are included

filter_request_headers(headers) ¶

Filters request headers to the set that is signed in the payload.

Includes (matching TS/Go SDK behaviour): * content-type — normalised by stripping "; charset=..." params * authorization * x-bsv-* headers, excluding any that start with x-bsv-auth

Raises ArgumentError if any header does not fall into the above categories (matching TS SDK strictness — an unsupported header that the caller expects to be signed is a security concern). - @param headers [Hash] header key/value pairs (keys need not be lowercased) - @raise [ArgumentError] if an unsupported header is present - @return [Array] sorted [key, value] pairs, keys lowercased

filter_response_headers(headers) ¶

Filters response headers to the set that is signed in the payload.

Includes (matching TS/Go SDK behaviour): * authorization * x-bsv-* headers, excluding any that start with x-bsv-auth

Note: content-type is intentionally excluded from response signing (matches both Go and TS SDK behaviour). - @param headers [Hash] header key/value pairs - @return [Array] sorted [key, value] pairs, keys lowercased