Authentication Unauthorized - Javascript

Anyone see any obvious issue with this function? This is within the “server” directory of a Nuxt 3 application, which utilizes Typescript. Every request I make is “Unauthorized” and I can’t figure out what I’m doing wrong.

“nonce” isn’t a property within the “header” property of the jwt.SignOptions, which is why I needed to use //@ts-ignore. I’ve wondered if this could be the issue and why Coinbase uses it in within their auth example but it isn’t a valid property here.

function AuthTest() {
	const keyName = 'organizations/...'
	const privateKey = '---BEGIN EC PRIVATE KEY----....'
	const serviceName = 'MyKeyNickname'
	const algorithm = 'ES256'
	const requestMethod = 'GET'
	const url = `api.coinbase.com/api/v3/brokerage/products`

	const token = jwt.sign(
		{
			aud: [serviceName],
			iss: 'coinbase-cloud',
			nbf: Math.floor(Date.now() / 1000),
			exp: Math.floor(Date.now() / 1000) + 10,
			sub: keyName,
			uri: `${requestMethod} ${url}`
		},
		privateKey,
		{
			algorithm,
			header: {
				kid: keyName,
				alg: algorithm,
				// @ts-ignore
				nonce: crypto.randomBytes(16).toString('hex')
			}
		} as jwt.SignOptions
	)

	const verifyToken = jwt.verify(token, privateKey)

	if (!token) {
		throw new Error('Failed to generate token')
	}

	$fetch(`https://api.coinbase.com/api/v3/brokerage/products`, {
		method: 'get',
		headers: {
			Authorization: `Bearer ${token}`,
			'Content-Type': 'application/json'
		}
	})
		.then((response: any) => response.text())
		.then((result) => console.log(result))
		.catch((error) => console.log('error', error))
}

One problem definitely is your serviceName. For REST it should be retail_rest_api_proxy

2 Likes

Yup, that did it. I definitely tried that at some point but must have had something else wrong when I did. Thanks for pointing that out!

1 Like