feat(aep-86): add provider signer abstraction

[chalabi2]

Summary

• Add a narrow provider signer interface backed by the existing provider client context and keyring.
• Thread the signer into provider service startup so later AEP-86 inventory and snapshot components can sign provider-owned payloads and transactions.
• Share Bearer token parsing between REST and gRPC gateway paths so both enforce the same auth shape.

Scope

• AEP-86 L-2 provider signer foundation.
• This does not add inventory snapshots, snapshot hash posting, bid filtering, or node verification-module logic.
• Follow-up PRs will build L-3 inventory snapshots and L-10 snapshot posting on top of this signer path.

Linear

Refs AKT-287

[coderabbitai]

Walkthrough

This PR introduces a ProviderSigner abstraction for signing and broadcasting Cosmos SDK transactions, with comprehensive validation and error handling. Independently, it refactors authorization header token extraction into a shared utility used by both gRPC and REST authentication layers.

Changes

ProviderSigner Implementation

Layer / File(s)	Summary
ProviderSigner interface contract types/types.go	Defines the ProviderSigner interface with methods for address retrieval, signing arbitrary payloads, and broadcasting Cosmos SDK messages.
ProviderSigner concrete implementation signer.go	Implements ProviderSigner with validation of required client context fields (address, keyring, tx client), signing via keyring in SIGN_MODE_DIRECT, and broadcasting with response type verification.
ProviderSigner implementation tests signer_test.go	Tests cover constructor input validation, signature generation and verification against derived public keys, context cancellation handling, message broadcast with response validation, and error cases including broadcast failures and unexpected response types.
Config integration and provider initialization config.go, cmd/provider-services/cmd/run.go	Config struct extended with ProviderSigner field; doRunCmd initializes the signer via NewProviderSigner with context and tx client, returning early on validation failure.

Auth Header Token Extraction Refactoring

Layer / File(s)	Summary
AuthHeaderToken utility and tests gateway/utils/auth.go, gateway/utils/utils_test.go	Introduces AuthHeaderToken to extract Bearer tokens from Authorization header slices, with empty-input pass-through and validation for single header with Bearer format (case-insensitive scheme).
gRPC auth interceptor refactoring and tests gateway/grpc/server.go, gateway/grpc/server_test.go	Updates gRPC authInterceptor to use AuthHeaderToken for header extraction with early error return; adds tests for no-authorization-header pass-through and invalid-token error handling without panic.
REST auth token extractor simplification gateway/rest/auth.go	REST AuthHeaderTokenExtractor delegates token extraction to AuthHeaderToken utility; removes now-unused strings import.

🎯 3 (Moderate) | ⏱️ ~25 minutes

🐰 A signer is born to sign away,
With tokens parsed in the gateway's way,
Broadcast messages dance through the chain,
Config fields linked, refactored clean,
The provider hops on, ready to begin! 🚀

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 17.65% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: adding a provider signer abstraction interface that is now used in the codebase.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description check	✅ Passed	The PR description accurately describes all major changes: adding a provider signer interface, threading it into service startup, and unifying Bearer token parsing between REST and gRPC paths.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch aep-86/l2-provider-signer-pr

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}