feat: add support for x-gateway-id

[chriswessels]

Add configurable gateway support via header-based gateway IDs

Summary

Enables users to specify alternative Graph Protocol gateways using a secure gateway ID system instead of hardcoded URLs. This provides flexibility for users who need to use different gateway endpoints while maintaining security.

Core Implementation

• Gateway Registry: Added GATEWAY_REGISTRY HashMap mapping gateway IDs to whitelisted URLs:
  • edgeandnode → https://gateway.thegraph.com/api (default)
  • graphops → https://graph-gateway.graphops.xyz/api
• Header-based Selection: Users can specify gateway via x-gateway-id header
• Secure Validation: Only whitelisted gateway IDs are accepted, preventing SSRF attacks

Enhanced Error Handling

• Descriptive Errors: Invalid gateway IDs return helpful messages listing valid options
• New Error Type: Added InvalidGatewayId variant to SubgraphError enum

API Updates

• Method Signatures: Updated all internal methods to accept gateway_url parameter
• Error Propagation: All endpoints now handle gateway validation errors with clear messaging

Security Considerations

✅ SSRF Prevention: Only whitelisted gateways can be used
✅ API Key Protection: Keys are never sent to untrusted endpoints
✅ Input Validation: All gateway IDs are validated against registry

Usage

  # Default gateway (Edge & Node)
  curl -H "Authorization: Bearer YOUR_API_KEY" ...

  # GraphOps gateway
  curl -H "x-gateway-id: graphops" -H "Authorization: Bearer YOUR_API_KEY" ...

  # Invalid gateway returns helpful error
  curl -H "x-gateway-id: invalid" -H "Authorization: Bearer YOUR_API_KEY" ...
  # Error: Invalid gateway ID 'invalid'. Valid gateway IDs are: edgeandnode, graphops

[sahra-karakoc]

ty sir