fix(webhook): add apikey header to stripe-checkout call — fixes 401 UNAUTHORIZED_INVALID_JWT_FORMAT

Supabase gateway requires the service role key in the 'apikey' header
for authentication when the key uses the new sb_secret_ format (not JWT).
Previously only sent via Authorization Bearer, which the gateway rejected.

supabase/functions/meta-whatsapp-webhook/index.ts

@@ -234,6 +234,7 @@ async function generateStripeCheckoutUrl(userId: string): Promise<string> {
             method: "POST",
             headers: {
                 "Content-Type": "application/json",
+                "apikey": SUPABASE_SERVICE_ROLE_KEY,
                 "Authorization": `Bearer ${SUPABASE_SERVICE_ROLE_KEY}`,
             },
             body: JSON.stringify({ user_id: userId, plan: "mensal" })