This PR implements the permission context update endpoint /v1/sessions/{address}/context according to the API SPEC draft.
For the request authentication, the signature (signed message) is used.
As a signing message, the context canonized JSON object from the request is used and signed by the signing key (created during the session creation request). Then the signature is verified at the server by the verification key which is stored during the session creation in the permission session object.
The keys format was changed to DER, sec1 encoded by Base64 instead of PEM for better (compact) usage in JSON.
Description
This PR implements the permission context update endpoint
/v1/sessions/{address}/context
according to the API SPEC draft.For the request authentication, the signature (signed message) is used. As a signing message, the
context
canonized JSON object from the request is used and signed by the signing key (created during the session creation request). Then the signature is verified at the server by the verification key which is stored during the session creation in the permission session object.The keys format was changed to DER, sec1 encoded by Base64 instead of PEM for better (compact) usage in JSON.
How Has This Been Tested?
Due Diligence