mleku on Nostr: #progressreport #devstr #nostrhttp now have a simple generator for some ECDSA 256 ...
#progressreport #devstr #nostrhttp
now have a simple generator for some ECDSA 256 (NIST p256 aka secp256r1) keys to use with JWT auth for normie web tools like curl and shitty ancient low spec ebook reader browsers:
the secret at the top you set in your environment, and the event below it assigns trust to this JWT pubkey
next step is to implement two things:
relay accepts a `Authorization: Bearer: jwt.token.thing` and a tool that uses that environment variable to generate the `jwt.token.thing` and then you can throw that at curl or set an expiry on it and it becomes a kind of cookie
the purpose of this scheme is to enable integration of regular HTTP tools like postman to do event posting for ebook use case, and for the ebook devices, to grant read access to a relay to use a private or paid access document repository
there's probably other uses but that's why we are building this
now have a simple generator for some ECDSA 256 (NIST p256 aka secp256r1) keys to use with JWT auth for normie web tools like curl and shitty ancient low spec ebook reader browsers:
the secret at the top you set in your environment, and the event below it assigns trust to this JWT pubkey
next step is to implement two things:
relay accepts a `Authorization: Bearer: jwt.token.thing` and a tool that uses that environment variable to generate the `jwt.token.thing` and then you can throw that at curl or set an expiry on it and it becomes a kind of cookie
the purpose of this scheme is to enable integration of regular HTTP tools like postman to do event posting for ebook use case, and for the ebook devices, to grant read access to a relay to use a private or paid access document repository
there's probably other uses but that's why we are building this