feat: change authorizeSession reuqest to POST

Signed-off-by: Gaurav Goel <[email protected]>
Web3Auth · Sep 4, 2024 · a8ea652 · a8ea652
1 parent a830c17
commit a8ea652
Show file tree

Hide file tree

Showing 4 changed files with 46 additions and 17 deletions.
diff --git a/...r-android/src/androidTest/java/com/web3auth/session_manager_android/SessionManagerTest.kt b/...r-android/src/androidTest/java/com/web3auth/session_manager_android/SessionManagerTest.kt
@@ -49,7 +49,7 @@ class SessionManagerTest {
         sessionManager.createSession(
             json.toString(),
             86400,
-            context
+            context,
         ).get()
         sessionManager = SessionManager(context)
         val authResponse = sessionManager.authorizeSession(

diff --git a/session-manager-android/src/main/java/com/web3auth/session_manager_android/SessionManager.kt b/session-manager-android/src/main/java/com/web3auth/session_manager_android/SessionManager.kt
@@ -5,6 +5,7 @@ import com.google.gson.GsonBuilder
 import com.web3auth.session_manager_android.api.ApiHelper
 import com.web3auth.session_manager_android.api.Web3AuthApi
 import com.web3auth.session_manager_android.keystore.KeyStoreManager
+import com.web3auth.session_manager_android.models.AuthorizeSessionRequest
 import com.web3auth.session_manager_android.models.SessionRequestBody
 import com.web3auth.session_manager_android.models.StoreApiResponse
 import com.web3auth.session_manager_android.types.AES256CBC
@@ -78,9 +79,15 @@ class SessionManager(context: Context) {
                     )
                 )
             }
-            val pubKey = "04".plus(KeyStoreManager.getPubKey(sessionId).padStart(128,'0'))
+            val pubKey = "04".plus(KeyStoreManager.getPubKey(sessionId).padStart(128, '0'))
             val response: Response<StoreApiResponse> =
-                runBlocking { withContext(Dispatchers.IO) { web3AuthApi.authorizeSession(pubKey) } }
+                runBlocking {
+                    withContext(Dispatchers.IO) {
+                        web3AuthApi.authorizeSession(
+                            AuthorizeSessionRequest(key = pubKey)
+                        )
+                    }
+                }
 
 
             if (!(response.isSuccessful && response.body() != null && response.body()?.message != null)) {
@@ -101,7 +108,14 @@ class SessionManager(context: Context) {
             val aes256cbc = AES256CBC()
             val aesKey = aes256cbc.getAESKey(sessionId, ecies.ephemPublicKey)
             val macKey = aes256cbc.getMacKey(sessionId, ecies.ephemPublicKey)
-            val share = aes256cbc.decrypt(ecies.ciphertext, aesKey, macKey, ecies.mac, Hex.decode(ecies.iv), Hex.decode(ecies.ephemPublicKey))
+            val share = aes256cbc.decrypt(
+                ecies.ciphertext,
+                aesKey,
+                macKey,
+                ecies.mac,
+                Hex.decode(ecies.iv),
+                Hex.decode(ecies.ephemPublicKey)
+            )
             String(share, Charsets.UTF_8)
         }.exceptionally { throw it }
     }
@@ -120,7 +134,7 @@ class SessionManager(context: Context) {
             }
 
             val sessionId = getSessionId()
-            val ephemKey = "04" + KeyStoreManager.getPubKey(sessionId).padStart(128,'0')
+            val ephemKey = "04" + KeyStoreManager.getPubKey(sessionId).padStart(128, '0')
             val ivKey = KeyStoreManager.randomBytes(16)
 
             val aes256cbc = AES256CBC()
@@ -132,7 +146,7 @@ class SessionManager(context: Context) {
                 val macKey = aes256cbc.getMacKey(sessionId, ephemKey)
                 val encryptedData =
                     aes256cbc.encrypt("".toByteArray(StandardCharsets.UTF_8), aesKey, ivKey)
-                val mac = aes256cbc.getMac(encryptedData, macKey,ivKey,Hex.decode(ephemKey))
+                val mac = aes256cbc.getMac(encryptedData, macKey, ivKey, Hex.decode(ephemKey))
                 val encryptedMetadata = Ecies(
                     Hex.toHexString(ivKey),
                     ephemKey,
@@ -145,7 +159,10 @@ class SessionManager(context: Context) {
                     withContext(Dispatchers.IO) {
                         web3AuthApi.invalidateSession(
                             SessionRequestBody(
-                                key = "04".plus(KeyStoreManager.getPubKey(sessionId = sessionId).padStart(128,'0')),
+                                key = "04".plus(
+                                    KeyStoreManager.getPubKey(sessionId = sessionId)
+                                        .padStart(128, '0')
+                                ),
                                 data = gsonData,
                                 signature = KeyStoreManager.getECDSASignature(
                                     BigInteger(sessionId, 16), gsonData
@@ -170,6 +187,7 @@ class SessionManager(context: Context) {
             }
         }.exceptionally { throw it }
     }
+
     fun createSession(
         data: String,
         sessionTime: Long,
@@ -184,13 +202,14 @@ class SessionManager(context: Context) {
                 )
             }
 
-            val ephemKey = "04" + KeyStoreManager.getPubKey(newSessionKey).padStart(128,'0')
+            val ephemKey = "04" + KeyStoreManager.getPubKey(newSessionKey).padStart(128, '0')
             val ivKey = KeyStoreManager.randomBytes(16)
             val aes256cbc = AES256CBC()
             val aesKey = aes256cbc.getAESKey(newSessionKey, ephemKey)
             val macKey = aes256cbc.getMacKey(newSessionKey, ephemKey)
 
-            val encryptedData = aes256cbc.encrypt(data.toByteArray(StandardCharsets.UTF_8), aesKey, ivKey)
+            val encryptedData =
+                aes256cbc.encrypt(data.toByteArray(StandardCharsets.UTF_8), aesKey, ivKey)
             val mac = aes256cbc.getMac(encryptedData, macKey, ivKey, Hex.decode(ephemKey))
             val encryptedMetadata = Ecies(
                 Hex.toHexString(ivKey),
@@ -204,7 +223,10 @@ class SessionManager(context: Context) {
                 withContext(Dispatchers.IO) {
                     web3AuthApi.createSession(
                         SessionRequestBody(
-                            key = "04".plus(KeyStoreManager.getPubKey(sessionId = newSessionKey).padStart(128,'0')),
+                            key = "04".plus(
+                                KeyStoreManager.getPubKey(sessionId = newSessionKey)
+                                    .padStart(128, '0')
+                            ),
                             data = gsonData,
                             signature = KeyStoreManager.getECDSASignature(
                                 BigInteger(newSessionKey, 16), gsonData
@@ -217,9 +239,9 @@ class SessionManager(context: Context) {
             }
 
             if (result.isSuccessful) {
-                    KeyStoreManager.savePreferenceData(
-                        KeyStoreManager.SESSION_ID_TAG, newSessionKey
-                    )
+                KeyStoreManager.savePreferenceData(
+                    KeyStoreManager.SESSION_ID_TAG, newSessionKey
+                )
             } else {
                 throw Exception(
                     SessionManagerError.getError(

diff --git a/...ion-manager-android/src/main/java/com/web3auth/session_manager_android/api/Web3AuthApi.kt b/...ion-manager-android/src/main/java/com/web3auth/session_manager_android/api/Web3AuthApi.kt
@@ -1,21 +1,20 @@
 package com.web3auth.session_manager_android.api
 
+import com.web3auth.session_manager_android.models.AuthorizeSessionRequest
 import com.web3auth.session_manager_android.models.SessionRequestBody
 import com.web3auth.session_manager_android.models.StoreApiResponse
 import org.json.JSONObject
 import retrofit2.Response
 import retrofit2.http.Body
-import retrofit2.http.GET
 import retrofit2.http.POST
-import retrofit2.http.Query
 
 interface Web3AuthApi {
 
     @POST("/v2/store/set")
     suspend fun createSession(@Body sessionRequestBody: SessionRequestBody): Response<JSONObject>
 
-    @GET("/v2/store/get")
-    suspend fun authorizeSession(@Query("key") key: String): Response<StoreApiResponse>
+    @POST("/v2/store/get")
+    suspend fun authorizeSession(@Body authorizeSessionRequest: AuthorizeSessionRequest): Response<StoreApiResponse>
 
     @POST("/v2/store/set")
     suspend fun invalidateSession(@Body sessionRequestBody: SessionRequestBody): Response<JSONObject>

diff --git a/...roid/src/main/java/com/web3auth/session_manager_android/models/AuthorizeSessionRequest.kt b/...roid/src/main/java/com/web3auth/session_manager_android/models/AuthorizeSessionRequest.kt
@@ -0,0 +1,8 @@
+package com.web3auth.session_manager_android.models
+
+import androidx.annotation.Keep
+
+@Keep
+data class AuthorizeSessionRequest(
+    val key: String
+)