Expired signatures

[jnordberg]

Now that we have some real world usage of rpc-auth via conveyor we are seeing a significant amount of RPCError: Unauthorized: Signature expired caused by clients who disagree with our servers on what the current time is.

My proposed solution to this is as follows:

1. Extend rpc-auth's sign and validate methods to accept a Date object that represents current time.
2. In the clients, call steemd get_dynamic_global_properties and use that as a clock source for creating new Date objects passed to sign

We could also use get_dynamic_global_properties as a clock source for the verifying rpc services but might be overkill as we can easily ensure their clocks are in sync with our steemd cluster.

cc @sneak @goldibex

[sneak]

Validators should always use system time. There is no use case for validators using an alternate time reference.

Clients, yeah, should use the time from the server. However, they should also complain to the user with a big alert in the UI because having a system clock that's significantly off can cause problems with TLS validity (notBefore/notAfter constraints).