fix public key re-fetch logic
This commit is contained in:
parent
78a75171c2
commit
5eb9a263e2
|
@ -118,19 +118,15 @@ export class InboxProcessorService implements OnApplicationShutdown {
|
|||
// HTTP-Signatureの検証
|
||||
let httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
|
||||
|
||||
// また、signatureのsignerは、activity.actorと一致する必要がある
|
||||
if (!httpSignatureValidated || authUser.user.uri !== activity.actor) {
|
||||
let renewKeyFailed = true;
|
||||
|
||||
if (!httpSignatureValidated) {
|
||||
authUser.key = await this.apDbResolverService.refetchPublicKeyForApId(authUser.user);
|
||||
|
||||
if (authUser.key != null) {
|
||||
httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
|
||||
renewKeyFailed = false;
|
||||
}
|
||||
if (!httpSignatureValidated) {
|
||||
authUser.key = await this.apDbResolverService.refetchPublicKeyForApId(authUser.user);
|
||||
if (authUser.key != null) {
|
||||
httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
|
||||
}
|
||||
}
|
||||
|
||||
// また、signatureのsignerは、activity.actorと一致する必要がある
|
||||
if (!httpSignatureValidated || authUser.user.uri !== getApId(activity.actor)) {
|
||||
// 一致しなくても、でもLD-Signatureがありそうならそっちも見る
|
||||
const ldSignature = activity.signature;
|
||||
if (ldSignature) {
|
||||
|
|
Loading…
Reference in New Issue