diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2017-09-28 17:50:14 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-09-28 17:50:14 +0200 |
commit | 76f360c625d6f7e1200a35430cced872fc6098ff (patch) | |
tree | caa27ee739a112ff0b317a377e64903b39709619 /app/controllers/concerns | |
parent | a3202f61af7d4833808d429c79dfc21e74f06c99 (diff) |
If HTTP signature is wrong and webfinger cache is stale, retry with resolve (#5129)
If the signature could not be verified and the webfinger of the account was last retrieved longer than the cache period, try re-resolving the account and then attempting to verify the signature again
Diffstat (limited to 'app/controllers/concerns')
-rw-r--r-- | app/controllers/concerns/signature_verification.rb | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/app/controllers/concerns/signature_verification.rb b/app/controllers/concerns/signature_verification.rb index 4211283ed..52a9cf290 100644 --- a/app/controllers/concerns/signature_verification.rb +++ b/app/controllers/concerns/signature_verification.rb @@ -44,6 +44,15 @@ module SignatureVerification if account.keypair.public_key.verify(OpenSSL::Digest::SHA256.new, signature, compare_signed_string) @signed_request_account = account @signed_request_account + elsif account.possibly_stale? + account = account.refresh! + + if account.keypair.public_key.verify(OpenSSL::Digest::SHA256.new, signature, compare_signed_string) + @signed_request_account = account + @signed_request_account + else + @signed_request_account = nil + end else @signed_request_account = nil end |