diff options
author | multiple creatures <dev@multiple-creature.party> | 2020-02-14 04:06:35 -0600 |
---|---|---|
committer | multiple creatures <dev@multiple-creature.party> | 2020-02-14 04:06:35 -0600 |
commit | aade8a3f756f517401ca7f3a135c4840b952c13a (patch) | |
tree | 36ae8b9a7ba52a08a4a5384966bbac4b4eb9b1c8 /app/controllers | |
parent | 10c619500af6432b1f1c5f2856be31268a92a50b (diff) |
make `reject_unknown` policy bidirectional when server has secure mode enabled
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/concerns/signature_verification.rb | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/app/controllers/concerns/signature_verification.rb b/app/controllers/concerns/signature_verification.rb index 64eb20913..42f4d969e 100644 --- a/app/controllers/concerns/signature_verification.rb +++ b/app/controllers/concerns/signature_verification.rb @@ -24,7 +24,15 @@ module SignatureVerification end def signed_request_account - return @signed_request_account if defined?(@signed_request_account) + if defined?(@signed_request_account) + if @signed_request_account.known? + return @signed_request_account + else + @signature_verification_failure_reason = 'Not authorized' + @signed_request_account = nil + return + end + end unless signed_request? @signature_verification_failure_reason = 'Request not signed' @@ -59,6 +67,10 @@ module SignatureVerification @signature_verification_failure_reason = "Public key not found for key #{signature_params['keyId']}" @signed_request_account = nil return + elsif !account.known? + @signature_verification_failure_reason = 'Not authorized' + @signed_request_account = nil + return end signature = Base64.decode64(signature_params['signature']) |