about summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--app/controllers/concerns/signature_verification.rb14
1 files changed, 13 insertions, 1 deletions
diff --git a/app/controllers/concerns/signature_verification.rb b/app/controllers/concerns/signature_verification.rb
index 64eb20913..42f4d969e 100644
--- a/app/controllers/concerns/signature_verification.rb
+++ b/app/controllers/concerns/signature_verification.rb
@@ -24,7 +24,15 @@ module SignatureVerification
   end
 
   def signed_request_account
-    return @signed_request_account if defined?(@signed_request_account)
+    if defined?(@signed_request_account)
+      if @signed_request_account.known?
+        return @signed_request_account
+      else
+        @signature_verification_failure_reason = 'Not authorized'
+        @signed_request_account = nil
+        return
+      end
+    end
 
     unless signed_request?
       @signature_verification_failure_reason = 'Request not signed'
@@ -59,6 +67,10 @@ module SignatureVerification
       @signature_verification_failure_reason = "Public key not found for key #{signature_params['keyId']}"
       @signed_request_account = nil
       return
+    elsif !account.known?
+      @signature_verification_failure_reason = 'Not authorized'
+      @signed_request_account = nil
+      return
     end
 
     signature             = Base64.decode64(signature_params['signature'])