pub-relay (#6341)

* pub-relay

* relay actorをApplicationにする

* Disable koa-compress

* Homeはリレーに送らない

* Disable debug

* UI

* cleanupなど

1 files changed, 4 insertions, 6 deletions

diff --git a/src/queue/processors/inbox.ts b/src/queue/processors/inbox.ts
index f37f663ed5..3a0bdbe28a 100644
--- a/src/queue/processors/inbox.ts
+++ b/src/queue/processors/inbox.ts
@@ -56,12 +56,10 @@ export default async (job: Bull.Job<InboxJobData>): Promise<string> => {
 	}
 
 	// HTTP-Signatureの検証
-	if (!httpSignature.verifySignature(signature, authUser.key.keyPem)) {
-		return 'signature verification failed';
-	}
+	const httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
 
-	// signatureのsignerは、activity.actorと一致する必要がある
-	if (authUser.user.uri !== activity.actor) {
+	// また、signatureのsignerは、activity.actorと一致する必要がある
+	if (!httpSignatureValidated || authUser.user.uri !== activity.actor) {
 		// 一致しなくても、でもLD-Signatureがありそうならそっちも見る
 		if (activity.signature) {
 			if (activity.signature.type !== 'RsaSignature2017') {
@@ -93,7 +91,7 @@ export default async (job: Bull.Job<InboxJobData>): Promise<string> => {
 				return `skip: LD-Signature user(${authUser.user.uri}) !== activity.actor(${activity.actor})`;
 			}
 		} else {
-			return 'signature verification failed';
+			throw `skip: http-signature verification failed.`;
 		}
 	}