summaryrefslogtreecommitdiff
path: root/packages/backend/src/queue
diff options
context:
space:
mode:
Diffstat (limited to 'packages/backend/src/queue')
-rw-r--r--packages/backend/src/queue/processors/InboxProcessorService.ts18
1 files changed, 7 insertions, 11 deletions
diff --git a/packages/backend/src/queue/processors/InboxProcessorService.ts b/packages/backend/src/queue/processors/InboxProcessorService.ts
index 8b3d2ebb50..8c116f82b9 100644
--- a/packages/backend/src/queue/processors/InboxProcessorService.ts
+++ b/packages/backend/src/queue/processors/InboxProcessorService.ts
@@ -118,19 +118,15 @@ export class InboxProcessorService implements OnApplicationShutdown {
// HTTP-Signatureの検証
let httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
- // また、signatureのsignerは、activity.actorと一致する必要がある
- if (!httpSignatureValidated || authUser.user.uri !== activity.actor) {
- let renewKeyFailed = true;
-
- if (!httpSignatureValidated) {
- authUser.key = await this.apDbResolverService.refetchPublicKeyForApId(authUser.user);
-
- if (authUser.key != null) {
- httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
- renewKeyFailed = false;
- }
+ if (!httpSignatureValidated) {
+ authUser.key = await this.apDbResolverService.refetchPublicKeyForApId(authUser.user);
+ if (authUser.key != null) {
+ httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
}
+ }
+ // また、signatureのsignerは、activity.actorと一致する必要がある
+ if (!httpSignatureValidated || authUser.user.uri !== getApId(activity.actor)) {
// 一致しなくても、でもLD-Signatureがありそうならそっちも見る
const ldSignature = activity.signature;
if (ldSignature) {
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-03 22:20:27 +0000