-
- Downloads
Improvements to signature verification (#9667)
* Refactor signature verification a bit * Rescue signature verification if recorded public key is invalid Fixes #8822 * Always re-fetch AP signing key when HTTP Signature verification fails But when the account is not marked as stale, avoid fetching collections and media, and avoid webfinger round-trip. * Apply stoplight to key/account update as well as initial key retrieval
Showing
- app/controllers/concerns/signature_verification.rb 31 additions, 14 deletionsapp/controllers/concerns/signature_verification.rb
- app/services/activitypub/fetch_remote_account_service.rb 4 additions, 4 deletionsapp/services/activitypub/fetch_remote_account_service.rb
- app/services/activitypub/process_account_service.rb 6 additions, 4 deletionsapp/services/activitypub/process_account_service.rb
Loading
Please register or sign in to comment