This commit is contained in:
Erin 2024-11-18 16:46:30 +01:00 committed by GitHub
commit c320c603b3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 25 additions and 1 deletions

View File

@ -169,6 +169,19 @@ export class ApDbResolverService implements OnApplicationShutdown {
}; };
} }
/**
* Miskey User -> Refetched Key
*/
@bindThis
public async refetchPublicKeyForApId(user: MiRemoteUser): Promise<MiUserPublickey | null> {
await this.apPersonService.updatePerson(user.uri!);
const key = this.userPublickeysRepository.findOneBy({ userId: user.id });
if (key != null) {
await this.publicKeyByUserIdCache.set(user.id, key);
}
return key;
}
@bindThis @bindThis
public dispose(): void { public dispose(): void {
this.publicKeyCache.dispose(); this.publicKeyCache.dispose();

View File

@ -116,7 +116,18 @@ export class InboxProcessorService implements OnApplicationShutdown {
} }
// HTTP-Signatureの検証 // HTTP-Signatureの検証
const httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem); let httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
// If signature validation failed, try refetching the actor
if (!httpSignatureValidated) {
authUser.key = await this.apDbResolverService.refetchPublicKeyForApId(authUser.user);
if (authUser.key == null) {
throw new Bull.UnrecoverableError('skip: failed to re-resolve user publicKey');
}
httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
}
// また、signatureのsignerは、activity.actorと一致する必要がある // また、signatureのsignerは、activity.actorと一致する必要がある
if (!httpSignatureValidated || authUser.user.uri !== activity.actor) { if (!httpSignatureValidated || authUser.user.uri !== activity.actor) {