diff options
| author |  tobi <31960611+tsmethurst@users.noreply.github.com> | 2024-04-02 12:30:10 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2024-04-02 11:30:10 +0100 |
| commit | 4bbdef02f16f82b12d3eaf74b7071833088481df (patch) | |
| tree | f9d2f51911678cd29c3636ce7d3f69849b7377bc /internal/federation/authenticate.go | |
| parent | [chore] bump go structr cache version -> v0.6.0 (#2773) (diff) | |
| download | gotosocial-4bbdef02f16f82b12d3eaf74b7071833088481df.tar.xz | |
[chore] Try to parse public key as both Actor + bare key (#2710)
* [chore] Try to parse public key as both Actor + bare key
* fix weird test fail
Diffstat (limited to 'internal/federation/authenticate.go')
| -rw-r--r-- | internal/federation/authenticate.go | 50 |
1 files changed, 36 insertions, 14 deletions
diff --git a/internal/federation/authenticate.go b/internal/federation/authenticate.go index 596233b19..e9263d43c 100644 --- a/internal/federation/authenticate.go +++ b/internal/federation/authenticate.go @@ -30,6 +30,7 @@ import ( "codeberg.org/gruf/go-kv" "github.com/superseriousbusiness/activity/streams" + typepublickey "github.com/superseriousbusiness/activity/streams/impl/w3idsecurityv1/type_publickey" "github.com/superseriousbusiness/gotosocial/internal/ap" "github.com/superseriousbusiness/gotosocial/internal/config" "github.com/superseriousbusiness/gotosocial/internal/db" @@ -504,24 +505,45 @@ func parsePubKeyBytes( return nil, nil, err } - t, err := streams.ToType(ctx, m) - if err != nil { - return nil, nil, err - } + var ( + pubKey *rsa.PublicKey + ownerURI *url.URL + ) - withPublicKey, ok := t.(ap.WithPublicKey) - if !ok { - err = gtserror.Newf("resource at %s with type %T could not be converted to ap.WithPublicKey", pubKeyID, t) - return nil, nil, err - } + if t, err := streams.ToType(ctx, m); err == nil { + // See if Actor with a PublicKey attached. + wpk, ok := t.(ap.WithPublicKey) + if !ok { + return nil, nil, gtserror.Newf( + "resource at %s with type %T did not contain recognizable public key", + pubKeyID, t, + ) + } - pubKey, _, pubKeyOwnerID, err := ap.ExtractPublicKey(withPublicKey) - if err != nil { - err = gtserror.Newf("resource at %s with type %T did not contain recognizable public key", pubKeyID, t) - return nil, nil, err + pubKey, _, ownerURI, err = ap.ExtractPubKeyFromActor(wpk) + if err != nil { + return nil, nil, gtserror.Newf( + "error extracting public key from %T at %s: %w", + t, pubKeyID, err, + ) + } + } else if pk, err := typepublickey.DeserializePublicKey(m, nil); err == nil { + // Bare PublicKey. + pubKey, _, ownerURI, err = ap.ExtractPubKeyFromKey(pk) + if err != nil { + return nil, nil, gtserror.Newf( + "error extracting public key at %s: %w", + pubKeyID, err, + ) + } + } else { + return nil, nil, gtserror.Newf( + "resource at %s did not contain recognizable public key", + pubKeyID, + ) } - return pubKey, pubKeyOwnerID, nil + return pubKey, ownerURI, nil } var signingAlgorithms = []httpsig.Algorithm{ |