[chore] Refactor AP authentication, other small bits of tidying up (#1874)

author: tobi <31960611+tsmethurst@users.noreply.github.com> 2023-06-13 16:47:56 +0200
committer: GitHub <noreply@github.com> 2023-06-13 15:47:56 +0100
commit: 24fbdf2b0a820684b69b10893e82cdb1a76ca14d (patch)
tree: d44a092d0bffb8159e4844bfaf4ef84a82f41e2e /internal/typeutils
parent: [docs] Add certificates and firewalling to advanced (#1888) (diff)
download: gotosocial-24fbdf2b0a820684b69b10893e82cdb1a76ca14d.tar.xz
1 files changed, 6 insertions, 1 deletions
diff --git a/internal/typeutils/astointernal.go b/internal/typeutils/astointernal.go
index 7c0b60ad5..aeb6a5917 100644
--- a/internal/typeutils/astointernal.go
+++ b/internal/typeutils/astointernal.go
@@ -196,10 +196,15 @@ func (c *converter) ASRepresentationToAccount(ctx context.Context, accountable a
 	// TODO: alsoKnownAs
 
 	// publicKey
-	pkey, pkeyURL, err := ap.ExtractPublicKeyForOwner(accountable, uri)
+	pkey, pkeyURL, pkeyOwnerID, err := ap.ExtractPublicKey(accountable)
 	if err != nil {
 		return nil, fmt.Errorf("couldn't get public key for person %s: %s", uri.String(), err)
 	}
+
+	if pkeyOwnerID.String() != acct.URI {
+		return nil, fmt.Errorf("public key %s was owned by %s and not by %s", pkeyURL, pkeyOwnerID, acct.URI)
+	}
+
 	acct.PublicKey = pkey
 	acct.PublicKeyURI = pkeyURL.String()
author	tobi <31960611+tsmethurst@users.noreply.github.com>	2023-06-13 16:47:56 +0200
committer	GitHub <noreply@github.com>	2023-06-13 15:47:56 +0100
commit	24fbdf2b0a820684b69b10893e82cdb1a76ca14d (patch)
tree	d44a092d0bffb8159e4844bfaf4ef84a82f41e2e /internal/typeutils
parent	[docs] Add certificates and firewalling to advanced (#1888) (diff)
download	gotosocial-24fbdf2b0a820684b69b10893e82cdb1a76ca14d.tar.xz