From 9cf66bf29871dad6523f421ae72125d584ac4c9a Mon Sep 17 00:00:00 2001
From: tobi <31960611+tsmethurst@users.noreply.github.com>
Date: Tue, 26 Apr 2022 18:10:11 +0200
Subject: [chore] Return more useful errors from auth failure (#494)

* try rsa_sha256 sig algo first

* return more informative errors from auth

* adapt to reworked auth function
---
 internal/processing/federation/getuser.go | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

(limited to 'internal/processing/federation/getuser.go')

diff --git a/internal/processing/federation/getuser.go b/internal/processing/federation/getuser.go
index b201bea4b..f870baa12 100644
--- a/internal/processing/federation/getuser.go
+++ b/internal/processing/federation/getuser.go
@@ -20,7 +20,6 @@ package federation
 
 import (
 	"context"
-	"errors"
 	"fmt"
 	"net/url"
 
@@ -46,13 +45,9 @@ func (p *processor) GetUser(ctx context.Context, requestedUsername string, reque
 		}
 	} else {
 		// if it's any other path, we want to fully authenticate the request before we serve any data, and then we can serve a more complete profile
-		requestingAccountURI, authenticated, err := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
-		if err != nil {
-			return nil, gtserror.NewErrorNotAuthorized(err, "not authorized")
-		}
-
-		if !authenticated {
-			return nil, gtserror.NewErrorNotAuthorized(errors.New("not authorized"), "not authorized")
+		requestingAccountURI, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
+		if errWithCode != nil {
+			return nil, errWithCode
 		}
 
 		// if we're not already handshaking/dereferencing a remote account, dereference it now
-- 
cgit v1.2.3