const verified = isHTTPSignatureVerified(parsed, actor)
if (verified !== true) {
+ logger.warn('Signature from %s is invalid', actorUrl, { parsed })
+
res.sendStatus(403)
return false
}
const verified = await isJsonLDSignatureVerified(actor, req.body)
if (verified !== true) {
+ logger.warn('Signature not verified.', req.body)
+
res.sendStatus(403)
return false
}