diff options
| author | Chocobozzz <me@florianbigard.com> | 2019-08-29 16:15:41 +0200 |
|---|---|---|
| committer | Chocobozzz <me@florianbigard.com> | 2019-08-29 16:15:41 +0200 |
| commit | ad513607a3886cfabe083531c42911bc3c67bdfb (patch) | |
| tree | 275af782814ad3aa62da4834ec5696467aacdd87 /server/middlewares | |
| parent | f0a47bc92aa20b91b46197a4d3fc430aea962848 (diff) | |
| download | PeerTube-ad513607a3886cfabe083531c42911bc3c67bdfb.tar.gz PeerTube-ad513607a3886cfabe083531c42911bc3c67bdfb.tar.zst PeerTube-ad513607a3886cfabe083531c42911bc3c67bdfb.zip | |
Remove old JSON LD signature implementation
Only PeerTube was compatible with it, and the library has moved on
RsaSignature2018 and removed RsaSignature2017 support. We had to create
a dirty fork of the RsaSignature2017 branch, which is not ideal.
Now we use the Mastodon implementation, that most other AP
implementations that support JSONLD signatures use.
Diffstat (limited to 'server/middlewares')
| -rw-r--r-- | server/middlewares/activitypub.ts | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts index b1e5b5236..bea213d27 100644 --- a/server/middlewares/activitypub.ts +++ b/server/middlewares/activitypub.ts | |||
| @@ -101,6 +101,8 @@ async function checkJsonLDSignature (req: Request, res: Response) { | |||
| 101 | const verified = await isJsonLDSignatureVerified(actor, req.body) | 101 | const verified = await isJsonLDSignatureVerified(actor, req.body) |
| 102 | 102 | ||
| 103 | if (verified !== true) { | 103 | if (verified !== true) { |
| 104 | logger.warn('Signature not verified.', req.body) | ||
| 105 | |||
| 104 | res.sendStatus(403) | 106 | res.sendStatus(403) |
| 105 | return false | 107 | return false |
| 106 | } | 108 | } |