From c28bcdd10a5a0d661e51c96345bbd6c4dcc43bc9 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Thu, 25 Apr 2019 15:19:53 +0200 Subject: Fix pleroma follow --- server/lib/activitypub/crawl.ts | 3 +-- server/lib/job-queue/handlers/utils/activitypub-http-utils.ts | 2 +- server/middlewares/activitypub.ts | 2 ++ 3 files changed, 4 insertions(+), 3 deletions(-) (limited to 'server') diff --git a/server/lib/activitypub/crawl.ts b/server/lib/activitypub/crawl.ts index 0ba59b47d..686eef04d 100644 --- a/server/lib/activitypub/crawl.ts +++ b/server/lib/activitypub/crawl.ts @@ -3,8 +3,7 @@ import { doRequest } from '../../helpers/requests' import { logger } from '../../helpers/logger' import * as Bluebird from 'bluebird' import { ActivityPubOrderedCollection } from '../../../shared/models/activitypub' -import { checkUrlsSameHost } from '../../helpers/activitypub' -import { parse } from "url" +import { parse } from 'url' type HandlerFunction = (items: T[]) => (Promise | Bluebird) type CleanerFunction = (startedDate: Date) => (Promise | Bluebird) diff --git a/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts b/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts index 5c25625f6..cdee1f6fd 100644 --- a/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts +++ b/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts @@ -28,7 +28,7 @@ async function buildSignedRequestOptions (payload: Payload) { actor = await getServerActor() } - const keyId = actor.getWebfingerUrl() + const keyId = actor.url return { algorithm: HTTP_SIGNATURE.ALGORITHM, authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME, diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts index 88cf342ee..b1e5b5236 100644 --- a/server/middlewares/activitypub.ts +++ b/server/middlewares/activitypub.ts @@ -74,6 +74,8 @@ async function checkHttpSignature (req: Request, res: Response) { const verified = isHTTPSignatureVerified(parsed, actor) if (verified !== true) { + logger.warn('Signature from %s is invalid', actorUrl, { parsed }) + res.sendStatus(403) return false } -- cgit v1.2.3