alemi/upub
alemi/upub
1
0
Fork 1
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions

fix: more appropriate http signature errors

Browse source 
if we cant fetch from db its our fault (500), if we cant fetch your
actor its your fault (4xx)
This commit is contained in:
əlemi 2024-06-07 19:05:37 +02:00
parent 1814d7b187
commit e6b9120bbf
Signed by: alemi
GPG key ID: A4895B84D311642C
1 changed files with 17 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
upub/routes/src/auth.rs
View file

@ -1,7 +1,7 @@
use axum::{extract::{FromRef, FromRequestParts}, http::{header, request::Parts}}; use axum::{extract::{FromRef, FromRequestParts}, http::{header, request::Parts}};
use sea_orm::{ColumnTrait, Condition, EntityTrait, QueryFilter}; use sea_orm::{ColumnTrait, Condition, EntityTrait, QueryFilter};
use httpsign::HttpSignature; use httpsign::HttpSignature;
use upub::traits::Fetcher; use upub::traits::{fetch::PullError, Fetcher};
use crate::ApiError; use crate::ApiError;
@ -120,8 +120,10 @@ where
.next().ok_or(ApiError::bad_request())? .next().ok_or(ApiError::bad_request())?
.to_string(); .to_string();
let user = ctx.fetch_user(&user_id, ctx.db()).await?; match ctx.fetch_user(&user_id, ctx.db()).await {
Err(PullError::Database(x)) => return Err(PullError::Database(x).into()),
Err(_) => tracing::debug!("could not fetch {user_id} to verify signature"),
Ok(user) => {
let valid = http_signature let valid = http_signature
.build_from_parts(parts) .build_from_parts(parts)
.verify(&user.public_key)?; .verify(&user.public_key)?;
@ -135,6 +137,9 @@ where
.await? .await?
.ok_or_else(ApiError::internal_server_error)?; // user but not their domain??? .ok_or_else(ApiError::internal_server_error)?; // user but not their domain???
identity = Identity::Remote { user: user.id, domain: user.domain, internal }; identity = Identity::Remote { user: user.id, domain: user.domain, internal };
},
}
} }
Ok(AuthIdentity(identity)) Ok(AuthIdentity(identity))