From d93e4f091b2ad69f6c2ad7af141ddee2e72bebe7 Mon Sep 17 00:00:00 2001 From: alemi Date: Thu, 6 Jun 2024 21:04:04 +0200 Subject: [PATCH] fix: http signatures errors are 500, not 401 if user provides an http signature and we fail to verify, bail out! if our db didn't give us the local user its unlikely that we will be able to serve anything anyway, just give up --- upub/routes/src/auth.rs | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/upub/routes/src/auth.rs b/upub/routes/src/auth.rs index 2a0fa3f9..5fa7782d 100644 --- a/upub/routes/src/auth.rs +++ b/upub/routes/src/auth.rs @@ -120,22 +120,21 @@ where .next().ok_or(ApiError::bad_request())? .to_string(); - match ctx.fetch_user(&user_id, ctx.db()).await { - Err(e) => tracing::warn!("failed resolving http signature actor: {e}"), - Ok(user) => match http_signature - .build_from_parts(parts) - .verify(&user.public_key) - { - Ok(true) => { - let internal = upub::model::instance::Entity::domain_to_internal(&user.domain, ctx.db()) - .await? - .ok_or_else(ApiError::internal_server_error)?; // user but not their domain??? - identity = Identity::Remote { user: user.id, domain: user.domain, internal }; - }, - Ok(false) => tracing::warn!("invalid signature: {http_signature:?}"), - Err(e) => tracing::error!("error verifying signature: {e}"), - }, + let user = ctx.fetch_user(&user_id, ctx.db()).await?; + + let valid = http_signature + .build_from_parts(parts) + .verify(&user.public_key)?; + + if !valid { + tracing::warn!("refusing mismatching http signature"); + return Err(ApiError::unauthorized()); } + + let internal = upub::model::instance::Entity::domain_to_internal(&user.domain, ctx.db()) + .await? + .ok_or_else(ApiError::internal_server_error)?; // user but not their domain??? + identity = Identity::Remote { user: user.id, domain: user.domain, internal }; } Ok(AuthIdentity(identity))