Improve error reporting during signature verification
This commit is contained in:
parent
20026bd819
commit
f716a61d0e
1 changed files with 11 additions and 13 deletions
|
@ -25,8 +25,11 @@ pub enum VerificationError {
|
||||||
#[error("invalid key ID")]
|
#[error("invalid key ID")]
|
||||||
UrlError(#[from] url::ParseError),
|
UrlError(#[from] url::ParseError),
|
||||||
|
|
||||||
#[error("actor error")]
|
#[error("database error")]
|
||||||
ActorError,
|
DatabaseError(#[from] DatabaseError),
|
||||||
|
|
||||||
|
#[error("{0}")]
|
||||||
|
ActorError(String),
|
||||||
|
|
||||||
#[error("invalid key")]
|
#[error("invalid key")]
|
||||||
InvalidKey(#[from] rsa::pkcs8::Error),
|
InvalidKey(#[from] rsa::pkcs8::Error),
|
||||||
|
@ -116,8 +119,7 @@ pub async fn verify_http_signature(
|
||||||
request.headers(),
|
request.headers(),
|
||||||
)?;
|
)?;
|
||||||
|
|
||||||
let db_client = &**get_database_client(db_pool).await
|
let db_client = &**get_database_client(db_pool).await?;
|
||||||
.map_err(|_| VerificationError::ActorError)?;
|
|
||||||
let actor_profile = match get_profile_by_actor_id(db_client, &signature_data.actor_id).await {
|
let actor_profile = match get_profile_by_actor_id(db_client, &signature_data.actor_id).await {
|
||||||
Ok(profile) => profile,
|
Ok(profile) => profile,
|
||||||
Err(err) => match err {
|
Err(err) => match err {
|
||||||
|
@ -127,22 +129,18 @@ pub async fn verify_http_signature(
|
||||||
&signature_data.actor_id,
|
&signature_data.actor_id,
|
||||||
&config.media_dir(),
|
&config.media_dir(),
|
||||||
).await.map_err(|err| {
|
).await.map_err(|err| {
|
||||||
log::error!("{}", err);
|
VerificationError::ActorError(err.to_string())
|
||||||
VerificationError::ActorError
|
|
||||||
})?;
|
})?;
|
||||||
let profile = create_profile(
|
let profile = create_profile(db_client, &profile_data).await?;
|
||||||
db_client,
|
|
||||||
&profile_data,
|
|
||||||
).await.map_err(|_| VerificationError::ActorError)?;
|
|
||||||
profile
|
profile
|
||||||
},
|
},
|
||||||
_ => {
|
other_error => {
|
||||||
return Err(VerificationError::ActorError);
|
return Err(other_error.into());
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
let actor = actor_profile.remote_actor().ok().flatten()
|
let actor = actor_profile.remote_actor().ok().flatten()
|
||||||
.ok_or(VerificationError::ActorError)?;
|
.ok_or(VerificationError::ActorError("invalid profile".to_string()))?;
|
||||||
|
|
||||||
let public_key = deserialize_public_key(&actor.public_key.public_key_pem)?;
|
let public_key = deserialize_public_key(&actor.public_key.public_key_pem)?;
|
||||||
let is_valid_signature = verify_signature(
|
let is_valid_signature = verify_signature(
|
||||||
|
|
Loading…
Reference in a new issue