mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2024-05-31 22:58:32 +00:00
improved PostInboxScheme() error handling / logging in case of failed auth
This commit is contained in:
parent
65b5366031
commit
b55e4fd4bc
|
@ -81,7 +81,14 @@ func (f *federatingActor) PostInboxScheme(ctx context.Context, w http.ResponseWr
|
|||
|
||||
// Authenticate request by checking http signature.
|
||||
ctx, authenticated, err := f.sideEffectActor.AuthenticatePostInbox(ctx, w, r)
|
||||
if err != nil {
|
||||
if errors.As(err, new(gtserror.WithCode)) {
|
||||
// If it was already wrapped with an
|
||||
// HTTP code then don't bother rewrapping
|
||||
// it, just return it as-is for caller to
|
||||
// handle. AuthenticatePostInbox already
|
||||
// calls WriteHeader() in some situations.
|
||||
return false, err
|
||||
} else if err != nil {
|
||||
err := gtserror.Newf("error authenticating post inbox: %w", err)
|
||||
return false, gtserror.NewErrorInternalError(err)
|
||||
}
|
||||
|
|
|
@ -216,7 +216,6 @@ func (f *Federator) AuthenticatePostInbox(ctx context.Context, w http.ResponseWr
|
|||
// If codes 400, 401, or 403, obey the go-fed
|
||||
// interface by writing the header and bailing.
|
||||
w.WriteHeader(errWithCode.Code())
|
||||
return ctx, false, nil
|
||||
case http.StatusGone:
|
||||
// If the requesting account's key has gone
|
||||
// (410) then likely inbox post was a delete.
|
||||
|
@ -225,11 +224,11 @@ func (f *Federator) AuthenticatePostInbox(ctx context.Context, w http.ResponseWr
|
|||
// know about the account anyway, so we can't
|
||||
// do any further processing.
|
||||
w.WriteHeader(http.StatusAccepted)
|
||||
return ctx, false, nil
|
||||
default:
|
||||
// Proper error.
|
||||
return ctx, false, err
|
||||
}
|
||||
|
||||
// We still return the error
|
||||
// for later request logging.
|
||||
return ctx, false, err
|
||||
}
|
||||
|
||||
if pubKeyAuth.Handshaking {
|
||||
|
|
Loading…
Reference in a new issue