activitypub: warn instead of error

This commit is contained in:
oliverpool 2024-03-19 16:10:20 +01:00
parent e7abda6a0d
commit 7b576d0a5d
2 changed files with 4 additions and 2 deletions

View file

@ -14,6 +14,7 @@ import (
"code.gitea.io/gitea/modules/activitypub" "code.gitea.io/gitea/modules/activitypub"
"code.gitea.io/gitea/modules/httplib" "code.gitea.io/gitea/modules/httplib"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
gitea_context "code.gitea.io/gitea/services/context" gitea_context "code.gitea.io/gitea/services/context"
@ -89,7 +90,8 @@ func verifyHTTPSignatures(ctx *gitea_context.APIContext) (authenticated bool, er
func ReqHTTPSignature() func(ctx *gitea_context.APIContext) { func ReqHTTPSignature() func(ctx *gitea_context.APIContext) {
return func(ctx *gitea_context.APIContext) { return func(ctx *gitea_context.APIContext) {
if authenticated, err := verifyHTTPSignatures(ctx); err != nil { if authenticated, err := verifyHTTPSignatures(ctx); err != nil {
ctx.ServerError("verifyHttpSignatures", err) log.Warn("verifyHttpSignatures failed: %v", err)
ctx.Error(http.StatusBadRequest, "reqSignature", "request signature verification failed")
} else if !authenticated { } else if !authenticated {
ctx.Error(http.StatusForbidden, "reqSignature", "request signature verification failed") ctx.Error(http.StatusForbidden, "reqSignature", "request signature verification failed")
} }

View file

@ -108,6 +108,6 @@ func TestActivityPubPersonInbox(t *testing.T) {
// Unsigned request fails // Unsigned request fails
req := NewRequest(t, "POST", user2inboxurl) req := NewRequest(t, "POST", user2inboxurl)
MakeRequest(t, req, http.StatusInternalServerError) MakeRequest(t, req, http.StatusBadRequest)
}) })
} }