mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-11-01 09:32:24 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

[chore] Return more useful errors from auth failure (#494)

Browse source 
* try rsa_sha256 sig algo first

* return more informative errors from auth

* adapt to reworked auth function
This commit is contained in:
tobi 2022-04-26 18:10:11 +02:00 committed by GitHub
commit 9cf66bf298
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 92 additions and 65 deletions
Download patch file Download diff file Expand all files Collapse all files

11
internal/processing/federation/getuser.go
View file

@ -20,7 +20,6 @@ package federation
import (
"context"
"errors"
"fmt"
"net/url"
@ -46,13 +45,9 @@ func (p *processor) GetUser(ctx context.Context, requestedUsername string, reque
}
} else {
// if it's any other path, we want to fully authenticate the request before we serve any data, and then we can serve a more complete profile
requestingAccountURI, authenticated, err := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
if err != nil {
return nil, gtserror.NewErrorNotAuthorized(err, "not authorized")
}
if !authenticated {
return nil, gtserror.NewErrorNotAuthorized(errors.New("not authorized"), "not authorized")
requestingAccountURI, errWithCode := p.federator.AuthenticateFederatedRequest(ctx, requestedUsername)
if errWithCode != nil {
return nil, errWithCode
}
// if we're not already handshaking/dereferencing a remote account, dereference it now