Add more specific error messages to HTTP signature verification (#21617)

* Return specific error on failure to parse Date header * Add error message when preferredUsername is not set * Change error report to be JSON and include more details * Change error report to differentiate unknown account and failed refresh * Add tests
2023-01-18 16:47:56 +01:00
parent 30e895299c
commit 68dcbcb7bf
3 changed files with 109 additions and 15 deletions
--- a/app/services/activitypub/fetch_remote_actor_service.rb
+++ b/app/services/activitypub/fetch_remote_actor_service.rb
@ -28,6 +28,7 @@ class ActivityPub::FetchRemoteActorService < BaseService
    raise Error, "Unsupported JSON-LD context for document #{uri}" unless supported_context?
    raise Error, "Unexpected object type for actor #{uri} (expected any of: #{SUPPORTED_TYPES})" unless expected_type?
    raise Error, "Actor #{uri} has moved to #{@json['movedTo']}" if break_on_redirect && @json['movedTo'].present?
+    raise Error, "Actor #{uri} has no 'preferredUsername', which is a requirement for Mastodon compatibility" unless @json['preferredUsername'].present?

    @uri      = @json['id']
    @username = @json['preferredUsername']