HTTP signatures spec no longer requires algorithms field (#7525)

Fix #7520
2018-05-17 04:03:28 +02:00
parent 6bed372ad2
commit dfb6907e08
1 changed files with 1 additions and 3 deletions
--- a/app/controllers/concerns/signature_verification.rb
+++ b/app/controllers/concerns/signature_verification.rb
@ -107,9 +107,7 @@ module SignatureVerification

  def incompatible_signature?(signature_params)
    signature_params['keyId'].blank? ||
-      signature_params['signature'].blank? ||
-      signature_params['algorithm'].blank? ||
-      signature_params['algorithm'] != 'rsa-sha256'
+      signature_params['signature'].blank?
  end

  def account_from_key_id(key_id)