diff --git a/packages/backend/src/core/activitypub/ApDbResolverService.ts b/packages/backend/src/core/activitypub/ApDbResolverService.ts index 4209c6b3e3..8c97cc8ce8 100644 --- a/packages/backend/src/core/activitypub/ApDbResolverService.ts +++ b/packages/backend/src/core/activitypub/ApDbResolverService.ts @@ -176,10 +176,17 @@ export class ApDbResolverService implements OnApplicationShutdown { */ @bindThis public async refetchPublicKeyForApId(user: MiRemoteUser): Promise { - this.apLoggerService.logger.info('Re-fetching public key for user', { userId: user.id }); + this.apLoggerService.logger.debug('Re-fetching public key for user', { userId: user.id, uri: user.uri }); await this.apPersonService.updatePerson(user.uri); + const key = await this.userPublickeysRepository.findOneBy({ userId: user.id }); this.publicKeyByUserIdCache.set(user.id, key); + + if (key) { + this.apLoggerService.logger.info('Re-fetched public key for user', { userId: user.id, uri: user.uri }); + } else { + this.apLoggerService.logger.warn('Failed to re-fetch key for user', { userId: user.id, uri: user.uri }); + } return key; } diff --git a/packages/backend/src/queue/processors/InboxProcessorService.ts b/packages/backend/src/queue/processors/InboxProcessorService.ts index 8c116f82b9..11b00bb683 100644 --- a/packages/backend/src/queue/processors/InboxProcessorService.ts +++ b/packages/backend/src/queue/processors/InboxProcessorService.ts @@ -118,6 +118,7 @@ export class InboxProcessorService implements OnApplicationShutdown { // HTTP-Signatureの検証 let httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem); + // maybe they changed their key? refetch it if (!httpSignatureValidated) { authUser.key = await this.apDbResolverService.refetchPublicKeyForApId(authUser.user); if (authUser.key != null) { diff --git a/packages/backend/src/server/ActivityPubServerService.ts b/packages/backend/src/server/ActivityPubServerService.ts index 8d52cf27e6..52592c47c6 100644 --- a/packages/backend/src/server/ActivityPubServerService.ts +++ b/packages/backend/src/server/ActivityPubServerService.ts @@ -205,15 +205,11 @@ export class ActivityPubServerService { let httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem); + // maybe they changed their key? refetch it if (!httpSignatureValidated) { - this.authlogger.info(`${logPrefix} failed to validate signature, re-fetching the key for ${authUser.user.uri}`); - // maybe they changed their key? refetch it authUser.key = await this.apDbResolverService.refetchPublicKeyForApId(authUser.user); - if (authUser.key != null) { httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem); - } else { - this.authlogger.warn(`${logPrefix} failed to re-fetch key for ${authUser.user}`); } }