From 7b576d0a5d9f3cae067ff81d6a942b66a4deac3d Mon Sep 17 00:00:00 2001 From: oliverpool Date: Tue, 19 Mar 2024 16:10:20 +0100 Subject: [PATCH] activitypub: warn instead of error --- routers/api/v1/activitypub/reqsignature.go | 4 +++- tests/integration/api_activitypub_person_test.go | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/routers/api/v1/activitypub/reqsignature.go b/routers/api/v1/activitypub/reqsignature.go index 59ebc74b89..6003f664a0 100644 --- a/routers/api/v1/activitypub/reqsignature.go +++ b/routers/api/v1/activitypub/reqsignature.go @@ -14,6 +14,7 @@ import ( "code.gitea.io/gitea/modules/activitypub" "code.gitea.io/gitea/modules/httplib" + "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" gitea_context "code.gitea.io/gitea/services/context" @@ -89,7 +90,8 @@ func verifyHTTPSignatures(ctx *gitea_context.APIContext) (authenticated bool, er func ReqHTTPSignature() func(ctx *gitea_context.APIContext) { return func(ctx *gitea_context.APIContext) { if authenticated, err := verifyHTTPSignatures(ctx); err != nil { - ctx.ServerError("verifyHttpSignatures", err) + log.Warn("verifyHttpSignatures failed: %v", err) + ctx.Error(http.StatusBadRequest, "reqSignature", "request signature verification failed") } else if !authenticated { ctx.Error(http.StatusForbidden, "reqSignature", "request signature verification failed") } diff --git a/tests/integration/api_activitypub_person_test.go b/tests/integration/api_activitypub_person_test.go index 42a2a09072..eb00d6031c 100644 --- a/tests/integration/api_activitypub_person_test.go +++ b/tests/integration/api_activitypub_person_test.go @@ -108,6 +108,6 @@ func TestActivityPubPersonInbox(t *testing.T) { // Unsigned request fails req := NewRequest(t, "POST", user2inboxurl) - MakeRequest(t, req, http.StatusInternalServerError) + MakeRequest(t, req, http.StatusBadRequest) }) }