aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/server/api
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/juick/server/api')
-rw-r--r--src/main/java/com/juick/server/api/activity/Profile.java5
1 files changed, 3 insertions, 2 deletions
diff --git a/src/main/java/com/juick/server/api/activity/Profile.java b/src/main/java/com/juick/server/api/activity/Profile.java
index 305b7c4a2..2614cded1 100644
--- a/src/main/java/com/juick/server/api/activity/Profile.java
+++ b/src/main/java/com/juick/server/api/activity/Profile.java
@@ -268,9 +268,10 @@ public class Profile {
headers.put("content-type", contentType);
headers.put("user-agent", userAgent);
headers.put("accept-encoding", acceptEncoding);
- boolean valid = signatureManager.verifySignature(signature, URI.create(activity.getActor()), "POST",
+ headers.put("signature", signature);
+ User signedUser = signatureManager.verifySignature( "POST",
componentsBuilder.getPath(), headers);
- if (valid) {
+ if ((StringUtils.isNotEmpty(signedUser.getUri().toString()) && signedUser.getUri().equals(URI.create(activity.getActor()))) || !signedUser.isAnonymous()) {
if (activity instanceof Follow) {
Follow followRequest = (Follow) activity;
String actor = followRequest.getActor();