From 7ada4dd49efc3607780f20ed25546e4223f2cb89 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Wed, 28 Feb 2024 23:44:21 +0300
Subject: ActivityPub: we are using RSA signatures

---
 src/main/java/com/juick/ActivityPubManager.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/main/java')

diff --git a/src/main/java/com/juick/ActivityPubManager.java b/src/main/java/com/juick/ActivityPubManager.java
index f4b87b05..e4087308 100644
--- a/src/main/java/com/juick/ActivityPubManager.java
+++ b/src/main/java/com/juick/ActivityPubManager.java
@@ -49,6 +49,7 @@ import org.springframework.core.convert.ConversionService;
 import org.springframework.http.MediaType;
 import org.springframework.web.util.UriComponents;
 import org.springframework.web.util.UriComponentsBuilder;
+import org.tomitribe.auth.signatures.Algorithm;
 import org.tomitribe.auth.signatures.MissingRequiredHeaderException;
 import org.tomitribe.auth.signatures.Signature;
 import org.tomitribe.auth.signatures.Verifier;
@@ -434,7 +435,7 @@ public class ActivityPubManager implements ActivityListener, NotificationListene
     public User verifyActor(String method, String path, Map<String, String> headers) {
         String signatureString = headers.get("signature");
         if (StringUtils.isNotEmpty(signatureString)) {
-            Signature signature = Signature.fromString(signatureString);
+            Signature signature = Signature.fromString(signatureString, Algorithm.RSA_SHA256);
             var keyId = UriComponentsBuilder.fromUriString(signature.getKeyId()).fragment(null).build().toUri();
             var user = activityPubService.getUserByAccountUri(keyId.toASCIIString());
             Key key = null;
-- 
cgit v1.2.3