def has_valid_signature(request, activity): """verify incoming signature""" try: signature = Signature.parse(request) key_actor = urldefrag(signature.key_id).url if key_actor != activity.get("actor"): raise ValueError("Wrong actor created signature.") remote_user = activitypub.resolve_remote_id(key_actor, model=models.User) if not remote_user: return False try: signature.verify(remote_user.key_pair.public_key, request) except ValueError: old_key = remote_user.key_pair.public_key remote_user = activitypub.resolve_remote_id( remote_user.remote_id, model=models.User, refresh=True ) if remote_user.key_pair.public_key == old_key: raise # Key unchanged. signature.verify(remote_user.key_pair.public_key, request) except (ValueError, requests.exceptions.HTTPError): return False return True
def has_valid_signature(request, activity): ''' verify incoming signature ''' try: signature = Signature.parse(request) key_actor = urldefrag(signature.key_id).url if key_actor != activity.get('actor'): raise ValueError("Wrong actor created signature.") remote_user = get_or_create_remote_user(key_actor) try: signature.verify(remote_user.public_key, request) except ValueError: old_key = remote_user.public_key refresh_remote_user(remote_user) if remote_user.public_key == old_key: raise # Key unchanged. signature.verify(remote_user.public_key, request) except (ValueError, requests.exceptions.HTTPError): return False return True