chinwagsocial/app/controllers/concerns
ThibG 28b482874a Improvements to signature verification (#9667)
* Refactor signature verification a bit

* Rescue signature verification if recorded public key is invalid

Fixes #8822

* Always re-fetch AP signing key when HTTP Signature verification fails

But when the account is not marked as stale, avoid fetching collections and
media, and avoid webfinger round-trip.

* Apply stoplight to key/account update as well as initial key retrieval
2019-01-07 21:45:13 +01:00
..
account_controller_concern.rb
accountable_concern.rb
authorization.rb
export_controller_concern.rb
localized.rb
obfuscate_filename.rb
rate_limit_headers.rb
session_tracking_concern.rb
signature_authentication.rb Allow retrieval of private statuses (single or in outbox) using HTTP signatures (#6225) 2018-02-02 10:19:59 +01:00
signature_verification.rb Improvements to signature verification (#9667) 2019-01-07 21:45:13 +01:00
user_tracking_concern.rb