lib/pleroma/user/signing_key.ex

@@ -2,6 +2,7 @@ defmodule Pleroma.User.SigningKey do
   use Ecto.Schema
   import Ecto.Query
   import Ecto.Changeset
+  require Pleroma.Constants
   alias Pleroma.User
   alias Pleroma.Repo
 
@@ -185,7 +186,6 @@ def get_or_fetch_by_key_id(key_id) do
   """
   def fetch_remote_key(key_id) do
     Logger.debug("Fetching remote key: #{key_id}")
-    # we should probably sign this, just in case
     resp = Pleroma.Object.Fetcher.fetch_and_contain_remote_object_from_id(key_id)
 
     case resp do
@@ -228,7 +228,20 @@ defp extract_key_details(%{"id" => ap_id, "publicKey" => public_key}) do
 
   defp handle_signature_response({:ok, body}) do
     case body do
-      %{"id" => _user_id, "publicKey" => _public_key} ->
+      %{
+        "type" => "CryptographicKey",
+        "publicKeyPem" => public_key_pem,
+        "owner" => ap_id
+      } ->
+        {:ok, ap_id, public_key_pem}
+
+      # for when we get a subset of the user object
+      %{
+        "id" => _user_id,
+        "publicKey" => _public_key,
+        "type" => actor_type
+      }
+      when actor_type in Pleroma.Constants.actor_types() ->
         extract_key_details(body)
 
       %{"error" => error} ->

priv/repo/migrations/20240625220752_move_signing_keys.exs

@@ -23,7 +23,7 @@ def up do
         key = %User.SigningKey{
           user_id: user_id,
           public_key: public_key,
-	  key_id: "#{ap_id}#main-key",
+          key_id: "#{ap_id}#main-key",
           private_key: private_key
         }