From 111e5d569c94bc8f182a7b944da1272943b1da33 Mon Sep 17 00:00:00 2001
From: Akihiko Odaki <nekomanma@pixiv.co.jp>
Date: Mon, 2 Apr 2018 00:36:36 +0900
Subject: [PATCH] Make inbox signature verification compatible with Mastodon

---
 src/server/activitypub/inbox.ts | 24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/src/server/activitypub/inbox.ts b/src/server/activitypub/inbox.ts
index 915129748..6d092e66b 100644
--- a/src/server/activitypub/inbox.ts
+++ b/src/server/activitypub/inbox.ts
@@ -11,16 +11,32 @@ app.use(bodyParser.json());
 app.post('/@:user/inbox', async (req, res) => {
 	let parsed;
 
+	req.headers.authorization = 'Signature ' + req.headers.signature;
+
 	try {
 		parsed = parseRequest(req);
 	} catch (exception) {
 		return res.sendStatus(401);
 	}
 
-	const user = await User.findOne({
-		host: { $ne: null },
-		'account.publicKey.id': parsed.keyId
-	});
+	const keyIdLower = parsed.keyId.toLowerCase();
+	let query;
+
+	if (keyIdLower.startsWith('acct:')) {
+		const { username, host } = parseAcct(keyIdLower.slice('acct:'.length));
+		if (host === null) {
+			return res.sendStatus(401);
+		}
+
+		query = { usernameLower: username, hostLower: host };
+	} else {
+		query = {
+			host: { $ne: null },
+			'account.publicKey.id': parsed.keyId
+		};
+	}
+
+	const user = await User.findOne(query);
 
 	if (user === null) {
 		return res.sendStatus(401);