From fcd5447cd444031d1f25e9392cf4ef66a293bcf5 Mon Sep 17 00:00:00 2001
From: Opliko <opliko.reg@protonmail.com>
Date: Tue, 9 Apr 2024 19:27:35 +0200
Subject: [PATCH] feat: sign public key requests

Lack of this signature resulted in ironically failing the verification of signed requests from Mastodon instanced configured to require signed get...
---
 src/activitypub/index.js | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/src/activitypub/index.js b/src/activitypub/index.js
index 098dff0eb7..6189bc575a 100644
--- a/src/activitypub/index.js
+++ b/src/activitypub/index.js
@@ -106,13 +106,9 @@ ActivityPub.getPrivateKey = async (type, id) => {
 
 ActivityPub.fetchPublicKey = async (uri) => {
 	// Used for retrieving the public key from the passed-in keyId uri
-	const { response, body } = await request.get(uri, {
-		headers: {
-			Accept: 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"',
-		},
-	});
+	const body = await ActivityPub.get('uid', 0, uri);
 
-	if (!String(response.statusCode).startsWith('2') || !body.hasOwnProperty('publicKey')) {
+	if (!body.hasOwnProperty('publicKey')) {
 		throw new Error('[[error:activitypub.pubKey-not-found]]');
 	}