diff --git a/routers/api/v1/activitypub/reqsignature.go b/routers/api/v1/activitypub/reqsignature.go index 59ebc74b8..6003f664a 100644 --- a/routers/api/v1/activitypub/reqsignature.go +++ b/routers/api/v1/activitypub/reqsignature.go @@ -14,6 +14,7 @@ import ( "code.gitea.io/gitea/modules/activitypub" "code.gitea.io/gitea/modules/httplib" + "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" gitea_context "code.gitea.io/gitea/services/context" @@ -89,7 +90,8 @@ func verifyHTTPSignatures(ctx *gitea_context.APIContext) (authenticated bool, er func ReqHTTPSignature() func(ctx *gitea_context.APIContext) { return func(ctx *gitea_context.APIContext) { if authenticated, err := verifyHTTPSignatures(ctx); err != nil { - ctx.ServerError("verifyHttpSignatures", err) + log.Warn("verifyHttpSignatures failed: %v", err) + ctx.Error(http.StatusBadRequest, "reqSignature", "request signature verification failed") } else if !authenticated { ctx.Error(http.StatusForbidden, "reqSignature", "request signature verification failed") } diff --git a/tests/integration/api_activitypub_person_test.go b/tests/integration/api_activitypub_person_test.go index 42a2a0907..eb00d6031 100644 --- a/tests/integration/api_activitypub_person_test.go +++ b/tests/integration/api_activitypub_person_test.go @@ -108,6 +108,6 @@ func TestActivityPubPersonInbox(t *testing.T) { // Unsigned request fails req := NewRequest(t, "POST", user2inboxurl) - MakeRequest(t, req, http.StatusInternalServerError) + MakeRequest(t, req, http.StatusBadRequest) }) }