willdot.net / distributed-pds
forked from willdot.net/cocoon
A fork of the Cocoon PDS but being made more distributed.
0
Fork 0

Configure Feed

Select the types of activity you want to include in your feed.

fix: prevent nil pointer crash in ES256K token verification (#49)

author
Scan committer
GitHub date (Jan 2, 2026, 1:52 PM -0800) commit 05a3665a parent 109c855e
+15
+15
server/middleware.go
··· 123 123 rr, _ := secp256k1.NewScalarFromBytes((*[32]byte)(rBytes)) 124 124 ss, _ := secp256k1.NewScalarFromBytes((*[32]byte)(sBytes)) 125 125 126 + if repo == nil { 127 + sub, ok := claims["sub"].(string) 128 + if !ok { 129 + s.logger.Error("no sub claim in ES256K token and repo not set") 130 + return helpers.InvalidTokenError(e) 131 + } 132 + maybeRepo, err := s.getRepoActorByDid(ctx, sub) 133 + if err != nil { 134 + s.logger.Error("error fetching repo for ES256K verification", "error", err) 135 + return helpers.ServerError(e, nil) 136 + } 137 + repo = maybeRepo 138 + did = sub 139 + } 140 + 126 141 sk, err := secp256k1secec.NewPrivateKey(repo.SigningKey) 127 142 if err != nil { 128 143 s.logger.Error("can't load private key", "error", err)