on signature check fail, update public key

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>

1 files changed, 16 insertions, 8 deletions

diff --git a/lib/Service/SignatureService.php b/lib/Service/SignatureService.php
index 2b693b1b..4e328ec1 100644
--- a/lib/Service/SignatureService.php
+++ b/lib/Service/SignatureService.php
@@ -214,13 +214,19 @@ class SignatureService {
 			$signature = new LinkedDataSignature();
 			$signature->import(json_decode($object->getSource(), true));
 			$signature->setPublicKey($this->retrieveKey($actorId));
-			if ($signature->verify()) {
-				$object->setOrigin(
-					$this->getKeyOrigin($actorId), SignatureService::ORIGIN_SIGNATURE
-				);
+			if (!$signature->verify()) {
+				$signature->setPublicKey($this->retrieveKey($actorId, true));
+			}
 
-				return true;
+			if (!$signature->verify()) {
+				return false;
 			}
+
+			$object->setOrigin(
+				$this->getKeyOrigin($actorId), SignatureService::ORIGIN_SIGNATURE
+			);
+
+			return true;
 		} catch (LinkedDataSignatureMissingException $e) {
 		}
 
@@ -345,7 +351,9 @@ class SignatureService {
 
 
 	/**
-	 * @param $keyId
+	 * @param string $keyId
+	 *
+	 * @param bool $refresh
 	 *
 	 * @return string
 	 * @throws InvalidOriginException
@@ -359,8 +367,8 @@ class SignatureService {
 	 * @throws SocialAppConfigException
 	 * @throws ItemUnknownException
 	 */
-	private function retrieveKey($keyId): string {
-		$actor = $this->cacheActorService->getFromId($keyId);
+	private function retrieveKey(string $keyId, bool $refresh = false): string {
+		$actor = $this->cacheActorService->getFromId($keyId, $refresh);
 
 		return $actor->getPublicKey();
 	}