@Gargron following your blogpost, I tried to send you a message but I get a 401 message without any error in the body (!). You can see the logs here: https://gist.github.com/vasilakisfil/58681028f7c7daedd30246cf676682a9 Any ideas ? I created the signature as you said.
@vasilakisfil Is it possible that there was a response body, but it wasn't reflected in the log? Because the signature verification on mastodon is built to always include a reason why the signature failed
@vasilakisfil I can tell you that the key and actor resolve fine (just tested), so it must be specifically a signature problem...
@Gargron I get no body in the response, and I confirm that because if I change a bit the signature I get a body that tells me that I have wrong signature. It's very weird indeed because I also checked the signed_request_account method and it always returns something to show to the user in case of an error. I think I ll deploy an instance to debug and I ll let you know. Thanks!
@Gargron your blogpost is very helpful, hadn't been that it would be very difficult to figure out all these things from AP spec and Mastodon docs/code.
The original server operated by the Mastodon gGmbH non-profit