From 0956dcadd36331a532e2e8c358ec8bdaf4a7967d Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Mon, 4 Sep 2017 22:30:55 -0700
Subject: [PATCH] some more prep work for Zot VI - some of this will need to be
 undone or at least re-arranged later but we need to bootstrap a test
 environment.

---
 Zotlabs/Web/HTTPSig.php | 13 ++++++++++---
 Zotlabs/Zot/Finger.php  |  5 +++--
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/Zotlabs/Web/HTTPSig.php b/Zotlabs/Web/HTTPSig.php
index e9e262125..2b139a2a1 100644
--- a/Zotlabs/Web/HTTPSig.php
+++ b/Zotlabs/Web/HTTPSig.php
@@ -126,9 +126,16 @@ class HTTPSig {
 
 	function get_activitypub_key($id) {
 
-		$x = q("select xchan_pubkey from xchan where xchan_hash = '%s' and xchan_network = 'activitypub' ",
-			dbesc($id)
-		);
+		if(strpos($id,'acct:') === 0) {
+			$x = q("select xchan_pubkey from xchan left join hubloc on xchan_hash = hubloc_hash where hubloc_addr = '%s' limit 1",
+				dbesc(str_replace('acct:','',$id))
+			);
+		}
+		else {
+			$x = q("select xchan_pubkey from xchan where xchan_hash = '%s' and xchan_network = 'activitypub' ",
+				dbesc($id)
+			);
+		}
 
 		if($x && $x[0]['xchan_pubkey']) {
 			return ($x[0]['xchan_pubkey']);
diff --git a/Zotlabs/Zot/Finger.php b/Zotlabs/Zot/Finger.php
index 865e78517..e205b136f 100644
--- a/Zotlabs/Zot/Finger.php
+++ b/Zotlabs/Zot/Finger.php
@@ -120,9 +120,10 @@ class Finger {
 			return $ret;
 		}
 
-		$verify = \Zotlabs\Web\HTTPSig::verify($result);
-		
 		$x = json_decode($result['body'], true);
+
+		$verify = \Zotlabs\Web\HTTPSig::verify($result,(($x) ? $x['key'] : '');
+		
 		if($x && (! $verify['header_valid'])) {
 			$signed_token = ((is_array($x) && array_key_exists('signed_token', $x)) ? $x['signed_token'] : null);
 			if($signed_token) {