Double-bang requests with rfc9421 and cavage after on error

activitypub/import.go

@@ -415,14 +415,29 @@ func ImportRemoteAccountByAPUrl(apUrl string) (*models.User, error) {
 		return nil, other.Error("activitypub", "failed to get server actor", err)
 	}
 	var response *http.Response
-	response, err = webshared.RequestSignedCavage("GET", apUrl, nil, linstromActor)
+	// Try a rfc9421 based signature first for the request, if it fails, fall back to cavage
+	// Reason: Implementations should be switching over from cavage to the final implementation
+	// (rfc9421) slowly, but might not support the latter. Double-knocking will work
+	// around this
+	response, err = webshared.RequestSignedRFC9421("GET", apUrl, nil, linstromActor)
 	if err != nil {
-		return nil, other.Error("activitypub", "failed to complete cavage signed request", err)
+		return nil, other.Error("activitypub", "failed to complete rfc9421 signed request", err)
 	}
-	defer response.Body.Close()
 	body, _ := io.ReadAll(response.Body)
+	response.Body.Close()
 	if response.StatusCode != 200 {
-		return nil, fmt.Errorf("activitypub: invalid status code: %v", response.StatusCode)
+		log.Debug().
+			Int("status-code", response.StatusCode).
+			Msg("RFC9421 signed request failed, trying cavage signature")
+		response, err = webshared.RequestSignedCavage("GET", apUrl, nil, linstromActor)
+		if err != nil {
+			return nil, other.Error("activitypub", "failed to complete cavage signed request", err)
+		}
+		body, _ = io.ReadAll(response.Body)
+		response.Body.Close()
+		if response.StatusCode != 200 {
+			return nil, fmt.Errorf("activitypub: invalid status code: %v", response.StatusCode)
+		}
 	}
 	var data inboundImportUser
 	err = json.Unmarshal(body, &data)