Don't ensureProfile before we verify signature

diff --git a/plugins/OStatus/lib/salmonaction.php b/plugins/OStatus/lib/salmonaction.php
index e217fd5a002780cb913bde399ce427d501a9d41d..b0365d161dcd7cfae9c3daf37010a6a613e441d7 100644 (file)
--- a/plugins/OStatus/lib/salmonaction.php
+++ b/plugins/OStatus/lib/salmonaction.php
@@ -49,14 +49,15 @@ class SalmonAction extends Action
 
             $entry = $magic_env->getPayload();  // Not cryptographically verified yet!
             $this->activity = new Activity($entry->documentElement);
-            $oprofile = $this->ensureProfile();
+            $profile = Profile::fromUri($this->activity->actor->id);
+            assert($profile instanceof Profile);
         } catch (Exception $e) {
             common_debug('Salmon envelope parsing failed with: '.$e->getMessage());
             $this->clientError($e->getMessage());
         }
 
         // Cryptographic verification test
-        if (!$magic_env->verify($oprofile->localProfile())) {
+        if (!$magic_env->verify($profile)) {
             common_log(LOG_DEBUG, "Salmon signature verification failed.");
             // TRANS: Client error.
             $this->clientError(_m('Salmon signature verification failed.'));