fix public key re-fetch logic

packages/backend/src/queue/processors/InboxProcessorService.ts

@@ -118,19 +118,15 @@ export class InboxProcessorService implements OnApplicationShutdown {
 		// HTTP-Signatureの検証
 		let httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
 
-		// また、signatureのsignerは、activity.actorと一致する必要がある
-		if (!httpSignatureValidated || authUser.user.uri !== activity.actor) {
-			let renewKeyFailed = true;
-
-			if (!httpSignatureValidated) {
-				authUser.key = await this.apDbResolverService.refetchPublicKeyForApId(authUser.user);
-
-				if (authUser.key != null) {
-					httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
-					renewKeyFailed = false;
-				}
+		if (!httpSignatureValidated) {
+			authUser.key = await this.apDbResolverService.refetchPublicKeyForApId(authUser.user);
+			if (authUser.key != null) {
+				httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
 			}
+		}
 
+		// また、signatureのsignerは、activity.actorと一致する必要がある
+		if (!httpSignatureValidated || authUser.user.uri !== getApId(activity.actor)) {
 			// 一致しなくても、でもLD-Signatureがありそうならそっちも見る
 			const ldSignature = activity.signature;
 			if (ldSignature) {