From d5e493383ab27d90b9875eec6926426cbdd54745 Mon Sep 17 00:00:00 2001
From: charliecen <cenhuqing@gmail.com>
Date: Wed, 22 Dec 2021 20:05:35 +0800
Subject: [PATCH] chose: cancel the assignment and judge later (#1359)

Co-authored-by: charliecen <chq@abierr.com>
---
 rest/internal/security/contentsecurity.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/rest/internal/security/contentsecurity.go b/rest/internal/security/contentsecurity.go
index 89710d7b..ec66f04c 100644
--- a/rest/internal/security/contentsecurity.go
+++ b/rest/internal/security/contentsecurity.go
@@ -119,7 +119,7 @@ func VerifySignature(r *http.Request, securityHeader *ContentSecurityHeader, tol
 	}, "\n")
 	actualSignature := codec.HmacBase64(securityHeader.Key, signContent)
 
-	passed := securityHeader.Signature == actualSignature
+	/*passed := securityHeader.Signature == actualSignature
 	if !passed {
 		logx.Infof("signature different, expect: %s, actual: %s",
 			securityHeader.Signature, actualSignature)
@@ -127,7 +127,12 @@ func VerifySignature(r *http.Request, securityHeader *ContentSecurityHeader, tol
 
 	if passed {
 		return httpx.CodeSignaturePass
+	}*/
+	if securityHeader.Signature == actualSignature {
+		return httpx.CodeSignaturePass
 	}
+	logx.Infof("signature different, expect: %s, actual: %s",
+		securityHeader.Signature, actualSignature)
 
 	return httpx.CodeSignatureInvalidToken
 }