fix(server): previously, user agent auth accepted invalid signatures

server/crates/arbiter-server/src/actors/user_agent/auth/state.rs

@@ -10,7 +10,9 @@ use crate::{
         bootstrap::ConsumeToken,
         keyholder::{self, SignIntegrityTag},
         user_agent::{AuthPublicKey, UserAgentConnection, auth::Outbound},
-    }, crypto::integrity::v1::USERAGENT_INTEGRITY_TAG, db::schema
+    },
+    crypto::integrity::v1::USERAGENT_INTEGRITY_TAG,
+    db::schema,
 };
 
 #[derive(Debug, Clone, Copy, PartialEq, Eq)]
@@ -244,14 +246,22 @@ where
             }
         };
 
-        if valid {
+        match valid {
-            self.transport
+            true => {
-                .send(Ok(Outbound::AuthSuccess))
+                self.transport
-                .await
+                    .send(Ok(Outbound::AuthSuccess))
-                .map_err(|_| Error::Transport)?;
+                    .await
+                    .map_err(|_| Error::Transport)?;
+                Ok(key.clone())
+            }
+            false => {
+                self.transport
+                    .send(Err(Error::InvalidChallengeSolution))
+                    .await
+                    .map_err(|_| Error::Transport)?;
+                Err(Error::InvalidChallengeSolution)
+            }
         }
-
-        Ok(key.clone())
     }
 }