Merge branch 'ap-fixes' into 'main'

Draft: fix(activitypub): reject unsigned or badly signed activity with correct http error code

Closes #1377

See merge request framasoft/mobilizon!1491

lib/web/controllers/activity_pub_controller.ex

@@ -161,9 +161,15 @@ defmodule Mobilizon.Web.ActivityPubController do
       )
 
       Logger.debug(inspect(conn.req_headers))
-    end
 
-    json(conn, "error")
+      conn
+      |> put_status(:forbidden)
+      |> json("ActivityPub signature could not be checked")
+    else
+      conn
+      |> put_status(:unauthorized)
+      |> json("ActivityPub signature could not be found")
+    end
   end
 
   def relay(conn, _params) do