- base64 = Base.url_encode64(url, @base64_opts)
- sig = :crypto.hmac(:sha, @base64_key, base64)
+ secret = Application.get_env(:pleroma, Pleroma.Web.Endpoint)[:secret_key_base]
+
+ # The URL is url-decoded and encoded again to ensure it is correctly encoded and not twice.
+ base64 =
+ url
+ |> URI.decode()
+ |> URI.encode()
+ |> Base.url_encode64(@base64_opts)
+
+ sig = :crypto.hmac(:sha, secret, base64)