akkounts/app/controllers/web_key_directory_controller.rb

class WebKeyDirectoryController < WellKnownController
  before_action :allow_cross_origin_requests, only: [ :show ]

  # /.well-known/openpgpkey/hu/:hashed_username(.txt)
  def show
    @user = User.find_by(cn: params[:l])

    if @user.nil? ||
       @user.pgp_pubkey.empty? ||
       !@user.pgp_pubkey_contains_user_address?
      http_status :not_found and return
    end

    if params[:hashed_username] != @user.wkd_hash
      http_status :unprocessable_entity and return
    end

    respond_to do |format|
      format.text do
        response.headers['Content-Type'] = 'text/plain'
        render plain: @user.pgp_pubkey
      end

      format.any do
        key = @user.gnupg_key.export
        send_data key, filename: "#{@user.wkd_hash}.pem",
                       type: "application/octet-stream"
      end
    end
  end

  private

end