smallstep-certificates/acme/authorization.go

package acme

import (
	"context"
	"encoding/json"
	"time"
)

// Authorization representst an ACME Authorization.
type Authorization struct {
	ID         string       `json:"-"`
	AccountID  string       `json:"-"`
	Token      string       `json:"-"`
	Identifier Identifier   `json:"identifier"`
	Status     Status       `json:"status"`
	Challenges []*Challenge `json:"challenges"`
	Wildcard   bool         `json:"wildcard"`
	ExpiresAt  time.Time    `json:"expires"`
	Error      *Error       `json:"error,omitempty"`
}

// ToLog enables response logging.
func (az *Authorization) ToLog() (interface{}, error) {
	b, err := json.Marshal(az)
	if err != nil {
		return nil, WrapErrorISE(err, "error marshaling authz for logging")
	}
	return string(b), nil
}

// UpdateStatus updates the ACME Authorization Status if necessary.
// Changes to the Authorization are saved using the database interface.
func (az *Authorization) UpdateStatus(ctx context.Context, db DB) error {
	now := clock.Now()

	switch az.Status {
	case StatusInvalid:
		return nil
	case StatusValid:
		return nil
	case StatusPending:
		// check expiry
		if now.After(az.ExpiresAt) {
			az.Status = StatusInvalid
			break
		}

		var isValid = false
		for _, ch := range az.Challenges {
			if ch.Status == StatusValid {
				isValid = true
				break
			}
		}

		if !isValid {
			return nil
		}
		az.Status = StatusValid
		az.Error = nil
	default:
		return NewErrorISE("unrecognized authorization status: %s", az.Status)
	}

	if err := db.UpdateAuthorization(ctx, az); err != nil {
		return WrapErrorISE(err, "error updating authorization")
	}
	return nil
}
[acme db interface] wip 2021-02-28 18:09:06 +00:00			`package acme`
[acme db interface] wip 2021-02-28 01:05:37 +00:00
			`import (`
			`"context"`
			`"encoding/json"`
			`"time"`
			`)`

			`// Authorization representst an ACME Authorization.`
			`type Authorization struct {`
PR review fixes / updates 2021-03-29 19:04:14 +00:00			ID string `json:"-"`
			AccountID string `json:"-"`
			Token string `json:"-"`
[acme db interface] wip 2021-03-04 21:18:41 +00:00			Identifier Identifier `json:"identifier"`
			Status Status `json:"status"`
			Challenges []*Challenge `json:"challenges"`
			Wildcard bool `json:"wildcard"`
PR review fixes / updates 2021-03-29 19:04:14 +00:00			ExpiresAt time.Time `json:"expires"`
[acme db interface] nosql authz unit tests 2021-03-19 21:37:45 +00:00			Error *Error `json:"error,omitempty"`
[acme db interface] wip 2021-02-28 01:05:37 +00:00			`}`

			`// ToLog enables response logging.`
			`func (az *Authorization) ToLog() (interface{}, error) {`
			`b, err := json.Marshal(az)`
			`if err != nil {`
[acme db interface] wip 2021-03-05 07:10:46 +00:00			`return nil, WrapErrorISE(err, "error marshaling authz for logging")`
[acme db interface] wip 2021-02-28 01:05:37 +00:00			`}`
			`return string(b), nil`
			`}`

			`// UpdateStatus updates the ACME Authorization Status if necessary.`
			`// Changes to the Authorization are saved using the database interface.`
			`func (az *Authorization) UpdateStatus(ctx context.Context, db DB) error {`
[acme db interface] wip 2021-03-05 07:10:46 +00:00			`now := clock.Now()`
[acme db interface] wip 2021-02-28 01:05:37 +00:00
			`switch az.Status {`
			`case StatusInvalid:`
			`return nil`
			`case StatusValid:`
			`return nil`
			`case StatusPending:`
			`// check expiry`
[acme db interface] unit tests for challenge nosql db 2021-03-19 06:08:13 +00:00			`if now.After(az.ExpiresAt) {`
[acme db interface] wip 2021-02-28 01:05:37 +00:00			`az.Status = StatusInvalid`
			`break`
			`}`

			`var isValid = false`
[acme db interface] wip errors 2021-03-01 06:49:20 +00:00			`for _, ch := range az.Challenges {`
[acme db interface] wip 2021-02-28 01:05:37 +00:00			`if ch.Status == StatusValid {`
			`isValid = true`
			`break`
			`}`
			`}`

			`if !isValid {`
			`return nil`
			`}`
			`az.Status = StatusValid`
add authorization and order unit tests 2021-03-24 23:50:35 +00:00			`az.Error = nil`
[acme db interface] wip 2021-02-28 01:05:37 +00:00			`default:`
[acme db interface] wip 2021-03-05 07:10:46 +00:00			`return NewErrorISE("unrecognized authorization status: %s", az.Status)`
[acme db interface] wip 2021-02-28 01:05:37 +00:00			`}`

[acme db interface] wip 2021-03-05 07:10:46 +00:00			`if err := db.UpdateAuthorization(ctx, az); err != nil {`
			`return WrapErrorISE(err, "error updating authorization")`
[acme db interface] wip errors 2021-03-01 06:49:20 +00:00			`}`
			`return nil`
[acme db interface] wip 2021-02-28 01:05:37 +00:00			`}`