New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Temporarily allow fetching of expired authzs. #3778
Conversation
@@ -1244,12 +1244,6 @@ func (wfe *WebFrontEndImpl) Authorization(ctx context.Context, logEvent *web.Req | |||
logEvent.Extra["Identifier"] = authz.Identifier | |||
logEvent.Extra["AuthorizationStatus"] = authz.Status | |||
|
|||
// After expiring, authorizations are inaccessible |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Given we plan to turn this back on could you just comment it out with a TODO
and open a issue to turn the behavior back on.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't like to leave commented out code checked in, but I've filed an issue to restore the 404s: #3781
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jsha Can you also file some kind of reminder/issue to revert this commit?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's an integration test failing in CI that needs to be fixed up in this branch :
Traceback (most recent call last):
File "test/integration-test.py", line 700, in <module>
main()
File "test/integration-test.py", line 633, in main
run_chisel(args.test_case_filter)
File "test/integration-test.py", line 657, in run_chisel
value()
File "test/integration-test.py", line 499, in test_expired_authzs_404
response.status_code)
Exception: ('Unexpected response for expired authz: ', 200)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Still failing in CI :-(
Traceback (most recent call last):
File "test/integration-test.py", line 681, in <module>
main()
File "test/integration-test.py", line 598, in main
setup_seventy_days_ago()
File "test/integration-test.py", line 56, in setup_seventy_days_ago
_, old_authzs = auth_and_issue([random_domain()])
TypeError: 'NoneType' object is not iterable
b0c381f
to
b6ba19f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
This also allows deactivating expired authzs, which is fine.
Fixes #3777