-
Notifications
You must be signed in to change notification settings - Fork 413
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
19 changed files
with
565 additions
and
1,249 deletions.
There are no files selected for viewing
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
package types | ||
|
||
import ( | ||
"context" | ||
"encoding/json" | ||
"time" | ||
|
||
"github.com/pkg/errors" | ||
) | ||
|
||
// Authorization representst an ACME Authorization. | ||
type Authorization struct { | ||
Identifier *Identifier `json:"identifier"` | ||
Status string `json:"status"` | ||
Expires string `json:"expires"` | ||
Challenges []*Challenge `json:"challenges"` | ||
Wildcard bool `json:"wildcard"` | ||
ID string `json:"-"` | ||
AccountID string `json:"-"` | ||
} | ||
|
||
// ToLog enables response logging. | ||
func (az *Authorization) ToLog() (interface{}, error) { | ||
b, err := json.Marshal(az) | ||
if err != nil { | ||
return nil, ServerInternalErr(errors.Wrap(err, "error marshaling authz for logging")) | ||
} | ||
return string(b), nil | ||
} | ||
|
||
// UpdateStatus updates the ACME Authorization Status if necessary. | ||
// Changes to the Authorization are saved using the database interface. | ||
func (az *Authorization) UpdateStatus(ctx context.Context, db DB) error { | ||
now := time.Now().UTC() | ||
expiry, err := time.Parse(time.RFC3339, az.Expires) | ||
if err != nil { | ||
return ServerInternalErr(errors.Wrap("error converting expiry string to time")) | ||
} | ||
|
||
switch az.Status { | ||
case StatusInvalid: | ||
return nil | ||
case StatusValid: | ||
return nil | ||
case StatusPending: | ||
// check expiry | ||
if now.After(expiry) { | ||
az.Status = StatusInvalid | ||
az.Error = MalformedErr(errors.New("authz has expired")) | ||
break | ||
} | ||
|
||
var isValid = false | ||
for _, chID := range ba.Challenges { | ||
ch, err := db.GetChallenge(ctx, chID, az.ID) | ||
if err != nil { | ||
return ServerInternalErr(err) | ||
} | ||
if ch.Status == StatusValid { | ||
isValid = true | ||
break | ||
} | ||
} | ||
|
||
if !isValid { | ||
return nil | ||
} | ||
az.Status = StatusValid | ||
az.Error = nil | ||
default: | ||
return nil, ServerInternalErr(errors.Errorf("unrecognized authz status: %s", ba.Status)) | ||
} | ||
|
||
return ServerInternalErr(db.UpdateAuthorization(ctx, az)) | ||
} |
Oops, something went wrong.