Skip to content

Commit 317ea22

Browse files
Roland Bracewell Shoemakercpu
Roland Bracewell Shoemaker
authored and
cpu
committed
Remove UpdatePendingAuthorization (letsencrypt#4098)
This SA method/RPC is no longer actually used anywhere. Fixes letsencrypt#3932.
1 parent 0ecdf80 commit 317ea22

File tree

8 files changed

+104
-297
lines changed

8 files changed

+104
-297
lines changed

core/interfaces.go

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -143,7 +143,6 @@ type StorageAdder interface {
143143
NewRegistration(ctx context.Context, reg Registration) (created Registration, err error)
144144
UpdateRegistration(ctx context.Context, reg Registration) error
145145
NewPendingAuthorization(ctx context.Context, authz Authorization) (Authorization, error)
146-
UpdatePendingAuthorization(ctx context.Context, authz Authorization) error
147146
FinalizeAuthorization(ctx context.Context, authz Authorization) error
148147
MarkCertificateRevoked(ctx context.Context, serial string, reasonCode revocation.Reason) error
149148
AddCertificate(ctx context.Context, der []byte, regID int64, ocsp []byte, issued *time.Time) (digest string, err error)

grpc/sa-wrappers.go

Lines changed: 0 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -368,20 +368,6 @@ func (sac StorageAuthorityClientWrapper) NewPendingAuthorization(ctx context.Con
368368
return PBToAuthz(response)
369369
}
370370

371-
func (sac StorageAuthorityClientWrapper) UpdatePendingAuthorization(ctx context.Context, authz core.Authorization) error {
372-
authPB, err := AuthzToPB(authz)
373-
if err != nil {
374-
return err
375-
}
376-
377-
_, err = sac.inner.UpdatePendingAuthorization(ctx, authPB)
378-
if err != nil {
379-
return err
380-
}
381-
382-
return nil
383-
}
384-
385371
func (sac StorageAuthorityClientWrapper) FinalizeAuthorization(ctx context.Context, authz core.Authorization) error {
386372
authPB, err := AuthzToPB(authz)
387373
if err != nil {
@@ -923,24 +909,6 @@ func (sas StorageAuthorityServerWrapper) NewPendingAuthorization(ctx context.Con
923909
return AuthzToPB(newAuthz)
924910
}
925911

926-
func (sas StorageAuthorityServerWrapper) UpdatePendingAuthorization(ctx context.Context, request *corepb.Authorization) (*corepb.Empty, error) {
927-
if request == nil || !authorizationValid(request) {
928-
return nil, errIncompleteRequest
929-
}
930-
931-
authz, err := PBToAuthz(request)
932-
if err != nil {
933-
return nil, err
934-
}
935-
936-
err = sas.inner.UpdatePendingAuthorization(ctx, authz)
937-
if err != nil {
938-
return nil, err
939-
}
940-
941-
return &corepb.Empty{}, nil
942-
}
943-
944912
func (sas StorageAuthorityServerWrapper) FinalizeAuthorization(ctx context.Context, request *corepb.Authorization) (*corepb.Empty, error) {
945913
if request == nil || !authorizationValid(request) {
946914
return nil, errIncompleteRequest

mocks/mocks.go

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -349,11 +349,6 @@ func (sa *StorageAuthority) NewRegistration(_ context.Context, reg core.Registra
349349
return
350350
}
351351

352-
// UpdatePendingAuthorization is a mock
353-
func (sa *StorageAuthority) UpdatePendingAuthorization(_ context.Context, authz core.Authorization) (err error) {
354-
return
355-
}
356-
357352
// UpdateRegistration is a mock
358353
func (sa *StorageAuthority) UpdateRegistration(_ context.Context, reg core.Registration) (err error) {
359354
return

ra/mock_test.go

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -111,10 +111,6 @@ func (sa *mockInvalidAuthorizationsAuthority) NewPendingAuthorization(ctx contex
111111
return nil, nil
112112
}
113113

114-
func (sa *mockInvalidAuthorizationsAuthority) UpdatePendingAuthorization(ctx context.Context, in *core.Authorization, opts ...grpc.CallOption) (*core.Empty, error) {
115-
return nil, nil
116-
}
117-
118114
func (sa *mockInvalidAuthorizationsAuthority) FinalizeAuthorization(ctx context.Context, in *core.Authorization, opts ...grpc.CallOption) (*core.Empty, error) {
119115
return nil, nil
120116
}

sa/proto/sa.pb.go

Lines changed: 103 additions & 136 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

sa/proto/sa.proto

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,6 @@ service StorageAuthority {
3131
rpc NewRegistration(core.Registration) returns (core.Registration) {}
3232
rpc UpdateRegistration(core.Registration) returns (core.Empty) {}
3333
rpc NewPendingAuthorization(core.Authorization) returns (core.Authorization) {}
34-
rpc UpdatePendingAuthorization(core.Authorization) returns (core.Empty) {}
3534
rpc FinalizeAuthorization(core.Authorization) returns (core.Empty) {}
3635
rpc MarkCertificateRevoked(MarkCertificateRevokedRequest) returns (core.Empty) {}
3736
rpc AddCertificate(AddCertificateRequest) returns (AddCertificateResponse) {}

sa/sa.go

Lines changed: 0 additions & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -786,49 +786,6 @@ func (ssa *SQLStorageAuthority) GetPendingAuthorization(
786786

787787
}
788788

789-
// UpdatePendingAuthorization updates a Pending Authorization's Challenges.
790-
// Despite what the name "UpdatePendingAuthorization" (preserved for legacy
791-
// reasons) may indicate, the pending authorization table row is not changed,
792-
// only the associated challenges by way of `sa.updateChallenges`.
793-
func (ssa *SQLStorageAuthority) UpdatePendingAuthorization(ctx context.Context, authz core.Authorization) error {
794-
tx, err := ssa.dbMap.Begin()
795-
if err != nil {
796-
return err
797-
}
798-
txWithCtx := tx.WithContext(ctx)
799-
800-
if !statusIsPending(authz.Status) {
801-
err = berrors.WrongAuthorizationStateError("authorization is not pending")
802-
return Rollback(tx, err)
803-
}
804-
805-
if existingFinal(txWithCtx, authz.ID) {
806-
err = berrors.WrongAuthorizationStateError("cannot update a finalized authorization")
807-
return Rollback(tx, err)
808-
}
809-
810-
if !existingPending(txWithCtx, authz.ID) {
811-
err = berrors.InternalServerError("authorization with ID '%s' not found", authz.ID)
812-
return Rollback(tx, err)
813-
}
814-
815-
_, err = selectPendingAuthz(txWithCtx, "WHERE id = ?", authz.ID)
816-
if err == sql.ErrNoRows {
817-
err = berrors.InternalServerError("authorization with ID '%s' not found", authz.ID)
818-
return Rollback(tx, err)
819-
}
820-
if err != nil {
821-
return Rollback(tx, err)
822-
}
823-
824-
err = updateChallenges(txWithCtx, authz.ID, authz.Challenges)
825-
if err != nil {
826-
return Rollback(tx, err)
827-
}
828-
829-
return tx.Commit()
830-
}
831-
832789
// FinalizeAuthorization converts a Pending Authorization to a final one. If the
833790
// Authorization is not found a berrors.NotFound result is returned. If the
834791
// Authorization is status pending a berrors.InternalServer error is returned.

sa/sa_test.go

Lines changed: 1 addition & 75 deletions
Original file line numberDiff line numberDiff line change
@@ -278,21 +278,14 @@ func CreateDomainAuthWithRegID(t *testing.T, domainName string, sa *SQLStorageAu
278278
Expires: &exp,
279279
Identifier: core.AcmeIdentifier{Type: core.IdentifierDNS, Value: domainName},
280280
RegistrationID: regID,
281-
Challenges: []core.Challenge{{}},
281+
Challenges: []core.Challenge{{Type: "simpleHttp", Status: core.StatusValid, URI: domainName, Token: "THISWOULDNTBEAGOODTOKEN"}},
282282
Combinations: combos,
283283
})
284284
if err != nil {
285285
t.Fatalf("Couldn't create new pending authorization: %s", err)
286286
}
287287
test.Assert(t, authz.ID != "", "ID shouldn't be blank")
288288

289-
// prepare challenge for auth
290-
chall := core.Challenge{Type: "simpleHttp", Status: core.StatusValid, URI: domainName, Token: "THISWOULDNTBEAGOODTOKEN"}
291-
// Add some challenges
292-
authz.Challenges = []core.Challenge{chall}
293-
err = sa.UpdatePendingAuthorization(ctx, authz)
294-
test.AssertNotError(t, err, "Couldn't update pending authorization with ID "+authz.ID)
295-
296289
return
297290
}
298291

@@ -1987,73 +1980,6 @@ func TestGetOrderForNames(t *testing.T) {
19871980
test.Assert(t, result == nil, "sa.GetOrderForNames returned non-nil result for finalized order case")
19881981
}
19891982

1990-
func TestUpdatePendingAuthorizationInvalidOrder(t *testing.T) {
1991-
sa, fc, cleanUp := initSA(t)
1992-
defer cleanUp()
1993-
1994-
expires := fc.Now().Add(time.Hour)
1995-
ctx := context.Background()
1996-
1997-
// Create a registration to work with
1998-
reg := satest.CreateWorkingRegistration(t, sa)
1999-
2000-
// Create a pending authz, not associated with any orders
2001-
authz := core.Authorization{
2002-
RegistrationID: reg.ID,
2003-
Expires: &expires,
2004-
Status: core.StatusPending,
2005-
Identifier: core.AcmeIdentifier{Type: core.IdentifierDNS, Value: "your.order.is.up"},
2006-
}
2007-
pendingAuthz, err := sa.NewPendingAuthorization(ctx, authz)
2008-
test.AssertNotError(t, err, "Couldn't create new pending authorization")
2009-
2010-
// Update the pending authz to be invalid. This shouldn't error.
2011-
pendingAuthz.Status = core.StatusInvalid
2012-
err = sa.FinalizeAuthorization(ctx, pendingAuthz)
2013-
test.AssertNotError(t, err, "Couldn't finalize legacy pending authz to invalid")
2014-
2015-
// Create a pending authz that will be associated with an order
2016-
authz = core.Authorization{
2017-
RegistrationID: reg.ID,
2018-
Expires: &expires,
2019-
Status: core.StatusPending,
2020-
Identifier: core.AcmeIdentifier{Type: core.IdentifierDNS, Value: "your.order.is.up"},
2021-
}
2022-
pendingAuthz, err = sa.NewPendingAuthorization(ctx, authz)
2023-
test.AssertNotError(t, err, "Couldn't create new pending authorization")
2024-
2025-
// Add a new order that references the above pending authz
2026-
expiresNano := expires.UnixNano()
2027-
order, err := sa.NewOrder(ctx, &corepb.Order{
2028-
RegistrationID: &reg.ID,
2029-
Expires: &expiresNano,
2030-
Authorizations: []string{pendingAuthz.ID},
2031-
Names: []string{"your.order.is.up"},
2032-
})
2033-
// It shouldn't error
2034-
test.AssertNotError(t, err, "sa.NewOrder failed")
2035-
// The order ID shouldn't be nil
2036-
test.AssertNotNil(t, *order.Id, "NewOrder returned with a nil Id")
2037-
// The order should be pending
2038-
test.AssertEquals(t, *order.Status, string(core.StatusPending))
2039-
// The order should have one authz with the correct ID
2040-
test.AssertEquals(t, len(order.Authorizations), 1)
2041-
test.AssertEquals(t, order.Authorizations[0], pendingAuthz.ID)
2042-
2043-
// Now finalize the authz to an invalid status.
2044-
pendingAuthz.Status = core.StatusInvalid
2045-
err = sa.FinalizeAuthorization(ctx, pendingAuthz)
2046-
test.AssertNotError(t, err, "Couldn't finalize pending authz associated with order to invalid")
2047-
2048-
// Fetch the order to get its updated status
2049-
updatedOrder, err := sa.GetOrder(
2050-
context.Background(),
2051-
&sapb.OrderRequest{Id: order.Id})
2052-
test.AssertNotError(t, err, "GetOrder failed")
2053-
// We expect the updated order status to be invalid
2054-
test.AssertEquals(t, *updatedOrder.Status, string(core.StatusInvalid))
2055-
}
2056-
20571983
func TestStatusForOrder(t *testing.T) {
20581984
sa, fc, cleanUp := initSA(t)
20591985
defer cleanUp()

0 commit comments

Comments
 (0)