Remove nearly-unused WrongAuthorizationState error (letsencrypt#5176)

aarongable · web-flow · commit cc66969bec27 · 2020-11-12T15:38:16.000-08:00
This error class is only used in one instance, and when returned to the user it is transformed into a `probs.Malformed` anyway. It does more harm than good to keep this one-off BoulderError around, as it introduces confusion about what sorts of errors we expose to the client. Fixes letsencrypt#5167
diff --git a/errors/errors.go b/errors/errors.go
@@ -22,7 +22,7 @@ const (
 	RejectedIdentifier
 	InvalidEmail
 	ConnectionFailure
-	WrongAuthorizationState
+	_ // Reserved, previously WrongAuthorizationState
 	CAA
 	MissingSCTs
 	Duplicate
@@ -111,10 +111,6 @@ func ConnectionFailureError(msg string, args ...interface{}) error {
 	return New(ConnectionFailure, msg, args...)
 }
 
-func WrongAuthorizationStateError(msg string, args ...interface{}) error {
-	return New(WrongAuthorizationState, msg, args...)
-}
-
 func CAAError(msg string, args ...interface{}) error {
 	return New(CAA, msg, args...)
 }
diff --git a/ra/ra.go b/ra/ra.go
@@ -1532,17 +1532,16 @@ func (ra *RegistrationAuthorityImpl) recordValidation(ctx context.Context, authI
 func (ra *RegistrationAuthorityImpl) PerformValidation(
 	ctx context.Context,
 	req *rapb.PerformValidationRequest) (*corepb.Authorization, error) {
-	base, err := bgrpc.PBToAuthz(req.Authz)
+	authz, err := bgrpc.PBToAuthz(req.Authz)
 	if err != nil {
 		return nil, err
 	}
 
 	// Refuse to update expired authorizations
-	if base.Expires == nil || base.Expires.Before(ra.clk.Now()) {
+	if authz.Expires == nil || authz.Expires.Before(ra.clk.Now()) {
 		return nil, berrors.MalformedError("expired authorization")
 	}
 
-	authz := base
 	challIndex := int(req.ChallengeIndex)
 	if challIndex >= len(authz.Challenges) {
 		return nil,
@@ -1566,7 +1565,7 @@ func (ra *RegistrationAuthorityImpl) PerformValidation(
 	}
 
 	if authz.Status != core.StatusPending {
-		return nil, berrors.WrongAuthorizationStateError("authorization must be pending")
+		return nil, berrors.MalformedError("authorization must be pending")
 	}
 
 	// Look up the account key for this authorization
diff --git a/ra/ra_test.go b/ra/ra_test.go
@@ -920,7 +920,7 @@ func TestPerformValidationAlreadyValid(t *testing.T) {
 		Authz:          authzPB,
 		ChallengeIndex: int64(ResponseIndex),
 	})
-	test.AssertErrorIs(t, err, berrors.WrongAuthorizationState)
+	test.AssertErrorIs(t, err, berrors.Malformed)
 }
 
 func TestPerformValidationSuccess(t *testing.T) {
diff --git a/web/probs.go b/web/probs.go
@@ -28,8 +28,6 @@ func problemDetailsForBoulderError(err *berrors.BoulderError, msg string) *probs
 		outProb = probs.RejectedIdentifier(fmt.Sprintf("%s :: %s", msg, err))
 	case berrors.InvalidEmail:
 		outProb = probs.InvalidEmail(fmt.Sprintf("%s :: %s", msg, err))
-	case berrors.WrongAuthorizationState:
-		outProb = probs.Malformed(fmt.Sprintf("%s :: %s", msg, err))
 	case berrors.CAA:
 		outProb = probs.CAA(fmt.Sprintf("%s :: %s", msg, err))
 	case berrors.MissingSCTs:

Original file line number	Diff line number	Diff line change
`@@ -1532,17 +1532,16 @@ func (ra *RegistrationAuthorityImpl) recordValidation(ctx context.Context, authI`
`1532`	`1532`	`func (ra *RegistrationAuthorityImpl) PerformValidation(`
`1533`	`1533`	`ctx context.Context,`
`1534`	`1534`	`req rapb.PerformValidationRequest) (corepb.Authorization, error) {`
`1535`		`- base, err := bgrpc.PBToAuthz(req.Authz)`
	`1535`	`+ authz, err := bgrpc.PBToAuthz(req.Authz)`
`1536`	`1536`	`if err != nil {`
`1537`	`1537`	`return nil, err`
`1538`	`1538`	`}`
`1539`	`1539`
`1540`	`1540`	`// Refuse to update expired authorizations`
`1541`		`- if base.Expires == nil \|\| base.Expires.Before(ra.clk.Now()) {`
	`1541`	`+ if authz.Expires == nil \|\| authz.Expires.Before(ra.clk.Now()) {`
`1542`	`1542`	`return nil, berrors.MalformedError("expired authorization")`
`1543`	`1543`	`}`
`1544`	`1544`
`1545`		`- authz := base`
`1546`	`1545`	`challIndex := int(req.ChallengeIndex)`
`1547`	`1546`	`if challIndex >= len(authz.Challenges) {`
`1548`	`1547`	`return nil,`
`@@ -1566,7 +1565,7 @@ func (ra *RegistrationAuthorityImpl) PerformValidation(`
`1566`	`1565`	`}`
`1567`	`1566`
`1568`	`1567`	`if authz.Status != core.StatusPending {`
`1569`		`- return nil, berrors.WrongAuthorizationStateError("authorization must be pending")`
	`1568`	`+ return nil, berrors.MalformedError("authorization must be pending")`
`1570`	`1569`	`}`
`1571`	`1570`
`1572`	`1571`	`// Look up the account key for this authorization`
Original file line number	Diff line number	Diff line change
`@@ -920,7 +920,7 @@ func TestPerformValidationAlreadyValid(t *testing.T) {`
`920`	`920`	`Authz: authzPB,`
`921`	`921`	`ChallengeIndex: int64(ResponseIndex),`
`922`	`922`	`})`
`923`		`- test.AssertErrorIs(t, err, berrors.WrongAuthorizationState)`
	`923`	`+ test.AssertErrorIs(t, err, berrors.Malformed)`
`924`	`924`	`}`
`925`	`925`
`926`	`926`	`func TestPerformValidationSuccess(t *testing.T) {`