Skip to content

Commit e0d9156

Browse files
aarongableaarongable
committed
WFE: Return err instead of prob from updateAccount helper
1 parent d045b38 commit e0d9156

File tree

2 files changed

+24
-29
lines changed

2 files changed

+24
-29
lines changed

wfe2/wfe.go

+23-28
Original file line numberDiff line numberDiff line change
@@ -1360,25 +1360,26 @@ func (wfe *WebFrontEndImpl) Account(
13601360
idStr := request.URL.Path
13611361
id, err := strconv.ParseInt(idStr, 10, 64)
13621362
if err != nil {
1363-
wfe.sendError(response, logEvent, probs.Malformed("Account ID must be an integer"), err)
1363+
wfe.sendError(response, logEvent, probs.Malformed(fmt.Sprintf("Account ID must be an integer, was %q", idStr)), err)
13641364
return
13651365
} else if id <= 0 {
1366-
msg := fmt.Sprintf("Account ID must be a positive non-zero integer, was %d", id)
1367-
wfe.sendError(response, logEvent, probs.Malformed(msg), nil)
1366+
wfe.sendError(response, logEvent, probs.Malformed(fmt.Sprintf("Account ID must be a positive non-zero integer, was %d", id)), nil)
13681367
return
13691368
} else if id != currAcct.ID {
1370-
wfe.sendError(response, logEvent,
1371-
probs.Unauthorized("Request signing key did not match account key"), nil)
1369+
wfe.sendError(response, logEvent, probs.Unauthorized("Request signing key did not match account key"), nil)
13721370
return
13731371
}
13741372

1375-
// An empty string means POST-as-GET (i.e. no update). A body of "{}" means
1376-
// an update of zero fields, returning the unchanged object. This was the
1377-
// recommended way to fetch the account object in ACMEv1.
1378-
if string(body) != "" && string(body) != "{}" {
1379-
currAcct, prob = wfe.updateAccount(ctx, body, currAcct)
1380-
if prob != nil {
1381-
wfe.sendError(response, logEvent, prob, nil)
1373+
var acct *core.Registration
1374+
if string(body) == "" || string(body) == "{}" {
1375+
// An empty string means POST-as-GET (i.e. no update). A body of "{}" means
1376+
// an update of zero fields, returning the unchanged object. This was the
1377+
// recommended way to fetch the account object in ACMEv1.
1378+
acct = currAcct
1379+
} else {
1380+
acct, err = wfe.updateAccount(ctx, body, currAcct)
1381+
if err != nil {
1382+
wfe.sendError(response, logEvent, web.ProblemDetailsForError(err, "Unable to update account"), nil)
13821383
return
13831384
}
13841385
}
@@ -1387,13 +1388,11 @@ func (wfe *WebFrontEndImpl) Account(
13871388
response.Header().Add("Link", link(wfe.SubscriberAgreementURL, "terms-of-service"))
13881389
}
13891390

1390-
prepAccountForDisplay(currAcct)
1391+
prepAccountForDisplay(acct)
13911392

1392-
err = wfe.writeJsonResponse(response, logEvent, http.StatusOK, currAcct)
1393+
err = wfe.writeJsonResponse(response, logEvent, http.StatusOK, acct)
13931394
if err != nil {
1394-
// ServerInternal because we just generated the account, it should be OK
1395-
wfe.sendError(response, logEvent,
1396-
probs.ServerInternal("Failed to marshal account"), err)
1395+
wfe.sendError(response, logEvent, probs.ServerInternal("Failed to marshal account"), err)
13971396
return
13981397
}
13991398
}
@@ -1403,10 +1402,7 @@ func (wfe *WebFrontEndImpl) Account(
14031402
// request has already been authenticated by the caller. If the request is a
14041403
// valid update the resulting updated account is returned, otherwise a problem
14051404
// is returned.
1406-
func (wfe *WebFrontEndImpl) updateAccount(
1407-
ctx context.Context,
1408-
requestBody []byte,
1409-
currAcct *core.Registration) (*core.Registration, *probs.ProblemDetails) {
1405+
func (wfe *WebFrontEndImpl) updateAccount(ctx context.Context, requestBody []byte, currAcct *core.Registration) (*core.Registration, error) {
14101406
// Only the Contact and Status fields of an account may be updated this way.
14111407
// For key updates clients should be using the key change endpoint.
14121408
var accountUpdateRequest struct {
@@ -1416,7 +1412,7 @@ func (wfe *WebFrontEndImpl) updateAccount(
14161412

14171413
err := json.Unmarshal(requestBody, &accountUpdateRequest)
14181414
if err != nil {
1419-
return nil, probs.Malformed("Error unmarshaling account")
1415+
return nil, berrors.MalformedError("parsing account update request: %s", err)
14201416
}
14211417

14221418
// If a user tries to send both a deactivation request and an update to
@@ -1426,17 +1422,16 @@ func (wfe *WebFrontEndImpl) updateAccount(
14261422
updatedAcct, err := wfe.ra.DeactivateRegistration(
14271423
ctx, &rapb.DeactivateRegistrationRequest{RegistrationID: currAcct.ID})
14281424
if err != nil {
1429-
return nil, web.ProblemDetailsForError(err, "Unable to deactivate account")
1425+
return nil, fmt.Errorf("deactivating account: %w", err)
14301426
}
14311427

14321428
if updatedAcct.Status == string(core.StatusDeactivated) {
14331429
// The request was handled by an updated RA/SA, which returned the updated
14341430
// account object.
14351431
updatedReg, err := bgrpc.PbToRegistration(updatedAcct)
14361432
if err != nil {
1437-
return nil, probs.ServerInternal("Error updating account")
1433+
return nil, fmt.Errorf("parsing deactivated account: %w", err)
14381434
}
1439-
14401435
return &updatedReg, nil
14411436
} else {
14421437
// The request was handled by an old RA/SA, which returned nothing.
@@ -1449,7 +1444,7 @@ func (wfe *WebFrontEndImpl) updateAccount(
14491444
}
14501445

14511446
if accountUpdateRequest.Status != core.StatusValid && accountUpdateRequest.Status != "" {
1452-
return nil, probs.Malformed("Invalid value provided for status field")
1447+
return nil, berrors.MalformedError("invalid status %q for account update request, must be %q or %q", accountUpdateRequest.Status, core.StatusValid, core.StatusDeactivated)
14531448
}
14541449

14551450
if accountUpdateRequest.Contact == nil {
@@ -1463,13 +1458,13 @@ func (wfe *WebFrontEndImpl) updateAccount(
14631458
updatedAcct, err := wfe.ra.UpdateRegistrationContact(ctx, &rapb.UpdateRegistrationContactRequest{
14641459
RegistrationID: currAcct.ID, Contacts: *accountUpdateRequest.Contact})
14651460
if err != nil {
1466-
return nil, web.ProblemDetailsForError(err, "Unable to update account")
1461+
return nil, fmt.Errorf("updating account: %w", err)
14671462
}
14681463

14691464
// Convert proto to core.Registration for return
14701465
updatedReg, err := bgrpc.PbToRegistration(updatedAcct)
14711466
if err != nil {
1472-
return nil, probs.ServerInternal("Error updating account")
1467+
return nil, fmt.Errorf("parsing updated account: %w", err)
14731468
}
14741469

14751470
return &updatedReg, nil

wfe2/wfe_test.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -2521,7 +2521,7 @@ func TestDeactivateAccount(t *testing.T) {
25212521
wfe.Account(ctx, newRequestEvent(), responseWriter, request)
25222522
test.AssertUnmarshaledEquals(t,
25232523
responseWriter.Body.String(),
2524-
`{"type": "`+probs.ErrorNS+`malformed","detail": "Invalid value provided for status field","status": 400}`)
2524+
`{"type": "`+probs.ErrorNS+`malformed","detail": "Unable to update account :: invalid status \"asd\" for account update request, must be \"valid\" or \"deactivated\"","status": 400}`)
25252525

25262526
responseWriter.Body.Reset()
25272527
payload = `{"status":"deactivated"}`

0 commit comments

Comments
 (0)