Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/crypto/acme: Unable to get rate limit periods in a reliable way #19304

Closed
calavera opened this issue Feb 27, 2017 · 2 comments
Closed

x/crypto/acme: Unable to get rate limit periods in a reliable way #19304

calavera opened this issue Feb 27, 2017 · 2 comments
Labels
FrozenDueToAge
Milestone
Unreleased

Comments

@calavera
Copy link

Please answer these questions before submitting your issue. Thanks!

What version of Go are you using (go version)?

Go 1.8.0

What operating system and processor architecture are you using (go env)?

GOARCH="amd64"
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOOS="linux"

What did you do?

I'm using crypto/acme to create certificates from Let's Encrypt. The ACME spec provides a way to get rate limit information from providers in a reliable way:

https://tools.ietf.org/html/draft-ietf-acme-acme-05#section-6.4.1

However, crypto/acme doesn't provider any straightforward way to get those limits, leaving to everyone that uses it to implement the same logic over and over again to get those values:

An example of what people need to do every time they use crypto/acme:

client := &acme.Client{
  Key: pk, 
  DirectoryURL: "directoryURL",
}

authz, err := client.Authorize(context.Background(), "example.com")
if ae, ok := err.(*acme.Error); ok {
  r := ae.Header.Get("Retry-After")
  if r != "" {
    	i, err := strconv.ParseInt(r, 10, 64)
	if err != nil {
		// check if the header value is a time value and parse it properly
	}
        time.Sleep(time.Duration(i) * time.Second)
        // retry logic
  }
}

What did you expect to see?

I think these kind of checks are frequent enough that the library should provide a more straightforward way to get the limit time or duration, something like this:

client := &acme.Client{
  Key: pk, 
  DirectoryURL: "directoryURL",
}

authz, err := client.Authorize(context.Background(), "example.com")
if d, ok := acme.IsRateLimited(err); ok {
  time.Sleep(d)
  // retry logic
}

What did you see instead?

I created a small helper in my project to handle this. But that's something that every developer using crypto/acme will have to implement. I think it'd make sense to provide that logic by default with the library.

I also created a change request: https://go-review.googlesource.com/#/c/37463/
@gopherbot
Copy link

CL https://golang.org/cl/37463 mentions this issue.

@bradfitz bradfitz changed the title crypto/acme: Unable to get rate limit periods in a reliable way x/crypto/acme: Unable to get rate limit periods in a reliable way Mar 21, 2017
@bradfitz bradfitz added this to the Unreleased milestone Mar 21, 2017
@gopherbot
Copy link

CL https://golang.org/cl/38436 mentions this issue.

@golang golang locked and limited conversation to collaborators Apr 25, 2018
c-expert-zigbee pushed a commit to c-expert-zigbee/crypto_go that referenced this issue Mar 28, 2022
acme: add function to check rate limits
7b7029f 
This change exposes a function to extract rate limit duration
from a client error using Retry-After response header.
Author: David Calavera <david.calavera@gmail.com>.

Fixes golang/go#19304.
Change-Id: Iec9cfab398b84c6f216b95d3265ffad1ce2f29a7
Reviewed-on: https://go-review.googlesource.com/37463
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
c-expert-zigbee pushed a commit to c-expert-zigbee/crypto_go that referenced this issue Mar 29, 2022
acme: add function to check rate limits
1b3f69b 
This change exposes a function to extract rate limit duration
from a client error using Retry-After response header.
Author: David Calavera <david.calavera@gmail.com>.

Fixes golang/go#19304.
Change-Id: Iec9cfab398b84c6f216b95d3265ffad1ce2f29a7
Reviewed-on: https://go-review.googlesource.com/37463
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
LewiGoddard pushed a commit to LewiGoddard/crypto that referenced this issue Feb 16, 2023
acme: add function to check rate limits
5ac60bd 
This change exposes a function to extract rate limit duration
from a client error using Retry-After response header.
Author: David Calavera <david.calavera@gmail.com>.

Fixes golang/go#19304.
Change-Id: Iec9cfab398b84c6f216b95d3265ffad1ce2f29a7
Reviewed-on: https://go-review.googlesource.com/37463
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
BiiChris pushed a commit to BiiChris/crypto that referenced this issue Sep 15, 2023
acme: add function to check rate limits
2e7ec5f 
This change exposes a function to extract rate limit duration
from a client error using Retry-After response header.
Author: David Calavera <david.calavera@gmail.com>.

Fixes golang/go#19304.
Change-Id: Iec9cfab398b84c6f216b95d3265ffad1ce2f29a7
Reviewed-on: https://go-review.googlesource.com/37463
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
3 participants
@calavera @bradfitz @gopherbot