delete and retry expired authorizations

lambda_function.py

@@ -50,6 +50,14 @@ def load_file(directory, filename):
             return False
         return False
 
+def delete_file(directory, filename):
+    try:
+        s3.Object(cfg.S3CONFIGBUCKET, directory + "/" + filename).delete()
+        return True
+    except botocore.exceptions.ClientError as e:
+        if e.response['Error']['Code'] == 'NoSuchKey':
+            return False
+        return False
 
 # Verify the bucket exists
 def check_bucket(bucketname):
@@ -165,6 +173,14 @@ def authorize_domain(user, domain):
         authzr = AcmeAuthorization(user=user, domain=domain['DOMAIN'])
     status = authzr.authorize()
 
+    # If authorization is expired, delete authzr file and try again with a new one
+    if (status == 'expired'):
+        logger.info('Authorization for {} expired, deleting and recreating'.format(domain['DOMAIN']))
+        if delete_file(domain['DOMAIN'], authzrfilename):
+            return authorize_domain(user, domain)
+        else:
+            logger.warn('Error deleting file: {}'.format(authzrfilename))
+
     # save the (new/updated) authorization response
     save_file(domain['DOMAIN'], authzrfilename, authzr.serialize())
     logger.debug(authzr.serialize())

simple_acme.py

@@ -253,6 +253,9 @@ def authorize(self):
             for c in result['challenges']:
                 if 'error' in c:
                     logger.debug(c['error']['detail'])
+        elif status == 404 and result['detail'] == 'Expired authorization':
+            status = 'expired'
+
         return status
 
     def complete_challenges(self, challenge_type, func_challenge, func_verifier):