Add support for Retry-After headers in poll()

Author: djc

Cargo.toml

@@ -25,6 +25,7 @@ aws-lc-rs = { version = "1.8.0", optional = true }
 base64 = "0.22"
 bytes = "1"
 http = "1"
+httpdate = "1.0.3"
 http-body = "1"
 http-body-util = "0.1.2"
 hyper = { version = "1.3.1", features = ["client", "http1", "http2"], optional = true }

src/account.rs

@@ -214,6 +214,7 @@ impl Account {
         Ok(Order {
             account: self.inner.clone(),
             nonce,
+            retry_after: None,
             state,
             url: order_url.ok_or("no order URL found")?,
         })
@@ -229,6 +230,7 @@ impl Account {
         Ok(Order {
             account: self.inner.clone(),
             nonce: nonce_from_response(&rsp),
+            retry_after: None,
             // Order of fields matters! We return errors from Problem::check
             // before emitting an error if there is no order url. Or the
             // simple no url error hides the causing error in `Problem::check`.

src/order.rs

@@ -1,9 +1,12 @@
 use std::ops::{ControlFlow, Deref};
+use std::str::FromStr;
 use std::sync::Arc;
-use std::time::Duration;
+use std::time::{Duration, SystemTime};
 use std::{fmt, slice};
 
 use base64::prelude::{BASE64_URL_SAFE_NO_PAD, Engine};
+use http::header::RETRY_AFTER;
+use httpdate::HttpDate;
 #[cfg(feature = "rcgen")]
 use rcgen::{CertificateParams, DistinguishedName, KeyPair};
 use serde::Serialize;
@@ -14,7 +17,7 @@ use crate::types::{
     Authorization, AuthorizationState, AuthorizationStatus, AuthorizedIdentifier, Challenge,
     ChallengeType, Empty, FinalizeRequest, OrderState, OrderStatus, Problem,
 };
-use crate::{Error, Key, crypto, nonce_from_response};
+use crate::{BytesResponse, Error, Key, crypto, nonce_from_response};
 
 /// An ACME order as described in RFC 8555 (section 7.1.3)
 ///
@@ -27,6 +30,7 @@ use crate::{Error, Key, crypto, nonce_from_response};
 pub struct Order {
     pub(crate) account: Arc<AccountInner>,
     pub(crate) nonce: Option<String>,
+    pub(crate) retry_after: Option<SystemTime>,
     pub(crate) url: String,
     pub(crate) state: OrderState,
 }
@@ -163,8 +167,9 @@ impl Order {
     /// Yields the [`OrderStatus`] immediately if `Ready` or `Invalid`, or after `tries` attempts.
     pub async fn poll(&mut self, retries: &RetryPolicy) -> Result<OrderStatus, Error> {
         let mut retrying = retries.state();
+        self.retry_after = None;
         loop {
-            if let ControlFlow::Break(()) = retrying.wait().await {
+            if let ControlFlow::Break(()) = retrying.wait(self.retry_after.take()).await {
                 return Ok(self.state.status);
             }
 
@@ -185,6 +190,7 @@ impl Order {
             .await?;
 
         self.nonce = nonce_from_response(&rsp);
+        self.retry_after = retry_after(&rsp);
         self.state = Problem::check::<OrderState>(rsp).await?;
         Ok(&self.state)
     }
@@ -544,14 +550,44 @@ struct RetryState {
 }
 
 impl RetryState {
-    async fn wait(&mut self) -> ControlFlow<(), ()> {
+    async fn wait(&mut self, after: Option<SystemTime>) -> ControlFlow<(), ()> {
         if self.tries == 0 {
             return ControlFlow::Break(());
         }
 
+        if let Some(after) = after {
+            if let Ok(delay) = after.duration_since(SystemTime::now()) {
+                sleep(delay).await;
+                self.tries -= 1;
+                return ControlFlow::Continue(());
+            }
+        }
+
         sleep(self.delay).await;
         self.delay *= 2;
         self.tries -= 1;
         ControlFlow::Continue(())
     }
 }
+
+/// Parse the `Retry-After` header from the response
+///
+/// <https://httpwg.org/specs/rfc9110.html#field.retry-after>
+///
+/// # Syntax
+///
+/// Retry-After = HTTP-date / delay-seconds
+/// delay-seconds  = 1*DIGIT
+fn retry_after(rsp: &BytesResponse) -> Option<SystemTime> {
+    let value = rsp.parts.headers.get(RETRY_AFTER)?.to_str().ok()?.trim();
+    if value.is_empty() {
+        return None;
+    }
+
+    Some(match u64::from_str(value) {
+        // `delay-seconds` is a number of seconds to wait
+        Ok(secs) => SystemTime::now() + Duration::from_secs(secs),
+        // `HTTP-date` looks like `Fri, 31 Dec 1999 23:59:59 GMT`
+        Err(_) => SystemTime::from(HttpDate::from_str(value).ok()?),
+    })
+}