letsencrypt · rolandshoemaker · Apr 24, 2019 · Mar 1, 2019 · Mar 6, 2019 · Mar 7, 2019
diff --git a/core/interfaces.go b/core/interfaces.go
@@ -135,7 +135,14 @@ type StorageGetter interface {
 	GetValidOrderAuthorizations(ctx context.Context, req *sapb.GetValidOrderAuthorizationsRequest) (map[string]*Authorization, error)
 	CountInvalidAuthorizations(ctx context.Context, req *sapb.CountInvalidAuthorizationsRequest) (count *sapb.Count, err error)
 	GetAuthorizations(ctx context.Context, req *sapb.GetAuthorizationsRequest) (*sapb.Authorizations, error)
-	GetAuthz2(ctx context.Context, req *sapb.AuthorizationID2) (*corepb.Authorization, error)
+	// New authz2 methods
+	GetAuthorization2(ctx context.Context, req *sapb.AuthorizationID2) (*corepb.Authorization, error)
+	GetAuthorizations2(ctx context.Context, req *sapb.GetAuthorizationsRequest) (*sapb.Authorizations, error)
+	GetPendingAuthorization2(ctx context.Context, req *sapb.GetPendingAuthorizationRequest) (*corepb.Authorization, error)
+	CountPendingAuthorizations2(ctx context.Context, req *sapb.RegistrationID) (*sapb.Count, error)
+	GetValidOrderAuthorizations2(ctx context.Context, req *sapb.GetValidOrderAuthorizationsRequest) (*sapb.Authorizations, error)
+	CountInvalidAuthorizations2(ctx context.Context, req *sapb.CountInvalidAuthorizationsRequest) (*sapb.Count, error)
+	GetValidAuthorizations2(ctx context.Context, req *sapb.GetValidAuthorizationsRequest) (*sapb.Authorizations, error)
 }
 
 // StorageAdder are the Boulder SA's write/update methods
@@ -155,6 +162,11 @@ type StorageAdder interface {
 	AddPendingAuthorizations(ctx context.Context, req *sapb.AddPendingAuthorizationsRequest) (*sapb.AuthorizationIDs, error)
 	SetOrderError(ctx context.Context, order *corepb.Order) error
 	RevokeCertificate(ctx context.Context, req *sapb.RevokeCertificateRequest) error
+	// New authz2 methods
+	NewAuthorizations2(ctx context.Context, req *sapb.AddPendingAuthorizationsRequest) (*sapb.Authorization2IDs, error)
+	FinalizeAuthorization2(ctx context.Context, req *sapb.FinalizeAuthorizationRequest) error
+	DeactivateAuthorization2(ctx context.Context, req *sapb.AuthorizationID2) (*corepb.Empty, error)
+	RevokeAuthorizationsByDomain2(ctx context.Context, req *sapb.RevokeAuthorizationsByDomainRequest) (*corepb.Empty, error)
 }
 
 // StorageAuthority interface represents a simple key/value

diff --git a/core/proto/core.pb.go b/core/proto/core.pb.go
diff --git a/core/proto/core.proto b/core/proto/core.proto
@@ -71,11 +71,16 @@ message Order {
         optional int64 expires = 3;
         optional ProblemDetails error = 4;
         optional string certificateSerial = 5;
+        // contains only v1 authorization IDs, should be
+        // deprecated once fully switched to v2 authorizations
+        // in favor of v2Authorizations.
         repeated string authorizations = 6;
         optional string status = 7;
         repeated string names = 8;
         optional bool beganProcessing = 9;
         optional int64 created = 10;
+        // contains only v2 authorization IDs.
+        repeated int64 v2Authorizations = 11;
 }
 
 message Empty {}
diff --git a/grpc/pb-marshalling.go b/grpc/pb-marshalling.go
@@ -114,7 +114,7 @@ func pbToChallenge(in *corepb.Challenge) (challenge core.Challenge, err error) {
 	if in == nil {
 		return core.Challenge{}, ErrMissingParameters
 	}
-	if in.Id == nil || in.Type == nil || in.Status == nil || in.Token == nil || in.KeyAuthorization == nil {
+	if in.Type == nil || in.Status == nil || in.Token == nil {
 		return core.Challenge{}, ErrMissingParameters
 	}
 	var recordAry []core.ValidationRecord
@@ -131,15 +131,20 @@ func pbToChallenge(in *corepb.Challenge) (challenge core.Challenge, err error) {
 	if err != nil {
 		return core.Challenge{}, err
 	}
-	return core.Challenge{
-		ID:                       *in.Id,
-		Type:                     *in.Type,
-		Status:                   core.AcmeStatus(*in.Status),
-		Token:                    *in.Token,
-		ProvidedKeyAuthorization: *in.KeyAuthorization,
-		Error:                    prob,
-		ValidationRecord:         recordAry,
-	}, nil
+	ch := core.Challenge{
+		Type:             *in.Type,
+		Status:           core.AcmeStatus(*in.Status),
+		Token:            *in.Token,
+		Error:            prob,
+		ValidationRecord: recordAry,
+	}
+	if in.Id != nil {
+		ch.ID = *in.Id
+	}
+	if in.KeyAuthorization != nil {
+		ch.ProvidedKeyAuthorization = *in.KeyAuthorization
+	}
+	return ch, nil
 }
 
 func ValidationRecordToPB(record core.ValidationRecord) (*corepb.ValidationRecord, error) {