Fix key server to not list expired keys

Fixes the key server to not list expire keys and by default not return expired or unapproved keys unless explicitly requested.

Fixes #1430

endpoints/api/superuser.py

@@ -639,7 +639,7 @@ class SuperUserServiceKey(ApiResource):
   def get(self, kid):
     if SuperUserPermission().can():
       try:
-        key = model.service_keys.get_service_key(kid)
+        key = model.service_keys.get_service_key(kid, approved_only=False, alive_only=False)
         return jsonify(key_view(key))
       except model.service_keys.ServiceKeyDoesNotExist:
         abort(404)
@@ -655,7 +655,7 @@ class SuperUserServiceKey(ApiResource):
     if SuperUserPermission().can():
       body = request.get_json()
       try:
-        key = model.service_keys.get_service_key(kid)
+        key = model.service_keys.get_service_key(kid, approved_only=False, alive_only=False)
       except model.service_keys.ServiceKeyDoesNotExist:
         abort(404)
 
@@ -690,7 +690,8 @@ class SuperUserServiceKey(ApiResource):
         model.service_keys.update_service_key(kid, body.get('name'), body.get('metadata'))
         log_action('service_key_modify', None, key_log_metadata)
 
-      return jsonify(key_view(model.service_keys.get_service_key(kid)))
+      updated_key = model.service_keys.get_service_key(kid, approved_only=False, alive_only=False)
+      return jsonify(key_view(updated_key))
 
     abort(403)