acme: add v3 implementation to RevokeAuthorization

Let's Encrypt apparently implements authorization revocation as specified in the v3 of the spec: https://tools.ietf.org/html/draft-ietf-acme-acme-03#section-6.4.2. See the relevant boulder source code here: be01ca17d3/wfe/wfe.go (L1177-L1213) This change makes RevokeAuthorization compatible with both v2 and v3 versions of the spec, as well as Let's Encrypt staging/production actual implementation. Change-Id: I7e860944005a55b156a45d96e1b8eb41126ce6bb Reviewed-on: https://go-review.googlesource.com/31990 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
2016-10-25 14:52:55 +02:00 · 2016-10-25 14:52:55 +02:00 · ca7e7f10cb
--- a/acme/acme.go
+++ b/acme/acme.go
@ -406,9 +406,11 @@ func (c *Client) GetAuthorization(ctx context.Context, url string) (*Authorizati
 func (c *Client) RevokeAuthorization(ctx context.Context, url string) error {
 	req := struct {
 		Resource string `json:"resource"`
+		Status   string `json:"status"`
 		Delete   bool   `json:"delete"`
 	}{
 		Resource: "authz",
+		Status:   "deactivated",
 		Delete:   true,
 	}
 	res, err := postJWS(ctx, c.HTTPClient, c.Key, url, req)
--- a/acme/acme_test.go
+++ b/acme/acme_test.go
@ -562,12 +562,16 @@ func TestRevokeAuthorization(t *testing.T) {
 		case "/1":
 			var req struct {
 				Resource string
+				Status   string
 				Delete   bool
 			}
 			decodeJWSRequest(t, &req, r)
 			if req.Resource != "authz" {
 				t.Errorf("req.Resource = %q; want authz", req.Resource)
 			}
+			if req.Status != "deactivated" {
+				t.Errorf("req.Status = %q; want deactivated", req.Status)
+			}
 			if !req.Delete {
 				t.Errorf("req.Delete is false")
 			}