Accounts and registrations are now deactivated, not deleted

acme4j-client/src/main/java/org/shredzone/acme4j/AcmeClient.java

@@ -62,13 +62,13 @@ public interface AcmeClient {
                 throws AcmeException;
 
     /**
-     * Deletes an account. Related certificates may still be valid after account deletion,
+     * Deactivates an account. Related certificates may still be valid after account
-     * and need to be revoked separately if neccessary.
+     * deactivation, and need to be revoked separately if neccessary.
      *
      * @param registration
-     *            {@link Registration} to delete
+     *            {@link Registration} to deactivate
      */
-    void deleteRegistration(Registration registration) throws AcmeException;
+    void deactivateRegistration(Registration registration) throws AcmeException;
 
     /**
      * Creates a new {@link Authorization} for a domain.
@@ -89,14 +89,14 @@ public interface AcmeClient {
     void updateAuthorization(Authorization auth) throws AcmeException;
 
     /**
-     * Deletes an {@link Authorization}.
+     * Deactivates an {@link Authorization}.
      *
      * @param registration
      *            {@link Registration} the authorization is related to
      * @param auth
-     *            {@link Authorization} to delete
+     *            {@link Authorization} to deactivate
      */
-    void deleteAuthorization(Registration registration, Authorization auth) throws AcmeException;
+    void deactivateAuthorization(Registration registration, Authorization auth) throws AcmeException;
 
     /**
      * Triggers a {@link Challenge}. The ACME server is requested to validate the

acme4j-client/src/main/java/org/shredzone/acme4j/Status.java

@@ -20,7 +20,7 @@ package org.shredzone.acme4j;
  */
 public enum Status {
 
-    PENDING, PROCESSING, VALID, INVALID, REVOKED, UNKNOWN;
+    PENDING, PROCESSING, VALID, INVALID, REVOKED, DEACTIVATED, UNKNOWN;
 
     /**
      * Parses the string and returns a corresponding Status object.

acme4j-client/src/main/java/org/shredzone/acme4j/impl/AbstractAcmeClient.java

@@ -226,7 +226,7 @@ public abstract class AbstractAcmeClient implements AcmeClient {
     }
 
     @Override
-    public void deleteRegistration(Registration registration) throws AcmeException {
+    public void deactivateRegistration(Registration registration) throws AcmeException {
         if (registration == null) {
             throw new NullPointerException("registration must not be null");
         }
@@ -234,11 +234,11 @@ public abstract class AbstractAcmeClient implements AcmeClient {
             throw new IllegalArgumentException("registration location must not be null");
         }
 
-        LOG.debug("deleteRegistration");
+        LOG.debug("deactivateRegistration");
         try (Connection conn = createConnection()) {
             ClaimBuilder claims = new ClaimBuilder();
             claims.putResource("reg");
-            claims.put("delete", true);
+            claims.put("status", "deactivated");
 
             int rc = conn.sendSignedRequest(registration.getLocation(), claims, session, registration);
             if (rc != HttpURLConnection.HTTP_OK) {
@@ -309,7 +309,7 @@ public abstract class AbstractAcmeClient implements AcmeClient {
     }
 
     @Override
-    public void deleteAuthorization(Registration registration, Authorization auth) throws AcmeException {
+    public void deactivateAuthorization(Registration registration, Authorization auth) throws AcmeException {
         if (registration == null) {
             throw new NullPointerException("registration must not be null");
         }
@@ -320,11 +320,11 @@ public abstract class AbstractAcmeClient implements AcmeClient {
             throw new IllegalArgumentException("auth location must not be null. Use newAuthorization() if not known.");
         }
 
-        LOG.debug("deleteAuthorization");
+        LOG.debug("deactivateAuthorization");
         try (Connection conn = createConnection()) {
             ClaimBuilder claims = new ClaimBuilder();
             claims.putResource("authz");
-            claims.put("delete", true);
+            claims.put("status", "deactivated");
 
             int rc = conn.sendSignedRequest(auth.getLocation(), claims, session, registration);
             if (rc != HttpURLConnection.HTTP_OK) {

acme4j-client/src/test/java/org/shredzone/acme4j/impl/AbstractAcmeClientTest.java

@@ -225,7 +225,7 @@ public class AbstractAcmeClientTest {
      * Test that a {@link Registration} can be deleted.
      */
     @Test
-    public void testDeleteRegistration() throws AcmeException {
+    public void testDeactivateRegistration() throws AcmeException {
         Registration registration = new Registration(accountKeyPair);
         registration.setLocation(locationUri);
 
@@ -234,7 +234,7 @@ public class AbstractAcmeClientTest {
             public int sendSignedRequest(URI uri, ClaimBuilder claims, Session session, Registration registration) {
                 Map<String, Object> claimMap = claims.toMap();
                 assertThat(claimMap.get("resource"), is((Object) "reg"));
-                assertThat(claimMap.get("delete"), is((Object) Boolean.TRUE));
+                assertThat(claimMap.get("status"), is((Object) "deactivated"));
                 assertThat(uri, is(locationUri));
                 assertThat(session, is(notNullValue()));
                 return HttpURLConnection.HTTP_OK;
@@ -242,7 +242,7 @@ public class AbstractAcmeClientTest {
         };
 
         TestableAbstractAcmeClient client = new TestableAbstractAcmeClient(connection);
-        client.deleteRegistration(registration);
+        client.deactivateRegistration(registration);
     }
 
     /**
@@ -355,7 +355,7 @@ public class AbstractAcmeClientTest {
             public int sendSignedRequest(URI uri, ClaimBuilder claims, Session session, Registration registration) {
                 Map<String, Object> claimMap = claims.toMap();
                 assertThat(claimMap.get("resource"), is((Object) "authz"));
-                assertThat(claimMap.get("delete"), is((Object) Boolean.TRUE));
+                assertThat(claimMap.get("status"), is((Object) "deactivated"));
                 assertThat(uri, is(locationUri));
                 assertThat(session, is(notNullValue()));
                 assertThat(registration.getKeyPair(), is(sameInstance(accountKeyPair)));
@@ -364,7 +364,7 @@ public class AbstractAcmeClientTest {
         };
 
         TestableAbstractAcmeClient client = new TestableAbstractAcmeClient(connection);
-        client.deleteAuthorization(testRegistration, auth);
+        client.deactivateAuthorization(testRegistration, auth);
     }
 
     /**

src/site/markdown/usage/authorization.md

@@ -75,14 +75,14 @@ client.updateAuthorization(auth);
 
 After that call, the `Authorization` object contains the current server state about your authorization, including the domain name, the overall status, and an expiry date.
 
-## Delete an Authorization
+## Deactivate an Authorization
 
-It is possible to delete an Authorization, for example if you sell the associated domain.
+It is possible to deactivate an Authorization, for example if you sell the associated domain.
 
 ```java
 URI authUri = ... // Authorization URI
 Authorization auth = new Authorization(authUri);
-client.deleteAuthorization(registration, auth);
+client.deactivateAuthorization(registration, auth);
 ```
 
 ## Restore a Challenge

src/site/markdown/usage/register.md

@@ -61,9 +61,9 @@ client.changeRegistrationKey(reg, newKeyPair);
 
 All subsequent calls must now use the new key pair. The old key pair can be disposed.
 
-## Delete an Account
+## Deactivate an Account
 
-You can delete your account if you don't need it any more:
+You can deactivate your account if you don't need it any more:
 
 ```java
 KeyPair keyPair = ... // your account KeyPair
@@ -71,10 +71,12 @@ URI accountLocationUri = ... // your account's URI
 
 Registration reg = new Registration(keyPair, accountLocationUri);
 
-client.deleteRegistration(reg);
+client.deactivateRegistration(reg);
 ```
 
-Depending on the CA, the related authorizations may be automatically deleted as well. The certificates may still be valid until expiration or explicit revocation. If you want to make sure the certificates are invalidated as well, revoke them prior to deleting your account.
+Depending on the CA, the related authorizations may be automatically deactivated as well. The certificates may still be valid until expiration or explicit revocation. If you want to make sure the certificates are invalidated as well, revoke them prior to deactivation of your account.
+
+There is no way to reactivate the account once it is deactivated!
 
 ## Key Pair Utilities