Add method to delete an account

pull/17/merge
Richard Körber 2016-03-19 13:28:41 +01:00
parent 9ce3718861
commit 23bd838928
4 changed files with 72 additions and 0 deletions

View File

@ -71,6 +71,15 @@ public interface AcmeClient {
*/
void recoverRegistration(Registration registration) throws AcmeException;
/**
* Deletes an account. Related certificates may still be valid after account deletion,
* and need to be revoked separately if neccessary.
*
* @param registration
* {@link Registration} to delete
*/
void deleteRegistration(Registration registration) throws AcmeException;
/**
* Creates a new {@link Authorization} for a domain.
*

View File

@ -258,6 +258,30 @@ public abstract class AbstractAcmeClient implements AcmeClient {
}
}
@Override
public void deleteRegistration(Registration registration) throws AcmeException {
if (registration == null) {
throw new NullPointerException("registration must not be null");
}
if (registration.getLocation() == null) {
throw new IllegalArgumentException("registration location must not be null");
}
LOG.debug("deleteRegistration");
try (Connection conn = createConnection()) {
ClaimBuilder claims = new ClaimBuilder();
claims.putResource("reg");
claims.put("delete", true);
int rc = conn.sendSignedRequest(registration.getLocation(), claims, session, registration);
if (rc != HttpURLConnection.HTTP_OK) {
conn.throwAcmeException();
}
} catch (IOException ex) {
throw new AcmeNetworkException(ex);
}
}
@Override
public void newAuthorization(Registration registration, Authorization auth) throws AcmeException {
if (registration == null) {

View File

@ -260,6 +260,30 @@ public class AbstractAcmeClientTest {
assertThat(registration.getAgreement(), is(agreementUri));
}
/**
* Test that a {@link Registration} can be deleted.
*/
@Test
public void testDeleteRegistration() throws AcmeException {
Registration registration = new Registration(accountKeyPair);
registration.setLocation(locationUri);
Connection connection = new DummyConnection() {
@Override
public int sendSignedRequest(URI uri, ClaimBuilder claims, Session session, Registration registration) {
Map<String, Object> claimMap = claims.toMap();
assertThat(claimMap.get("resource"), is((Object) "reg"));
assertThat(claimMap.get("delete"), is((Object) Boolean.TRUE));
assertThat(uri, is(locationUri));
assertThat(session, is(notNullValue()));
return HttpURLConnection.HTTP_OK;
}
};
TestableAbstractAcmeClient client = new TestableAbstractAcmeClient(connection);
client.deleteRegistration(registration);
}
/**
* Test that a new {@link Authorization} can be created.
*/

View File

@ -61,6 +61,21 @@ client.changeRegistrationKey(reg, newKeyPair);
All subsequent calls must now use the new key pair. The old key pair can be disposed.
## Delete an Account
You can delete your account if you don't need it any more:
```java
KeyPair keyPair = ... // your account KeyPair
URI accountLocationUri = ... // your account's URI
Registration reg = new Registration(keyPair, accountLocationUri);
client.deleteRegistration(reg);
```
Depending on the CA, the related authorizations may be automatically deleted as well. The certificates may still be valid until expiration or explicit revocation. If you want to make sure the certificates are invalidated as well, revoke them prior to deleting your account.
## Key Pair Utilities
The `KeyPairUtils` class in the `acme4j-utils` module provides a few methods to make key pair handling more convenient.