From 23bd8389284bf670428d71260988a40658554d72 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Richard=20K=C3=B6rber?= <github@shredzone.org>
Date: Sat, 19 Mar 2016 13:28:41 +0100
Subject: [PATCH] Add method to delete an account

---
 .../java/org/shredzone/acme4j/AcmeClient.java |  9 +++++++
 .../acme4j/impl/AbstractAcmeClient.java       | 24 +++++++++++++++++++
 .../acme4j/impl/AbstractAcmeClientTest.java   | 24 +++++++++++++++++++
 src/site/markdown/usage/register.md           | 15 ++++++++++++
 4 files changed, 72 insertions(+)

diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/AcmeClient.java b/acme4j-client/src/main/java/org/shredzone/acme4j/AcmeClient.java
index 80942414..d419e07e 100644
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/AcmeClient.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/AcmeClient.java
@@ -71,6 +71,15 @@ public interface AcmeClient {
      */
     void recoverRegistration(Registration registration) throws AcmeException;
 
+    /**
+     * Deletes an account. Related certificates may still be valid after account deletion,
+     * and need to be revoked separately if neccessary.
+     *
+     * @param registration
+     *            {@link Registration} to delete
+     */
+    void deleteRegistration(Registration registration) throws AcmeException;
+
     /**
      * Creates a new {@link Authorization} for a domain.
      *
diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/impl/AbstractAcmeClient.java b/acme4j-client/src/main/java/org/shredzone/acme4j/impl/AbstractAcmeClient.java
index a9c2f156..51df572d 100644
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/impl/AbstractAcmeClient.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/impl/AbstractAcmeClient.java
@@ -258,6 +258,30 @@ public abstract class AbstractAcmeClient implements AcmeClient {
         }
     }
 
+    @Override
+    public void deleteRegistration(Registration registration) throws AcmeException {
+        if (registration == null) {
+            throw new NullPointerException("registration must not be null");
+        }
+        if (registration.getLocation() == null) {
+            throw new IllegalArgumentException("registration location must not be null");
+        }
+
+        LOG.debug("deleteRegistration");
+        try (Connection conn = createConnection()) {
+            ClaimBuilder claims = new ClaimBuilder();
+            claims.putResource("reg");
+            claims.put("delete", true);
+
+            int rc = conn.sendSignedRequest(registration.getLocation(), claims, session, registration);
+            if (rc != HttpURLConnection.HTTP_OK) {
+                conn.throwAcmeException();
+            }
+        } catch (IOException ex) {
+            throw new AcmeNetworkException(ex);
+        }
+    }
+
     @Override
     public void newAuthorization(Registration registration, Authorization auth) throws AcmeException {
         if (registration == null) {
diff --git a/acme4j-client/src/test/java/org/shredzone/acme4j/impl/AbstractAcmeClientTest.java b/acme4j-client/src/test/java/org/shredzone/acme4j/impl/AbstractAcmeClientTest.java
index 953c12aa..a10c36a8 100644
--- a/acme4j-client/src/test/java/org/shredzone/acme4j/impl/AbstractAcmeClientTest.java
+++ b/acme4j-client/src/test/java/org/shredzone/acme4j/impl/AbstractAcmeClientTest.java
@@ -260,6 +260,30 @@ public class AbstractAcmeClientTest {
         assertThat(registration.getAgreement(), is(agreementUri));
     }
 
+    /**
+     * Test that a {@link Registration} can be deleted.
+     */
+    @Test
+    public void testDeleteRegistration() throws AcmeException {
+        Registration registration = new Registration(accountKeyPair);
+        registration.setLocation(locationUri);
+
+        Connection connection = new DummyConnection() {
+            @Override
+            public int sendSignedRequest(URI uri, ClaimBuilder claims, Session session, Registration registration) {
+                Map<String, Object> claimMap = claims.toMap();
+                assertThat(claimMap.get("resource"), is((Object) "reg"));
+                assertThat(claimMap.get("delete"), is((Object) Boolean.TRUE));
+                assertThat(uri, is(locationUri));
+                assertThat(session, is(notNullValue()));
+                return HttpURLConnection.HTTP_OK;
+            }
+        };
+
+        TestableAbstractAcmeClient client = new TestableAbstractAcmeClient(connection);
+        client.deleteRegistration(registration);
+    }
+
     /**
      * Test that a new {@link Authorization} can be created.
      */
diff --git a/src/site/markdown/usage/register.md b/src/site/markdown/usage/register.md
index 3f2e6b99..225bd440 100644
--- a/src/site/markdown/usage/register.md
+++ b/src/site/markdown/usage/register.md
@@ -61,6 +61,21 @@ client.changeRegistrationKey(reg, newKeyPair);
 
 All subsequent calls must now use the new key pair. The old key pair can be disposed.
 
+## Delete an Account
+
+You can delete your account if you don't need it any more:
+
+```java
+KeyPair keyPair = ... // your account KeyPair
+URI accountLocationUri = ... // your account's URI
+
+Registration reg = new Registration(keyPair, accountLocationUri);
+
+client.deleteRegistration(reg);
+```
+
+Depending on the CA, the related authorizations may be automatically deleted as well. The certificates may still be valid until expiration or explicit revocation. If you want to make sure the certificates are invalidated as well, revoke them prior to deleting your account.
+
 ## Key Pair Utilities
 
 The `KeyPairUtils` class in the `acme4j-utils` module provides a few methods to make key pair handling more convenient.