Introduce a storage service client.

service/src/main/java/org/whispersystems/textsecuregcm/configuration/SecureStorageServiceConfiguration.java

@@ -6,18 +6,53 @@
 package org.whispersystems.textsecuregcm.configuration;
 
 import com.fasterxml.jackson.annotation.JsonProperty;
+import com.google.common.annotations.VisibleForTesting;
 import org.apache.commons.codec.DecoderException;
 import org.apache.commons.codec.binary.Hex;
 import org.hibernate.validator.constraints.NotEmpty;
 
+import javax.validation.Valid;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
+
 public class SecureStorageServiceConfiguration {
 
   @NotEmpty
   @JsonProperty
   private String userAuthenticationTokenSharedSecret;
 
+  @NotBlank
+  @JsonProperty
+  private String uri;
+
+  @NotNull
+  @Valid
+  @JsonProperty
+  private CircuitBreakerConfiguration circuitBreaker = new CircuitBreakerConfiguration();
+
+  @NotNull
+  @Valid
+  @JsonProperty
+  private RetryConfiguration retry = new RetryConfiguration();
+
   public byte[] getUserAuthenticationTokenSharedSecret() throws DecoderException {
     return Hex.decodeHex(userAuthenticationTokenSharedSecret.toCharArray());
   }
-  
+
+  @VisibleForTesting
+  public void setUri(final String uri) {
+    this.uri = uri;
+  }
+
+  public String getUri() {
+    return uri;
+  }
+
+  public CircuitBreakerConfiguration getCircuitBreakerConfiguration() {
+    return circuitBreaker;
+  }
+
+  public RetryConfiguration getRetryConfiguration() {
+    return retry;
+  }
 }

service/src/main/java/org/whispersystems/textsecuregcm/securestorage/SecureStorageClient.java

@@ -0,0 +1,68 @@
+/*
+ * Copyright 2020 Signal Messenger, LLC
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+package org.whispersystems.textsecuregcm.securestorage;
+
+import com.google.common.annotations.VisibleForTesting;
+import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialGenerator;
+import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials;
+import org.whispersystems.textsecuregcm.configuration.SecureStorageServiceConfiguration;
+import org.whispersystems.textsecuregcm.http.FaultTolerantHttpClient;
+import org.whispersystems.textsecuregcm.util.Base64;
+
+import java.net.URI;
+import java.net.http.HttpClient;
+import java.net.http.HttpRequest;
+import java.net.http.HttpResponse;
+import java.nio.charset.StandardCharsets;
+import java.time.Duration;
+import java.util.UUID;
+import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.Executor;
+
+/**
+ * A client for sending requests to Signal's secure storage service on behalf of authenticated users.
+ */
+public class SecureStorageClient {
+
+    private final ExternalServiceCredentialGenerator storageServiceCredentialGenerator;
+    private final URI                                deleteUri;
+    private final FaultTolerantHttpClient            httpClient;
+
+    @VisibleForTesting
+    static final String DELETE_PATH = "/v1/storage";
+
+    public SecureStorageClient(final ExternalServiceCredentialGenerator storageServiceCredentialGenerator, final Executor executor, final SecureStorageServiceConfiguration configuration) {
+        this.storageServiceCredentialGenerator = storageServiceCredentialGenerator;
+        this.deleteUri                         = URI.create(configuration.getUri()).resolve(DELETE_PATH);
+        this.httpClient                        = FaultTolerantHttpClient.newBuilder()
+                                                                        .withCircuitBreaker(configuration.getCircuitBreakerConfiguration())
+                                                                        .withRetry(configuration.getRetryConfiguration())
+                                                                        .withVersion(HttpClient.Version.HTTP_1_1)
+                                                                        .withConnectTimeout(Duration.ofSeconds(10))
+                                                                        .withRedirect(HttpClient.Redirect.NEVER)
+                                                                        .withExecutor(executor)
+                                                                        .withName("secure-storage")
+                                                                        .build();
+    }
+
+    public CompletableFuture<Void> deleteStoredData(final UUID accountUuid) {
+        final ExternalServiceCredentials credentials = storageServiceCredentialGenerator.generateFor(accountUuid.toString());
+
+        final HttpRequest request = HttpRequest.newBuilder()
+                .uri(deleteUri)
+                .DELETE()
+                .header("Authorization", "Basic " + Base64.encodeBytes((credentials.getUsername() + ":" + credentials.getPassword()).getBytes(StandardCharsets.UTF_8)))
+                .build();
+
+        return httpClient.sendAsync(request, HttpResponse.BodyHandlers.ofString()).thenApply(response -> {
+            if (response.statusCode() >= 200 && response.statusCode() < 300) {
+                return null;
+            }
+
+            throw new RuntimeException("Failed to delete storage service data: " + response.statusCode());
+        });
+    }
+}