Use json tags to suppress Account fields in API responses (#8455)

Fixes #7774

Author: aarongable

core/objects.go

@@ -94,7 +94,7 @@ type RawCertificateRequest struct {
 // to account keys.
 type Registration struct {
 	// Unique identifier
-	ID int64 `json:"id,omitempty"`
+	ID int64 `json:"-"`
 
 	// Account key to which the details are attached
 	Key *jose.JSONWebKey `json:"key"`
@@ -103,7 +103,7 @@ type Registration struct {
 	Contact *[]string `json:"contact,omitempty"`
 
 	// Agreement with terms of service
-	Agreement string `json:"agreement,omitempty"`
+	Agreement string `json:"-"`
 
 	// CreatedAt is the time the registration was created.
 	CreatedAt *time.Time `json:"createdAt,omitempty"`

wfe2/wfe.go

@@ -768,7 +768,6 @@ func (wfe *WebFrontEndImpl) NewAccount(
 			wfe.sendError(response, logEvent, probs.ServerInternal("Error marshaling account"), err)
 			return
 		}
-		prepAccountForDisplay(&acct)
 
 		err = wfe.writeJsonResponse(response, logEvent, http.StatusOK, acct)
 		if err != nil {
@@ -895,8 +894,6 @@ func (wfe *WebFrontEndImpl) NewAccount(
 		response.Header().Add("Link", link(wfe.SubscriberAgreementURL, "terms-of-service"))
 	}
 
-	prepAccountForDisplay(&acct)
-
 	err = wfe.writeJsonResponse(response, logEvent, http.StatusCreated, acct)
 	if err != nil {
 		// ServerInternal because we just created this account, and it
@@ -1197,24 +1194,6 @@ func (wfe *WebFrontEndImpl) Challenge(
 	}
 }
 
-// prepAccountForDisplay takes a core.Registration and mutates it to be ready
-// for display in a JSON response. Primarily it papers over legacy ACME v1
-// features or non-standard details internal to Boulder we don't want clients to
-// rely on.
-func prepAccountForDisplay(acct *core.Registration) {
-	// Zero out the account ID so that it isn't marshalled. RFC 8555 specifies
-	// using the Location header for learning the account ID.
-	acct.ID = 0
-
-	// We populate the account Agreement field when creating a new response to
-	// track which terms-of-service URL was in effect when an account with
-	// "termsOfServiceAgreed":"true" is created. That said, we don't want to send
-	// this value back to a V2 client. The "Agreement" field of an
-	// account/registration is a V1 notion so we strip it here in the WFE2 before
-	// returning the account.
-	acct.Agreement = ""
-}
-
 // prepChallengeForDisplay takes a core.Challenge and prepares it for display to
 // the client by filling in its URL field and clearing several unnecessary
 // fields.
@@ -1432,8 +1411,6 @@ func (wfe *WebFrontEndImpl) Account(
 		response.Header().Add("Link", link(wfe.SubscriberAgreementURL, "terms-of-service"))
 	}
 
-	prepAccountForDisplay(acct)
-
 	err = wfe.writeJsonResponse(response, logEvent, http.StatusOK, acct)
 	if err != nil {
 		wfe.sendError(response, logEvent, probs.ServerInternal("Failed to marshal account"), err)
@@ -1994,7 +1971,6 @@ func (wfe *WebFrontEndImpl) KeyRollover(
 		wfe.sendError(response, logEvent, probs.ServerInternal("Error marshaling proto to registration"), err)
 		return
 	}
-	prepAccountForDisplay(&updatedAcct)
 
 	err = wfe.writeJsonResponse(response, logEvent, http.StatusOK, updatedAcct)
 	if err != nil {

wfe2/wfe_test.go

@@ -3779,19 +3779,30 @@ func TestOrderToOrderJSONV2Authorizations(t *testing.T) {
 	})
 }
 
-func TestPrepAccountForDisplay(t *testing.T) {
+func TestAccountMarshaling(t *testing.T) {
 	acct := &core.Registration{
 		ID:        1987,
 		Agreement: "disagreement",
+		Status:    core.StatusValid,
 	}
 
-	// Prep the account for display.
-	prepAccountForDisplay(acct)
+	marshaled, err := json.Marshal(acct)
+	if err != nil {
+		t.Fatalf("marshalling account object: %s", err)
+	}
+
+	var got core.Registration
+	err = json.Unmarshal(marshaled, &got)
+	if err != nil {
+		t.Fatalf("unmarshaling account object: %s", err)
+	}
 
 	// The Agreement should always be cleared.
-	test.AssertEquals(t, acct.Agreement, "")
+	test.AssertEquals(t, got.Agreement, "")
 	// The ID field should be zeroed.
-	test.AssertEquals(t, acct.ID, int64(0))
+	test.AssertEquals(t, got.ID, int64(0))
+	// The Status field should be preserved.
+	test.AssertEquals(t, got.Status, core.StatusValid)
 }
 
 // TestGet404 tests that a 404 is served and that the expected endpoint of