From eb3025e0bfd14594d922c7fdb9e19774f6976089 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20M=C3=BCller?= <daniel.mueller@uni-muenster.de>
Date: Tue, 30 Mar 2021 14:35:58 +0200
Subject: [PATCH] Add site account registration panel (#1595)

---
 changelog/unreleased/siteacc-reg-panel.md     |   5 +
 .../config/http/services/siteacc/_index.md    |  18 ++
 examples/metrics/xcloud.toml                  |   4 +-
 examples/siteacc/siteacc.toml                 |   2 +
 .../http/services/siteacc/config/config.go    |   6 +
 .../http/services/siteacc/config/endpoints.go |   6 +-
 .../http/services/siteacc/data/account.go     |   3 +-
 internal/http/services/siteacc/manager.go     |  44 +++-
 .../http/services/siteacc/panel/template.go   |   7 +-
 .../services/siteacc/registration/form.go     |  76 ++++++
 .../services/siteacc/registration/template.go | 216 ++++++++++++++++++
 internal/http/services/siteacc/siteacc.go     |  44 +++-
 .../http/services/siteacc/sitereg/sitereg.go  |  57 +++++
 pkg/mentix/key/apikey.go                      |   6 +
 pkg/mentix/utils/network/network.go           |  15 +-
 pkg/metrics/config/config.go                  |   5 +-
 pkg/metrics/driver/xcloud/xcloud.go           |  94 +-------
 17 files changed, 497 insertions(+), 111 deletions(-)
 create mode 100644 changelog/unreleased/siteacc-reg-panel.md
 create mode 100644 internal/http/services/siteacc/registration/form.go
 create mode 100644 internal/http/services/siteacc/registration/template.go
 create mode 100644 internal/http/services/siteacc/sitereg/sitereg.go

diff --git a/changelog/unreleased/siteacc-reg-panel.md b/changelog/unreleased/siteacc-reg-panel.md
new file mode 100644
index 0000000000..1f89dd683e
--- /dev/null
+++ b/changelog/unreleased/siteacc-reg-panel.md
@@ -0,0 +1,5 @@
+Enhancement: Add site account registration panel
+
+This PR adds a site account registration panel to the site accounts service. It also removes site registration from the xcloud metrics driver.
+
+https://github.com/cs3org/reva/pull/1595
diff --git a/docs/content/en/docs/config/http/services/siteacc/_index.md b/docs/content/en/docs/config/http/services/siteacc/_index.md
index 425d3f0c7c..d56f901c0f 100644
--- a/docs/content/en/docs/config/http/services/siteacc/_index.md
+++ b/docs/content/en/docs/config/http/services/siteacc/_index.md
@@ -19,6 +19,15 @@ prefix = "/siteacc"
 {{< /highlight >}}
 {{% /dir %}}
 
+{{% dir name="enable_registration_form" type="string" default="false" %}}
+If set to true, the service will expose a simple form for account registration.
+
+{{< highlight toml >}}
+[http.services.siteacc]
+enable_registration_form = true
+{{< /highlight >}}
+{{% /dir %}}
+
 {{% dir name="notifications_mail" type="string" default="" %}}
 An email address where all notifications are sent to.
 {{< highlight toml >}}
@@ -93,3 +102,12 @@ The file location.
 file = "/var/reva/accounts.json"
 {{< /highlight >}}
 {{% /dir %}}
+
+## Site registration settings
+{{% dir name="url" type="string" default="" %}}
+The registration service URL.
+{{< highlight toml >}}
+[http.services.siteacc.sitereg]
+url = "https://iop.example.com/sitereg"
+{{< /highlight >}}
+{{% /dir %}}
diff --git a/examples/metrics/xcloud.toml b/examples/metrics/xcloud.toml
index d055bcfe75..8896d40ea1 100644
--- a/examples/metrics/xcloud.toml
+++ b/examples/metrics/xcloud.toml
@@ -5,8 +5,6 @@ address = "0.0.0.0:5550"
 metrics_data_driver_type = "xcloud"
 metrics_record_interval = 5000
 xcloud_instance = "http://localhost"
-xcloud_interval = 5
-xcloud_catalog = 'https://sciencemesh-test.uni-muenster.de/api/mentix/sites?action=register'
-insecure_skip_verify = true
+xcloud_pull_interval = 60
 
 [http.services.prometheus]
diff --git a/examples/siteacc/siteacc.toml b/examples/siteacc/siteacc.toml
index a03c393065..093fe58f86 100644
--- a/examples/siteacc/siteacc.toml
+++ b/examples/siteacc/siteacc.toml
@@ -2,6 +2,8 @@
 address = "0.0.0.0:9600"
 
 [http.services.siteacc]
+# If this is set to true, the service will expose a simple form for account registration
+enable_registration_form = true
 # All notification emails are sent to this email
 notifications_mail = "science.mesh@example.com"
 
diff --git a/internal/http/services/siteacc/config/config.go b/internal/http/services/siteacc/config/config.go
index 6a4a282183..60eeec1902 100644
--- a/internal/http/services/siteacc/config/config.go
+++ b/internal/http/services/siteacc/config/config.go
@@ -32,6 +32,12 @@ type Configuration struct {
 		} `mapstructure:"file"`
 	} `mapstructure:"storage"`
 
+	EnableRegistrationForm bool `mapstructure:"enable_registration_form"`
+
 	SMTP              *smtpclient.SMTPCredentials `mapstructure:"smtp"`
 	NotificationsMail string                      `mapstructure:"notifications_mail"`
+
+	SiteRegistration struct {
+		URL string `mapstructure:"url"`
+	} `mapstructure:"sitereg"`
 }
diff --git a/internal/http/services/siteacc/config/endpoints.go b/internal/http/services/siteacc/config/endpoints.go
index 80541bf803..8042085e61 100644
--- a/internal/http/services/siteacc/config/endpoints.go
+++ b/internal/http/services/siteacc/config/endpoints.go
@@ -21,6 +21,8 @@ package config
 const (
 	// EndpointPanel is the endpoint path of the web interface panel.
 	EndpointPanel = "/panel"
+	// EndpointRegistration is the endpoint path of the web interface registration form.
+	EndpointRegistration = "/register"
 
 	// EndpointGenerateAPIKey is the endpoint path of the API key generator.
 	EndpointGenerateAPIKey = "/generate-api-key"
@@ -41,8 +43,10 @@ const (
 	// EndpointRemove is the endpoint path for account removal.
 	EndpointRemove = "/remove"
 
-	// EndpointAuthorize is the endpoint path for account authorization
+	// EndpointAuthorize is the endpoint path for account authorization.
 	EndpointAuthorize = "/authorize"
 	// EndpointIsAuthorized is the endpoint path used to check the authorization status of an account.
 	EndpointIsAuthorized = "/is-authorized"
+	// EndpointUnregisterSite is the endpoint path for site unregistration.
+	EndpointUnregisterSite = "/unregister-site"
 )
diff --git a/internal/http/services/siteacc/data/account.go b/internal/http/services/siteacc/data/account.go
index dce4ea7b1a..914d5b7e12 100644
--- a/internal/http/services/siteacc/data/account.go
+++ b/internal/http/services/siteacc/data/account.go
@@ -19,7 +19,6 @@
 package data
 
 import (
-	"strings"
 	"time"
 
 	"github.com/pkg/errors"
@@ -51,7 +50,7 @@ type Accounts = []*Account
 
 // GetSiteID returns the site ID (generated from the API key) for the given account.
 func (acc *Account) GetSiteID() key.SiteIdentifier {
-	if id, err := key.CalculateSiteID(acc.Data.APIKey, strings.ToLower(acc.Email)); err == nil {
+	if id, err := key.CalculateSiteID(acc.Data.APIKey, key.SaltFromEmail(acc.Email)); err == nil {
 		return id
 	}
 
diff --git a/internal/http/services/siteacc/manager.go b/internal/http/services/siteacc/manager.go
index f625dd96a3..23916bd117 100644
--- a/internal/http/services/siteacc/manager.go
+++ b/internal/http/services/siteacc/manager.go
@@ -33,6 +33,8 @@ import (
 	"github.com/cs3org/reva/internal/http/services/siteacc/data"
 	"github.com/cs3org/reva/internal/http/services/siteacc/email"
 	"github.com/cs3org/reva/internal/http/services/siteacc/panel"
+	"github.com/cs3org/reva/internal/http/services/siteacc/registration"
+	"github.com/cs3org/reva/internal/http/services/siteacc/sitereg"
 	"github.com/cs3org/reva/pkg/mentix/key"
 	"github.com/cs3org/reva/pkg/smtpclient"
 )
@@ -54,8 +56,9 @@ type Manager struct {
 	accounts data.Accounts
 	storage  data.Storage
 
-	panel *panel.Panel
-	smtp  *smtpclient.SMTPCredentials
+	panel            *panel.Panel
+	registrationForm *registration.Form
+	smtp             *smtpclient.SMTPCredentials
 
 	mutex sync.RWMutex
 }
@@ -88,6 +91,13 @@ func (mngr *Manager) initialize(conf *config.Configuration, log *zerolog.Logger)
 		return errors.Wrap(err, "unable to create panel")
 	}
 
+	// Create the web interface registrationForm
+	if frm, err := registration.NewForm(conf, log); err == nil {
+		mngr.registrationForm = frm
+	} else {
+		return errors.Wrap(err, "unable to create registrationForm")
+	}
+
 	// Create the SMTP client
 	if conf.SMTP != nil {
 		mngr.smtp = smtpclient.NewSMTPCredentials(conf.SMTP)
@@ -163,6 +173,11 @@ func (mngr *Manager) ShowPanel(w http.ResponseWriter) error {
 	return mngr.panel.Execute(w, &accounts)
 }
 
+// ShowRegistrationForm writes the registration registrationForm HTTP output directly to the response writer.
+func (mngr *Manager) ShowRegistrationForm(w http.ResponseWriter) error {
+	return mngr.registrationForm.Execute(w)
+}
+
 // CreateAccount creates a new account; if an account with the same email address already exists, an error is returned.
 func (mngr *Manager) CreateAccount(accountData *data.Account) error {
 	mngr.mutex.Lock()
@@ -261,7 +276,7 @@ func (mngr *Manager) AssignAPIKeyToAccount(accountData *data.Account, flags int)
 	}
 
 	for {
-		apiKey, err := key.GenerateAPIKey(strings.ToLower(account.Email), flags) // Use the (lowered) email address as the key's salt value
+		apiKey, err := key.GenerateAPIKey(key.SaltFromEmail(account.Email), flags)
 		if err != nil {
 			return errors.Wrap(err, "error while generating API key")
 		}
@@ -283,6 +298,29 @@ func (mngr *Manager) AssignAPIKeyToAccount(accountData *data.Account, flags int)
 	return nil
 }
 
+// UnregisterAccountSite unregisters the site associated with the given account.
+func (mngr *Manager) UnregisterAccountSite(accountData *data.Account) error {
+	mngr.mutex.RLock()
+	defer mngr.mutex.RUnlock()
+
+	account, err := mngr.findAccount(FindByEmail, accountData.Email)
+	if err != nil {
+		return errors.Wrap(err, "no account with the specified email exists")
+	}
+
+	salt := key.SaltFromEmail(account.Email)
+	siteID, err := key.CalculateSiteID(account.Data.APIKey, salt)
+	if err != nil {
+		return errors.Wrap(err, "unable to get site ID")
+	}
+
+	if err := sitereg.UnregisterSite(mngr.conf.SiteRegistration.URL, account.Data.APIKey, siteID, salt); err != nil {
+		return errors.Wrap(err, "error while unregistering the site")
+	}
+
+	return nil
+}
+
 // RemoveAccount removes the account identified by the account email; if no such account exists, an error is returned.
 func (mngr *Manager) RemoveAccount(accountData *data.Account) error {
 	mngr.mutex.Lock()
diff --git a/internal/http/services/siteacc/panel/template.go b/internal/http/services/siteacc/panel/template.go
index 7493d15287..df3fa7636f 100644
--- a/internal/http/services/siteacc/panel/template.go
+++ b/internal/http/services/siteacc/panel/template.go
@@ -89,11 +89,14 @@ const panelTemplate = `
 					<button type="button" onClick="handleAction('assign-api-key?isScienceMesh', '{{.Email}}');" {{if .Data.APIKey}}disabled{{end}}>ScienceMesh API Key</button>
 	
 				{{if .Data.Authorized}}
-					<button type="button" onClick="handleAction('authorize?status=false', '{{.Email}}');">Unauthorize</button>
+					<button type="button" onClick="handleAction('authorize?status=false', '{{.Email}}');" {{if not .Data.APIKey}}disabled{{end}}>Unauthorize</button>
 				{{else}}
-					<button type="button" onClick="handleAction('authorize?status=true', '{{.Email}}');">Authorize</button>
+					<button type="button" onClick="handleAction('authorize?status=true', '{{.Email}}');" {{if not .Data.APIKey}}disabled{{end}}>Authorize</button>
 				{{end}}
 
+					<span style="width: 25px;">&nbsp;</span>
+					<button type="button" onClick="handleAction('unregister-site', '{{.Email}}');" {{if not .Data.APIKey}}disabled{{end}}>Unregister site</button>
+
 					<span style="width: 25px;">&nbsp;</span>
 					<button type="button" onClick="handleAction('remove', '{{.Email}}');">Remove</button>
 				</form>
diff --git a/internal/http/services/siteacc/registration/form.go b/internal/http/services/siteacc/registration/form.go
new file mode 100644
index 0000000000..e7649e891d
--- /dev/null
+++ b/internal/http/services/siteacc/registration/form.go
@@ -0,0 +1,76 @@
+// Copyright 2018-2020 CERN
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// In applying this license, CERN does not waive the privileges and immunities
+// granted to it by virtue of its status as an Intergovernmental Organization
+// or submit itself to any jurisdiction.
+
+package registration
+
+import (
+	"html/template"
+	"net/http"
+
+	"github.com/pkg/errors"
+	"github.com/rs/zerolog"
+
+	"github.com/cs3org/reva/internal/http/services/siteacc/config"
+)
+
+// Form represents the web interface form for user account registration.
+type Form struct {
+	conf *config.Configuration
+	log  *zerolog.Logger
+
+	tpl *template.Template
+}
+
+func (form *Form) initialize(conf *config.Configuration, log *zerolog.Logger) error {
+	if conf == nil {
+		return errors.Errorf("no configuration provided")
+	}
+	form.conf = conf
+
+	if log == nil {
+		return errors.Errorf("no logger provided")
+	}
+	form.log = log
+
+	// Create the form template
+	form.tpl = template.New("form")
+	if _, err := form.tpl.Parse(formTemplate); err != nil {
+		return errors.Wrap(err, "error while parsing form template")
+	}
+
+	return nil
+}
+
+// Execute generates the HTTP output of the form and writes it to the response writer.
+func (form *Form) Execute(w http.ResponseWriter) error {
+	type TemplateData struct {
+	}
+
+	tplData := TemplateData{}
+
+	return form.tpl.Execute(w, tplData)
+}
+
+// NewForm creates a new web interface form.
+func NewForm(conf *config.Configuration, log *zerolog.Logger) (*Form, error) {
+	form := &Form{}
+	if err := form.initialize(conf, log); err != nil {
+		return nil, errors.Wrapf(err, "unable to initialize the form")
+	}
+	return form, nil
+}
diff --git a/internal/http/services/siteacc/registration/template.go b/internal/http/services/siteacc/registration/template.go
new file mode 100644
index 0000000000..8da584177d
--- /dev/null
+++ b/internal/http/services/siteacc/registration/template.go
@@ -0,0 +1,216 @@
+// Copyright 2018-2020 CERN
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// In applying this license, CERN does not waive the privileges and immunities
+// granted to it by virtue of its status as an Intergovernmental Organization
+// or submit itself to any jurisdiction.
+
+package registration
+
+const formTemplate = `
+<!DOCTYPE html>
+<html>
+<head>	
+	<script>
+		function enableForm(enable) {
+			var form = document.getElementById("form");
+			var elements = form.elements;
+			for (var i = 0, len = elements.length; i < len; ++i) {
+				elements[i].disabled = !enable;
+			}
+		}
+
+		function setElementVisibility(id, visible) {
+			var elem = document.getElementById(id);
+			if (visible) {			
+				elem.classList.add("visible");
+				elem.classList.remove("hidden");
+			} else {
+				elem.classList.remove("visible");
+				elem.classList.add("hidden");
+			}
+		}
+
+		function setError(err, focusElem = "") {
+			setElementVisibility("error", true);
+			var elem = document.getElementById("error");
+			elem.innerHTML = err;
+
+			enableForm(true);
+
+			if (focusElem != "") {
+				var elem = document.getElementById(focusElem);
+				elem.focus();
+			}
+		}
+
+		function verifyForm(formData) {
+			if (formData.get("email") == "") {
+				setError("Please specify your email address.", "email");
+				return false;
+			}
+
+			if (formData.get("fname") == "") {
+				setError("Please specify your first name.", "fname");
+				return false;
+			}
+
+			if (formData.get("lname") == "") {
+				setError("Please specify your last name.", "lname");
+				return false;
+			}
+
+			return true;
+		}
+
+		function handleAction(action) {
+			const formData = new FormData(document.querySelector("form"));
+			if (!verifyForm(formData)) {
+				return;
+			}
+
+			enableForm(false);
+			setElementVisibility("progress", true);
+			setElementVisibility("success", false);
+			setElementVisibility("error", false);
+
+			var xhr = new XMLHttpRequest();
+	        xhr.open("POST", action);
+	        xhr.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
+
+			xhr.onreadystatechange = function() {
+				if (this.readyState === XMLHttpRequest.DONE) {
+					setElementVisibility("progress", false);
+
+					if (this.status == 200) {
+						setElementVisibility("success", true);
+					} else {
+						var resp = JSON.parse(this.responseText);
+						setError("An error occurred while trying to register your account:<br><em>" + resp.error + "</em>");
+					}
+	            }
+			}
+	
+			var postData = {
+	            "email": formData.get("email"),
+				"firstName": formData.get("fname"),
+				"lastName": formData.get("lname")
+	        };
+
+	        xhr.send(JSON.stringify(postData));
+		}
+	</script>
+	<style>
+		html * {
+			font-family: arial !important;
+		}
+		form {
+			border-color: lightgray !important;
+		}
+		button {
+			min-width: 140px;
+		}
+		input {
+			width: 95%;
+		}
+		label {
+			font-weight: bold;
+		}
+
+		.box {
+			width: 100%;
+			border: 1px solid black;
+			border-radius: 10px;
+			padding: 10px;
+		}
+		.container {
+			width: 900px;
+			display: grid;
+			grid-gap: 10px;
+			position: absolute;
+			left: 50%;
+			transform: translate(-50%, 0);
+		}
+		.container-inline {
+			display: inline-grid;
+			grid-gap: 10px;
+		}
+		.mandatory {
+			color: red;
+			font-weight: bold;
+		}
+		.progress {
+			border-color: #F7B22A;
+			background: #FFEABF;
+		}
+		.success {
+			border-color: #3CAC3A;
+			background: #D3EFD2;
+		}
+		.error {
+			border-color: #F20000;
+			background: #F4D0D0;
+		}
+		.visible {
+			display: block;
+		}
+		.hidden {
+			display: none;
+		}
+	</style>
+	<title>ScienceMesh Account Registration</title>
+</head>
+<body>
+
+<div class="container">
+	<div><h1>Welcome to the ScienceMesh Account Registration!</h1></div>
+	<div>
+		<p>Fill out the form below to register for a ScienceMesh account. A confirmation email will be sent to you shortly after registration.</p>
+		<p>
+			After inspection by a ScienceMesh administrator, you will also receive an API key which can then be used in the
+			<a href="https://github.com/sciencemesh/oc-sciencemesh" target="_blank">ownCloud</a> or
+			<a href="https://github.com/sciencemesh/nc-sciencemesh" target="_blank">Nextcloud</a> web application.
+		</p>
+	</div>
+	<div>&nbsp;</div>
+	<div>
+		<form id="form" method="POST" class="box container-inline" style="width: 100%;">
+			<div style="grid-row: 1;"><label for="email">Email address: <span class="mandatory">*</span></label></div>
+			<div style="grid-row: 2;"><input type="text" id="email" name="email" placeholder="me@example.com"/></div>
+			<div style="grid-row: 3;"><label for="fname">First name: <span class="mandatory">*</span></label></div>
+			<div style="grid-row: 4;"><input type="text" id="fname" name="fname"/></div>
+			<div style="grid-row: 3;"><label for="lname">Last name: <span class="mandatory">*</span></label></div>
+			<div style="grid-row: 4;"><input type="text" id="lname" name="lname"/></div>
+
+			<div style="grid-row: 5; align-self: center;">
+				Fields marked with <span class="mandatory">*</span> are mandatory.
+			</div>
+			<div style="grid-row: 5; grid-column: 2; text-align: right;">
+				<button type="reset">Reset</button>
+				<button type="button" style="font-weight: bold;" onClick="handleAction('create');">Register</button>
+			</div>
+		</form>	
+	</div>
+	<div id="progress" class="box progress hidden">
+		Sending registration...	this should only take a moment.
+	</div>
+	<div id="success" class="box success hidden">
+		Your registration was successful! Please check your inbox for a confirmation email.
+	</div>
+	<div id="error" class="box error hidden">
+	</div>
+</div>
+</body>
+</html>
+`
diff --git a/internal/http/services/siteacc/siteacc.go b/internal/http/services/siteacc/siteacc.go
index 1d49e73570..e3f5765d39 100644
--- a/internal/http/services/siteacc/siteacc.go
+++ b/internal/http/services/siteacc/siteacc.go
@@ -63,8 +63,15 @@ func (s *svc) Prefix() string {
 
 // Unprotected returns all endpoints that can be queried without prior authorization.
 func (s *svc) Unprotected() []string {
-	// This service currently only has one public endpoint used for account registration
-	return []string{config.EndpointCreate}
+	// The account creation endpoint is always unprotected
+	endpoints := []string{config.EndpointCreate}
+
+	// If enabled, the registration registrationForm endpoint is also unprotected
+	if s.conf.EnableRegistrationForm {
+		endpoints = append(endpoints, config.EndpointRegistration)
+	}
+
+	return endpoints
 }
 
 // Handler serves all HTTP requests.
@@ -76,6 +83,11 @@ func (s *svc) Handler() http.Handler {
 		case config.EndpointPanel:
 			s.handlePanelEndpoint(w, r)
 
+		case config.EndpointRegistration:
+			if s.conf.EnableRegistrationForm {
+				s.handleRegistrationEndpoint(w, r)
+			}
+
 		default:
 			s.handleRequestEndpoints(w, r)
 		}
@@ -89,6 +101,13 @@ func (s *svc) handlePanelEndpoint(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+func (s *svc) handleRegistrationEndpoint(w http.ResponseWriter, r *http.Request) {
+	if err := s.manager.ShowRegistrationForm(w); err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		_, _ = w.Write([]byte(fmt.Sprintf("Unable to show the web interface registration registrationForm: %v", err)))
+	}
+}
+
 func (s *svc) handleRequestEndpoints(w http.ResponseWriter, r *http.Request) {
 	// Allow definition of endpoints in a flexible and easy way
 	type Endpoint struct {
@@ -115,6 +134,7 @@ func (s *svc) handleRequestEndpoints(w http.ResponseWriter, r *http.Request) {
 		{config.EndpointRemove, http.MethodPost, s.handleRemove},
 		{config.EndpointAuthorize, http.MethodPost, s.handleAuthorize},
 		{config.EndpointIsAuthorized, http.MethodGet, s.handleIsAuthorized},
+		{config.EndpointUnregisterSite, http.MethodPost, s.handleUnregisterSite},
 	}
 
 	// The default response is an unknown endpoint (for the specified method)
@@ -164,7 +184,7 @@ func (s *svc) handleGenerateAPIKey(values url.Values, body []byte) (interface{},
 		return nil, errors.Errorf("no email provided")
 	}
 
-	apiKey, err := key.GenerateAPIKey(strings.ToLower(email), flags)
+	apiKey, err := key.GenerateAPIKey(key.SaltFromEmail(email), flags)
 	if err != nil {
 		return nil, errors.Wrap(err, "unable to generate API key")
 	}
@@ -183,7 +203,7 @@ func (s *svc) handleVerifyAPIKey(values url.Values, body []byte) (interface{}, e
 		return nil, errors.Errorf("no email provided")
 	}
 
-	err := key.VerifyAPIKey(apiKey, strings.ToLower(email))
+	err := key.VerifyAPIKey(apiKey, key.SaltFromEmail(email))
 	if err != nil {
 		return nil, errors.Wrap(err, "invalid API key")
 	}
@@ -271,6 +291,20 @@ func (s *svc) handleIsAuthorized(values url.Values, body []byte) (interface{}, e
 	return account.Data.Authorized, nil
 }
 
+func (s *svc) handleUnregisterSite(values url.Values, body []byte) (interface{}, error) {
+	account, err := s.unmarshalRequestData(body)
+	if err != nil {
+		return nil, err
+	}
+
+	// Unregister the account's site through the account manager
+	if err := s.manager.UnregisterAccountSite(account); err != nil {
+		return nil, errors.Wrap(err, "unable to unregister the site of the given account")
+	}
+
+	return nil, nil
+}
+
 func (s *svc) handleAuthorize(values url.Values, body []byte) (interface{}, error) {
 	account, err := s.unmarshalRequestData(body)
 	if err != nil {
@@ -292,7 +326,7 @@ func (s *svc) handleAuthorize(values url.Values, body []byte) (interface{}, erro
 
 		// Authorize the account through the account manager
 		if err := s.manager.AuthorizeAccount(account, authorize); err != nil {
-			return nil, errors.Wrap(err, "unable to remove account")
+			return nil, errors.Wrap(err, "unable to (un)authorize account")
 		}
 	} else {
 		return nil, errors.Errorf("no authorization status provided")
diff --git a/internal/http/services/siteacc/sitereg/sitereg.go b/internal/http/services/siteacc/sitereg/sitereg.go
new file mode 100644
index 0000000000..685011f18b
--- /dev/null
+++ b/internal/http/services/siteacc/sitereg/sitereg.go
@@ -0,0 +1,57 @@
+// Copyright 2018-2020 CERN
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// In applying this license, CERN does not waive the privileges and immunities
+// granted to it by virtue of its status as an Intergovernmental Organization
+// or submit itself to any jurisdiction.
+
+package sitereg
+
+import (
+	"net/url"
+
+	"github.com/pkg/errors"
+
+	"github.com/cs3org/reva/pkg/mentix/key"
+	"github.com/cs3org/reva/pkg/mentix/utils/network"
+)
+
+// UnregisterSite unregister a site using the given site registration endpoint.
+func UnregisterSite(serviceURL string, apiKey key.APIKey, siteID key.SiteIdentifier, salt string) error {
+	if len(serviceURL) == 0 {
+		return errors.Errorf("no site registration service URL provided")
+	}
+
+	if err := key.VerifyAPIKey(apiKey, salt); err != nil {
+		return err
+	}
+
+	fullURL, err := url.Parse(serviceURL)
+	if err != nil {
+		return errors.Wrap(err, "unable to parse the site registration service URL")
+	}
+
+	query := make(url.Values)
+	query.Set("action", "unregister")
+	query.Set("apiKey", apiKey)
+	query.Set("siteId", siteID)
+	fullURL.RawQuery = query.Encode()
+
+	_, err = network.WriteEndpoint(fullURL, nil, true)
+	if err != nil {
+		return errors.Wrap(err, "unable to query the service registration endpoint")
+	}
+
+	return nil
+}
diff --git a/pkg/mentix/key/apikey.go b/pkg/mentix/key/apikey.go
index 4157e08ff0..8da609a016 100644
--- a/pkg/mentix/key/apikey.go
+++ b/pkg/mentix/key/apikey.go
@@ -24,6 +24,7 @@ import (
 	"fmt"
 	hashpkg "hash"
 	"strconv"
+	"strings"
 
 	"github.com/pkg/errors"
 )
@@ -94,6 +95,11 @@ func SplitAPIKey(apiKey APIKey) (string, int, string, error) {
 	return randomString, flags, hash, nil
 }
 
+// SaltFromEmail generates a salt-value from an email address.
+func SaltFromEmail(email string) string {
+	return strings.ToLower(email)
+}
+
 func calculateHash(randomString string, flags int, salt string) hashpkg.Hash {
 	hash := md5.New()
 	_, _ = hash.Write([]byte(randomString))
diff --git a/pkg/mentix/utils/network/network.go b/pkg/mentix/utils/network/network.go
index da6fa65bec..6185ce8fde 100644
--- a/pkg/mentix/utils/network/network.go
+++ b/pkg/mentix/utils/network/network.go
@@ -63,10 +63,9 @@ func GenerateURL(host string, path string, params URLParams) (*url.URL, error) {
 	return fullURL, nil
 }
 
-// ReadEndpoint reads data from an HTTP endpoint.
-func ReadEndpoint(endpointURL *url.URL, auth *BasicAuth, checkStatus bool) ([]byte, error) {
+func queryEndpoint(method string, endpointURL *url.URL, auth *BasicAuth, checkStatus bool) ([]byte, error) {
 	// Prepare the request
-	req, err := http.NewRequest("GET", endpointURL.String(), nil)
+	req, err := http.NewRequest(method, endpointURL.String(), nil)
 	if err != nil {
 		return nil, fmt.Errorf("unable to create HTTP request: %v", err)
 	}
@@ -89,6 +88,16 @@ func ReadEndpoint(endpointURL *url.URL, auth *BasicAuth, checkStatus bool) ([]by
 	return body, nil
 }
 
+// ReadEndpoint reads data from an HTTP endpoint via GET.
+func ReadEndpoint(endpointURL *url.URL, auth *BasicAuth, checkStatus bool) ([]byte, error) {
+	return queryEndpoint(http.MethodGet, endpointURL, auth, checkStatus)
+}
+
+// WriteEndpoint sends data to an HTTP endpoint via POST.
+func WriteEndpoint(endpointURL *url.URL, auth *BasicAuth, checkStatus bool) ([]byte, error) {
+	return queryEndpoint(http.MethodPost, endpointURL, auth, checkStatus)
+}
+
 // CreateResponse creates a generic HTTP response in JSON format.
 func CreateResponse(msg string, params ResponseParams) []byte {
 	if params == nil {
diff --git a/pkg/metrics/config/config.go b/pkg/metrics/config/config.go
index c0447b44ce..7cec96f676 100644
--- a/pkg/metrics/config/config.go
+++ b/pkg/metrics/config/config.go
@@ -24,7 +24,6 @@ type Config struct {
 	MetricsDataLocation   string `mapstructure:"metrics_data_location"`
 	MetricsRecordInterval int    `mapstructure:"metrics_record_interval"`
 	XcloudInstance        string `mapstructure:"xcloud_instance"`
-	XcloudCatalog         string `mapstructure:"xcloud_catalog"`
 	XcloudPullInterval    int    `mapstructure:"xcloud_pull_interval"`
 	InsecureSkipVerify    bool   `mapstructure:"insecure_skip_verify"`
 }
@@ -41,4 +40,8 @@ func (c *Config) Init() {
 	if c.MetricsRecordInterval == 0 {
 		c.MetricsRecordInterval = 5000
 	}
+
+	if c.XcloudPullInterval == 0 {
+		c.XcloudPullInterval = 5
+	}
 }
diff --git a/pkg/metrics/driver/xcloud/xcloud.go b/pkg/metrics/driver/xcloud/xcloud.go
index 51e410df96..84fbae56dc 100644
--- a/pkg/metrics/driver/xcloud/xcloud.go
+++ b/pkg/metrics/driver/xcloud/xcloud.go
@@ -19,7 +19,6 @@
 package json
 
 import (
-	"bytes"
 	"crypto/tls"
 	"encoding/json"
 	"errors"
@@ -32,9 +31,10 @@ import (
 
 	"github.com/cs3org/reva/pkg/metrics/driver/registry"
 
+	"github.com/rs/zerolog"
+
 	"github.com/cs3org/reva/pkg/logger"
 	"github.com/cs3org/reva/pkg/metrics/config"
-	"github.com/rs/zerolog"
 )
 
 var log zerolog.Logger
@@ -43,7 +43,6 @@ func init() {
 	log = logger.New().With().Int("pid", os.Getpid()).Logger()
 	driver := &CloudDriver{CloudData: &CloudData{}}
 	registry.Register(driverName(), driver)
-
 }
 
 func driverName() string {
@@ -53,7 +52,6 @@ func driverName() string {
 // CloudDriver is the driver to use for Sciencemesh apps
 type CloudDriver struct {
 	instance     string
-	catalog      string
 	pullInterval int
 	CloudData    *CloudData
 	sync.Mutex
@@ -61,7 +59,6 @@ type CloudDriver struct {
 }
 
 func (d *CloudDriver) refresh() error {
-
 	// endpoint example: https://mybox.com or https://mybox.com/owncloud
 	endpoint := fmt.Sprintf("%s/index.php/apps/sciencemesh/internal_metrics", d.instance)
 
@@ -102,59 +99,6 @@ func (d *CloudDriver) refresh() error {
 	d.CloudData = cd
 	log.Info().Msgf("xcloud: received internal metrics from cloud provider: %+v", cd)
 
-	mc := &MentixCatalog{
-		Name:        cd.Settings.Sitename,
-		FullName:    cd.Settings.Sitename,
-		Homepage:    cd.Settings.Hostname,
-		Description: "ScienceMesh App from " + cd.Settings.Sitename,
-		CountryCode: cd.Settings.Country,
-		Services: []*MentixService{
-			&MentixService{
-				Host:        cd.Settings.Hostname,
-				IsMonitored: true,
-				Name:        cd.Settings.Hostname + " - REVAD",
-				URL:         cd.Settings.Siteurl,
-				Properties: &MentixServiceProperties{
-					MetricsPath: "/index.php/apps/sciencemesh/metrics",
-				},
-				Type: &MentixServiceType{
-					Name: "REVAD",
-				},
-			},
-		},
-	}
-
-	j, err := json.Marshal(mc)
-	if err != nil {
-		log.Err(err).Msgf("xcloud: error marhsaling mentix calalog info")
-		return err
-	}
-
-	log.Info().Msgf("xcloud: info to send to register: %s", string(j))
-
-	// send to register if catalog is set
-	req, err = http.NewRequest("POST", d.catalog, bytes.NewBuffer(j))
-	if err != nil {
-		log.Err(err).Msgf("xcloud: error creating POST request to: %s", d.catalog)
-		return err
-	}
-
-	resp, err = d.client.Do(req)
-	if err != nil {
-		log.Err(err).Msgf("xcloud: error registering catalog info to: %s with info: %s", d.catalog, string(j))
-		return err
-	}
-
-	defer resp.Body.Close()
-	body, _ := ioutil.ReadAll(resp.Body)
-
-	if resp.StatusCode != http.StatusOK {
-		err := fmt.Errorf("xcloud: error registering site: status code(%d) body(%s)", resp.StatusCode, string(body))
-		log.Err(err).Msg("xcloud: error registering site")
-		return err
-	}
-
-	log.Info().Msgf("xcloud: site registered: %s", string(body))
 	return nil
 }
 
@@ -166,12 +110,11 @@ func (d *CloudDriver) Configure(c *config.Config) error {
 	}
 
 	if c.XcloudPullInterval == 0 {
-		c.XcloudPullInterval = 10 // seconds
+		c.XcloudPullInterval = 5 // seconds
 	}
 
 	d.instance = c.XcloudInstance
 	d.pullInterval = c.XcloudPullInterval
-	d.catalog = c.XcloudCatalog
 
 	tr := &http.Transport{
 		TLSClientConfig: &tls.Config{InsecureSkipVerify: c.InsecureSkipVerify},
@@ -233,36 +176,5 @@ type CloudDataSettings struct {
 	IOPUrl   string `json:"iopurl"`
 	Sitename string `json:"sitename"`
 	Siteurl  string `json:"siteurl"`
-	Hostname string `json:"hostname"`
 	Country  string `json:"country"`
 }
-
-// MentixCatalog represents the information needed to register a site into the mesh
-type MentixCatalog struct {
-	CountryCode string           `json:"CountryCode"`
-	Description string           `json:"Description"`
-	FullName    string           `json:"FullName"`
-	Homepage    string           `json:"Homepage"`
-	Name        string           `json:"Name"`
-	Services    []*MentixService `json:"Services"`
-}
-
-// MentixService represents the service running in a site
-type MentixService struct {
-	Host        string                   `json:"Host"`
-	IsMonitored bool                     `json:"IsMonitored"`
-	Name        string                   `json:"Name"`
-	Properties  *MentixServiceProperties `json:"Properties"`
-	Type        *MentixServiceType       `json:"Type"`
-	URL         string                   `json:"URL"`
-}
-
-// MentixServiceProperties represents the properties to expose the metrics endpoint
-type MentixServiceProperties struct {
-	MetricsPath string `json:"METRICS_PATH"`
-}
-
-// MentixServiceType represents the type of service running
-type MentixServiceType struct {
-	Name string `json:"Name"`
-}