Turn CheckApiAction into a standard-ish epp endpoint

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=125335634

java/google/registry/flows/BUILD

@@ -4,6 +4,8 @@ package(
 
 licenses(["notice"])  # Apache 2.0
 
+load("@io_bazel_rules_closure//closure:defs.bzl", "closure_template_java_library")
+
 
 filegroup(
     name = "flows_files",
@@ -21,6 +23,7 @@ java_library(
     ]),
     visibility = ["//visibility:public"],
     deps = [
+        ":soy_java_wrappers",
         "//java/com/google/common/annotations",
         "//java/com/google/common/base",
         "//java/com/google/common/collect",
@@ -31,6 +34,7 @@ java_library(
         "//third_party/java/dagger",
         "//third_party/java/joda_money",
         "//third_party/java/joda_time",
+        "//third_party/java/json_simple",
         "//third_party/java/jsr305_annotations",
         "//third_party/java/jsr330_inject",
         "//third_party/java/objectify:objectify-v4_1",
@@ -47,5 +51,14 @@ java_library(
         "//java/google/registry/tmch",
         "//java/google/registry/util",
         "//java/google/registry/xml",
+        "//third_party/java_src/soy/java/com/google/template/soy",
+
+        "@io_bazel_rules_closure//closure/templates",
     ],
 )
+
+closure_template_java_library(
+    name = "soy_java_wrappers",
+    srcs = glob(["soy/*.soy"]),
+    java_package = "google.registry.flows.soy",
+)

java/google/registry/flows/CheckApiAction.java

@@ -0,0 +1,153 @@
+// Copyright 2016 The Domain Registry Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.flows;
+
+import static com.google.common.base.MoreObjects.firstNonNull;
+import static com.google.common.base.Strings.nullToEmpty;
+import static com.google.common.io.Resources.getResource;
+import static com.google.common.net.HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN;
+import static google.registry.model.eppcommon.ProtocolDefinition.ServiceExtension.FEE_0_6;
+import static google.registry.model.registry.Registries.findTldForNameOrThrow;
+import static google.registry.util.DomainNameUtils.canonicalizeDomainName;
+import static java.nio.charset.StandardCharsets.UTF_8;
+import static org.json.simple.JSONValue.toJSONString;
+
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
+import com.google.common.net.InternetDomainName;
+import com.google.common.net.MediaType;
+import com.google.template.soy.SoyFileSet;
+import com.google.template.soy.tofu.SoyTofu;
+
+import dagger.Module;
+import dagger.Provides;
+
+import google.registry.config.RegistryConfig;
+import google.registry.flows.soy.DomainCheckFeeEppSoyInfo;
+import google.registry.model.domain.fee.FeeCheckResponseExtension;
+import google.registry.model.domain.fee.FeeCheckResponseExtension.FeeCheck;
+import google.registry.model.eppoutput.CheckData.DomainCheck;
+import google.registry.model.eppoutput.CheckData.DomainCheckData;
+import google.registry.model.eppoutput.EppResponse;
+import google.registry.request.Action;
+import google.registry.request.Parameter;
+import google.registry.request.RequestParameters;
+import google.registry.request.Response;
+import google.registry.util.FormattingLogger;
+
+import java.util.Map;
+
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * A servlet that returns availability and premium checks as JSON.
+ *
+ * <p>This action returns plain JSON without a safety prefix, so it's vital that the output not be
+ * user controlled, lest it open an XSS vector. Do not modify this to return the domain name in the
+ * response.
+ */
+@Action(path = "/check")
+public class CheckApiAction implements Runnable {
+
+  private static final FormattingLogger logger = FormattingLogger.getLoggerForCallerClass();
+
+  private static final SoyTofu TOFU =
+      SoyFileSet.builder().add(getResource(DomainCheckFeeEppSoyInfo.class,
+          DomainCheckFeeEppSoyInfo.getInstance().getFileName())).build().compileToTofu();
+
+  @Inject @Parameter("domain") String domain;
+  @Inject Response response;
+  @Inject EppController eppController;
+  @Inject RegistryConfig config;
+  @Inject CheckApiAction() {}
+
+  @Override
+  public void run() {
+    response.setHeader("Content-Disposition", "attachment");
+    response.setHeader("X-Content-Type-Options", "nosniff");
+    response.setHeader(ACCESS_CONTROL_ALLOW_ORIGIN, "*");
+    response.setContentType(MediaType.JSON_UTF_8);
+    response.setPayload(toJSONString(doCheck()));
+  }
+
+  private Map<String, Object> doCheck() {
+    String domainString;
+    try {
+      domainString = canonicalizeDomainName(nullToEmpty(domain));
+      // Validate the TLD.
+      findTldForNameOrThrow(InternetDomainName.from(domainString));
+    } catch (IllegalStateException | IllegalArgumentException e) {
+      return fail("Must supply a valid domain name on an authoritative TLD");
+    }
+    try {
+      byte[] inputXml = TOFU
+          .newRenderer(DomainCheckFeeEppSoyInfo.DOMAINCHECKFEE)
+          .setData(ImmutableMap.of("domainName", domainString))
+          .render()
+          .getBytes(UTF_8);
+      SessionMetadata sessionMetadata = new StatelessRequestSessionMetadata(
+          config.getCheckApiServletRegistrarClientId(),
+          ImmutableSet.of(FEE_0_6.getUri()));
+      EppResponse response = eppController
+          .handleEppCommand(
+              sessionMetadata,
+              new PasswordOnlyTransportCredentials(),
+              EppRequestSource.CHECK_API,
+              false,  // This endpoint is never a dry run.
+              false,  // This endpoint is never a superuser.
+              inputXml)
+          .getResponse();
+      if (!response.getResult().getCode().isSuccess()) {
+        return fail(response.getResult().getMsg());
+      }
+      DomainCheckData checkData = (DomainCheckData) response.getResponseData().get(0);
+      DomainCheck check = (DomainCheck) checkData.getChecks().get(0);
+      boolean available = check.getName().getAvail();
+      ImmutableMap.Builder<String, Object> builder = new ImmutableMap.Builder<>();
+      builder
+          .put("status", "success")
+          .put("available", available);
+      if (available) {
+        FeeCheckResponseExtension feeCheckResponse =
+            (FeeCheckResponseExtension) response.getExtensions().get(0);
+        FeeCheck feeCheck = feeCheckResponse.getChecks().get(0);
+        builder.put("tier", firstNonNull(feeCheck.getFeeClass(), "standard"));
+      } else {
+        builder.put("reason", check.getReason());
+      }
+      return builder.build();
+    } catch (Exception e) {
+      logger.warning(e, "Unknown error");
+      return fail("Invalid request");
+    }
+  }
+
+  private Map<String, Object> fail(String reason) {
+    return ImmutableMap.<String, Object>of(
+        "status", "error",
+        "reason", reason);
+  }
+
+  /** Dagger module for the check api endpoint. */
+  @Module
+  public static final class CheckApiModule {
+    @Provides
+    @Parameter("domain")
+    static String provideDomain(HttpServletRequest req) {
+      return RequestParameters.extractRequiredParameter(req, "domain");
+    }
+  }
+}

java/google/registry/flows/EppController.java

@@ -14,7 +14,6 @@
 
 package google.registry.flows;
 
-import static google.registry.flows.EppXmlTransformer.marshalWithLenientRetry;
 import static google.registry.flows.EppXmlTransformer.unmarshal;
 import static google.registry.flows.picker.FlowPicker.getFlowClass;
 
@@ -47,11 +46,8 @@ public final class EppController {
   @Inject EppMetrics metrics;
   @Inject EppController() {}
 
-  /**
-   * Read an EPP envelope from the client, find the matching flow, execute it, and return
-   * the response marshalled to a byte array.
-   */
-  public byte[] handleEppCommand(
+  /** Read EPP XML, execute the matching flow, and return an {@link EppOutput}. */
+  public EppOutput handleEppCommand(
       SessionMetadata sessionMetadata,
       TransportCredentials credentials,
       EppRequestSource eppRequestSource,
@@ -85,17 +81,16 @@ public final class EppController {
       if (eppOutput.isResponse()) {
         metrics.setEppStatus(eppOutput.getResponse().getResult().getCode());
       }
-      return marshalWithLenientRetry(eppOutput);
+      return eppOutput;
     } catch (EppException e) {
       // The command failed. Send the client an error message.
       metrics.setEppStatus(e.getResult().getCode());
-      return marshalWithLenientRetry(getErrorResponse(clock, e.getResult(), trid));
+      return getErrorResponse(clock, e.getResult(), trid);
     } catch (Throwable e) {
       // Something bad and unexpected happened. Send the client a generic error, and log it.
       logger.severe(e, "Unexpected failure");
       metrics.setEppStatus(Code.CommandFailed);
-      return marshalWithLenientRetry(
-          getErrorResponse(clock, Result.create(Code.CommandFailed), trid));
+      return getErrorResponse(clock, Result.create(Code.CommandFailed), trid);
     } finally {
       metrics.export();
     }

java/google/registry/flows/EppRequestHandler.java

@@ -15,6 +15,7 @@
 
 package google.registry.flows;
 
+import static google.registry.flows.EppXmlTransformer.marshalWithLenientRetry;
 import static java.nio.charset.StandardCharsets.UTF_8;
 import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
 import static javax.servlet.http.HttpServletResponse.SC_OK;
@@ -48,13 +49,15 @@ public class EppRequestHandler {
       byte[] inputXmlBytes) {
     try {
       response.setPayload(new String(
-          eppController.handleEppCommand(
-              sessionMetadata,
-              credentials,
-              eppRequestSource,
-              isDryRun,
-              isSuperuser,
-              inputXmlBytes), UTF_8));
+          marshalWithLenientRetry(
+              eppController.handleEppCommand(
+                  sessionMetadata,
+                  credentials,
+                  eppRequestSource,
+                  isDryRun,
+                  isSuperuser,
+                  inputXmlBytes)),
+          UTF_8));
       response.setContentType(APPLICATION_EPP_XML);
       // Note that we always return 200 (OK) even if the EppController returns an error response.
       // This is because returning an non-OK HTTP status code will cause the proxy server to

java/google/registry/flows/soy/DomainCheckFeeEpp.soy

@@ -0,0 +1,26 @@
+{namespace registry.soy.api autoescape="strict"}
+
+/** Domain check fee request for one domain. */
+{template .domaincheckfee}
+{@param domainName: string}
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
+  <command>
+    <check>
+      <domain:check xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
+        <domain:name>{$domainName}</domain:name>
+      </domain:check>
+    </check>
+    <extension>
+      <fee:check xmlns:fee="urn:ietf:params:xml:ns:fee-0.6">
+        <fee:domain>
+          <fee:name>{$domainName}</fee:name>
+          <fee:command>create</fee:command>
+          <fee:period unit="y">1</fee:period>
+        </fee:domain>
+      </fee:check>
+    </extension>
+    <clTRID>CheckApiAction</clTRID>
+  </command>
+</epp>
+{/template}