Refactor authInfo validation

1) Don't do ofy().load() inside a model class (in DomainAuthInfo)
2) Move the one use of verify into the one caller in ResourceFlowUtils
3) Hosts don't support authInfo, so remove useless code

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=137984809

java/google/registry/flows/host/HostDeleteFlow.java

@@ -18,13 +18,11 @@ import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
 import static google.registry.flows.ResourceFlowUtils.failfastForAsyncDelete;
 import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
 import static google.registry.flows.ResourceFlowUtils.verifyNoDisallowedStatuses;
-import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfoForResource;
 import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
 import static google.registry.model.eppoutput.Result.Code.SUCCESS_WITH_ACTION_PENDING;
 import static google.registry.model.ofy.ObjectifyService.ofy;
 
 import com.google.common.base.Function;
-import com.google.common.base.Optional;
 import com.google.common.collect.ImmutableSet;
 import com.googlecode.objectify.Key;
 import google.registry.flows.EppException;
@@ -36,7 +34,6 @@ import google.registry.flows.TransactionalFlow;
 import google.registry.flows.async.AsyncFlowEnqueuer;
 import google.registry.model.domain.DomainBase;
 import google.registry.model.domain.metadata.MetadataExtension;
-import google.registry.model.eppcommon.AuthInfo;
 import google.registry.model.eppcommon.StatusValue;
 import google.registry.model.eppoutput.EppResponse;
 import google.registry.model.host.HostResource;
@@ -74,7 +71,6 @@ public final class HostDeleteFlow implements TransactionalFlow {
         }};
 
   @Inject ExtensionManager extensionManager;
-  @Inject Optional<AuthInfo> authInfo;
   @Inject @ClientId String clientId;
   @Inject @TargetId String targetId;
   @Inject @Superuser boolean isSuperuser;
@@ -92,7 +88,6 @@ public final class HostDeleteFlow implements TransactionalFlow {
     failfastForAsyncDelete(targetId, now, HostResource.class, GET_NAMESERVERS);
     HostResource existingHost = loadAndVerifyExistence(HostResource.class, targetId, now);
     verifyNoDisallowedStatuses(existingHost, DISALLOWED_STATUSES);
-    verifyOptionalAuthInfoForResource(authInfo, existingHost);
     if (!isSuperuser) {
       verifyResourceOwnership(clientId, existingHost);
     }

java/google/registry/flows/host/HostInfoFlow.java

@@ -16,16 +16,13 @@ package google.registry.flows.host;
 
 import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
 import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
-import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfoForResource;
 import static google.registry.model.EppResourceUtils.cloneResourceWithLinkedStatus;
 
-import com.google.common.base.Optional;
 import google.registry.flows.EppException;
 import google.registry.flows.ExtensionManager;
 import google.registry.flows.Flow;
 import google.registry.flows.FlowModule.ClientId;
 import google.registry.flows.FlowModule.TargetId;
-import google.registry.model.eppcommon.AuthInfo;
 import google.registry.model.eppoutput.EppResponse;
 import google.registry.model.host.HostResource;
 import google.registry.util.Clock;
@@ -45,7 +42,6 @@ public final class HostInfoFlow implements Flow {
   @Inject ExtensionManager extensionManager;
   @Inject @ClientId String clientId;
   @Inject @TargetId String targetId;
-  @Inject Optional<AuthInfo> authInfo;
   @Inject Clock clock;
   @Inject EppResponse.Builder responseBuilder;
   @Inject HostInfoFlow() {}
@@ -56,7 +52,6 @@ public final class HostInfoFlow implements Flow {
     validateClientIsLoggedIn(clientId);
     DateTime now = clock.nowUtc();
     HostResource host = loadAndVerifyExistence(HostResource.class, targetId, now);
-    verifyOptionalAuthInfoForResource(authInfo, host);
     return responseBuilder.setResData(cloneResourceWithLinkedStatus(host, now)).build();
   }
 }

java/google/registry/flows/host/HostUpdateFlow.java

@@ -21,7 +21,6 @@ import static google.registry.flows.ResourceFlowUtils.checkSameValuesNotAddedAnd
 import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
 import static google.registry.flows.ResourceFlowUtils.verifyAllStatusesAreClientSettable;
 import static google.registry.flows.ResourceFlowUtils.verifyNoDisallowedStatuses;
-import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfoForResource;
 import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
 import static google.registry.flows.host.HostFlowUtils.lookupSuperordinateDomain;
 import static google.registry.flows.host.HostFlowUtils.validateHostName;
@@ -49,7 +48,6 @@ import google.registry.flows.exceptions.ResourceHasClientUpdateProhibitedExcepti
 import google.registry.model.ImmutableObject;
 import google.registry.model.domain.DomainResource;
 import google.registry.model.domain.metadata.MetadataExtension;
-import google.registry.model.eppcommon.AuthInfo;
 import google.registry.model.eppcommon.StatusValue;
 import google.registry.model.eppinput.ResourceCommand;
 import google.registry.model.eppoutput.EppResponse;
@@ -104,7 +102,6 @@ public final class HostUpdateFlow implements TransactionalFlow {
 
   @Inject ResourceCommand resourceCommand;
   @Inject ExtensionManager extensionManager;
-  @Inject Optional<AuthInfo> authInfo;
   @Inject @ClientId String clientId;
   @Inject @TargetId String targetId;
   @Inject @Superuser boolean isSuperuser;
@@ -178,7 +175,6 @@ public final class HostUpdateFlow implements TransactionalFlow {
   private void verifyUpdateAllowed(
       Update command, HostResource existingResource, DomainResource superordinateDomain)
       throws EppException {
-    verifyOptionalAuthInfoForResource(authInfo, existingResource);
     if (!isSuperuser) {
       verifyResourceOwnership(clientId, existingResource);
       ImmutableSet<StatusValue> statusesToAdd = command.getInnerAdd().getStatusValues();