Attempt login to MosAPI via all available TLDs (#141)

* Attempt login to MosAPI via all available TLDs There's no reason why we should need a TLD as input here because it doesn't actually matter which one we use (they all have the same password). * Refactor the TLD loop and change cron jobs * Re-throw the last exception if one exists * Fix tests and exception * Remove alpha cron job
2025-06-27 14:54:51 +02:00 · 2019-07-03 14:25:39 -04:00 · 2019-07-03 14:25:39 -04:00 · 3e473cb239
commit 3e473cb239
parent 012d9d5893
3 changed files with 106 additions and 40 deletions
--- a/core/src/main/java/google/registry/env/production/default/WEB-INF/cron.xml
+++ b/core/src/main/java/google/registry/env/production/default/WEB-INF/cron.xml
@ -112,8 +112,6 @@
    <target>backend</target>
  </cron>
  <!--
    TODO(b/134576418) enable this cron job once we're sure the Action works
  <cron>
    <url><![CDATA[/_dr/task/updateRegistrarRdapBaseUrls]]></url>
    <description>
@ -122,7 +120,6 @@
    <schedule>every day 02:34</schedule>
    <target>backend</target>
  </cron>
  -->
  <cron>
    <url><![CDATA[/_dr/task/deleteOldCommitLogs]]></url>
--- a/core/src/main/java/google/registry/rdap/UpdateRegistrarRdapBaseUrlsAction.java
+++ b/core/src/main/java/google/registry/rdap/UpdateRegistrarRdapBaseUrlsAction.java
@ -14,6 +14,7 @@
 package google.registry.rdap;
 import static com.google.common.base.Preconditions.checkArgument;
 import static com.google.common.base.Preconditions.checkState;
 import static google.registry.model.ofy.ObjectifyService.ofy;
 import static java.nio.charset.StandardCharsets.UTF_8;
@ -23,6 +24,7 @@ import com.google.api.client.http.HttpRequest;
 import com.google.api.client.http.HttpRequestFactory;
 import com.google.api.client.http.HttpResponse;
 import com.google.api.client.http.HttpTransport;
 import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.ImmutableSetMultimap;
 import com.google.common.flogger.FluentLogger;
@ -34,8 +36,9 @@ import com.google.gson.JsonObject;
 import com.googlecode.objectify.Key;
 import google.registry.keyring.api.KeyModule;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registry.Registries;
 import google.registry.model.registry.Registry.TldType;
 import google.registry.request.Action;
 import google.registry.request.Parameter;
 import google.registry.request.auth.Auth;
 import java.io.IOException;
 import java.io.InputStream;
@ -56,8 +59,6 @@ import javax.inject.Inject;
 * <p>It is a "login/query/logout" system where you login using the ICANN Reporting credentials, get
 * a cookie you then send to get the list and finally logout.
 *
 * <p>The username is [TLD]_ry. It could be any "real" TLD.
 *
 * <p>For clarity, this is how one would contact this endpoint "manually", from a whitelisted IP
 * server:
 *
@ -88,18 +89,10 @@ public final class UpdateRegistrarRdapBaseUrlsAction implements Runnable {
  @Inject HttpTransport httpTransport;
  @Inject @KeyModule.Key("icannReportingPassword") String password;
  /**
   * The TLD for which we make the request.
   *
   * <p>The actual value doesn't matter, as long as it's a TLD that has access to the ICANN
   * Reporter. It's just used to login.
   */
  @Inject @Parameter("tld") String tld;
  @Inject
  UpdateRegistrarRdapBaseUrlsAction() {}
-  private String loginAndGetId(HttpRequestFactory requestFactory) {
+  private String loginAndGetId(HttpRequestFactory requestFactory, String tld) {
    try {
      logger.atInfo().log("Logging in to MoSAPI");
      HttpRequest request =
@ -122,7 +115,7 @@ public final class UpdateRegistrarRdapBaseUrlsAction implements Runnable {
    }
  }
-  private void logout(HttpRequestFactory requestFactory, String id) {
+  private void logout(HttpRequestFactory requestFactory, String id, String tld) {
    try {
      HttpRequest request =
          requestFactory.buildGetRequest(new GenericUrl(String.format(LOGOUT_URL, tld)));
@ -135,9 +128,9 @@ public final class UpdateRegistrarRdapBaseUrlsAction implements Runnable {
    }
  }
-  private ImmutableSetMultimap<String, String> getRdapBaseUrlsPerIanaId() {
+  private ImmutableSetMultimap<String, String> getRdapBaseUrlsPerIanaIdWithTld(String tld) {
    HttpRequestFactory requestFactory = httpTransport.createRequestFactory();
-    String id = loginAndGetId(requestFactory);
+    String id = loginAndGetId(requestFactory, tld);
    String content;
    try {
      HttpRequest request =
@ -152,7 +145,7 @@ public final class UpdateRegistrarRdapBaseUrlsAction implements Runnable {
      throw new UncheckedIOException(
          "Error reading RDAP list from MoSAPI server: " + e.getMessage(), e);
    } finally {
-      logout(requestFactory, id);
+      logout(requestFactory, id, tld);
    }
    logger.atInfo().log("list reply: '%s'", content);
@ -173,6 +166,25 @@ public final class UpdateRegistrarRdapBaseUrlsAction implements Runnable {
    return builder.build();
  }
  private ImmutableSetMultimap<String, String> getRdapBaseUrlsPerIanaId() {
    // All TLDs have the same data, so just keep trying until one works
    // (the expectation is that all / any should work)
    ImmutableList<String> tlds = ImmutableList.sortedCopyOf(Registries.getTldsOfType(TldType.REAL));
    checkArgument(!tlds.isEmpty(), "There must exist at least one REAL TLD.");
    Throwable finalThrowable = null;
    for (String tld : tlds) {
      try {
        return getRdapBaseUrlsPerIanaIdWithTld(tld);
      } catch (Throwable throwable) {
        logger.atWarning().log(String
            .format("Error retrieving RDAP urls with TLD %s: %s", tld, throwable.getMessage()));
        finalThrowable = throwable;
      }
    }
    throw new RuntimeException(
        String.format("Error contacting MosAPI server. Tried TLDs %s", tlds), finalThrowable);
  }
  @Override
  public void run() {
    ImmutableSetMultimap<String, String> ianaToBaseUrls = getRdapBaseUrlsPerIanaId();
--- a/core/src/test/java/google/registry/rdap/UpdateRegistrarRdapBaseUrlsActionTest.java
+++ b/core/src/test/java/google/registry/rdap/UpdateRegistrarRdapBaseUrlsActionTest.java
@ -16,8 +16,12 @@ package google.registry.rdap;
 import static com.google.common.truth.Truth.assertThat;
 import static com.google.common.truth.Truth8.assertThat;
 import static google.registry.testing.DatastoreHelper.createTld;
 import static google.registry.testing.DatastoreHelper.deleteTld;
 import static google.registry.testing.DatastoreHelper.loadRegistrar;
 import static google.registry.testing.DatastoreHelper.persistResource;
 import static google.registry.testing.DatastoreHelper.persistSimpleResource;
 import static google.registry.testing.JUnitBackports.assertThrows;
 import com.google.api.client.http.LowLevelHttpRequest;
 import com.google.api.client.testing.http.MockHttpTransport;
@ -27,6 +31,8 @@ import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableSet;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarAddress;
 import google.registry.model.registry.Registry;
 import google.registry.model.registry.Registry.TldType;
 import google.registry.testing.AppEngineRule;
 import google.registry.testing.ShardableTestCase;
 import java.util.ArrayList;
@ -95,8 +101,8 @@ public final class UpdateRegistrarRdapBaseUrlsActionTest extends ShardableTestCa
    }
  }
-  TestHttpTransport httpTransport;
+  private TestHttpTransport httpTransport;
-  UpdateRegistrarRdapBaseUrlsAction action;
+  private UpdateRegistrarRdapBaseUrlsAction action;
  @Before
  public void setUp() {
@ -104,27 +110,10 @@ public final class UpdateRegistrarRdapBaseUrlsActionTest extends ShardableTestCa
    action = new UpdateRegistrarRdapBaseUrlsAction();
    action.password = "myPassword";
    action.tld = "tld";
    action.httpTransport = httpTransport;
    addValidResponses(httpTransport);
-    MockLowLevelHttpResponse loginResponse = new MockLowLevelHttpResponse();
+    createTld("tld");
    loginResponse.addHeader(
        "Set-Cookie",
        "id=myAuthenticationId; "
            + "Expires=Tue, 11-Jun-2019 16:34:21 GMT; Path=/mosapi/v1/app; Secure; HttpOnly");
    MockLowLevelHttpResponse listResponse = new MockLowLevelHttpResponse();
    listResponse.setContent(JSON_LIST_REPLY);
    MockLowLevelHttpResponse logoutResponse = new MockLowLevelHttpResponse();
    loginResponse.addHeader(
        "Set-Cookie",
        "id=id; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/mosapi/v1/app; Secure; HttpOnly");
    httpTransport.addNextResponse(loginResponse);
    httpTransport.addNextResponse(listResponse);
    httpTransport.addNextResponse(logoutResponse);
  }
  private void assertCorrectRequestsSent() {
@ -237,4 +226,72 @@ public final class UpdateRegistrarRdapBaseUrlsActionTest extends ShardableTestCa
    assertThat(loadRegistrar("registrar4001").getRdapBaseUrls())
        .containsExactly("https://rdap.example.com");
  }
  @Test
  public void testNoTlds() {
    deleteTld("tld");
    assertThat(assertThrows(IllegalArgumentException.class, action::run)).hasMessageThat()
        .isEqualTo("There must exist at least one REAL TLD.");
  }
  @Test
  public void testOnlyTestTlds() {
    persistResource(Registry.get("tld").asBuilder().setTldType(TldType.TEST).build());
    assertThat(assertThrows(IllegalArgumentException.class, action::run)).hasMessageThat()
        .isEqualTo("There must exist at least one REAL TLD.");
  }
  @Test
  public void testSecondTldSucceeds() {
    createTld("secondtld");
    httpTransport = new TestHttpTransport();
    action.httpTransport = httpTransport;
    // the first TLD request will return a bad cookie but the second will succeed
    MockLowLevelHttpResponse badLoginResponse = new MockLowLevelHttpResponse();
    badLoginResponse.addHeader("Set-Cookie",
        "Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/mosapi/v1/app; Secure; HttpOnly");
    httpTransport.addNextResponse(badLoginResponse);
    addValidResponses(httpTransport);
    action.run();
  }
  @Test
  public void testBothFail() {
    createTld("secondtld");
    httpTransport = new TestHttpTransport();
    action.httpTransport = httpTransport;
    MockLowLevelHttpResponse badLoginResponse = new MockLowLevelHttpResponse();
    badLoginResponse.addHeader("Set-Cookie",
        "Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/mosapi/v1/app; Secure; HttpOnly");
    // it should fail for both TLDs
    httpTransport.addNextResponse(badLoginResponse);
    httpTransport.addNextResponse(badLoginResponse);
    assertThat(assertThrows(RuntimeException.class, action::run)).hasMessageThat()
        .isEqualTo("Error contacting MosAPI server. Tried TLDs [secondtld, tld]");
  }
  private static void addValidResponses(TestHttpTransport httpTransport) {
    MockLowLevelHttpResponse loginResponse = new MockLowLevelHttpResponse();
    loginResponse.addHeader(
        "Set-Cookie",
        "id=myAuthenticationId; "
            + "Expires=Tue, 11-Jun-2019 16:34:21 GMT; Path=/mosapi/v1/app; Secure; HttpOnly");
    MockLowLevelHttpResponse listResponse = new MockLowLevelHttpResponse();
    listResponse.setContent(JSON_LIST_REPLY);
    MockLowLevelHttpResponse logoutResponse = new MockLowLevelHttpResponse();
    logoutResponse.addHeader(
        "Set-Cookie",
        "id=id; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/mosapi/v1/app; Secure; HttpOnly");
    httpTransport.addNextResponse(loginResponse);
    httpTransport.addNextResponse(listResponse);
    httpTransport.addNextResponse(logoutResponse);
  }
 }