Add additional LRP tests for non-application phases

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=137292394

docs/flows.md

@@ -641,6 +641,8 @@ An EPP flow that creates a new domain resource.
 *   2201
     *   Only a tool can pass a metadata extension.
     *   Registrar is not authorized to access this TLD.
+*   2202
+    *   Invalid limited registration period token.
 *   2302
     *   Resource with this id already exists.
 *   2303

java/google/registry/flows/domain/DomainCreateFlow.java

@@ -118,6 +118,7 @@ import org.joda.time.DateTime;
  * @error {@link DomainFlowUtils.FeesMismatchException}
  * @error {@link DomainFlowUtils.FeesRequiredForPremiumNameException}
  * @error {@link DomainFlowUtils.InvalidIdnDomainLabelException}
+ * @error {@link DomainFlowUtils.InvalidLrpTokenException}
  * @error {@link DomainFlowUtils.InvalidPunycodeException}
  * @error {@link DomainFlowUtils.InvalidTcnIdChecksumException}
  * @error {@link DomainFlowUtils.InvalidTrademarkValidatorException}
@@ -267,6 +268,7 @@ public class DomainCreateFlow extends LoggedInFlow implements TransactionalFlow
         ForeignKeyIndex.create(newDomain, newDomain.getDeletionTime()),
         EppResourceIndex.create(Key.create(newDomain)));
     // Anchor tenant registrations override LRP, and landrush applications can skip it.
+    // If a token is passed in outside of an LRP phase, it is simply ignored (i.e. never redeemed).
     if (hasLrpToken(registry, isAnchorTenant)) {
       // TODO(b/32059212): This is a bug: empty tokens should still fail. Preserving to fix in a
       // separate targeted change.

javatests/google/registry/flows/domain/DomainCreateFlowTest.java

@@ -75,6 +75,7 @@ import google.registry.flows.domain.DomainFlowUtils.ExpiredClaimException;
 import google.registry.flows.domain.DomainFlowUtils.FeesMismatchException;
 import google.registry.flows.domain.DomainFlowUtils.FeesRequiredForPremiumNameException;
 import google.registry.flows.domain.DomainFlowUtils.InvalidIdnDomainLabelException;
+import google.registry.flows.domain.DomainFlowUtils.InvalidLrpTokenException;
 import google.registry.flows.domain.DomainFlowUtils.InvalidPunycodeException;
 import google.registry.flows.domain.DomainFlowUtils.InvalidTcnIdChecksumException;
 import google.registry.flows.domain.DomainFlowUtils.InvalidTrademarkValidatorException;
@@ -126,6 +127,7 @@ import org.joda.money.CurrencyUnit;
 import org.joda.money.Money;
 import org.joda.time.DateTime;
 import org.joda.time.Duration;
+import org.joda.time.Interval;
 import org.junit.Before;
 import org.junit.Test;
 
@@ -359,6 +361,57 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
     assertNoLordn();
   }
 
+
+  @Test
+  public void testSuccess_lrp() throws Exception {
+    persistResource(Registry.get("tld").asBuilder()
+        .setLrpPeriod(new Interval(clock.nowUtc().minusDays(1), clock.nowUtc().plusDays(1)))
+        .build());
+    LrpTokenEntity token = persistResource(
+        new LrpTokenEntity.Builder()
+            .setToken("lrptokentest")
+            .setAssignee("example.tld")
+            .setValidTlds(ImmutableSet.of("tld"))
+            .build());
+    setEppInput("domain_create_lrp.xml");
+    persistContactsAndHosts();
+    runFlowAssertResponse(readFile("domain_create_response.xml"));
+    assertSuccessfulCreate("tld", false);
+    assertNoLordn();
+    assertThat(ofy().load().entity(token).now().getRedemptionHistoryEntry()).isNotNull();
+  }
+
+  @Test
+  public void testSuccess_withLrpToken_outsideOfLrp() throws Exception {
+    // If a valid LRP token is passed in even though the TLD is not currently in an LRP phase,
+    // just ignore the token and proceed with normal GA registration (i.e. LRP token should
+    // remain unredeemed).
+    persistResource(Registry.get("tld").asBuilder()
+        .setLrpPeriod(new Interval(clock.nowUtc().minusDays(2), clock.nowUtc().minusDays(1)))
+        .build());
+    LrpTokenEntity token = persistResource(
+        new LrpTokenEntity.Builder()
+            .setToken("lrptokentest")
+            .setAssignee("example.tld")
+            .setValidTlds(ImmutableSet.of("tld"))
+            .build());
+    setEppInput("domain_create_lrp.xml");
+    persistContactsAndHosts();
+    runFlowAssertResponse(readFile("domain_create_response.xml"));
+    assertSuccessfulCreate("tld", false);
+    assertNoLordn();
+    assertThat(ofy().load().entity(token).now().getRedemptionHistoryEntry()).isNull();
+  }
+
+  @Test
+  public void testSuccess_outsideOfLrp() throws Exception {
+    persistResource(Registry.get("tld").asBuilder()
+        .setLrpPeriod(new Interval(clock.nowUtc().minusDays(2), clock.nowUtc().minusDays(1)))
+        .build());
+    persistContactsAndHosts();
+    doSuccessfulTest();
+  }
+
   @Test
   public void testSuccess_fee_v06() throws Exception {
     setEppInput("domain_create_fee.xml", ImmutableMap.of("FEE_VERSION", "0.6"));
@@ -500,6 +553,34 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
     runFlow();
   }
 
+  @Test
+  public void testFailure_lrp_badToken() throws Exception {
+    persistResource(Registry.get("tld").asBuilder()
+        .setLrpPeriod(new Interval(clock.nowUtc().minusDays(1), clock.nowUtc().plusDays(1)))
+        .build());
+    LrpTokenEntity token = persistResource(
+        new LrpTokenEntity.Builder()
+            .setToken("otherlrptoken")
+            .setAssignee("example.tld")
+            .setValidTlds(ImmutableSet.of("tld"))
+            .build());
+    setEppInput("domain_create_lrp.xml");
+    persistContactsAndHosts();
+    thrown.expect(InvalidLrpTokenException.class, "Invalid limited registration period token");
+    runFlow();
+    assertThat(ofy().load().entity(token).now().getRedemptionHistoryEntry()).isNull();
+  }
+
+  @Test
+  public void testFailure_lrp_noToken() throws Exception {
+    persistResource(Registry.get("tld").asBuilder()
+        .setLrpPeriod(new Interval(clock.nowUtc().minusDays(1), clock.nowUtc().plusDays(1)))
+        .build());
+    persistContactsAndHosts();
+    thrown.expect(InvalidLrpTokenException.class, "Invalid limited registration period token");
+    runFlow();
+  }
+
   @Test
   public void testSuccess_premium() throws Exception {
     createTld("example");
@@ -831,9 +912,8 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
   @Test
   public void testSuccess_anchorTenantViaAuthCode_matchingLrpToken() throws Exception {
     // This is definitely a corner case, as (without superuser) anchor tenants may only register
-    // via auth code during GA, and LRP will almost never be a GA offering. We're running this
+    // via auth code during GA. We're running this as superuser to bypass the state checks, though
-    // as superuser to bypass the state checks, though anchor tenant code checks and LRP token
+    // anchor tenant code checks and LRP token redemption still happen regardless.
-    // redemption still happen regardless.
     createTld("tld", TldState.LANDRUSH);
     persistResource(Registry.get("tld").asBuilder()
         .setReservedLists(persistReservedList(

javatests/google/registry/flows/domain/testdata/domain_create_lrp.xml

@@ -0,0 +1,22 @@
+<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
+  <command>
+    <create>
+      <domain:create
+       xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
+        <domain:name>example.tld</domain:name>
+        <domain:period unit="y">2</domain:period>
+        <domain:ns>
+          <domain:hostObj>ns1.example.net</domain:hostObj>
+          <domain:hostObj>ns2.example.net</domain:hostObj>
+        </domain:ns>
+        <domain:registrant>jd1234</domain:registrant>
+        <domain:contact type="admin">sh8013</domain:contact>
+        <domain:contact type="tech">sh8013</domain:contact>
+        <domain:authInfo>
+          <domain:pw>lrptokentest</domain:pw>
+        </domain:authInfo>
+      </domain:create>
+    </create>
+    <clTRID>ABC-12345</clTRID>
+  </command>
+</epp>