Sanitize EPP XML requests and responses

Masks user credentials (tags 'pw' and 'newPW') in EPP XML messages. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=207953894
2025-07-25 03:58:34 +02:00 · 2018-08-08 15:13:02 -07:00 · 2018-08-08 15:13:02 -07:00 · 81fce674d2
commit 81fce674d2
parent 9eec70729f
11 changed files with 415 additions and 3 deletions
--- a/javatests/google/registry/model/eppinput/EppInputTest.java
+++ b/javatests/google/registry/model/eppinput/EppInputTest.java
@ -17,8 +17,10 @@ package google.registry.model.eppinput;
 import static com.google.common.truth.Truth.assertThat;
 import static com.google.common.truth.Truth8.assertThat;
 import static google.registry.flows.EppXmlTransformer.unmarshal;
+import static google.registry.testing.JUnitBackports.assertThrows;
 import static google.registry.testing.TestDataHelper.loadBytes;

+import google.registry.flows.EppException.SyntaxErrorException;
 import google.registry.model.contact.ContactResourceTest;
 import google.registry.model.domain.DomainResourceTest;
 import google.registry.model.eppinput.EppInput.InnerCommand;
@ -77,4 +79,11 @@ public class EppInputTest {
    assertThat(loginCommand.services.serviceExtensions)
        .containsExactly("urn:ietf:params:xml:ns:launch-1.0", "urn:ietf:params:xml:ns:rgp-1.0");
  }
+
+  @Test
+  public void testUnmarshalling_loginTagInWrongCase_throws() {
+    assertThrows(
+        SyntaxErrorException.class,
+        () -> unmarshal(EppInput.class, loadBytes(getClass(), "login_wrong_case.xml").read()));
+  }
 }
--- a/javatests/google/registry/model/eppinput/testdata/login_wrong_case.xml
+++ b/javatests/google/registry/model/eppinput/testdata/login_wrong_case.xml
@ -0,0 +1,22 @@
+<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
+  <command>
+    <login>
+      <clID>NewRegistrar</clID>
+      <PW>foo-BAR2</PW>
+      <options>
+        <version>1.0</version>
+        <lang>en</lang>
+      </options>
+      <svcs>
+        <objURI>urn:ietf:params:xml:ns:host-1.0</objURI>
+        <objURI>urn:ietf:params:xml:ns:domain-1.0</objURI>
+        <objURI>urn:ietf:params:xml:ns:contact-1.0</objURI>
+        <svcExtension>
+          <extURI>urn:ietf:params:xml:ns:launch-1.0</extURI>
+          <extURI>urn:ietf:params:xml:ns:rgp-1.0</extURI>
+        </svcExtension>
+      </svcs>
+    </login>
+    <clTRID>ABC-12345</clTRID>
+  </command>
+</epp>