Always validate domain name on allocation token (#498)

* Always validate domain name on allocation token This is in response to a client-reported error, where they accidentally sent the wrong domain name on a domain create that included an allocation token. What should have happened (and that now happens as of this commit) is an error being thrown that the allocation token does not match the domain name being created. What happened instead was that, since the incorrectly submitted domain name was not reserved, the create succeeded (as it would for all creates of unreserved domains in GA) and the allocation token was redeemed, which is not what you'd expect. * Fix tests to reflect changed check behavior
2025-08-04 17:01:51 +02:00 · 2020-02-27 16:48:37 -05:00 · 2020-02-27 16:48:37 -05:00 · 9283cd263f
commit 9283cd263f
parent 429bc8e6d2
7 changed files with 105 additions and 38 deletions
--- a/docs/flows.md
+++ b/docs/flows.md
@ -357,6 +357,7 @@ An EPP flow that creates a new domain resource.
    *   Registrant is not whitelisted for this TLD.
    *   Requested domain does not require a claims notice.
 *   2305
+    *   The allocation token is not valid for this domain.
    *   The allocation token is not valid for this registrar.
    *   The allocation token is not valid for this TLD.
    *   The allocation token was already redeemed.