Do not require auth info in super user transfer

Super users can look up auth info in Datastore or BigQuery backup anyway.
Requiring it only adds friction when using the super user extension, without
any additional security benefit.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=235786090

java/google/registry/flows/domain/DomainTransferRequestFlow.java

@@ -254,8 +254,10 @@ public final class DomainTransferRequestFlow implements TransactionalFlow {
       Optional<DomainTransferRequestSuperuserExtension> superuserExtension)
       throws EppException {
     verifyNoDisallowedStatuses(existingDomain, DISALLOWED_STATUSES);
-    verifyAuthInfoPresentForResourceTransfer(authInfo);
+    if (!isSuperuser) {
-    verifyAuthInfo(authInfo.get(), existingDomain);
+      verifyAuthInfoPresentForResourceTransfer(authInfo);
+      verifyAuthInfo(authInfo.get(), existingDomain);
+    }
     // Verify that the resource does not already have a pending transfer.
     if (TransferStatus.PENDING.equals(existingDomain.getTransferData().getTransferStatus())) {
       throw new AlreadyPendingTransferException(targetId);

javatests/google/registry/flows/domain/testdata/domain_transfer_request_superuser_extension.xml

@@ -4,9 +4,6 @@
       <domain:transfer
           xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
         <domain:name>example.tld</domain:name>
-        <domain:authInfo>
-          <domain:pw roid="JD1234-REP">2fooBAR</domain:pw>
-        </domain:authInfo>
       </domain:transfer>
     </transfer>
     <extension>