Add basic AllocationToken validation/redemption for domain creates

The next step is to add them for domain checks as well (which is simpler
because it doesn't involve validation).

This requires the addition of a TrimWhitespaceAdapter for XML JAXB objects,
which will prove useful for other @XmlValue attributes in the future.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=181526726

java/google/registry/flows/domain/AllocationTokenFlowUtils.java

@@ -0,0 +1,70 @@
+// Copyright 2017 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.flows.domain;
+
+import static google.registry.model.ofy.ObjectifyService.ofy;
+
+import com.google.common.net.InternetDomainName;
+import com.googlecode.objectify.Key;
+import google.registry.flows.EppException;
+import google.registry.flows.EppException.AssociationProhibitsOperationException;
+import google.registry.flows.EppException.ParameterValueSyntaxErrorException;
+import google.registry.model.domain.AllocationToken;
+import google.registry.model.registry.Registry;
+import google.registry.model.reporting.HistoryEntry;
+
+/** Static utility functions for dealing with {@link AllocationToken}s in domain flows. */
+public class AllocationTokenFlowUtils {
+
+  /**
+   * Verifies that a given allocation token string is valid.
+   *
+   * @return the loaded {@link AllocationToken} for that string.
+   * @throws InvalidAllocationTokenException if the token doesn't exist.
+   */
+  static AllocationToken verifyToken(
+      InternetDomainName domainName, String token, Registry registry, String clientId)
+      throws EppException {
+    AllocationToken tokenEntity = ofy().load().key(Key.create(AllocationToken.class, token)).now();
+    if (tokenEntity == null) {
+      throw new InvalidAllocationTokenException();
+    }
+    if (tokenEntity.isRedeemed()) {
+      throw new AlreadyRedeemedAllocationTokenException();
+    }
+    return tokenEntity;
+  }
+
+  /** Redeems an {@link AllocationToken}, returning the redeemed copy. */
+  static AllocationToken redeemToken(
+      AllocationToken token, Key<HistoryEntry> redemptionHistoryEntry) {
+    return token.asBuilder().setRedemptionHistoryEntry(redemptionHistoryEntry).build();
+  }
+
+  /** The allocation token was already redeemed. */
+  static class AlreadyRedeemedAllocationTokenException
+      extends AssociationProhibitsOperationException {
+    public AlreadyRedeemedAllocationTokenException() {
+      super("The allocation token was already redeemed");
+    }
+  }
+
+  /** The allocation token is invalid. */
+  static class InvalidAllocationTokenException extends ParameterValueSyntaxErrorException {
+    public InvalidAllocationTokenException() {
+      super("The allocation token is invalid");
+    }
+  }
+}

java/google/registry/flows/domain/DomainCreateFlow.java

@@ -17,6 +17,8 @@ package google.registry.flows.domain;
 import static google.registry.flows.FlowUtils.persistEntityChanges;
 import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
 import static google.registry.flows.ResourceFlowUtils.verifyResourceDoesNotExist;
+import static google.registry.flows.domain.AllocationTokenFlowUtils.redeemToken;
+import static google.registry.flows.domain.AllocationTokenFlowUtils.verifyToken;
 import static google.registry.flows.domain.DomainFlowUtils.checkAllowedAccessToTld;
 import static google.registry.flows.domain.DomainFlowUtils.cloneAndLinkReferences;
 import static google.registry.flows.domain.DomainFlowUtils.createFeeCreateResponse;
@@ -65,15 +67,13 @@ import google.registry.flows.custom.DomainCreateFlowCustomLogic;
 import google.registry.flows.custom.DomainCreateFlowCustomLogic.BeforeResponseParameters;
 import google.registry.flows.custom.DomainCreateFlowCustomLogic.BeforeResponseReturnData;
 import google.registry.flows.custom.EntityChanges;
-import google.registry.flows.domain.DomainFlowUtils.DomainNotAllowedForTldWithCreateRestrictionException;
-import google.registry.flows.domain.DomainFlowUtils.NameserversNotSpecifiedForNameserverRestrictedDomainException;
-import google.registry.flows.domain.DomainFlowUtils.NameserversNotSpecifiedForTldWithNameserverWhitelistException;
 import google.registry.model.ImmutableObject;
 import google.registry.model.billing.BillingEvent;
 import google.registry.model.billing.BillingEvent.Flag;
 import google.registry.model.billing.BillingEvent.OneTime;
 import google.registry.model.billing.BillingEvent.Reason;
 import google.registry.model.billing.BillingEvent.Recurring;
+import google.registry.model.domain.AllocationToken;
 import google.registry.model.domain.DomainApplication;
 import google.registry.model.domain.DomainCommand.Create;
 import google.registry.model.domain.DomainResource;
@@ -116,7 +116,11 @@ import org.joda.time.Duration;
  * @error {@link google.registry.flows.exceptions.ResourceAlreadyExistsException}
  * @error {@link google.registry.flows.EppException.UnimplementedExtensionException}
  * @error {@link google.registry.flows.ExtensionManager.UndeclaredServiceExtensionException}
- * @error {@link google.registry.flows.domain.DomainFlowUtils.NotAuthorizedForTldException}
+ * @error {@link AllocationTokenFlowUtils.AlreadyRedeemedAllocationTokenException}
+ * @error {@link AllocationTokenFlowUtils.InvalidAllocationTokenException}
+ * @error {@link DomainCreateFlow.DomainHasOpenApplicationsException}
+ * @error {@link DomainCreateFlow.NoGeneralRegistrationsInCurrentPhaseException}
+ * @error {@link DomainFlowUtils.NotAuthorizedForTldException}
  * @error {@link DomainFlowUtils.AcceptedTooLongAgoException}
  * @error {@link DomainFlowUtils.BadDomainNameCharacterException}
  * @error {@link DomainFlowUtils.BadDomainNamePartsCountException}
@@ -127,7 +131,7 @@ import org.joda.time.Duration;
  * @error {@link DomainFlowUtils.CurrencyValueScaleException}
  * @error {@link DomainFlowUtils.DashesInThirdAndFourthException}
  * @error {@link DomainFlowUtils.DomainLabelTooLongException}
- * @error {@link DomainNotAllowedForTldWithCreateRestrictionException}
+ * @error {@link DomainFlowUtils.DomainNotAllowedForTldWithCreateRestrictionException}
  * @error {@link DomainFlowUtils.DomainReservedException}
  * @error {@link DomainFlowUtils.DuplicateContactForRoleException}
  * @error {@link DomainFlowUtils.EmptyDomainNamePartException}
@@ -153,8 +157,8 @@ import org.joda.time.Duration;
  * @error {@link DomainFlowUtils.MissingTechnicalContactException}
  * @error {@link DomainFlowUtils.NameserversNotAllowedForDomainException}
  * @error {@link DomainFlowUtils.NameserversNotAllowedForTldException}
- * @error {@link NameserversNotSpecifiedForNameserverRestrictedDomainException}
- * @error {@link NameserversNotSpecifiedForTldWithNameserverWhitelistException}
+ * @error {@link DomainFlowUtils.NameserversNotSpecifiedForNameserverRestrictedDomainException}
+ * @error {@link DomainFlowUtils.NameserversNotSpecifiedForTldWithNameserverWhitelistException}
  * @error {@link DomainFlowUtils.PremiumNameBlockedException}
  * @error {@link DomainFlowUtils.RegistrantNotAllowedException}
  * @error {@link DomainFlowUtils.RegistrarMustBeActiveToCreateDomainsException}
@@ -165,8 +169,6 @@ import org.joda.time.Duration;
  * @error {@link DomainFlowUtils.UnexpectedClaimsNoticeException}
  * @error {@link DomainFlowUtils.UnsupportedFeeAttributeException}
  * @error {@link DomainFlowUtils.UnsupportedMarkTypeException}
- * @error {@link DomainCreateFlow.DomainHasOpenApplicationsException}
- * @error {@link DomainCreateFlow.NoGeneralRegistrationsInCurrentPhaseException}
  */
 @ReportingSpec(ActivityReportField.DOMAIN_CREATE)
 public class DomainCreateFlow implements TransactionalFlow {
@@ -247,12 +249,15 @@ public class DomainCreateFlow implements TransactionalFlow {
       verifyPremiumNameIsNotBlocked(targetId, now, clientId);
       verifyNoOpenApplications(now);
       verifyIsGaOrIsSpecialCase(tldState, isAnchorTenant);
-      signedMarkId = hasSignedMarks
+      if (hasSignedMarks) {
         // If a signed mark was provided, then it must match the desired domain label. Get the mark
         // at this point so that we can verify it before the "after validation" extension point.
-        ? tmchUtils.verifySignedMarks(launchCreate.getSignedMarks(), domainLabel, now).getId()
-        : null;
+        signedMarkId =
+            tmchUtils.verifySignedMarks(launchCreate.getSignedMarks(), domainLabel, now).getId();
+      }
     }
+    Optional<AllocationToken> allocationToken =
+        verifyAllocationTokenIfPresent(domainName, registry, clientId);
     customLogic.afterValidation(
         DomainCreateFlowCustomLogic.AfterValidationParameters.newBuilder()
             .setDomainName(domainName)
@@ -316,6 +321,7 @@ public class DomainCreateFlow implements TransactionalFlow {
         ForeignKeyIndex.create(newDomain, newDomain.getDeletionTime()),
         EppResourceIndex.create(Key.create(newDomain)));
 
+    allocationToken.ifPresent(t -> entitiesToSave.add(redeemToken(t, Key.create(historyEntry))));
     // Anchor tenant registrations override LRP, and landrush applications can skip it.
     // If a token is passed in outside of an LRP phase, it is simply ignored (i.e. never redeemed).
     if (isLrpCreate(registry, isAnchorTenant, now)) {
@@ -362,7 +368,7 @@ public class DomainCreateFlow implements TransactionalFlow {
     }
   }
 
-  /** Prohibit registrations for non-qlp and non-superuser outside of GA. **/
+  /** Prohibit registrations for non-QLP and non-superuser outside of General Availability. **/
   private void verifyIsGaOrIsSpecialCase(TldState tldState, boolean isAnchorTenant)
       throws NoGeneralRegistrationsInCurrentPhaseException {
     if (!isAnchorTenant && tldState != TldState.GENERAL_AVAILABILITY) {
@@ -370,6 +376,17 @@ public class DomainCreateFlow implements TransactionalFlow {
     }
   }
 
+  /** Verifies and returns the allocation token if one is specified, otherwise does nothing. */
+  private Optional<AllocationToken> verifyAllocationTokenIfPresent(
+      InternetDomainName domainName, Registry registry, String clientId)
+      throws EppException {
+    AllocationTokenExtension ext = eppInput.getSingleExtension(AllocationTokenExtension.class);
+    return Optional.ofNullable(
+        (ext == null)
+            ? null
+            : verifyToken(domainName, ext.getAllocationToken(), registry, clientId));
+  }
+
   private HistoryEntry buildHistoryEntry(
       String repoId, Registry registry, DateTime now, Period period, Duration addGracePeriod) {
     // We ignore prober transactions

java/google/registry/model/domain/AllocationToken.java

@@ -73,6 +73,7 @@ public class AllocationToken extends BackupGroupRoot implements Buildable {
     }
 
     public Builder setToken(String token) {
+      checkState(getInstance().token == null, "token can only be set once");
       checkArgumentNotNull(token, "token must not be null");
       checkArgument(!token.isEmpty(), "token must not be blank");
       getInstance().token = token;

java/google/registry/model/domain/token/AllocationTokenExtension.java

@@ -16,8 +16,10 @@ package google.registry.model.domain.token;
 
 import google.registry.model.ImmutableObject;
 import google.registry.model.eppinput.EppInput.CommandExtension;
+import google.registry.xml.TrimWhitespaceAdapter;
 import javax.xml.bind.annotation.XmlRootElement;
 import javax.xml.bind.annotation.XmlValue;
+import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
 
 /**
  * An allocation token extension that may be present on EPP domain commands.
@@ -30,6 +32,7 @@ public class AllocationTokenExtension extends ImmutableObject implements Command
 
   /** The allocation token for the command. */
   @XmlValue
+  @XmlJavaTypeAdapter(TrimWhitespaceAdapter.class)
   String allocationToken;
 
   public String getAllocationToken() {

java/google/registry/xml/TrimWhitespaceAdapter.java

@@ -0,0 +1,48 @@
+// Copyright 2017 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.xml;
+
+import com.google.common.base.CharMatcher;
+import javax.annotation.Nullable;
+import javax.xml.bind.annotation.adapters.XmlAdapter;
+
+/**
+ * {@link XmlAdapter} which trims all whitespace surrounding a String.
+ *
+ * <p>This is primarily useful for <code>@XmlValue</code>-annotated fields in JAXB objects, as XML
+ * values can commonly be formatted like so:
+ *
+ * <pre>{@code
+ *   &lt;ns:tag&gt;
+ *     XML value here.
+ *   &lt;/ns:tag&gt;
+ * }</pre>
+ */
+public class TrimWhitespaceAdapter extends XmlAdapter<String, String> {
+
+  private static final CharMatcher WHITESPACE = CharMatcher.anyOf(" \t\r\n");
+
+  @Override
+  @Nullable
+  public String unmarshal(@Nullable String value) {
+    return (value == null) ? null : WHITESPACE.trimFrom(value);
+  }
+
+  @Override
+  @Nullable
+  public String marshal(@Nullable String str) {
+    return str;
+  }
+}