Add basic AllocationToken validation/redemption for domain creates

The next step is to add them for domain checks as well (which is simpler because it doesn't involve validation). This requires the addition of a TrimWhitespaceAdapter for XML JAXB objects, which will prove useful for other @XmlValue attributes in the future. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=181526726
2025-05-13 07:57:13 +02:00 · 2018-01-10 15:27:07 -08:00 · 2018-01-10 15:27:07 -08:00 · e07d011bc6
commit e07d011bc6
parent 646dcecd7e
11 changed files with 246 additions and 16 deletions
--- a/docs/flows.md
+++ b/docs/flows.md
@ -535,6 +535,7 @@ An EPP flow that creates a new domain resource.
    *   The checksum in the specified TCNID does not validate.
    *   Domain name is under tld which doesn't exist.
 *   2005
+    *   The allocation token is invalid.
    *   Domain name must have exactly one part above the TLD.
    *   Domain name must not equal an existing multi-part TLD.
    *   The requested fee is expressed in a scale that is invalid for the given
@ -557,6 +558,7 @@ An EPP flow that creates a new domain resource.
 *   2303
    *   Resource linked to this domain does not exist.
 *   2304
+    *   There is an open application for this domain.
    *   The claims period for this TLD has ended.
    *   Requested domain does not have nameserver-restricted reservation for a
        TLD that requires such a reservation to create domains.
@ -572,7 +574,8 @@ An EPP flow that creates a new domain resource.
        registrar has blocked premium registrations.
    *   Registrant is not whitelisted for this TLD.
    *   Requested domain does not require a claims notice.
-    *   There is an open application for this domain.
+*   2305
+    *   The allocation token was already redeemed.
 *   2306
    *   Domain names can only contain a-z, 0-9, '.' and '-'.
    *   Periods for domain registrations must be specified in years.
--- a/java/google/registry/flows/domain/AllocationTokenFlowUtils.java
+++ b/java/google/registry/flows/domain/AllocationTokenFlowUtils.java
@ -0,0 +1,70 @@
+// Copyright 2017 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.flows.domain;
+
+import static google.registry.model.ofy.ObjectifyService.ofy;
+
+import com.google.common.net.InternetDomainName;
+import com.googlecode.objectify.Key;
+import google.registry.flows.EppException;
+import google.registry.flows.EppException.AssociationProhibitsOperationException;
+import google.registry.flows.EppException.ParameterValueSyntaxErrorException;
+import google.registry.model.domain.AllocationToken;
+import google.registry.model.registry.Registry;
+import google.registry.model.reporting.HistoryEntry;
+
+/** Static utility functions for dealing with {@link AllocationToken}s in domain flows. */
+public class AllocationTokenFlowUtils {
+
+  /**
+   * Verifies that a given allocation token string is valid.
+   *
+   * @return the loaded {@link AllocationToken} for that string.
+   * @throws InvalidAllocationTokenException if the token doesn't exist.
+   */
+  static AllocationToken verifyToken(
+      InternetDomainName domainName, String token, Registry registry, String clientId)
+      throws EppException {
+    AllocationToken tokenEntity = ofy().load().key(Key.create(AllocationToken.class, token)).now();
+    if (tokenEntity == null) {
+      throw new InvalidAllocationTokenException();
+    }
+    if (tokenEntity.isRedeemed()) {
+      throw new AlreadyRedeemedAllocationTokenException();
+    }
+    return tokenEntity;
+  }
+
+  /** Redeems an {@link AllocationToken}, returning the redeemed copy. */
+  static AllocationToken redeemToken(
+      AllocationToken token, Key<HistoryEntry> redemptionHistoryEntry) {
+    return token.asBuilder().setRedemptionHistoryEntry(redemptionHistoryEntry).build();
+  }
+
+  /** The allocation token was already redeemed. */
+  static class AlreadyRedeemedAllocationTokenException
+      extends AssociationProhibitsOperationException {
+    public AlreadyRedeemedAllocationTokenException() {
+      super("The allocation token was already redeemed");
+    }
+  }
+
+  /** The allocation token is invalid. */
+  static class InvalidAllocationTokenException extends ParameterValueSyntaxErrorException {
+    public InvalidAllocationTokenException() {
+      super("The allocation token is invalid");
+    }
+  }
+}
--- a/java/google/registry/flows/domain/DomainCreateFlow.java
+++ b/java/google/registry/flows/domain/DomainCreateFlow.java
@ -17,6 +17,8 @@ package google.registry.flows.domain;
 import static google.registry.flows.FlowUtils.persistEntityChanges;
 import static google.registry.flows.FlowUtils.validateClientIsLoggedIn;
 import static google.registry.flows.ResourceFlowUtils.verifyResourceDoesNotExist;
+import static google.registry.flows.domain.AllocationTokenFlowUtils.redeemToken;
+import static google.registry.flows.domain.AllocationTokenFlowUtils.verifyToken;
 import static google.registry.flows.domain.DomainFlowUtils.checkAllowedAccessToTld;
 import static google.registry.flows.domain.DomainFlowUtils.cloneAndLinkReferences;
 import static google.registry.flows.domain.DomainFlowUtils.createFeeCreateResponse;
@ -65,15 +67,13 @@ import google.registry.flows.custom.DomainCreateFlowCustomLogic;
 import google.registry.flows.custom.DomainCreateFlowCustomLogic.BeforeResponseParameters;
 import google.registry.flows.custom.DomainCreateFlowCustomLogic.BeforeResponseReturnData;
 import google.registry.flows.custom.EntityChanges;
-import google.registry.flows.domain.DomainFlowUtils.DomainNotAllowedForTldWithCreateRestrictionException;
-import google.registry.flows.domain.DomainFlowUtils.NameserversNotSpecifiedForNameserverRestrictedDomainException;
-import google.registry.flows.domain.DomainFlowUtils.NameserversNotSpecifiedForTldWithNameserverWhitelistException;
 import google.registry.model.ImmutableObject;
 import google.registry.model.billing.BillingEvent;
 import google.registry.model.billing.BillingEvent.Flag;
 import google.registry.model.billing.BillingEvent.OneTime;
 import google.registry.model.billing.BillingEvent.Reason;
 import google.registry.model.billing.BillingEvent.Recurring;
+import google.registry.model.domain.AllocationToken;
 import google.registry.model.domain.DomainApplication;
 import google.registry.model.domain.DomainCommand.Create;
 import google.registry.model.domain.DomainResource;
@ -116,7 +116,11 @@ import org.joda.time.Duration;
 * @error {@link google.registry.flows.exceptions.ResourceAlreadyExistsException}
 * @error {@link google.registry.flows.EppException.UnimplementedExtensionException}
 * @error {@link google.registry.flows.ExtensionManager.UndeclaredServiceExtensionException}
- * @error {@link google.registry.flows.domain.DomainFlowUtils.NotAuthorizedForTldException}
+ * @error {@link AllocationTokenFlowUtils.AlreadyRedeemedAllocationTokenException}
+ * @error {@link AllocationTokenFlowUtils.InvalidAllocationTokenException}
+ * @error {@link DomainCreateFlow.DomainHasOpenApplicationsException}
+ * @error {@link DomainCreateFlow.NoGeneralRegistrationsInCurrentPhaseException}
+ * @error {@link DomainFlowUtils.NotAuthorizedForTldException}
 * @error {@link DomainFlowUtils.AcceptedTooLongAgoException}
 * @error {@link DomainFlowUtils.BadDomainNameCharacterException}
 * @error {@link DomainFlowUtils.BadDomainNamePartsCountException}
@ -127,7 +131,7 @@ import org.joda.time.Duration;
 * @error {@link DomainFlowUtils.CurrencyValueScaleException}
 * @error {@link DomainFlowUtils.DashesInThirdAndFourthException}
 * @error {@link DomainFlowUtils.DomainLabelTooLongException}
- * @error {@link DomainNotAllowedForTldWithCreateRestrictionException}
+ * @error {@link DomainFlowUtils.DomainNotAllowedForTldWithCreateRestrictionException}
 * @error {@link DomainFlowUtils.DomainReservedException}
 * @error {@link DomainFlowUtils.DuplicateContactForRoleException}
 * @error {@link DomainFlowUtils.EmptyDomainNamePartException}
@ -153,8 +157,8 @@ import org.joda.time.Duration;
 * @error {@link DomainFlowUtils.MissingTechnicalContactException}
 * @error {@link DomainFlowUtils.NameserversNotAllowedForDomainException}
 * @error {@link DomainFlowUtils.NameserversNotAllowedForTldException}
- * @error {@link NameserversNotSpecifiedForNameserverRestrictedDomainException}
- * @error {@link NameserversNotSpecifiedForTldWithNameserverWhitelistException}
+ * @error {@link DomainFlowUtils.NameserversNotSpecifiedForNameserverRestrictedDomainException}
+ * @error {@link DomainFlowUtils.NameserversNotSpecifiedForTldWithNameserverWhitelistException}
 * @error {@link DomainFlowUtils.PremiumNameBlockedException}
 * @error {@link DomainFlowUtils.RegistrantNotAllowedException}
 * @error {@link DomainFlowUtils.RegistrarMustBeActiveToCreateDomainsException}
@ -165,8 +169,6 @@ import org.joda.time.Duration;
 * @error {@link DomainFlowUtils.UnexpectedClaimsNoticeException}
 * @error {@link DomainFlowUtils.UnsupportedFeeAttributeException}
 * @error {@link DomainFlowUtils.UnsupportedMarkTypeException}
- * @error {@link DomainCreateFlow.DomainHasOpenApplicationsException}
- * @error {@link DomainCreateFlow.NoGeneralRegistrationsInCurrentPhaseException}
 */
@ReportingSpec(ActivityReportField.DOMAIN_CREATE)
 public class DomainCreateFlow implements TransactionalFlow {
@ -247,12 +249,15 @@ public class DomainCreateFlow implements TransactionalFlow {
      verifyPremiumNameIsNotBlocked(targetId, now, clientId);
      verifyNoOpenApplications(now);
      verifyIsGaOrIsSpecialCase(tldState, isAnchorTenant);
-      signedMarkId = hasSignedMarks
+      if (hasSignedMarks) {
        // If a signed mark was provided, then it must match the desired domain label. Get the mark
        // at this point so that we can verify it before the "after validation" extension point.
-        ? tmchUtils.verifySignedMarks(launchCreate.getSignedMarks(), domainLabel, now).getId()
-        : null;
+        signedMarkId =
+            tmchUtils.verifySignedMarks(launchCreate.getSignedMarks(), domainLabel, now).getId();
      }
+    }
+    Optional<AllocationToken> allocationToken =
+        verifyAllocationTokenIfPresent(domainName, registry, clientId);
    customLogic.afterValidation(
        DomainCreateFlowCustomLogic.AfterValidationParameters.newBuilder()
            .setDomainName(domainName)
@ -316,6 +321,7 @@ public class DomainCreateFlow implements TransactionalFlow {
        ForeignKeyIndex.create(newDomain, newDomain.getDeletionTime()),
        EppResourceIndex.create(Key.create(newDomain)));

+    allocationToken.ifPresent(t -> entitiesToSave.add(redeemToken(t, Key.create(historyEntry))));
    // Anchor tenant registrations override LRP, and landrush applications can skip it.
    // If a token is passed in outside of an LRP phase, it is simply ignored (i.e. never redeemed).
    if (isLrpCreate(registry, isAnchorTenant, now)) {
@ -362,7 +368,7 @@ public class DomainCreateFlow implements TransactionalFlow {
    }
  }

-  /** Prohibit registrations for non-qlp and non-superuser outside of GA. **/
+  /** Prohibit registrations for non-QLP and non-superuser outside of General Availability. **/
  private void verifyIsGaOrIsSpecialCase(TldState tldState, boolean isAnchorTenant)
      throws NoGeneralRegistrationsInCurrentPhaseException {
    if (!isAnchorTenant && tldState != TldState.GENERAL_AVAILABILITY) {
@ -370,6 +376,17 @@ public class DomainCreateFlow implements TransactionalFlow {
    }
  }

+  /** Verifies and returns the allocation token if one is specified, otherwise does nothing. */
+  private Optional<AllocationToken> verifyAllocationTokenIfPresent(
+      InternetDomainName domainName, Registry registry, String clientId)
+      throws EppException {
+    AllocationTokenExtension ext = eppInput.getSingleExtension(AllocationTokenExtension.class);
+    return Optional.ofNullable(
+        (ext == null)
+            ? null
+            : verifyToken(domainName, ext.getAllocationToken(), registry, clientId));
+  }
+
  private HistoryEntry buildHistoryEntry(
      String repoId, Registry registry, DateTime now, Period period, Duration addGracePeriod) {
    // We ignore prober transactions
--- a/java/google/registry/model/domain/AllocationToken.java
+++ b/java/google/registry/model/domain/AllocationToken.java
@ -73,6 +73,7 @@ public class AllocationToken extends BackupGroupRoot implements Buildable {
    }

    public Builder setToken(String token) {
+      checkState(getInstance().token == null, "token can only be set once");
      checkArgumentNotNull(token, "token must not be null");
      checkArgument(!token.isEmpty(), "token must not be blank");
      getInstance().token = token;
--- a/java/google/registry/model/domain/token/AllocationTokenExtension.java
+++ b/java/google/registry/model/domain/token/AllocationTokenExtension.java
@ -16,8 +16,10 @@ package google.registry.model.domain.token;

 import google.registry.model.ImmutableObject;
 import google.registry.model.eppinput.EppInput.CommandExtension;
+import google.registry.xml.TrimWhitespaceAdapter;
 import javax.xml.bind.annotation.XmlRootElement;
 import javax.xml.bind.annotation.XmlValue;
+import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;

 /**
 * An allocation token extension that may be present on EPP domain commands.
@ -30,6 +32,7 @@ public class AllocationTokenExtension extends ImmutableObject implements Command

  /** The allocation token for the command. */
  @XmlValue
+  @XmlJavaTypeAdapter(TrimWhitespaceAdapter.class)
  String allocationToken;

  public String getAllocationToken() {
--- a/java/google/registry/xml/TrimWhitespaceAdapter.java
+++ b/java/google/registry/xml/TrimWhitespaceAdapter.java
@ -0,0 +1,48 @@
+// Copyright 2017 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.xml;
+
+import com.google.common.base.CharMatcher;
+import javax.annotation.Nullable;
+import javax.xml.bind.annotation.adapters.XmlAdapter;
+
+/**
+ * {@link XmlAdapter} which trims all whitespace surrounding a String.
+ *
+ * <p>This is primarily useful for <code>@XmlValue</code>-annotated fields in JAXB objects, as XML
+ * values can commonly be formatted like so:
+ *
+ * <pre>{@code
+ *   &lt;ns:tag&gt;
+ *     XML value here.
+ *   &lt;/ns:tag&gt;
+ * }</pre>
+ */
+public class TrimWhitespaceAdapter extends XmlAdapter<String, String> {
+
+  private static final CharMatcher WHITESPACE = CharMatcher.anyOf(" \t\r\n");
+
+  @Override
+  @Nullable
+  public String unmarshal(@Nullable String value) {
+    return (value == null) ? null : WHITESPACE.trimFrom(value);
+  }
+
+  @Override
+  @Nullable
+  public String marshal(@Nullable String str) {
+    return str;
+  }
+}
--- a/javatests/google/registry/flows/domain/DomainCreateFlowTest.java
+++ b/javatests/google/registry/flows/domain/DomainCreateFlowTest.java
@ -59,11 +59,14 @@ import com.google.common.base.Strings;
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.ImmutableSortedMap;
+import com.googlecode.objectify.Key;
 import google.registry.flows.EppException;
 import google.registry.flows.EppException.UnimplementedExtensionException;
 import google.registry.flows.EppRequestSource;
 import google.registry.flows.ExtensionManager.UndeclaredServiceExtensionException;
 import google.registry.flows.ResourceFlowTestCase;
+import google.registry.flows.domain.AllocationTokenFlowUtils.AlreadyRedeemedAllocationTokenException;
+import google.registry.flows.domain.AllocationTokenFlowUtils.InvalidAllocationTokenException;
 import google.registry.flows.domain.DomainCreateFlow.DomainHasOpenApplicationsException;
 import google.registry.flows.domain.DomainCreateFlow.NoGeneralRegistrationsInCurrentPhaseException;
 import google.registry.flows.domain.DomainFlowUtils.AcceptedTooLongAgoException;
@ -120,6 +123,7 @@ import google.registry.flows.exceptions.ResourceAlreadyExistsException;
 import google.registry.model.billing.BillingEvent;
 import google.registry.model.billing.BillingEvent.Flag;
 import google.registry.model.billing.BillingEvent.Reason;
+import google.registry.model.domain.AllocationToken;
 import google.registry.model.domain.DomainResource;
 import google.registry.model.domain.GracePeriod;
 import google.registry.model.domain.LrpTokenEntity;
@ -381,11 +385,40 @@ public class DomainCreateFlowTest extends ResourceFlowTestCase<DomainCreateFlow,
  }

  @Test
-  public void testSuccess_allocationToken_isIgnored() throws Exception {
-    // TODO(b/70628322): Change this test to fail on invalid allocationToken.
+  public void testFailure_invalidAllocationToken() throws Exception {
    setEppInput("domain_create_allocationtoken.xml");
    persistContactsAndHosts();
+    EppException thrown = expectThrows(InvalidAllocationTokenException.class, this::runFlow);
+    assertAboutEppExceptions().that(thrown).marshalsToXml();
+  }
+
+  @Test
+  public void testFailure_alreadyRedemeedAllocationToken() throws Exception {
+    setEppInput("domain_create_allocationtoken.xml");
+    persistContactsAndHosts();
+    persistResource(
+        new AllocationToken.Builder()
+            .setToken("abc123")
+            .setRedemptionHistoryEntry(Key.create(HistoryEntry.class, 505L))
+            .build());
+    clock.advanceOneMilli();
+    EppException thrown =
+        expectThrows(AlreadyRedeemedAllocationTokenException.class, this::runFlow);
+    assertAboutEppExceptions().that(thrown).marshalsToXml();
+  }
+
+  @Test
+  public void testSuccess_validAllocationToken_isRedeemed() throws Exception {
+    setEppInput("domain_create_allocationtoken.xml");
+    persistContactsAndHosts();
+    AllocationToken token =
+        persistResource(new AllocationToken.Builder().setToken("abc123").build());
+    clock.advanceOneMilli();
    doSuccessfulTest();
+    HistoryEntry historyEntry =
+        ofy().load().type(HistoryEntry.class).ancestor(reloadResourceByForeignKey()).first().now();
+    assertThat(ofy().load().entity(token).now().getRedemptionHistoryEntry())
+        .isEqualTo(Key.create(historyEntry));
  }

  @Test
--- a/javatests/google/registry/model/domain/AllocationTokenTest.java
+++ b/javatests/google/registry/model/domain/AllocationTokenTest.java
@ -72,4 +72,12 @@ public class AllocationTokenTest extends EntityTestCase {
            () -> builder.setCreationTime(DateTime.parse("2010-11-13T05:00:00Z")));
    assertThat(thrown).hasMessageThat().isEqualTo("creationTime can only be set once");
  }
+
+  @Test
+  public void testSetToken_cantCallMoreThanOnce() throws Exception {
+    AllocationToken.Builder builder = new AllocationToken.Builder().setToken("foobar");
+    IllegalStateException thrown =
+        expectThrows(IllegalStateException.class, () -> builder.setToken("barfoo"));
+    assertThat(thrown).hasMessageThat().isEqualTo("token can only be set once");
+  }
 }
--- a/javatests/google/registry/xml/DateAdapterTest.java
+++ b/javatests/google/registry/xml/DateAdapterTest.java
@ -25,6 +25,7 @@ import org.junit.runners.JUnit4;
 /** Unit tests for {@link DateAdapter}. */
@RunWith(JUnit4.class)
 public class DateAdapterTest {
+
  @Test
  public void testMarshal() {
    assertThat(new DateAdapter().marshal(
--- a/javatests/google/registry/xml/TrimWhitespaceAdapterTest.java
+++ b/javatests/google/registry/xml/TrimWhitespaceAdapterTest.java
@ -0,0 +1,45 @@
+// Copyright 2017 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.xml;
+
+import static com.google.common.truth.Truth.assertThat;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+/** Unit tests for {@link TrimWhitespaceAdapter}. */
+@RunWith(JUnit4.class)
+public class TrimWhitespaceAdapterTest {
+
+  @Test
+  public void testUnmarshal() {
+    TrimWhitespaceAdapter adapter = new TrimWhitespaceAdapter();
+    assertThat(adapter.unmarshal("blah")).isEqualTo("blah");
+    assertThat(adapter.unmarshal("")).isEmpty();
+    assertThat(adapter.unmarshal(null)).isNull();
+    assertThat(adapter.unmarshal("\n    test foo bar   \n   \r")).isEqualTo("test foo bar");
+  }
+
+  @Test
+  public void testMarshal() {
+    TrimWhitespaceAdapter adapter = new TrimWhitespaceAdapter();
+    assertThat(adapter.marshal("blah")).isEqualTo("blah");
+    assertThat(adapter.marshal("")).isEmpty();
+    assertThat(adapter.marshal(null)).isNull();
+    assertThat(adapter.marshal("\n    test foo bar   \n   \r"))
+        .isEqualTo("\n    test foo bar   \n   \r");
+  }
+}
--- a/javatests/google/registry/xml/UtcDateTimeAdapterTest.java
+++ b/javatests/google/registry/xml/UtcDateTimeAdapterTest.java
@ -27,6 +27,7 @@ import org.junit.runners.JUnit4;
 /** Unit tests for {@link UtcDateTimeAdapter}. */
@RunWith(JUnit4.class)
 public class UtcDateTimeAdapterTest {
+
  @Test
  public void testMarshal() {
    assertThat(new UtcDateTimeAdapter().marshal(new DateTime(2010, 10, 17, 4, 20, 0, UTC)))