Rename DNL and SMDRL "login" to "loginAndPassword"

They are passed around in the format username:password, whereas just saying
"login" implies it's just a username and not necessarily also a secret
password. Putting password in the variable name makes it obvious what this is
and reduces the likelihood of anyone ever logging it or otherwise using it
inappropriately.

Note that this does not require data migrations as the actual key used to store
the data in KMS remains unchanged.

This is a follow-up to []

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=231253964

java/google/registry/keyring/api/InMemoryKeyring.java

@@ -35,9 +35,9 @@ public final class InMemoryKeyring implements Keyring {
   private final String rdeSshClientPrivateKey;
   private final String icannReportingPassword;
   private final String safeBrowsingAPIKey;
-  private final String marksdbDnlLogin;
+  private final String marksdbDnlLoginAndPassword;
   private final String marksdbLordnPassword;
-  private final String marksdbSmdrlLogin;
+  private final String marksdbSmdrlLoginAndPassword;
   private final String jsonCredential;
 
   public InMemoryKeyring(
@@ -50,9 +50,9 @@ public final class InMemoryKeyring implements Keyring {
       String rdeSshClientPrivateKey,
       String icannReportingPassword,
       String safeBrowsingAPIKey,
-      String marksdbDnlLogin,
+      String marksdbDnlLoginAndPassword,
       String marksdbLordnPassword,
-      String marksdbSmdrlLogin,
+      String marksdbSmdrlLoginAndPassword,
       String jsonCredential) {
     checkArgument(PgpHelper.isSigningKey(rdeSigningKey.getPublicKey()),
         "RDE signing key must support signing: %s", rdeSigningKey.getKeyID());
@@ -73,9 +73,11 @@ public final class InMemoryKeyring implements Keyring {
     this.rdeSshClientPrivateKey = checkNotNull(rdeSshClientPrivateKey, "rdeSshClientPrivateKey");
     this.icannReportingPassword = checkNotNull(icannReportingPassword, "icannReportingPassword");
     this.safeBrowsingAPIKey = checkNotNull(safeBrowsingAPIKey, "safeBrowsingAPIKey");
-    this.marksdbDnlLogin = checkNotNull(marksdbDnlLogin, "marksdbDnlLogin");
+    this.marksdbDnlLoginAndPassword =
+        checkNotNull(marksdbDnlLoginAndPassword, "marksdbDnlLoginAndPassword");
     this.marksdbLordnPassword = checkNotNull(marksdbLordnPassword, "marksdbLordnPassword");
-    this.marksdbSmdrlLogin = checkNotNull(marksdbSmdrlLogin, "marksdbSmdrlLogin");
+    this.marksdbSmdrlLoginAndPassword =
+        checkNotNull(marksdbSmdrlLoginAndPassword, "marksdbSmdrlLoginAndPassword");
     this.jsonCredential = checkNotNull(jsonCredential, "jsonCredential");
   }
 
@@ -130,8 +132,8 @@ public final class InMemoryKeyring implements Keyring {
   }
 
     @Override
-  public String getMarksdbDnlLogin() {
-    return marksdbDnlLogin;
+  public String getMarksdbDnlLoginAndPassword() {
+    return marksdbDnlLoginAndPassword;
   }
 
   @Override
@@ -140,8 +142,8 @@ public final class InMemoryKeyring implements Keyring {
   }
 
   @Override
-  public String getMarksdbSmdrlLogin() {
-    return marksdbSmdrlLogin;
+  public String getMarksdbSmdrlLoginAndPassword() {
+    return marksdbSmdrlLoginAndPassword;
   }
 
   @Override

java/google/registry/keyring/api/KeyModule.java

@@ -55,9 +55,9 @@ public final class KeyModule {
   }
 
   @Provides
-  @Key("marksdbDnlLogin")
-  static Optional<String> provideMarksdbDnlLogin(Keyring keyring) {
-    return Optional.ofNullable(emptyToNull(keyring.getMarksdbDnlLogin()));
+  @Key("marksdbDnlLoginAndPassword")
+  static Optional<String> provideMarksdbDnlLoginAndPassword(Keyring keyring) {
+    return Optional.ofNullable(emptyToNull(keyring.getMarksdbDnlLoginAndPassword()));
   }
 
   @Provides
@@ -67,9 +67,9 @@ public final class KeyModule {
   }
 
   @Provides
-  @Key("marksdbSmdrlLogin")
-  static Optional<String> provideMarksdbSmdrlLogin(Keyring keyring) {
-    return Optional.ofNullable(emptyToNull(keyring.getMarksdbSmdrlLogin()));
+  @Key("marksdbSmdrlLoginAndPassword")
+  static Optional<String> provideMarksdbSmdrlLoginAndPassword(Keyring keyring) {
+    return Optional.ofNullable(emptyToNull(keyring.getMarksdbSmdrlLoginAndPassword()));
   }
 
   @Provides

java/google/registry/keyring/api/Keyring.java

@@ -129,7 +129,7 @@ public interface Keyring extends AutoCloseable {
    *
    * @see google.registry.tmch.TmchDnlAction
    */
-  String getMarksdbDnlLogin();
+  String getMarksdbDnlLoginAndPassword();
 
   /**
    * Returns password for TMCH MarksDB HTTP server LORDN interface.
@@ -143,7 +143,7 @@ public interface Keyring extends AutoCloseable {
    *
    * @see google.registry.tmch.TmchSmdrlAction
    */
-  String getMarksdbSmdrlLogin();
+  String getMarksdbSmdrlLoginAndPassword();
 
   /**
    * Returns the credentials for a service account on the Google AppEngine project downloaded from

java/google/registry/keyring/kms/KmsKeyring.java

@@ -139,7 +139,7 @@ public class KmsKeyring implements Keyring {
   }
 
   @Override
-  public String getMarksdbDnlLogin() {
+  public String getMarksdbDnlLoginAndPassword() {
     return getString(StringKeyLabel.MARKSDB_DNL_LOGIN_STRING);
   }
 
@@ -149,7 +149,7 @@ public class KmsKeyring implements Keyring {
   }
 
   @Override
-  public String getMarksdbSmdrlLogin() {
+  public String getMarksdbSmdrlLoginAndPassword() {
     return getString(StringKeyLabel.MARKSDB_SMDRL_LOGIN_STRING);
   }
 

java/google/registry/keyring/kms/KmsUpdater.java

@@ -104,7 +104,7 @@ public final class KmsUpdater {
     return setString(password, ICANN_REPORTING_PASSWORD_STRING);
   }
 
-  public KmsUpdater setMarksdbDnlLogin(String login) {
+  public KmsUpdater setMarksdbDnlLoginAndPassword(String login) {
     return setString(login, MARKSDB_DNL_LOGIN_STRING);
   }
 
@@ -112,7 +112,7 @@ public final class KmsUpdater {
     return setString(password, MARKSDB_LORDN_PASSWORD_STRING);
   }
 
-  public KmsUpdater setMarksdbSmdrlLogin(String login) {
+  public KmsUpdater setMarksdbSmdrlLoginAndPassword(String login) {
     return setString(login, MARKSDB_SMDRL_LOGIN_STRING);
   }
 

java/google/registry/tmch/Marksdb.java

@@ -112,9 +112,9 @@ public final class Marksdb {
     }
   }
 
-  byte[] fetch(URL url, Optional<String> login) throws IOException {
+  byte[] fetch(URL url, Optional<String> loginAndPassword) throws IOException {
     HTTPRequest req = new HTTPRequest(url, GET, validateCertificate().setDeadline(60d));
-    setAuthorizationHeader(req, login);
+    setAuthorizationHeader(req, loginAndPassword);
     HTTPResponse rsp = fetchService.fetch(req);
     if (rsp.getResponseCode() != SC_OK) {
       throw new UrlFetchException("Failed to fetch from MarksDB", req, rsp);
@@ -122,16 +122,17 @@ public final class Marksdb {
     return rsp.getContent();
   }
 
-  List<String> fetchSignedCsv(Optional<String> login, String csvPath, String sigPath)
+  List<String> fetchSignedCsv(Optional<String> loginAndPassword, String csvPath, String sigPath)
       throws IOException, SignatureException, PGPException {
-    checkArgument(login.isPresent(), "Cannot fetch from MarksDB without login credentials");
+    checkArgument(
+        loginAndPassword.isPresent(), "Cannot fetch from MarksDB without login credentials");
 
     String csvUrl = tmchMarksdbUrl + csvPath;
-    byte[] csv = fetch(new URL(csvUrl), login);
+    byte[] csv = fetch(new URL(csvUrl), loginAndPassword);
     logFetchedBytes(csvUrl, csv);
 
     String sigUrl = tmchMarksdbUrl + sigPath;
-    byte[] sig = fetch(new URL(sigUrl), login);
+    byte[] sig = fetch(new URL(sigUrl), loginAndPassword);
     logFetchedBytes(sigUrl, sig);
 
     pgpVerifySignature(csv, sig, marksdbPublicKey);

java/google/registry/tmch/TmchDnlAction.java

@@ -42,7 +42,7 @@ public final class TmchDnlAction implements Runnable {
   private static final String DNL_SIG_PATH = "/dnl/dnl-latest.sig";
 
   @Inject Marksdb marksdb;
-  @Inject @Key("marksdbDnlLogin") Optional<String> marksdbDnlLogin;
+  @Inject @Key("marksdbDnlLoginAndPassword") Optional<String> marksdbDnlLoginAndPassword;
   @Inject TmchDnlAction() {}
 
   /** Synchronously fetches latest domain name list and saves it to Datastore. */
@@ -50,7 +50,7 @@ public final class TmchDnlAction implements Runnable {
   public void run() {
     List<String> lines;
     try {
-      lines = marksdb.fetchSignedCsv(marksdbDnlLogin, DNL_CSV_PATH, DNL_SIG_PATH);
+      lines = marksdb.fetchSignedCsv(marksdbDnlLoginAndPassword, DNL_CSV_PATH, DNL_SIG_PATH);
     } catch (SignatureException | IOException | PGPException e) {
       throw new RuntimeException(e);
     }

java/google/registry/tmch/TmchSmdrlAction.java

@@ -42,7 +42,7 @@ public final class TmchSmdrlAction implements Runnable {
   private static final String SMDRL_SIG_PATH = "/smdrl/smdrl-latest.sig";
 
   @Inject Marksdb marksdb;
-  @Inject @Key("marksdbSmdrlLogin") Optional<String> marksdbSmdrlLogin;
+  @Inject @Key("marksdbSmdrlLoginAndPassword") Optional<String> marksdbSmdrlLoginAndPassword;
   @Inject TmchSmdrlAction() {}
 
   /** Synchronously fetches latest signed mark revocation list and saves it to Datastore. */
@@ -50,7 +50,7 @@ public final class TmchSmdrlAction implements Runnable {
   public void run() {
     List<String> lines;
     try {
-      lines = marksdb.fetchSignedCsv(marksdbSmdrlLogin, SMDRL_CSV_PATH, SMDRL_SIG_PATH);
+      lines = marksdb.fetchSignedCsv(marksdbSmdrlLoginAndPassword, SMDRL_CSV_PATH, SMDRL_SIG_PATH);
     } catch (SignatureException | IOException | PGPException e) {
       throw new RuntimeException(e);
     }

java/google/registry/tools/GetKeyringSecretCommand.java

@@ -74,14 +74,14 @@ final class GetKeyringSecretCommand implements CommandWithRemoteApi {
       case JSON_CREDENTIAL:
         out.write(KeySerializer.serializeString(keyring.getJsonCredential()));
         break;
-      case MARKSDB_DNL_LOGIN:
-        out.write(KeySerializer.serializeString(keyring.getMarksdbDnlLogin()));
+      case MARKSDB_DNL_LOGIN_AND_PASSWORD:
+        out.write(KeySerializer.serializeString(keyring.getMarksdbDnlLoginAndPassword()));
         break;
       case MARKSDB_LORDN_PASSWORD:
         out.write(KeySerializer.serializeString(keyring.getMarksdbLordnPassword()));
         break;
-      case MARKSDB_SMDRL_LOGIN:
-        out.write(KeySerializer.serializeString(keyring.getMarksdbSmdrlLogin()));
+      case MARKSDB_SMDRL_LOGIN_AND_PASSWORD:
+        out.write(KeySerializer.serializeString(keyring.getMarksdbSmdrlLoginAndPassword()));
         break;
       case RDE_RECEIVER_PUBLIC_KEY:
         out.write(KeySerializer.serializePublicKey(keyring.getRdeReceiverKey()));

java/google/registry/tools/UpdateKmsKeyringCommand.java

@@ -71,14 +71,14 @@ final class UpdateKmsKeyringCommand implements CommandWithRemoteApi {
       case JSON_CREDENTIAL:
         kmsUpdater.setJsonCredential(deserializeString(input));
         break;
-      case MARKSDB_DNL_LOGIN:
-        kmsUpdater.setMarksdbDnlLogin(deserializeString(input));
+      case MARKSDB_DNL_LOGIN_AND_PASSWORD:
+        kmsUpdater.setMarksdbDnlLoginAndPassword(deserializeString(input));
         break;
       case MARKSDB_LORDN_PASSWORD:
         kmsUpdater.setMarksdbLordnPassword(deserializeString(input));
         break;
-      case MARKSDB_SMDRL_LOGIN:
-        kmsUpdater.setMarksdbSmdrlLogin(deserializeString(input));
+      case MARKSDB_SMDRL_LOGIN_AND_PASSWORD:
+        kmsUpdater.setMarksdbSmdrlLoginAndPassword(deserializeString(input));
         break;
       case RDE_RECEIVER_PUBLIC_KEY:
         kmsUpdater.setRdeReceiverPublicKey(deserializePublicKey(input));

java/google/registry/tools/params/KeyringKeyName.java

@@ -26,9 +26,9 @@ public enum KeyringKeyName {
   BRDA_SIGNING_PUBLIC_KEY,
   ICANN_REPORTING_PASSWORD,
   JSON_CREDENTIAL,
-  MARKSDB_DNL_LOGIN,
+  MARKSDB_DNL_LOGIN_AND_PASSWORD,
   MARKSDB_LORDN_PASSWORD,
-  MARKSDB_SMDRL_LOGIN,
+  MARKSDB_SMDRL_LOGIN_AND_PASSWORD,
   RDE_RECEIVER_PUBLIC_KEY,
   RDE_SIGNING_KEY_PAIR,
   RDE_SIGNING_PUBLIC_KEY,