Decouple SessionMetadata and TransportCredentials

TransportCredentials are per-request, not per-session, and
there's no reason to carry them within SessionMetadata.

While I'm in here, get rid of "null" credentials.
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=125202213

java/google/registry/flows/SessionMetadata.java

@@ -46,9 +46,7 @@ public abstract class SessionMetadata {
     NONE
   }
 
-  private TransportCredentials credentials;
-
-   /** The key used for looking up the current client id on the session object. */
+  /** The key used for looking up the current client id on the session object. */
   protected static final String CLIENT_ID_KEY = "CLIENT_ID";
 
   /** The key used for looking up the superuser bit on the session object. */
@@ -91,16 +89,6 @@ public abstract class SessionMetadata {
     return clazz.cast(getProperty(key));
   }
 
-  public TransportCredentials getTransportCredentials() {
-    checkValid();
-    return credentials;
-  }
-
-  public void setTransportCredentials(TransportCredentials credentials) {
-    checkValid();
-    this.credentials = credentials;
-  }
-
   public String getClientId() {
     return getProperty(String.class, CLIENT_ID_KEY);
   }
@@ -164,7 +152,6 @@ public abstract class SessionMetadata {
         .add("failedLoginAttempts", getFailedLoginAttempts())
         .add("sessionSource", getSessionSource())
         .add("serviceExtensionUris", Joiner.on('.').join(nullToEmpty(getServiceExtensionUris())))
-        .add("transportCredentials", getTransportCredentials())
         .toString();
   }
 }