Update angular @21 (#2965)

The only type of thing that can be transferred now is a domain, so
there's no point in having this abstract class / redirection.

This does not include deletion of the contact-response-related XML
classes; that can come next.

build.gradle

@@ -84,10 +84,10 @@ tasks.build.dependsOn(tasks.checkLicense)
 // Paths to main and test sources.
 ext.projectRootDir = "${rootDir}"
 
-// Tasks to deploy/stage all App Engine services
+// Tasks to deploy/stage all services
 task deploy {
   group = 'deployment'
-  description = 'Deploys all services to App Engine.'
+  description = 'Deploys all services.'
 }
 
 task stage {

common/src/main/java/google/registry/util/DateTimeUtils.java

@@ -33,8 +33,8 @@ public abstract class DateTimeUtils {
   /**
    * A date in the far future that we can treat as infinity.
    *
-   * <p>This value is (2^63-1)/1000 rounded down. AppEngine stores dates as 64 bit microseconds, but
-   * Java uses milliseconds, so this is the largest representable date that will survive a
+   * <p>This value is (2^63-1)/1000 rounded down. Postgres can store dates as 64 bit microseconds,
+   * but Java uses milliseconds, so this is the largest representable date that will survive a
    * round-trip through the database.
    */
   public static final DateTime END_OF_TIME = new DateTime(Long.MAX_VALUE / 1000, DateTimeZone.UTC);

config/nom_build.py

@@ -56,7 +56,7 @@ PROPERTIES_HEADER = """\
 # nom_build), run ./nom_build --help.
 #
 # DO NOT EDIT THIS FILE BY HAND
-org.gradle.jvmargs=-Xmx2048m
+org.gradle.jvmargs=-Xmx4096m
 org.gradle.caching=true
 org.gradle.parallel=true
 """
@@ -104,7 +104,7 @@ PROPERTIES = [
     Property('testFilter',
              'Comma separated list of test patterns, if specified run only '
              'these.'),
-    Property('environment', 'GAE Environment for deployment and staging.'),
+    Property('environment', 'Environment for deployment and staging.'),
 
     # Cloud SQL properties
     Property('dbServer',
@@ -117,28 +117,19 @@ PROPERTIES = [
     Property('dbUser', 'Database user name for use in connection'),
     Property('dbPassword', 'Database password for use in connection'),
 
-    Property('publish_repo',
-             'Maven repository that hosts the Cloud SQL schema jar and the '
-             'registry server test jars. Such jars are needed for '
-             'server/schema integration tests. Please refer to <a '
-             'href="./integration/README.md">integration project</a> for more '
-             'information.'),
-    Property('baseSchemaTag',
-             'The nomulus version tag of the schema for use in the schema'
-             'deployment integration test (:db:schemaIncrementalDeployTest)'),
-    Property('schema_version',
-             'The nomulus version tag of the schema for use in a database'
-             'integration test.'),
-    Property('nomulus_version',
-             'The version of nomulus to test against in a database '
-             'integration test.'),
     Property('dot_path',
              'The path to "dot", part of the graphviz package that converts '
              'a BEAM pipeline to image. Setting this property to empty string '
              'will disable image generation.',
              '/usr/bin/dot'),
     Property('pipeline',
-             'The name of the Beam pipeline being staged.')
+             'The name of the Beam pipeline being staged.'),
+    Property('nomulus_env',
+             'For use by scripts. Normally not set manually.'),
+    Property('schema_env',
+             'For use by scripts. Normally not set manually.'),
+    Property('schemaTestArtifactsDir',
+             'For use by scripts. Normally not set manually.')
 ]
 
 GRADLE_FLAGS = [

config/presubmits.py

@@ -98,8 +98,8 @@ PRESUBMITS = {
         "File did not include the license header.",
 
     # Files must end in a newline
-    PresubmitCheck(r".*\n$", ("java", "js", "soy", "sql", "py", "sh", "gradle", "ts"),
-                   {"node_modules/"}, REQUIRED):
+    PresubmitCheck(r".*\n$", ("java", "js", "soy", "sql", "py", "sh", "gradle", "ts", "xml"),
+                   {"node_modules/", ".idea"}, REQUIRED):
         "Source files must end in a newline.",
 
     # System.(out|err).println should only appear in tools/ or load-testing/

console-webapp/README.md

@@ -9,7 +9,7 @@ expected to change.
 
 ## Deployment
 
-Webapp is deployed with the nomulus default service war to Google App Engine.
+The webapp is deployed with the nomulus default service war to GKE.
 During nomulus default service war build task, gradle script triggers the
 following:
 

console-webapp/angular.json

@@ -15,7 +15,7 @@
       "prefix": "app",
       "architect": {
         "build": {
-          "builder": "@angular-devkit/build-angular:application",
+          "builder": "@angular/build:application",
           "options": {
             "outputPath": {
               "base": "staged/dist/",
@@ -112,7 +112,7 @@
           "defaultConfiguration": "production"
         },
         "serve": {
-          "builder": "@angular-devkit/build-angular:dev-server",
+          "builder": "@angular/build:dev-server",
           "configurations": {
             "production": {
               "buildTarget": "console-webapp:build:production"
@@ -136,16 +136,18 @@
           "defaultConfiguration": "development"
         },
         "extract-i18n": {
-          "builder": "@angular-devkit/build-angular:extract-i18n",
+          "builder": "@angular/build:extract-i18n",
           "options": {
             "buildTarget": "console-webapp:build"
           }
         },
         "test": {
-          "builder": "@angular-devkit/build-angular:karma",
+          "builder": "@angular/build:karma",
           "options": {
             "main": "src/test.ts",
-            "polyfills": "src/polyfills.ts",
+            "polyfills": [
+              "src/polyfills.ts"
+            ],
             "tsConfig": "tsconfig.spec.json",
             "karmaConfig": "karma.conf.js",
             "inlineStyleLanguage": "scss",
@@ -183,5 +185,31 @@
     "schematicCollections": [
       "@angular-eslint/schematics"
     ]
+  },
+  "schematics": {
+    "@schematics/angular:component": {
+      "type": "component"
+    },
+    "@schematics/angular:directive": {
+      "type": "directive"
+    },
+    "@schematics/angular:service": {
+      "type": "service"
+    },
+    "@schematics/angular:guard": {
+      "typeSeparator": "."
+    },
+    "@schematics/angular:interceptor": {
+      "typeSeparator": "."
+    },
+    "@schematics/angular:module": {
+      "typeSeparator": "."
+    },
+    "@schematics/angular:pipe": {
+      "typeSeparator": "."
+    },
+    "@schematics/angular:resolver": {
+      "typeSeparator": "."
+    }
   }
 }

console-webapp/dev-proxy.config.json

@@ -1,7 +1,7 @@
 {
   "/console-api":
   {
-    "target": "http://[::1]:8080",
+    "target": "http://localhost:8080",
     "secure": false,
     "logLevel": "debug",
     "changeOrigin": true

console-webapp/karma.conf.js

@@ -21,7 +21,7 @@ module.exports = function (config) {
       require('karma-chrome-launcher'),
       require('karma-jasmine-html-reporter'),
       require('karma-coverage'),
-      require('@angular-devkit/build-angular/plugins/karma')
+      
     ],
     client: {
       jasmine: {

console-webapp/package.json

@@ -16,29 +16,29 @@
   },
   "private": true,
   "dependencies": {
-    "@angular/animations": "^19.1.4",
-    "@angular/cdk": "^19.1.2",
-    "@angular/common": "^19.1.4",
-    "@angular/compiler": "^19.1.4",
-    "@angular/core": "^19.1.4",
-    "@angular/forms": "^19.1.4",
-    "@angular/material": "^19.1.2",
-    "@angular/platform-browser": "^19.1.4",
-    "@angular/platform-browser-dynamic": "^19.1.4",
-    "@angular/router": "^19.1.4",
+    "@angular/animations": "^21.1.5",
+    "@angular/cdk": "^21.1.5",
+    "@angular/common": "^21.1.5",
+    "@angular/compiler": "^21.1.5",
+    "@angular/core": "^21.1.5",
+    "@angular/forms": "^21.1.5",
+    "@angular/material": "^21.1.5",
+    "@angular/platform-browser": "^21.1.5",
+    "@angular/platform-browser-dynamic": "^21.1.5",
+    "@angular/router": "^21.1.5",
     "rxjs": "~7.5.0",
     "tslib": "^2.3.0",
     "zone.js": "~0.15.0"
   },
   "devDependencies": {
-    "@angular-devkit/build-angular": "^19.1.5",
     "@angular-eslint/builder": "19.0.2",
     "@angular-eslint/eslint-plugin": "19.0.2",
     "@angular-eslint/eslint-plugin-template": "19.0.2",
     "@angular-eslint/schematics": "19.0.2",
     "@angular-eslint/template-parser": "19.0.2",
-    "@angular/cli": "~19.1.5",
-    "@angular/compiler-cli": "^19.1.4",
+    "@angular/build": "^21.1.4",
+    "@angular/cli": "~21.1.4",
+    "@angular/compiler-cli": "^21.1.5",
     "@types/jasmine": "~4.0.0",
     "@types/node": "^18.19.74",
     "@typescript-eslint/eslint-plugin": "^7.2.0",
@@ -52,6 +52,6 @@
     "karma-jasmine": "~5.1.0",
     "karma-jasmine-html-reporter": "~2.0.0",
     "prettier": "2.8.7",
-    "typescript": "^5.7.3"
+    "typescript": "^5.9.3"
   }
-}
+}

console-webapp/src/app/app.component.html

@@ -1,10 +1,9 @@
 <div class="console-app mat-typography">
   <app-header (toggleNavOpen)="toggleSidenav()"></app-header>
   <div class="console-app__global-spinner">
-    <mat-progress-bar
-      mode="indeterminate"
-      *ngIf="globalLoader.isLoading"
-    ></mat-progress-bar>
+    @if (globalLoader.isLoading) {
+    <mat-progress-bar mode="indeterminate"></mat-progress-bar>
+    }
   </div>
   <mat-sidenav-container class="console-app__container">
     <mat-sidenav-content class="console-app__content-wrapper">

console-webapp/src/app/domains/domainList.component.html

@@ -143,13 +143,14 @@
             <ng-container matColumnDef="domainName">
               <mat-header-cell *matHeaderCellDef>Domain Name</mat-header-cell>
               <mat-cell *matCellDef="let element">
+                @if (getOperationMessage(element.domainName)) {
                 <mat-icon
-                  *ngIf="getOperationMessage(element.domainName)"
                   [matTooltip]="getOperationMessage(element.domainName)"
                   matTooltipPosition="above"
                   class="primary-text"
                   >info</mat-icon
                 >
+                }
                 <span>{{ element.domainName }}</span>
               </mat-cell>
             </ng-container>
@@ -209,9 +210,9 @@
             <mat-row *matRowDef="let row; columns: displayedColumns"></mat-row>
 
             <!-- Row shown when there is no matching data. -->
-            <mat-row *matNoDataRow>
-              <mat-cell colspan="6">No domains found</mat-cell>
-            </mat-row>
+            <tr class="mat-row" *matNoDataRow>
+              <td class="mat-cell" colspan="6">No domains found</td>
+            </tr>
           </mat-table>
           <mat-paginator
             [length]="totalResults"

console-webapp/src/app/domains/domainList.component.ts

@@ -33,6 +33,7 @@ import {
   MatDialogRef,
 } from '@angular/material/dialog';
 import { RESTRICTED_ELEMENTS } from '../shared/directives/userLevelVisiblity.directive';
+import { CdkColumnDef } from '@angular/cdk/table';
 
 interface DomainResponse {
   message: string;
@@ -114,6 +115,7 @@ export class ReasonDialogComponent {
   templateUrl: './domainList.component.html',
   styleUrls: ['./domainList.component.scss'],
   standalone: false,
+  providers: [CdkColumnDef],
 })
 export class DomainListComponent {
   public static PATH = 'domain-list';

console-webapp/src/app/header/header.component.html

@@ -1,14 +1,15 @@
 <p class="console-app__header">
   <mat-toolbar>
+    @if (breakpointObserver.isMobileView()) {
     <button
       mat-icon-button
       aria-label="Open navigation menu"
       (click)="toggleNavPane()"
-      *ngIf="breakpointObserver.isMobileView()"
       class="console-app__menu-btn"
     >
       <mat-icon>menu</mat-icon>
     </button>
+    }
     <a
       [routerLink]="'/home'"
       routerLinkActive="active"
@@ -65,7 +66,9 @@
       </svg>
     </a>
     <span class="spacer"></span>
-    <app-registrar-selector *ngIf="!breakpointObserver.isMobileView()" />
+    @if (!breakpointObserver.isMobileView()) {
+    <app-registrar-selector />
+    }
     <button
       class="console-app__header-user-icon"
       mat-mini-fab
@@ -79,5 +82,7 @@
       <button mat-menu-item (click)="logOut()">Log out</button>
     </mat-menu>
   </mat-toolbar>
-  <app-registrar-selector *ngIf="breakpointObserver.isMobileView()" />
+  @if (breakpointObserver.isMobileView()) {
+  <app-registrar-selector />
+  }
 </p>

console-webapp/src/app/history/historyList.component.html

@@ -9,41 +9,36 @@
 <mat-card>
   <mat-card-content>
     <mat-list role="list">
-      <ng-container *ngFor="let item of historyRecords; let last = last">
-        <mat-list-item class="history-list__item">
-          <mat-icon
-            [ngClass]="getIconClass(item.type)"
-            class="history-list__icon"
-          >
-            {{ getIconForType(item.type) }}
-          </mat-icon>
-
-          <div class="history-list__content">
-            <div class="history-list__description">
-              <span class="history-list__description--main">{{
-                item.type
-              }}</span>
-              <div>
-                <mat-chip
-                  *ngIf="parseDescription(item.description).detail"
-                  class="history-list__chip"
-                >
-                  {{ parseDescription(item.description).detail }}
-                </mat-chip>
-              </div>
-            </div>
-            <div class="history-list__user">
-              <b>User - {{ item.actingUser.emailAddress }}</b>
+      @for (item of historyRecords; track item; let last = $last) {
+      <mat-list-item class="history-list__item">
+        <mat-icon
+          [ngClass]="getIconClass(item.type)"
+          class="history-list__icon"
+        >
+          {{ getIconForType(item.type) }}
+        </mat-icon>
+        <div class="history-list__content">
+          <div class="history-list__description">
+            <span class="history-list__description--main">{{ item.type }}</span>
+            <div>
+              @if (parseDescription(item.description).detail) {
+              <mat-chip class="history-list__chip">
+                {{ parseDescription(item.description).detail }}
+              </mat-chip>
+              }
             </div>
           </div>
-
-          <span class="history-list__timestamp">
-            {{ item.modificationTime | date : "MMM d, y, h:mm a" }}
-          </span>
-        </mat-list-item>
-
-        <mat-divider *ngIf="!last"></mat-divider>
-      </ng-container>
+          <div class="history-list__user">
+            <b>User - {{ item.actingUser.emailAddress }}</b>
+          </div>
+        </div>
+        <span class="history-list__timestamp">
+          {{ item.modificationTime | date : "MMM d, y, h:mm a" }}
+        </span>
+      </mat-list-item>
+      @if (!last) {
+      <mat-divider></mat-divider>
+      } }
     </mat-list>
   </mat-card-content>
 </mat-card>

console-webapp/src/app/home/home.component.spec.ts

@@ -17,6 +17,9 @@ import { ComponentFixture, TestBed } from '@angular/core/testing';
 import { HomeComponent } from './home.component';
 import { MaterialModule } from '../material.module';
 import { AppModule } from '../app.module';
+import { BackendService } from '../shared/services/backend.service';
+import { provideHttpClient } from '@angular/common/http';
+import { provideHttpClientTesting } from '@angular/common/http/testing';
 
 describe('HomeComponent', () => {
   let component: HomeComponent;
@@ -26,6 +29,11 @@ describe('HomeComponent', () => {
     await TestBed.configureTestingModule({
       imports: [MaterialModule, AppModule],
       declarations: [HomeComponent],
+      providers: [
+        BackendService,
+        provideHttpClient(),
+        provideHttpClientTesting(),
+      ],
     }).compileComponents();
 
     fixture = TestBed.createComponent(HomeComponent);

console-webapp/src/app/navigation/navigation.component.html

@@ -12,9 +12,11 @@
     [class.active]="router.url.includes(node.path)"
     [elementId]="getElementId(node)"
   >
-    <mat-icon class="console-app__nav-icon" *ngIf="node.iconName">
+    @if (node.iconName) {
+    <mat-icon class="console-app__nav-icon">
       {{ node.iconName }}
     </mat-icon>
+    }
     {{ node.title }}
   </mat-tree-node>
   <mat-nested-tree-node
@@ -34,9 +36,11 @@
           {{ treeControl.isExpanded(node) ? "expand_more" : "chevron_right" }}
         </mat-icon>
       </button>
-      <mat-icon class="console-app__nav-icon" *ngIf="node.iconName">
+      @if (node.iconName) {
+      <mat-icon class="console-app__nav-icon">
         {{ node.iconName }}
       </mat-icon>
+      }
       {{ node.title }}
     </div>
     <div

console-webapp/src/app/ote/oteStatus.component.html

@@ -1,25 +1,28 @@
 <h1 class="mat-headline-4">OT&E Status Check</h1>
 @if(registrarId() === null) {
 <h1>Missing registrarId param</h1>
-} @else if(isOte()) {
-<h1 *ngIf="oteStatusResponse().length">
+} @else if(isOte()) { @if (oteStatusResponse().length) {
+<h1>
   Status:
   <span>{{ oteStatusUnfinished().length ? "Unfinished" : "Completed" }}</span>
 </h1>
+}
 <div class="console-app__ote-status">
   @if(oteStatusCompleted().length) {
   <div class="console-app__ote-status_completed">
     <h1>Completed</h1>
-    <div *ngFor="let entry of oteStatusCompleted()">
-      <mat-icon>check_box</mat-icon>{{ entry.description }}
-    </div>
+    @for (entry of oteStatusCompleted(); track entry) {
+    <div><mat-icon>check_box</mat-icon>{{ entry.description }}</div>
+    }
   </div>
   } @if(oteStatusUnfinished().length) {
   <div class="console-app__ote-status_unfinished">
     <h1>Unfinished</h1>
-    <div *ngFor="let entry of oteStatusUnfinished()">
+    @for (entry of oteStatusUnfinished(); track entry) {
+    <div>
       <mat-icon>check_box_outline_blank</mat-icon>{{ entry.description }}
     </div>
+    }
   </div>
   }
 </div>

console-webapp/src/app/ote/oteStatus.component.ts

@@ -18,7 +18,7 @@ import { MatSnackBar } from '@angular/material/snack-bar';
 import { RegistrarService } from '../registrar/registrar.service';
 import { MaterialModule } from '../material.module';
 import { SnackBarModule } from '../snackbar.module';
-import { CommonModule } from '@angular/common';
+
 import { ActivatedRoute, ParamMap } from '@angular/router';
 import { take } from 'rxjs';
 
@@ -31,7 +31,7 @@ export interface OteStatusResponse {
 
 @Component({
   selector: 'app-ote-status',
-  imports: [MaterialModule, SnackBarModule, CommonModule],
+  imports: [MaterialModule, SnackBarModule],
   templateUrl: './oteStatus.component.html',
   styleUrls: ['./oteStatus.component.scss'],
 })

console-webapp/src/app/registrar/registrarDetails.component.html

@@ -11,9 +11,8 @@
         <mat-icon>arrow_back</mat-icon>
       </button>
       <div class="spacer"></div>
-      @if(!inEdit && !registrarNotFound) {
+      @if(!inEdit && !registrarNotFound) { @if (oteButtonVisible) {
       <button
-        *ngIf="oteButtonVisible"
         mat-stroked-button
         (click)="checkOteStatus()"
         aria-label="Check OT&E account status"
@@ -21,6 +20,7 @@
       >
         Check OT&E Status
       </button>
+      }
       <button
         mat-flat-button
         color="primary"
@@ -39,10 +39,11 @@
     <h1>Registrar not found</h1>
     } @else {
     <h1>{{ registrarInEdit.registrarId }}</h1>
-    <h2 *ngIf="registrarInEdit.registrarName !== registrarInEdit.registrarId">
+    @if (registrarInEdit.registrarName !== registrarInEdit.registrarId) {
+    <h2>
       {{ registrarInEdit.registrarName }}
     </h2>
-    @if(inEdit) {
+    } @if(inEdit) {
     <form (ngSubmit)="saveAndClose()">
       <div>
         <mat-form-field appearance="outline">
@@ -60,15 +61,14 @@
         <mat-form-field appearance="outline">
           <mat-label>Onboarded TLDs: </mat-label>
           <mat-chip-grid #chipGrid aria-label="Enter TLD">
-            <mat-chip-row
-              *ngFor="let tld of registrarInEdit.allowedTlds"
-              (removed)="removeTLD(tld)"
-            >
+            @for (tld of registrarInEdit.allowedTlds; track tld) {
+            <mat-chip-row (removed)="removeTLD(tld)">
               {{ tld }}
               <button matChipRemove aria-label="'remove ' + tld">
                 <mat-icon>cancel</mat-icon>
               </button>
             </mat-chip-row>
+            }
           </mat-chip-grid>
           <input
             placeholder="New tld..."

console-webapp/src/app/registrar/registrarsTable.component.html

@@ -5,15 +5,16 @@
   <div class="console-app__registrars-header">
     <h1 class="mat-headline-4" forceFocus>Registrars</h1>
     <div class="spacer"></div>
+    @if (oteButtonVisible) {
     <button
       mat-stroked-button
-      *ngIf="oteButtonVisible"
       (click)="createOteAccount()"
       aria-label="Generate OT&E accounts"
       [elementId]="getElementIdForOteBlock()"
     >
       Create OT&E accounts
     </button>
+    }
     <button
       class="console-app__registrars-new"
       mat-flat-button
@@ -43,10 +44,8 @@
         class="console-app__registrars-table"
         matSort
       >
-        <ng-container
-          *ngFor="let column of columns"
-          [matColumnDef]="column.columnDef"
-        >
+        @for (column of columns; track column) {
+        <ng-container [matColumnDef]="column.columnDef">
           <mat-header-cell *matHeaderCellDef>
             {{ column.header }}
           </mat-header-cell>
@@ -55,6 +54,7 @@
             [innerHTML]="column.cell(row)"
           ></mat-cell>
         </ng-container>
+        }
         <mat-header-row *matHeaderRowDef="displayedColumns"></mat-header-row>
         <mat-row
           *matRowDef="let row; columns: displayedColumns"

console-webapp/src/app/settings/contact/contact.component.html

@@ -22,13 +22,12 @@
   </div>
   } @else {
   <mat-table [dataSource]="dataSource" class="mat-elevation-z0">
-    <ng-container
-      *ngFor="let column of columns"
-      [matColumnDef]="column.columnDef"
-    >
+    @for (column of columns; track column) {
+    <ng-container [matColumnDef]="column.columnDef">
       <mat-header-cell *matHeaderCellDef> {{ column.header }} </mat-header-cell>
       <mat-cell *matCellDef="let row" [innerHTML]="column.cell(row)"></mat-cell>
     </ng-container>
+    }
     <mat-header-row *matHeaderRowDef="displayedColumns"></mat-header-row>
     <mat-row
       *matRowDef="let row; columns: displayedColumns"

console-webapp/src/app/settings/contact/contactDetails.component.html

@@ -1,9 +1,5 @@
-<div
-  class="console-app__contact"
-  *ngIf="contactService.contactInEdit"
-  cdkTrapFocus
-  [cdkTrapFocusAutoCapture]="true"
->
+@if (contactService.contactInEdit) {
+<div class="console-app__contact" cdkTrapFocus [cdkTrapFocusAutoCapture]="true">
   <div class="console-app__contact-controls">
     <button
       mat-icon-button
@@ -32,7 +28,6 @@
     </button>
     }
   </div>
-
   @if(isEditing || contactService.isContactNewView) {
   <h1>Contact Details</h1>
   <form (ngSubmit)="save($event)">
@@ -46,7 +41,6 @@
           [ngModelOptions]="{ standalone: true }"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Primary account email: </mat-label>
         <input
@@ -64,7 +58,6 @@
           "
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Phone: </mat-label>
         <input
@@ -74,7 +67,6 @@
           placeholder="+0.0000000000"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Fax: </mat-label>
         <input
@@ -84,7 +76,6 @@
         />
       </mat-form-field>
     </section>
-
     <section>
       <h1>Contact Type</h1>
       <p class="console-app__contact-required">
@@ -92,21 +83,18 @@
         (primary contact can't be updated)
       </p>
       <div class="">
-        <ng-container
-          *ngFor="let contactType of contactTypeToTextMap | keyvalue"
+        @for (contactType of contactTypeToTextMap | keyvalue; track contactType)
+        { @if (shouldDisplayCheckbox(contactType.key)) {
+        <mat-checkbox
+          [checked]="checkboxIsChecked(contactType.key)"
+          (change)="checkboxOnChange($event, contactType.key)"
+          [disabled]="checkboxIsDisabled(contactType.key)"
         >
-          <mat-checkbox
-            *ngIf="shouldDisplayCheckbox(contactType.key)"
-            [checked]="checkboxIsChecked(contactType.key)"
-            (change)="checkboxOnChange($event, contactType.key)"
-            [disabled]="checkboxIsDisabled(contactType.key)"
-          >
-            {{ contactType.value }}
-          </mat-checkbox>
-        </ng-container>
+          {{ contactType.value }}
+        </mat-checkbox>
+        } }
       </div>
     </section>
-
     <section>
       <h1>RDAP Preferences</h1>
       <div>
@@ -116,7 +104,6 @@
           >Show in Registrar RDAP record as admin contact</mat-checkbox
         >
       </div>
-
       <div>
         <mat-checkbox
           [(ngModel)]="contactService.contactInEdit.visibleInRdapAsTech"
@@ -124,7 +111,6 @@
           >Show in Registrar RDAP record as technical contact</mat-checkbox
         >
       </div>
-
       <div>
         <mat-checkbox
           [(ngModel)]="contactService.contactInEdit.visibleInDomainRdapAsAbuse"
@@ -198,15 +184,13 @@
         </mat-list-item>
         } @if(contactService.contactInEdit.visibleInRdapAsTech) {
         <mat-divider></mat-divider>
-        <mat-list-item
-          role="listitem"
-          *ngIf="contactService.contactInEdit.visibleInRdapAsTech"
-        >
+        @if (contactService.contactInEdit.visibleInRdapAsTech) {
+        <mat-list-item role="listitem">
           <span class="console-app__list-value"
             >Show in Registrar RDAP record as technical contact</span
           >
         </mat-list-item>
-        } @if(contactService.contactInEdit.visibleInDomainRdapAsAbuse) {
+        } } @if(contactService.contactInEdit.visibleInDomainRdapAsAbuse) {
         <mat-divider></mat-divider>
         <mat-list-item role="listitem">
           <span class="console-app__list-value"
@@ -220,3 +204,4 @@
   </mat-card>
   }
 </div>
+}

console-webapp/src/app/settings/rdap/rdapEdit.component.html

@@ -1,6 +1,6 @@
+@if (registrarInEdit) {
 <div
   class="console-app__rdap-edit"
-  *ngIf="registrarInEdit"
   cdkTrapFocus
   [cdkTrapFocusAutoCapture]="true"
 >
@@ -12,7 +12,6 @@
   >
     <mat-icon>arrow_back</mat-icon>
   </button>
-
   <div class="console-app__rdap-edit-controls">
     <span>
       General registrar information for your RDAP record. This information is
@@ -20,10 +19,8 @@
     </span>
     <div class="spacer"></div>
   </div>
-
   <div class="console-app__rdap-edit">
     <h1>Personal info</h1>
-
     <form (ngSubmit)="save($event)">
       <mat-form-field appearance="outline">
         <mat-label>Email: </mat-label>
@@ -34,7 +31,6 @@
           [ngModelOptions]="{ standalone: true }"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Phone: </mat-label>
         <input
@@ -44,7 +40,6 @@
           [ngModelOptions]="{ standalone: true }"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Fax: </mat-label>
         <input
@@ -54,7 +49,6 @@
           [ngModelOptions]="{ standalone: true }"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Street Address (line 1): </mat-label>
         <input
@@ -64,7 +58,6 @@
           [(ngModel)]="registrarInEdit.localizedAddress.street![0]"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Street Address (line 2): </mat-label>
         <input
@@ -74,7 +67,6 @@
           [(ngModel)]="registrarInEdit.localizedAddress.street![1]"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>City: </mat-label>
         <input
@@ -84,7 +76,6 @@
           [(ngModel)]="(registrarInEdit.localizedAddress || {}).city"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>State or Province: </mat-label>
         <input
@@ -94,7 +85,6 @@
           [(ngModel)]="(registrarInEdit.localizedAddress || {}).state"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Country: </mat-label>
         <input
@@ -104,7 +94,6 @@
           [(ngModel)]="(registrarInEdit.localizedAddress || {}).countryCode"
         />
       </mat-form-field>
-
       <mat-form-field appearance="outline">
         <mat-label>Postal code: </mat-label>
         <input
@@ -114,7 +103,6 @@
           [(ngModel)]="(registrarInEdit.localizedAddress || {}).zip"
         />
       </mat-form-field>
-
       <button
         mat-flat-button
         color="primary"
@@ -126,3 +114,4 @@
     </form>
   </div>
 </div>
+}

console-webapp/src/app/settings/security/eppPasswordEdit.component.ts

@@ -20,7 +20,7 @@ import { RegistrarService } from 'src/app/registrar/registrar.service';
 import { SecurityService } from './security.service';
 import { UserDataService } from 'src/app/shared/services/userData.service';
 import { MatDialog, MatDialogRef } from '@angular/material/dialog';
-import { CommonModule } from '@angular/common';
+
 import { MaterialModule } from 'src/app/material.module';
 import { filter, switchMap, take } from 'rxjs';
 import { BackendService } from 'src/app/shared/services/backend.service';
@@ -41,7 +41,7 @@ import {
       <button mat-button color="warn" (click)="onSave()">Confirm</button>
     </mat-dialog-actions>
   `,
-  imports: [CommonModule, MaterialModule],
+  imports: [MaterialModule],
 })
 export class ResetEppPasswordComponent {
   constructor(public dialogRef: MatDialogRef<ResetEppPasswordComponent>) {}

console-webapp/src/app/settings/security/security.component.html

@@ -68,7 +68,7 @@
           >
         </mat-list-item>
         <mat-divider></mat-divider>
-        @for (item of dataSource.ipAddressAllowList; track item.value) {
+        @for (item of dataSource.ipAddressAllowList; track $index){
         <mat-list-item role="listitem">
           <span class="console-app__list-value">{{ item.value }}</span>
         </mat-list-item>

console-webapp/src/app/settings/security/security.component.spec.ts

@@ -12,7 +12,13 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { ComponentFixture, TestBed, waitForAsync } from '@angular/core/testing';
+import {
+  ComponentFixture,
+  fakeAsync,
+  TestBed,
+  tick,
+  waitForAsync,
+} from '@angular/core/testing';
 
 import { provideHttpClient } from '@angular/common/http';
 import { provideHttpClientTesting } from '@angular/common/http/testing';
@@ -30,43 +36,32 @@ import { MOCK_REGISTRAR_SERVICE } from 'src/testdata/registrar/registrar.service
 describe('SecurityComponent', () => {
   let component: SecurityComponent;
   let fixture: ComponentFixture<SecurityComponent>;
-  let fetchSecurityDetailsSpy: Function;
   let saveSpy: Function;
+  let securityServiceStub: Partial<SecurityService>;
 
   beforeEach(async () => {
-    const securityServiceSpy = jasmine.createSpyObj(SecurityService, [
-      'fetchSecurityDetails',
-      'saveChanges',
-    ]);
-
-    fetchSecurityDetailsSpy =
-      securityServiceSpy.fetchSecurityDetails.and.returnValue(of());
-
-    saveSpy = securityServiceSpy.saveChanges.and.returnValue(of());
+    securityServiceStub = {
+      isEditingSecurity: false,
+      isEditingPassword: false,
+      saveChanges: jasmine.createSpy('saveChanges').and.returnValue(of({})),
+    };
 
     await TestBed.configureTestingModule({
       declarations: [SecurityEditComponent, SecurityComponent],
       imports: [MaterialModule, BrowserAnimationsModule, FormsModule],
       providers: [
         BackendService,
-        SecurityService,
+        { provide: SecurityService, useValue: securityServiceStub },
         { provide: RegistrarService, useValue: MOCK_REGISTRAR_SERVICE },
         provideHttpClient(),
         provideHttpClientTesting(),
       ],
-    })
-      .overrideComponent(SecurityComponent, {
-        set: {
-          providers: [
-            { provide: SecurityService, useValue: securityServiceSpy },
-          ],
-        },
-      })
-      .compileComponents();
+    }).compileComponents();
+
+    saveSpy = securityServiceStub.saveChanges as jasmine.Spy;
 
     fixture = TestBed.createComponent(SecurityComponent);
     component = fixture.componentInstance;
-    fixture.detectChanges();
   });
 
   it('should create', () => {
@@ -93,17 +88,36 @@ describe('SecurityComponent', () => {
     });
   }));
 
-  it('should remove ip', waitForAsync(() => {
-    component.dataSource.ipAddressAllowList =
-      component.dataSource.ipAddressAllowList?.splice(1);
-    fixture.whenStable().then(() => {
-      fixture.detectChanges();
-      let listElems: Array<HTMLElement> = Array.from(
-        fixture.nativeElement.querySelectorAll('span.console-app__list-value')
-      );
-      expect(listElems.map((e) => e.textContent)).toContain(
-        'No IP addresses on file.'
-      );
+  it('should remove ip', fakeAsync(() => {
+    fixture.detectChanges();
+    tick();
+
+    const editBtn = fixture.nativeElement.querySelector(
+      'button[aria-label="Edit security settings"]'
+    );
+    editBtn.click();
+
+    tick();
+    fixture.detectChanges();
+
+    const removeIpBtn = fixture.nativeElement.querySelector(
+      '.console-app__removeIp'
+    );
+    removeIpBtn.click();
+
+    tick();
+    fixture.detectChanges();
+
+    const saveBtn = fixture.nativeElement.querySelector(
+      '.settings-security__edit-save'
+    );
+    saveBtn.click();
+
+    tick();
+    fixture.detectChanges();
+
+    expect(saveSpy).toHaveBeenCalledWith({
+      ipAddressAllowList: [],
     });
   }));
 
@@ -119,21 +133,34 @@ describe('SecurityComponent', () => {
     expect(component.securityService.isEditingPassword).toBeTrue();
   });
 
-  it('should call save', waitForAsync(async () => {
-    component.editSecurity();
-    await fixture.whenStable();
+  it('should call save', fakeAsync(() => {
     fixture.detectChanges();
+    tick();
+
+    const editBtn = fixture.nativeElement.querySelector(
+      'button[aria-label="Edit security settings"]'
+    );
+    editBtn.click();
+
+    tick();
+    fixture.detectChanges();
+
     const el = fixture.nativeElement.querySelector(
       '.console-app__clientCertificateValue'
     );
     el.value = 'test';
     el.dispatchEvent(new Event('input'));
+
+    tick();
     fixture.detectChanges();
-    await fixture.whenStable();
-    fixture.nativeElement
-      .querySelector('.settings-security__edit-save')
-      .click();
-    expect(saveSpy).toHaveBeenCalledOnceWith({
+
+    const saveBtn = fixture.nativeElement.querySelector(
+      '.settings-security__edit-save'
+    );
+    saveBtn.click();
+
+    tick();
+    expect(saveSpy).toHaveBeenCalledWith({
       ipAddressAllowList: [{ value: '123.123.123.123' }],
       clientCertificate: 'test',
     });

console-webapp/src/app/settings/security/securityEdit.component.html

@@ -23,9 +23,11 @@
       <button
         matSuffix
         mat-icon-button
+        class="console-app__removeIp"
         [attr.aria-label]="'Remove IP entry ' + ip.value"
         (click)="removeIpEntry(ip)"
         [disabled]="isUpdating"
+        type="button"
       >
         <mat-icon>close</mat-icon>
       </button>

console-webapp/src/app/shared/components/passwordReset/passwordInputForm.component.html

@@ -14,9 +14,9 @@
         required
         autocomplete="current-password"
       />
-      <mat-error *ngIf="hasError('oldPassword') as errorText">{{
-        errorText
-      }}</mat-error>
+      @if (hasError('oldPassword'); as errorText) {
+      <mat-error>{{ errorText }}</mat-error>
+      }
     </mat-form-field>
   </div>
   }
@@ -30,9 +30,9 @@
         required
         autocomplete="new-password"
       />
-      <mat-error *ngIf="hasError('newPassword') as errorText">{{
-        errorText
-      }}</mat-error>
+      @if (hasError('newPassword'); as errorText) {
+      <mat-error>{{ errorText }}</mat-error>
+      }
     </mat-form-field>
   </div>
   <div class="console-app__password-input-form-field">
@@ -45,9 +45,9 @@
         required
         autocomplete="new-password"
       />
-      <mat-error *ngIf="hasError('newPasswordRepeat') as errorText">{{
-        errorText
-      }}</mat-error>
+      @if (hasError('newPasswordRepeat'); as errorText) {
+      <mat-error>{{ errorText }}</mat-error>
+      }
     </mat-form-field>
   </div>
   <button

console-webapp/src/app/users/userDetails.component.html

@@ -50,15 +50,17 @@
       <mat-icon>delete</mat-icon>
     </button>
   </div>
-  <div *ngIf="isNewUser" class="console-app__user-details-save-password">
+  @if (isNewUser) {
+  <div class="console-app__user-details-save-password">
     <mat-icon>priority_high</mat-icon>
     Please save the password. For your security, we do not store passwords in a
     recoverable format.
   </div>
-
-  <p *ngIf="isLoading">
+  } @if (isLoading) {
+  <p>
     <mat-progress-bar mode="query"></mat-progress-bar>
   </p>
+  }
 
   <mat-card appearance="outlined">
     <mat-card-content>

console-webapp/src/app/users/userDetails.component.ts

@@ -12,7 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { CommonModule } from '@angular/common';
 import { Component, computed } from '@angular/core';
 import { MatSnackBar } from '@angular/material/snack-bar';
 import { SelectedRegistrarModule } from '../app.module';
@@ -31,7 +30,6 @@ import { UserEditFormComponent } from './userEditForm.component';
     FormsModule,
     MaterialModule,
     SnackBarModule,
-    CommonModule,
     SelectedRegistrarModule,
     UserEditFormComponent,
   ],

console-webapp/src/app/users/userEditForm.component.html

@@ -1,6 +1,7 @@
 <div class="console-app__user-edit">
   <form (ngSubmit)="saveEdit($event)" #form>
-    <p *ngIf="isNew()">
+    @if (isNew()) {
+    <p>
       <mat-form-field appearance="outline">
         <mat-label
           >User name prefix:
@@ -19,6 +20,7 @@
         />
       </mat-form-field>
     </p>
+    }
     <p>
       <mat-form-field appearance="outline">
         <mat-label

console-webapp/src/app/users/userEditForm.component.ts

@@ -12,7 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { CommonModule } from '@angular/common';
 import {
   Component,
   ElementRef,
@@ -50,7 +49,7 @@ import { HttpErrorResponse } from '@angular/common/http';
       <button mat-button color="warn" (click)="onSave()">Confirm</button>
     </mat-dialog-actions>
   `,
-  imports: [CommonModule, MaterialModule],
+  imports: [MaterialModule],
 })
 export class ResetRegistryLockPasswordComponent {
   constructor(
@@ -72,7 +71,7 @@ export class ResetRegistryLockPasswordComponent {
   selector: 'app-user-edit-form',
   templateUrl: './userEditForm.component.html',
   styleUrls: ['./userEditForm.component.scss'],
-  imports: [FormsModule, MaterialModule, CommonModule],
+  imports: [FormsModule, MaterialModule],
   providers: [],
 })
 export class UserEditFormComponent {

console-webapp/src/app/users/users.component.ts

@@ -12,7 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { CommonModule } from '@angular/common';
 import { HttpErrorResponse } from '@angular/common/http';
 import { Component, effect } from '@angular/core';
 import { MatSnackBar } from '@angular/material/snack-bar';
@@ -35,7 +34,6 @@ import { UserEditFormComponent } from './userEditForm.component';
     FormsModule,
     MaterialModule,
     SnackBarModule,
-    CommonModule,
     SelectedRegistrarModule,
     UsersListComponent,
     UserEditFormComponent,

console-webapp/src/app/users/usersList.component.html

@@ -5,15 +5,14 @@
     class="console-app__users-table"
     matSort
   >
-    <ng-container
-      *ngFor="let column of columns"
-      [matColumnDef]="column.columnDef"
-    >
+    @for (column of columns; track column) {
+    <ng-container [matColumnDef]="column.columnDef">
       <mat-header-cell *matHeaderCellDef>
         {{ column.header }}
       </mat-header-cell>
       <mat-cell *matCellDef="let row" [innerHTML]="column.cell(row)"></mat-cell>
     </ng-container>
+    }
     <mat-header-row *matHeaderRowDef="displayedColumns"></mat-header-row>
     <mat-row
       *matRowDef="let row; columns: displayedColumns"

console-webapp/src/app/users/usersList.component.ts

@@ -12,7 +12,6 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { CommonModule } from '@angular/common';
 import {
   Component,
   effect,
@@ -43,7 +42,7 @@ export const columns = [
   selector: 'app-users-list',
   templateUrl: './usersList.component.html',
   styleUrls: ['./usersList.component.scss'],
-  imports: [MaterialModule, CommonModule],
+  imports: [MaterialModule],
   providers: [],
 })
 export class UsersListComponent {

console-webapp/src/main.ts

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { enableProdMode } from '@angular/core';
+import { enableProdMode, provideZoneChangeDetection } from '@angular/core';
 import { platformBrowserDynamic } from '@angular/platform-browser-dynamic';
 
 import { AppModule } from './app/app.module';
@@ -23,5 +23,7 @@ if (environment.production || environment.sandbox) {
 }
 
 platformBrowserDynamic()
-  .bootstrapModule(AppModule)
+  .bootstrapModule(AppModule, {
+    applicationProviders: [provideZoneChangeDetection()],
+  })
   .catch((err) => console.error(err));

console-webapp/tsconfig.json

@@ -14,14 +14,10 @@
     "sourceMap": true,
     "declaration": false,
     "experimentalDecorators": true,
-    "moduleResolution": "node",
+    "moduleResolution": "bundler",
     "importHelpers": true,
     "target": "ES2022",
     "module": "es2020",
-    "lib": [
-      "es2020",
-      "dom"
-    ],
     "useDefineForClassFields": false
   },
   "angularCompilerOptions": {

core/build.gradle

@@ -110,7 +110,7 @@ configurations {
   // for details.
   nomulus_test
 
-  // Exclude non-canonical servlet-api jars. Our AppEngine deployment uses
+  // Exclude non-canonical servlet-api jars. Our deployment uses
   // javax.servlet:servlet-api:2.5
   // For reasons we do not understand, marking the following dependencies as
   // compileOnly instead of compile does not exclude them from runtimeClasspath.
@@ -569,11 +569,6 @@ if (environment == 'alpha') {
               mainClass: 'google.registry.beam.resave.ResaveAllEppResourcesPipeline',
               metaData: 'google/registry/beam/resave_all_epp_resources_pipeline_metadata.json'
           ],
-      wipeOutContactHistoryPii:
-              [
-                      mainClass: 'google.registry.beam.wipeout.WipeOutContactHistoryPiiPipeline',
-                      metaData: 'google/registry/beam/wipe_out_contact_history_pii_pipeline_metadata.json'
-              ],
   ]
   project.tasks.create("stageBeamPipelines") {
     doLast {
@@ -646,23 +641,6 @@ artifacts {
   nomulus_test testUberJar
 }
 
-publishing {
-  repositories {
-    maven {
-      url project.publish_repo
-    }
-  }
-  publications {
-    nomulusTestsPublication(MavenPublication) {
-      groupId 'google.registry'
-      artifactId 'nomulus_test'
-      version project.nomulus_version
-      artifact nomulusFossJar
-      artifact testUberJar
-    }
-  }
-}
-
 task buildToolImage(dependsOn: nomulus, type: Exec) {
   commandLine 'docker', 'build', '-t', 'nomulus-tool', '.'
 }

core/src/main/java/google/registry/batch/BatchModule.java

@@ -28,13 +28,20 @@ import static google.registry.request.RequestParameters.extractRequiredDatetimeP
 import static google.registry.request.RequestParameters.extractRequiredParameter;
 import static google.registry.request.RequestParameters.extractSetOfDatetimeParameters;
 
+import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.util.concurrent.RateLimiter;
+import com.google.gson.Gson;
+import com.google.gson.JsonElement;
+import com.google.gson.reflect.TypeToken;
 import dagger.Module;
 import dagger.Provides;
+import google.registry.request.HttpException.BadRequestException;
+import google.registry.request.OptionalJsonPayload;
 import google.registry.request.Parameter;
 import jakarta.inject.Named;
 import jakarta.servlet.http.HttpServletRequest;
+import java.util.List;
 import java.util.Optional;
 import org.joda.time.DateTime;
 
@@ -44,6 +51,8 @@ public class BatchModule {
 
   public static final String PARAM_FAST = "fast";
 
+  static final int DEFAULT_MAX_QPS = 10;
+
   @Provides
   @Parameter("url")
   static String provideUrl(HttpServletRequest req) {
@@ -122,12 +131,6 @@ public class BatchModule {
     return extractOptionalDatetimeParameter(req, ExpandBillingRecurrencesAction.PARAM_END_TIME);
   }
 
-  @Provides
-  @Parameter(WipeOutContactHistoryPiiAction.PARAM_CUTOFF_TIME)
-  static Optional<DateTime> provideCutoffTime(HttpServletRequest req) {
-    return extractOptionalDatetimeParameter(req, WipeOutContactHistoryPiiAction.PARAM_CUTOFF_TIME);
-  }
-
   @Provides
   @Parameter(ExpandBillingRecurrencesAction.PARAM_ADVANCE_CURSOR)
   static boolean provideAdvanceCursor(HttpServletRequest req) {
@@ -140,8 +143,6 @@ public class BatchModule {
     return extractBooleanParameter(req, PARAM_FAST);
   }
 
-  private static final int DEFAULT_MAX_QPS = 10;
-
   @Provides
   @Parameter("maxQps")
   static int provideMaxQps(HttpServletRequest req) {
@@ -149,8 +150,42 @@ public class BatchModule {
   }
 
   @Provides
-  @Named("removeAllDomainContacts")
-  static RateLimiter provideRemoveAllDomainContactsRateLimiter(@Parameter("maxQps") int maxQps) {
+  @Named("standardRateLimiter")
+  static RateLimiter provideStandardRateLimiter(@Parameter("maxQps") int maxQps) {
     return RateLimiter.create(maxQps);
   }
+
+  @Provides
+  @Parameter("gainingRegistrarId")
+  static String provideGainingRegistrarId(HttpServletRequest req) {
+    return extractRequiredParameter(req, "gainingRegistrarId");
+  }
+
+  @Provides
+  @Parameter("losingRegistrarId")
+  static String provideLosingRegistrarId(HttpServletRequest req) {
+    return extractRequiredParameter(req, "losingRegistrarId");
+  }
+
+  @Provides
+  @Parameter("bulkTransferDomainNames")
+  static ImmutableList<String> provideBulkTransferDomainNames(
+      Gson gson, @OptionalJsonPayload Optional<JsonElement> optionalJsonElement) {
+    return optionalJsonElement
+        .map(je -> ImmutableList.copyOf(gson.fromJson(je, new TypeToken<List<String>>() {})))
+        .orElseThrow(
+            () -> new BadRequestException("Missing POST body of bulk transfer domain names"));
+  }
+
+  @Provides
+  @Parameter("requestedByRegistrar")
+  static boolean provideRequestedByRegistrar(HttpServletRequest req) {
+    return extractBooleanParameter(req, "requestedByRegistrar");
+  }
+
+  @Provides
+  @Parameter("reason")
+  static String provideReason(HttpServletRequest req) {
+    return extractRequiredParameter(req, "reason");
+  }
 }

core/src/main/java/google/registry/batch/BulkDomainTransferAction.java

@@ -0,0 +1,242 @@
+// Copyright 2025 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package google.registry.batch;
+
+import static com.google.common.net.MediaType.PLAIN_TEXT_UTF_8;
+import static google.registry.flows.FlowUtils.marshalWithLenientRetry;
+import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
+import static jakarta.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
+import static jakarta.servlet.http.HttpServletResponse.SC_NO_CONTENT;
+import static jakarta.servlet.http.HttpServletResponse.SC_OK;
+import static java.nio.charset.StandardCharsets.US_ASCII;
+
+import com.google.common.collect.ImmutableList;
+import com.google.common.flogger.FluentLogger;
+import com.google.common.util.concurrent.RateLimiter;
+import google.registry.flows.EppController;
+import google.registry.flows.EppRequestSource;
+import google.registry.flows.PasswordOnlyTransportCredentials;
+import google.registry.flows.StatelessRequestSessionMetadata;
+import google.registry.model.ForeignKeyUtils;
+import google.registry.model.domain.Domain;
+import google.registry.model.eppcommon.ProtocolDefinition;
+import google.registry.model.eppcommon.StatusValue;
+import google.registry.model.eppoutput.EppOutput;
+import google.registry.request.Action;
+import google.registry.request.Parameter;
+import google.registry.request.Response;
+import google.registry.request.auth.Auth;
+import google.registry.request.lock.LockHandler;
+import google.registry.util.DateTimeUtils;
+import jakarta.inject.Inject;
+import jakarta.inject.Named;
+import java.util.Optional;
+import java.util.concurrent.Callable;
+import java.util.logging.Level;
+import org.joda.time.Duration;
+
+/**
+ * An action that transfers a set of domains from one registrar to another.
+ *
+ * <p>This should be used as part of the BTAPPA (Bulk Transfer After a Partial Portfolio
+ * Acquisition) process in order to transfer a (possibly large) list of domains from one registrar
+ * to another, though it may be used in other situations as well.
+ *
+ * <p>The body of the HTTP post request should be a JSON list of the domains to be transferred.
+ * Because the list of domains to process can be quite large, this action should be called by a tool
+ * that batches the list of domains into reasonable sizes if necessary. The recommended usage path
+ * is to call this through the {@link google.registry.tools.BulkDomainTransferCommand}, which
+ * handles batching and input handling.
+ *
+ * <p>This runs as a single-threaded idempotent action that runs a superuser domain transfer on each
+ * domain to process. We go through the standard EPP process to make sure that we have an accurate
+ * historical representation of events (rather than force-modifying the domains in place).
+ *
+ * <p>Consider passing in an "maxQps" parameter based on the number of domains being transferred,
+ * otherwise the default is {@link BatchModule#DEFAULT_MAX_QPS}.
+ */
+@Action(
+    service = Action.Service.BACKEND,
+    path = BulkDomainTransferAction.PATH,
+    method = Action.Method.POST,
+    auth = Auth.AUTH_ADMIN)
+public class BulkDomainTransferAction implements Runnable {
+
+  public static final String PATH = "/_dr/task/bulkDomainTransfer";
+
+  private static final String SUPERUSER_TRANSFER_XML_FORMAT =
+"""
+<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
+  <command>
+    <transfer op="request">
+      <domain:transfer xmlns:domain="urn:ietf:params:xml:ns:domain-1.0">
+        <domain:name>%DOMAIN_NAME%</domain:name>
+      </domain:transfer>
+    </transfer>
+    <extension>
+      <superuser:domainTransferRequest xmlns:superuser="urn:google:params:xml:ns:superuser-1.0">
+        <superuser:renewalPeriod unit="y">0</superuser:renewalPeriod>
+        <superuser:automaticTransferLength>0</superuser:automaticTransferLength>
+      </superuser:domainTransferRequest>
+      <metadata:metadata xmlns:metadata="urn:google:params:xml:ns:metadata-1.0">
+        <metadata:reason>%REASON%</metadata:reason>
+        <metadata:requestedByRegistrar>%REQUESTED_BY_REGISTRAR%</metadata:requestedByRegistrar>
+      </metadata:metadata>
+    </extension>
+    <clTRID>BulkDomainTransferAction</clTRID>
+  </command>
+</epp>
+""";
+
+  private static final String LOCK_NAME = "Domain bulk transfer";
+
+  private static final FluentLogger logger = FluentLogger.forEnclosingClass();
+
+  private final EppController eppController;
+  private final LockHandler lockHandler;
+  private final RateLimiter rateLimiter;
+  private final ImmutableList<String> bulkTransferDomainNames;
+  private final String gainingRegistrarId;
+  private final String losingRegistrarId;
+  private final boolean requestedByRegistrar;
+  private final String reason;
+  private final Response response;
+
+  private int successes = 0;
+  private int alreadyTransferred = 0;
+  private int pendingDelete = 0;
+  private int missingDomains = 0;
+  private int errors = 0;
+
+  @Inject
+  BulkDomainTransferAction(
+      EppController eppController,
+      LockHandler lockHandler,
+      @Named("standardRateLimiter") RateLimiter rateLimiter,
+      @Parameter("bulkTransferDomainNames") ImmutableList<String> bulkTransferDomainNames,
+      @Parameter("gainingRegistrarId") String gainingRegistrarId,
+      @Parameter("losingRegistrarId") String losingRegistrarId,
+      @Parameter("requestedByRegistrar") boolean requestedByRegistrar,
+      @Parameter("reason") String reason,
+      Response response) {
+    this.eppController = eppController;
+    this.lockHandler = lockHandler;
+    this.rateLimiter = rateLimiter;
+    this.bulkTransferDomainNames = bulkTransferDomainNames;
+    this.gainingRegistrarId = gainingRegistrarId;
+    this.losingRegistrarId = losingRegistrarId;
+    this.requestedByRegistrar = requestedByRegistrar;
+    this.reason = reason;
+    this.response = response;
+  }
+
+  @Override
+  public void run() {
+    response.setContentType(PLAIN_TEXT_UTF_8);
+    Callable<Void> runner =
+        () -> {
+          try {
+            runLocked();
+            response.setStatus(SC_OK);
+          } catch (Exception e) {
+            logger.atSevere().withCause(e).log("Errored out during execution.");
+            response.setStatus(SC_INTERNAL_SERVER_ERROR);
+            response.setPayload(String.format("Errored out with cause: %s", e));
+          }
+          return null;
+        };
+
+    if (!lockHandler.executeWithLocks(runner, null, Duration.standardHours(1), LOCK_NAME)) {
+      // Send a 200-series status code to prevent this conflicting action from retrying.
+      response.setStatus(SC_NO_CONTENT);
+      response.setPayload("Could not acquire lock; already running?");
+    }
+  }
+
+  private void runLocked() {
+    logger.atInfo().log("Attempting to transfer %d domains.", bulkTransferDomainNames.size());
+    for (String domainName : bulkTransferDomainNames) {
+      rateLimiter.acquire();
+      tm().transact(() -> runTransferFlowInTransaction(domainName));
+    }
+
+    String msg =
+        String.format(
+            "Finished; %d domains were successfully transferred, %d were previously transferred, %s"
+                + " were missing domains, %s are pending delete, and %d errored out.",
+            successes, alreadyTransferred, missingDomains, pendingDelete, errors);
+    logger.at(errors + missingDomains == 0 ? Level.INFO : Level.WARNING).log(msg);
+    response.setPayload(msg);
+  }
+
+  private void runTransferFlowInTransaction(String domainName) {
+    if (shouldSkipDomain(domainName)) {
+      return;
+    }
+    String xml =
+        SUPERUSER_TRANSFER_XML_FORMAT
+            .replace("%DOMAIN_NAME%", domainName)
+            .replace("%REASON%", reason)
+            .replace("%REQUESTED_BY_REGISTRAR%", String.valueOf(requestedByRegistrar));
+    EppOutput output =
+        eppController.handleEppCommand(
+            new StatelessRequestSessionMetadata(
+                gainingRegistrarId, ProtocolDefinition.getVisibleServiceExtensionUris()),
+            new PasswordOnlyTransportCredentials(),
+            EppRequestSource.TOOL,
+            false,
+            true,
+            xml.getBytes(US_ASCII));
+    if (output.isSuccess()) {
+      logger.atInfo().log("Successfully transferred domain '%s'.", domainName);
+      successes++;
+    } else {
+      logger.atWarning().log(
+          "Failed transferring domain '%s' with error '%s'.",
+          domainName, new String(marshalWithLenientRetry(output), US_ASCII));
+      errors++;
+    }
+  }
+
+  private boolean shouldSkipDomain(String domainName) {
+    Optional<Domain> maybeDomain =
+        ForeignKeyUtils.loadResource(Domain.class, domainName, tm().getTransactionTime());
+    if (maybeDomain.isEmpty()) {
+      logger.atWarning().log("Domain '%s' was already deleted", domainName);
+      missingDomains++;
+      return true;
+    }
+    Domain domain = maybeDomain.get();
+    String currentRegistrarId = domain.getCurrentSponsorRegistrarId();
+    if (currentRegistrarId.equals(gainingRegistrarId)) {
+      logger.atInfo().log("Domain '%s' was already transferred", domainName);
+      alreadyTransferred++;
+      return true;
+    }
+    if (!currentRegistrarId.equals(losingRegistrarId)) {
+      logger.atWarning().log(
+          "Domain '%s' had unexpected registrar '%s'", domainName, currentRegistrarId);
+      errors++;
+      return true;
+    }
+    if (domain.getStatusValues().contains(StatusValue.PENDING_DELETE)
+        || !domain.getDeletionTime().equals(DateTimeUtils.END_OF_TIME)) {
+      logger.atWarning().log("Domain '%s' is in PENDING_DELETE", domainName);
+      pendingDelete++;
+      return true;
+    }
+    return false;
+  }
+}

core/src/main/java/google/registry/batch/CannedScriptExecutionAction.java

@@ -20,7 +20,6 @@ import static java.nio.charset.StandardCharsets.UTF_8;
 
 import com.google.common.flogger.FluentLogger;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Parameter;
 import google.registry.request.Response;
 import google.registry.request.UrlConnectionService;
@@ -43,7 +42,7 @@ import javax.net.ssl.HttpsURLConnection;
  * --service BACKEND -X POST -u '/_dr/task/executeCannedScript}'}
  */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = "/_dr/task/executeCannedScript",
     method = {POST, GET},
     automaticallyPrintOk = true,

core/src/main/java/google/registry/batch/CheckBulkComplianceAction.java

@@ -27,7 +27,6 @@ import google.registry.model.domain.token.AllocationToken;
 import google.registry.model.domain.token.BulkPricingPackage;
 import google.registry.model.registrar.Registrar;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.auth.Auth;
 import google.registry.ui.server.SendEmailUtils;
 import google.registry.util.Clock;
@@ -39,7 +38,10 @@ import org.joda.time.Days;
  * An action that checks all {@link BulkPricingPackage} objects for compliance with their max create
  * limit.
  */
-@Action(service = GaeService.BACKEND, path = CheckBulkComplianceAction.PATH, auth = Auth.AUTH_ADMIN)
+@Action(
+    service = Action.Service.BACKEND,
+    path = CheckBulkComplianceAction.PATH,
+    auth = Auth.AUTH_ADMIN)
 public class CheckBulkComplianceAction implements Runnable {
 
   public static final String PATH = "/_dr/task/checkBulkCompliance";

core/src/main/java/google/registry/batch/CloudTasksUtils.java

@@ -43,7 +43,6 @@ import google.registry.config.CredentialModule.ApplicationDefaultCredential;
 import google.registry.config.RegistryConfig.Config;
 import google.registry.request.Action;
 import google.registry.request.Action.Method;
-import google.registry.request.Action.Service;
 import google.registry.util.Clock;
 import google.registry.util.CollectionUtils;
 import google.registry.util.GoogleCredentialsBundle;
@@ -56,8 +55,6 @@ import java.nio.charset.StandardCharsets;
 import java.util.Arrays;
 import java.util.Optional;
 import java.util.Random;
-import java.util.function.BiConsumer;
-import java.util.function.Consumer;
 import java.util.function.Supplier;
 import org.joda.time.Duration;
 
@@ -119,19 +116,13 @@ public class CloudTasksUtils implements Serializable {
    * <p>For GET requests we add them on to the URL, and for POST requests we add them in the body of
    * the request.
    *
-   * <p>The parameters {@code putHeadersFunction} and {@code setBodyFunction} are used so that this
-   * method can be called with either an AppEngine HTTP request or a standard non-AppEngine HTTP
-   * request. The two objects do not have the same methods, but both have ways of setting headers /
-   * body.
-   *
    * @return the resulting path (unchanged for POST requests, with params added for GET requests)
    */
   private static String processRequestParameters(
       String path,
       Method method,
       Multimap<String, String> params,
-      BiConsumer<String, String> putHeadersFunction,
-      Consumer<ByteString> setBodyFunction) {
+      HttpRequest.Builder requestBuilder) {
     if (CollectionUtils.isNullOrEmpty(params)) {
       return path;
     }
@@ -149,8 +140,8 @@ public class CloudTasksUtils implements Serializable {
     if (method.equals(Method.GET)) {
       return String.format("%s?%s", path, encodedParams);
     }
-    putHeadersFunction.accept(HttpHeaders.CONTENT_TYPE, MediaType.FORM_DATA.toString());
-    setBodyFunction.accept(ByteString.copyFrom(encodedParams, StandardCharsets.UTF_8));
+    requestBuilder.putHeaders(HttpHeaders.CONTENT_TYPE, MediaType.FORM_DATA.toString());
+    requestBuilder.setBody(ByteString.copyFrom(encodedParams, StandardCharsets.UTF_8));
     return path;
   }
 
@@ -161,29 +152,26 @@ public class CloudTasksUtils implements Serializable {
    * default service account as the principal. That account must have permission to submit tasks to
    * Cloud Tasks.
    *
-   * <p>The caller of this method is responsible for passing in the appropriate service based on the
-   * runtime (GAE/GKE). Use the overload that takes an action class if possible.
+   * <p>The caller of this method is responsible for passing in the appropriate service. Use the
+   * overload that takes an action class if possible.
    *
    * @param path the relative URI (staring with a slash and ending without one).
    * @param method the HTTP method to be used for the request.
-   * @param service the GAE/GKE service to route the request to.
+   * @param service the service to route the request to.
    * @param params a multimap of URL query parameters. Duplicate keys are saved as is, and it is up
    *     to the server to process the duplicate keys.
    * @return the enqueued task.
-   * @see <a
-   *     href=ttps://cloud.google.com/appengine/docs/standard/java/taskqueue/push/creating-tasks#target>Specifyinig
-   *     the worker service</a>
+   * @see <a href=https://docs.cloud.google.com/tasks/docs/creating-http-target-tasks#java>Creating
+   *     HTTP target tasks</a>
    */
   protected Task createTask(
-      String path, Method method, Service service, Multimap<String, String> params) {
+      String path, Method method, Action.Service service, Multimap<String, String> params) {
     checkArgument(
         path != null && !path.isEmpty() && path.charAt(0) == '/',
         "The path must start with a '/'.");
     HttpRequest.Builder requestBuilder =
         HttpRequest.newBuilder().setHttpMethod(HttpMethod.valueOf(method.name()));
-    path =
-        processRequestParameters(
-            path, method, params, requestBuilder::putHeaders, requestBuilder::setBody);
+    path = processRequestParameters(path, method, params, requestBuilder);
     OidcToken.Builder oidcTokenBuilder =
         OidcToken.newBuilder()
             .setServiceAccountEmail(credential.serviceAccount())
@@ -205,16 +193,15 @@ public class CloudTasksUtils implements Serializable {
    * Cloud Tasks.
    *
    * <p>Prefer this overload over the one where the path and service are explicitly defined, as this
-   * class will automatically determine the service to use based on the action and the runtime.
+   * class will automatically determine the service to use based on the action.
    *
    * @param actionClazz the action class to run, must be annotated with {@link Action}.
    * @param method the HTTP method to be used for the request.
    * @param params a multimap of URL query parameters. Duplicate keys are saved as is, and it is up
    *     to the server to process the duplicate keys.
    * @return the enqueued task.
-   * @see <a
-   *     href=ttps://cloud.google.com/appengine/docs/standard/java/taskqueue/push/creating-tasks#target>Specifyinig
-   *     the worker service</a>
+   * @see <a href=https://docs.cloud.google.com/tasks/docs/creating-http-target-tasks#java>Creating
+   *     HTTP target tasks</a>
    */
   public Task createTask(
       Class<? extends Runnable> actionClazz, Method method, Multimap<String, String> params) {
@@ -231,32 +218,29 @@ public class CloudTasksUtils implements Serializable {
         method,
         actionClazz.getSimpleName(),
         allowedMethods);
-    Service service =
-        RegistryEnvironment.isOnJetty() ? Action.ServiceGetter.get(action) : action.service();
-    return createTask(path, method, service, params);
+    return createTask(path, method, action.service(), params);
   }
 
   /**
    * Create a {@link Task} to be enqueued with a random delay up to {@code jitterSeconds}.
    *
-   * <p>The caller of this method is responsible for passing in the appropriate service based on the
-   * runtime (GAE/GKE). Use the overload that takes an action class if possible.
+   * <p>The caller of this method is responsible for passing in the appropriate service. Use the
+   * overload that takes an action class if possible.
    *
    * @param path the relative URI (staring with a slash and ending without one).
    * @param method the HTTP method to be used for the request.
-   * @param service the GAE/GKE service to route the request to.
+   * @param service the service to route the request to.
    * @param params a multimap of URL query parameters. Duplicate keys are saved as is, and it is up
    *     to the server to process the duplicate keys.
    * @param jitterSeconds the number of seconds that a task is randomly delayed up to.
    * @return the enqueued task.
-   * @see <a
-   *     href=ttps://cloud.google.com/appengine/docs/standard/java/taskqueue/push/creating-tasks#target>Specifyinig
-   *     the worker service</a>
+   * @see <a href=https://docs.cloud.google.com/tasks/docs/creating-http-target-tasks#java>Creating
+   *     HTTP target tasks</a>
    */
   public Task createTaskWithJitter(
       String path,
       Method method,
-      Service service,
+      Action.Service service,
       Multimap<String, String> params,
       Optional<Integer> jitterSeconds) {
     if (jitterSeconds.isEmpty() || jitterSeconds.get() <= 0) {
@@ -274,7 +258,7 @@ public class CloudTasksUtils implements Serializable {
    * Create a {@link Task} to be enqueued with a random delay up to {@code jitterSeconds}.
    *
    * <p>Prefer this overload over the one where the path and service are explicitly defined, as this
-   * class will automatically determine the service to use based on the action and the runtime.
+   * class will automatically determine the service to use based on the action.
    *
    * @param actionClazz the action class to run, must be annotated with {@link Action}.
    * @param method the HTTP method to be used for the request.
@@ -282,9 +266,8 @@ public class CloudTasksUtils implements Serializable {
    *     to the server to process the duplicate keys.
    * @param jitterSeconds the number of seconds that a task is randomly delayed up to.
    * @return the enqueued task.
-   * @see <a
-   *     href=ttps://cloud.google.com/appengine/docs/standard/java/taskqueue/push/creating-tasks#target>Specifyinig
-   *     the worker service</a>
+   * @see <a href=https://docs.cloud.google.com/tasks/docs/creating-http-target-tasks#java>Creating
+   *     HTTP target tasks</a>
    */
   public Task createTaskWithJitter(
       Class<? extends Runnable> actionClazz,
@@ -297,9 +280,7 @@ public class CloudTasksUtils implements Serializable {
         "Action class %s is not annotated with @Action",
         actionClazz.getSimpleName());
     String path = action.path();
-    Service service =
-        RegistryEnvironment.isOnJetty() ? Action.ServiceGetter.get(action) : action.service();
-    return createTaskWithJitter(path, method, service, params, jitterSeconds);
+    return createTaskWithJitter(path, method, action.service(), params, jitterSeconds);
   }
 
   /**
@@ -307,19 +288,18 @@ public class CloudTasksUtils implements Serializable {
    *
    * @param path the relative URI (staring with a slash and ending without one).
    * @param method the HTTP method to be used for the request.
-   * @param service the GAE/GKE service to route the request to.
+   * @param service the service to route the request to.
    * @param params a multimap of URL query parameters. Duplicate keys are saved as is, and it is up
    *     to the server to process the duplicate keys.
    * @param delay the amount of time that a task needs to be delayed for.
    * @return the enqueued task.
-   * @see <a
-   *     href=ttps://cloud.google.com/appengine/docs/standard/java/taskqueue/push/creating-tasks#target>Specifyinig
-   *     the worker service</a>
+   * @see <a href=https://docs.cloud.google.com/tasks/docs/creating-http-target-tasks#java>Creating
+   *     HTTP target tasks</a>
    */
   private Task createTaskWithDelay(
       String path,
       Method method,
-      Service service,
+      Action.Service service,
       Multimap<String, String> params,
       Duration delay) {
     if (delay.isEqual(Duration.ZERO)) {
@@ -335,7 +315,7 @@ public class CloudTasksUtils implements Serializable {
    * Create a {@link Task} to be enqueued with delay of {@code duration}.
    *
    * <p>Prefer this overload over the one where the path and service are explicitly defined, as this
-   * class will automatically determine the service to use based on the action and the runtime.
+   * class will automatically determine the service to use based on the action.
    *
    * @param actionClazz the action class to run, must be annotated with {@link Action}.
    * @param method the HTTP method to be used for the request.
@@ -343,9 +323,8 @@ public class CloudTasksUtils implements Serializable {
    *     to the server to process the duplicate keys.
    * @param delay the amount of time that a task needs to be delayed for.
    * @return the enqueued task.
-   * @see <a
-   *     href=ttps://cloud.google.com/appengine/docs/standard/java/taskqueue/push/creating-tasks#target>Specifyinig
-   *     the worker service</a>
+   * @see <a href=https://docs.cloud.google.com/tasks/docs/creating-http-target-tasks#java>Creating
+   *     HTTP target tasks</a>
    */
   public Task createTaskWithDelay(
       Class<? extends Runnable> actionClazz,
@@ -354,9 +333,7 @@ public class CloudTasksUtils implements Serializable {
       Duration delay) {
     Action action = getAction(actionClazz);
     String path = action.path();
-    Service service =
-        RegistryEnvironment.isOnJetty() ? Action.ServiceGetter.get(action) : action.service();
-    return createTaskWithDelay(path, method, service, params, delay);
+    return createTaskWithDelay(path, method, action.service(), params, delay);
   }
 
   private static Action getAction(Class<? extends Runnable> actionClazz) {

core/src/main/java/google/registry/batch/DeleteExpiredDomainsAction.java

@@ -37,7 +37,6 @@ import google.registry.model.eppcommon.ProtocolDefinition;
 import google.registry.model.eppoutput.EppOutput;
 import google.registry.persistence.transaction.QueryComposer.Comparator;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Response;
 import google.registry.request.auth.Auth;
 import google.registry.request.lock.LockHandler;
@@ -68,7 +67,7 @@ import org.joda.time.Duration;
  * this action runs, thus alerting us that human action is needed to correctly process the delete.
  */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = DeleteExpiredDomainsAction.PATH,
     auth = Auth.AUTH_ADMIN)
 public class DeleteExpiredDomainsAction implements Runnable {

core/src/main/java/google/registry/batch/DeleteLoadTestDataAction.java

@@ -29,7 +29,6 @@ import com.google.common.flogger.FluentLogger;
 import google.registry.flows.poll.PollFlowUtils;
 import google.registry.model.EppResource;
 import google.registry.model.EppResourceUtils;
-import google.registry.model.contact.Contact;
 import google.registry.model.domain.Domain;
 import google.registry.model.host.Host;
 import google.registry.model.poll.PollMessage;
@@ -37,7 +36,6 @@ import google.registry.model.reporting.HistoryEntry;
 import google.registry.model.reporting.HistoryEntryDao;
 import google.registry.persistence.VKey;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Parameter;
 import google.registry.request.auth.Auth;
 import google.registry.util.Clock;
@@ -55,7 +53,7 @@ import jakarta.inject.Inject;
  * production.
  */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = "/_dr/task/deleteLoadTestData",
     method = POST,
     auth = Auth.AUTH_ADMIN)
@@ -95,7 +93,6 @@ public class DeleteLoadTestDataAction implements Runnable {
             TRANSACTION_REPEATABLE_READ,
             () -> {
               LOAD_TEST_REGISTRARS.forEach(this::deletePollMessages);
-              tm().loadAllOfStream(Contact.class).forEach(this::deleteContact);
               tm().loadAllOfStream(Host.class).forEach(this::deleteHost);
             });
   }
@@ -111,21 +108,6 @@ public class DeleteLoadTestDataAction implements Runnable {
     }
   }
 
-  private void deleteContact(Contact contact) {
-    if (!LOAD_TEST_REGISTRARS.contains(contact.getPersistedCurrentSponsorRegistrarId())) {
-      return;
-    }
-    // We cannot remove contacts from domains in the general case, so we cannot delete contacts
-    // that are linked to domains (since it would break the foreign keys)
-    if (EppResourceUtils.isLinked(contact.createVKey(), clock.nowUtc())) {
-      logger.atWarning().log(
-          "Cannot delete contact with repo ID %s since it is referenced from a domain.",
-          contact.getRepoId());
-      return;
-    }
-    deleteResource(contact);
-  }
-
   private void deleteHost(Host host) {
     if (!LOAD_TEST_REGISTRARS.contains(host.getPersistedCurrentSponsorRegistrarId())) {
       return;

core/src/main/java/google/registry/batch/DeleteProberDataAction.java

@@ -42,7 +42,6 @@ import google.registry.model.domain.Domain;
 import google.registry.model.domain.DomainHistory;
 import google.registry.model.tld.Tld.TldType;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Parameter;
 import google.registry.request.auth.Auth;
 import google.registry.util.RegistryEnvironment;
@@ -59,7 +58,7 @@ import org.joda.time.Duration;
  * billing events, along with their ForeignKeyDomainIndex entities.
  */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = "/_dr/task/deleteProberData",
     method = POST,
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/batch/ExpandBillingRecurrencesAction.java

@@ -35,7 +35,6 @@ import google.registry.model.billing.BillingEvent;
 import google.registry.model.billing.BillingRecurrence;
 import google.registry.model.common.Cursor;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Parameter;
 import google.registry.request.Response;
 import google.registry.request.auth.Auth;
@@ -51,7 +50,7 @@ import org.joda.time.DateTime;
  * BillingRecurrence} billing events into synthetic {@link BillingEvent} events.
  */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = "/_dr/task/expandBillingRecurrences",
     auth = Auth.AUTH_ADMIN)
 public class ExpandBillingRecurrencesAction implements Runnable {

core/src/main/java/google/registry/batch/RelockDomainAction.java

@@ -32,7 +32,6 @@ import google.registry.model.eppcommon.StatusValue;
 import google.registry.model.tld.RegistryLockDao;
 import google.registry.persistence.VKey;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Parameter;
 import google.registry.request.Response;
 import google.registry.request.auth.Auth;
@@ -47,7 +46,7 @@ import org.joda.time.Duration;
 
 /** Task that re-locks a previously-Registry-Locked domain after a predetermined period of time. */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = RelockDomainAction.PATH,
     method = POST,
     automaticallyPrintOk = true,
@@ -113,11 +112,11 @@ public class RelockDomainAction implements Runnable {
   public void run() {
     /* We wish to manually control our retry behavior, in order to limit the number of retries
      * and/or notify registrars / support only after a certain number of retries, or only
-     * with a certain type of failure. AppEngine will automatically retry on any non-2xx status
+     * with a certain type of failure. Cloud Tasks will automatically retry on any non-2xx status
      * code, so return SC_NO_CONTENT (204) by default to avoid this auto-retry.
      *
-     * See https://cloud.google.com/appengine/docs/standard/java/taskqueue/push/retrying-tasks
-     * for more details on retry behavior. */
+     * See https://docs.cloud.google.com/tasks/docs/configuring-queues#retry for more details on
+     * retry behavior. */
     response.setStatus(SC_NO_CONTENT);
     response.setContentType(MediaType.PLAIN_TEXT_UTF_8);
     tm().transact(this::relockDomain);

core/src/main/java/google/registry/batch/RemoveAllDomainContactsAction.java

@@ -1,246 +0,0 @@
-// Copyright 2025 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.batch;
-
-import static com.google.common.base.Preconditions.checkState;
-import static com.google.common.net.MediaType.PLAIN_TEXT_UTF_8;
-import static google.registry.flows.FlowUtils.marshalWithLenientRetry;
-import static google.registry.model.common.FeatureFlag.FeatureName.MINIMUM_DATASET_CONTACTS_PROHIBITED;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
-import static google.registry.util.DateTimeUtils.END_OF_TIME;
-import static google.registry.util.ResourceUtils.readResourceUtf8;
-import static jakarta.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
-import static jakarta.servlet.http.HttpServletResponse.SC_NO_CONTENT;
-import static jakarta.servlet.http.HttpServletResponse.SC_OK;
-import static java.nio.charset.StandardCharsets.US_ASCII;
-
-import com.google.common.base.Ascii;
-import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.ImmutableSet;
-import com.google.common.flogger.FluentLogger;
-import com.google.common.util.concurrent.RateLimiter;
-import google.registry.config.RegistryConfig.Config;
-import google.registry.flows.EppController;
-import google.registry.flows.EppRequestSource;
-import google.registry.flows.PasswordOnlyTransportCredentials;
-import google.registry.flows.StatelessRequestSessionMetadata;
-import google.registry.model.common.FeatureFlag;
-import google.registry.model.contact.Contact;
-import google.registry.model.domain.DesignatedContact;
-import google.registry.model.domain.Domain;
-import google.registry.model.eppcommon.ProtocolDefinition;
-import google.registry.model.eppoutput.EppOutput;
-import google.registry.persistence.VKey;
-import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
-import google.registry.request.Response;
-import google.registry.request.auth.Auth;
-import google.registry.request.lock.LockHandler;
-import jakarta.inject.Inject;
-import jakarta.inject.Named;
-import java.util.List;
-import java.util.concurrent.Callable;
-import java.util.logging.Level;
-import javax.annotation.Nullable;
-import org.joda.time.Duration;
-
-/**
- * An action that removes all contacts from all active (non-deleted) domains.
- *
- * <p>This implements part 1 of phase 3 of the Minimum Dataset migration, wherein we remove all uses
- * of contact objects in preparation for later removing all contact data from the system.
- *
- * <p>This runs as a singly threaded, resumable action that loads batches of domains still
- * containing contacts, and runs a superuser domain update on each one to remove the contacts,
- * leaving behind a record recording that update.
- */
-@Action(
-    service = GaeService.BACKEND,
-    path = RemoveAllDomainContactsAction.PATH,
-    method = Action.Method.POST,
-    auth = Auth.AUTH_ADMIN)
-public class RemoveAllDomainContactsAction implements Runnable {
-
-  public static final String PATH = "/_dr/task/removeAllDomainContacts";
-  private static final String LOCK_NAME = "Remove all domain contacts";
-  private static final String CONTACT_FMT = "<domain:contact type=\"%s\">%s</domain:contact>";
-
-  private static final FluentLogger logger = FluentLogger.forEnclosingClass();
-  private final EppController eppController;
-  private final String registryAdminClientId;
-  private final LockHandler lockHandler;
-  private final RateLimiter rateLimiter;
-  private final Response response;
-  private final String updateDomainXml;
-  private int successes = 0;
-  private int failures = 0;
-
-  private static final int BATCH_SIZE = 10000;
-
-  @Inject
-  RemoveAllDomainContactsAction(
-      EppController eppController,
-      @Config("registryAdminClientId") String registryAdminClientId,
-      LockHandler lockHandler,
-      @Named("removeAllDomainContacts") RateLimiter rateLimiter,
-      Response response) {
-    this.eppController = eppController;
-    this.registryAdminClientId = registryAdminClientId;
-    this.lockHandler = lockHandler;
-    this.rateLimiter = rateLimiter;
-    this.response = response;
-    this.updateDomainXml =
-        readResourceUtf8(RemoveAllDomainContactsAction.class, "domain_remove_contacts.xml");
-  }
-
-  @Override
-  public void run() {
-    checkState(
-        tm().transact(() -> FeatureFlag.isActiveNow(MINIMUM_DATASET_CONTACTS_PROHIBITED)),
-        "Minimum dataset migration must be completed prior to running this action");
-    response.setContentType(PLAIN_TEXT_UTF_8);
-
-    Callable<Void> runner =
-        () -> {
-          try {
-            runLocked();
-            response.setStatus(SC_OK);
-          } catch (Exception e) {
-            logger.atSevere().withCause(e).log("Errored out during execution.");
-            response.setStatus(SC_INTERNAL_SERVER_ERROR);
-            response.setPayload(String.format("Errored out with cause: %s", e));
-          }
-          return null;
-        };
-
-    if (!lockHandler.executeWithLocks(runner, null, Duration.standardHours(1), LOCK_NAME)) {
-      // Send a 200-series status code to prevent this conflicting action from retrying.
-      response.setStatus(SC_NO_CONTENT);
-      response.setPayload("Could not acquire lock; already running?");
-    }
-  }
-
-  private void runLocked() {
-    logger.atInfo().log("Removing contacts on all active domains.");
-
-    List<String> domainRepoIdsBatch;
-    do {
-      domainRepoIdsBatch =
-          tm().<List<String>>transact(
-                  () ->
-                      tm().getEntityManager()
-                          .createQuery(
-                              """
-                              SELECT repoId FROM Domain WHERE deletionTime = :end_of_time AND NOT (
-                                adminContact IS NULL AND billingContact IS NULL
-                                AND registrantContact IS NULL AND techContact IS NULL)
-                              """)
-                          .setParameter("end_of_time", END_OF_TIME)
-                          .setMaxResults(BATCH_SIZE)
-                          .getResultList());
-
-      for (String domainRepoId : domainRepoIdsBatch) {
-        rateLimiter.acquire();
-        runDomainUpdateFlow(domainRepoId);
-      }
-    } while (!domainRepoIdsBatch.isEmpty());
-    String msg =
-        String.format(
-            "Finished; %d domains were successfully updated and %d errored out.",
-            successes, failures);
-    logger.at(failures == 0 ? Level.INFO : Level.WARNING).log(msg);
-    response.setPayload(msg);
-  }
-
-  private void runDomainUpdateFlow(String repoId) {
-    // Create a new transaction that the flow's execution will be enlisted in that loads the domain
-    // transactionally. This way we can ensure that nothing else has modified the domain in question
-    // in the intervening period since the query above found it. If a single domain update fails
-    // permanently, log it and move on to not block processing all the other domains.
-    try {
-      boolean success = tm().transact(() -> runDomainUpdateFlowInner(repoId));
-      if (success) {
-        successes++;
-      } else {
-        failures++;
-      }
-    } catch (Throwable t) {
-      logger.atWarning().withCause(t).log(
-          "Failed updating domain with repoId %s; skipping.", repoId);
-    }
-  }
-
-  /**
-   * Runs the actual domain update flow and returns whether the contact removals were successful.
-   */
-  private boolean runDomainUpdateFlowInner(String repoId) {
-    Domain domain = tm().loadByKey(VKey.create(Domain.class, repoId));
-    if (!domain.getDeletionTime().equals(END_OF_TIME)) {
-      // Domain has been deleted since the action began running; nothing further to be
-      // done here.
-      logger.atInfo().log("Nothing to process for deleted domain '%s'.", domain.getDomainName());
-      return false;
-    }
-    logger.atInfo().log("Attempting to remove contacts on domain '%s'.", domain.getDomainName());
-
-    StringBuilder sb = new StringBuilder();
-    ImmutableMap<VKey<? extends Contact>, Contact> contacts =
-        tm().loadByKeys(
-                domain.getContacts().stream()
-                    .map(DesignatedContact::getContactKey)
-                    .collect(ImmutableSet.toImmutableSet()));
-
-    // Collect all the (non-registrant) contacts referenced by the domain and compile an EPP XML
-    // string that removes each one.
-    for (DesignatedContact designatedContact : domain.getContacts()) {
-      @Nullable Contact contact = contacts.get(designatedContact.getContactKey());
-      if (contact == null) {
-        logger.atWarning().log(
-            "Domain '%s' referenced contact with repo ID '%s' that couldn't be" + " loaded.",
-            domain.getDomainName(), designatedContact.getContactKey().getKey());
-        continue;
-      }
-      sb.append(
-              String.format(
-                  CONTACT_FMT,
-                  Ascii.toLowerCase(designatedContact.getType().name()),
-                  contact.getContactId()))
-          .append("\n");
-    }
-
-    String compiledXml =
-        updateDomainXml
-            .replace("%DOMAIN%", domain.getDomainName())
-            .replace("%CONTACTS%", sb.toString());
-    EppOutput output =
-        eppController.handleEppCommand(
-            new StatelessRequestSessionMetadata(
-                registryAdminClientId, ProtocolDefinition.getVisibleServiceExtensionUris()),
-            new PasswordOnlyTransportCredentials(),
-            EppRequestSource.BACKEND,
-            false,
-            true,
-            compiledXml.getBytes(US_ASCII));
-    if (output.isSuccess()) {
-      logger.atInfo().log(
-          "Successfully removed contacts from domain '%s'.", domain.getDomainName());
-    } else {
-      logger.atWarning().log(
-          "Failed removing contacts from domain '%s' with error %s.",
-          domain.getDomainName(), new String(marshalWithLenientRetry(output), US_ASCII));
-    }
-    return output.isSuccess();
-  }
-}

core/src/main/java/google/registry/batch/ResaveAllEppResourcesPipelineAction.java

@@ -28,7 +28,6 @@ import com.google.common.flogger.FluentLogger;
 import com.google.common.net.MediaType;
 import google.registry.config.RegistryConfig.Config;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Parameter;
 import google.registry.request.Response;
 import google.registry.request.auth.Auth;
@@ -54,7 +53,7 @@ import jakarta.inject.Inject;
  * <p>This runs the {@link google.registry.beam.resave.ResaveAllEppResourcesPipeline}.
  */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = ResaveAllEppResourcesPipelineAction.PATH,
     auth = Auth.AUTH_ADMIN)
 public class ResaveAllEppResourcesPipelineAction implements Runnable {

core/src/main/java/google/registry/batch/ResaveEntityAction.java

@@ -25,7 +25,6 @@ import com.google.common.flogger.FluentLogger;
 import google.registry.model.EppResource;
 import google.registry.persistence.VKey;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Action.Method;
 import google.registry.request.Parameter;
 import google.registry.request.Response;
@@ -40,7 +39,7 @@ import org.joda.time.DateTime;
  * <p>{@link EppResource}s will be projected forward to the current time.
  */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = ResaveEntityAction.PATH,
     auth = Auth.AUTH_ADMIN,
     method = Method.POST)

core/src/main/java/google/registry/batch/SendExpiringCertificateNotificationEmailAction.java

@@ -35,7 +35,6 @@ import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarPoc;
 import google.registry.model.registrar.RegistrarPoc.Type;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Response;
 import google.registry.request.auth.Auth;
 import google.registry.util.EmailMessage;
@@ -50,7 +49,7 @@ import org.joda.time.format.DateTimeFormatter;
 
 /** An action that sends notification emails to registrars whose certificates are expiring soon. */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = SendExpiringCertificateNotificationEmailAction.PATH,
     auth = Auth.AUTH_ADMIN)
 public class SendExpiringCertificateNotificationEmailAction implements Runnable {

core/src/main/java/google/registry/batch/WipeOutContactHistoryPiiAction.java

@@ -1,143 +0,0 @@
-// Copyright 2021 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.batch;
-
-import static google.registry.beam.BeamUtils.createJobName;
-import static google.registry.request.RequestParameters.PARAM_DRY_RUN;
-import static jakarta.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
-import static jakarta.servlet.http.HttpServletResponse.SC_OK;
-
-import com.google.api.services.dataflow.Dataflow;
-import com.google.api.services.dataflow.model.LaunchFlexTemplateParameter;
-import com.google.api.services.dataflow.model.LaunchFlexTemplateRequest;
-import com.google.api.services.dataflow.model.LaunchFlexTemplateResponse;
-import com.google.common.collect.ImmutableMap;
-import com.google.common.flogger.FluentLogger;
-import com.google.common.net.MediaType;
-import google.registry.beam.wipeout.WipeOutContactHistoryPiiPipeline;
-import google.registry.config.RegistryConfig.Config;
-import google.registry.model.contact.ContactHistory;
-import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
-import google.registry.request.Parameter;
-import google.registry.request.Response;
-import google.registry.request.auth.Auth;
-import google.registry.util.Clock;
-import google.registry.util.RegistryEnvironment;
-import jakarta.inject.Inject;
-import java.io.IOException;
-import java.util.Optional;
-import org.joda.time.DateTime;
-
-/**
- * An action that launches {@link WipeOutContactHistoryPiiPipeline} to wipe out Personal
- * Identifiable Information (PII) fields of {@link ContactHistory} entities.
- *
- * <p>{@link ContactHistory} entities should be retained in the database for only certain amount of
- * time.
- */
-@Action(
-    service = GaeService.BACKEND,
-    path = WipeOutContactHistoryPiiAction.PATH,
-    auth = Auth.AUTH_ADMIN)
-public class WipeOutContactHistoryPiiAction implements Runnable {
-
-  public static final String PATH = "/_dr/task/wipeOutContactHistoryPii";
-  public static final String PARAM_CUTOFF_TIME = "wipeoutTime";
-  private static final FluentLogger logger = FluentLogger.forEnclosingClass();
-  private static final String PIPELINE_NAME = "wipe_out_contact_history_pii_pipeline";
-
-  private final Clock clock;
-  private final boolean isDryRun;
-  private final Optional<DateTime> maybeCutoffTime;
-  private final int minMonthsBeforeWipeOut;
-  private final String stagingBucketUrl;
-  private final String projectId;
-  private final String jobRegion;
-  private final Dataflow dataflow;
-  private final Response response;
-
-  @Inject
-  public WipeOutContactHistoryPiiAction(
-      Clock clock,
-      @Parameter(PARAM_DRY_RUN) boolean isDryRun,
-      @Parameter(PARAM_CUTOFF_TIME) Optional<DateTime> maybeCutoffTime,
-      @Config("minMonthsBeforeWipeOut") int minMonthsBeforeWipeOut,
-      @Config("beamStagingBucketUrl") String stagingBucketUrl,
-      @Config("projectId") String projectId,
-      @Config("defaultJobRegion") String jobRegion,
-      Dataflow dataflow,
-      Response response) {
-    this.clock = clock;
-    this.isDryRun = isDryRun;
-    this.maybeCutoffTime = maybeCutoffTime;
-    this.minMonthsBeforeWipeOut = minMonthsBeforeWipeOut;
-    this.stagingBucketUrl = stagingBucketUrl;
-    this.projectId = projectId;
-    this.jobRegion = jobRegion;
-    this.dataflow = dataflow;
-    this.response = response;
-  }
-
-  @Override
-  public void run() {
-    response.setContentType(MediaType.PLAIN_TEXT_UTF_8);
-    DateTime cutoffTime =
-        maybeCutoffTime.orElse(clock.nowUtc().minusMonths(minMonthsBeforeWipeOut));
-    LaunchFlexTemplateParameter launchParameter =
-        new LaunchFlexTemplateParameter()
-            .setJobName(
-                createJobName(
-                    String.format(
-                        "contact-history-pii-wipeout-%s",
-                        cutoffTime.toString("yyyy-MM-dd't'HH-mm-ss'z'")),
-                    clock))
-            .setContainerSpecGcsPath(
-                String.format("%s/%s_metadata.json", stagingBucketUrl, PIPELINE_NAME))
-            .setParameters(
-                ImmutableMap.of(
-                    "registryEnvironment",
-                    RegistryEnvironment.get().name(),
-                    "cutoffTime",
-                    cutoffTime.toString("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'"),
-                    "isDryRun",
-                    Boolean.toString(isDryRun)));
-    logger.atInfo().log(
-        "Launching Beam pipeline to wipe out all PII of contact history entities prior to %s%s.",
-        cutoffTime, " in dry run mode");
-    try {
-      LaunchFlexTemplateResponse launchResponse =
-          dataflow
-              .projects()
-              .locations()
-              .flexTemplates()
-              .launch(
-                  projectId,
-                  jobRegion,
-                  new LaunchFlexTemplateRequest().setLaunchParameter(launchParameter))
-              .execute();
-      logger.atInfo().log("Got response: %s", launchResponse.getJob().toPrettyString());
-      response.setStatus(SC_OK);
-      response.setPayload(
-          String.format(
-              "Launched contact history PII wipeout pipeline: %s",
-              launchResponse.getJob().getId()));
-    } catch (IOException e) {
-      logger.atWarning().withCause(e).log("Pipeline Launch failed");
-      response.setStatus(SC_INTERNAL_SERVER_ERROR);
-      response.setPayload(String.format("Pipeline launch failed: %s", e.getMessage()));
-    }
-  }
-}

core/src/main/java/google/registry/beam/common/RegistryPipelineWorkerInitializer.java

@@ -40,8 +40,6 @@ public class RegistryPipelineWorkerInitializer implements JvmInitializer {
 
   @Override
   public void beforeProcessing(PipelineOptions options) {
-    // TODO(b/416299900): remove next line after GAE is removed.
-    System.setProperty("google.registry.jetty", "true");
     RegistryPipelineOptions registryOptions = options.as(RegistryPipelineOptions.class);
     RegistryEnvironment environment = registryOptions.getRegistryEnvironment();
     if (environment == null || environment.equals(RegistryEnvironment.UNITTEST)) {

core/src/main/java/google/registry/beam/rde/RdePipeline.java

@@ -50,8 +50,6 @@ import google.registry.config.CredentialModule;
 import google.registry.config.RegistryConfig.ConfigModule;
 import google.registry.gcs.GcsUtils;
 import google.registry.model.EppResource;
-import google.registry.model.contact.Contact;
-import google.registry.model.contact.ContactHistory;
 import google.registry.model.domain.Domain;
 import google.registry.model.domain.DomainHistory;
 import google.registry.model.host.Host;
@@ -73,7 +71,6 @@ import jakarta.inject.Inject;
 import jakarta.inject.Singleton;
 import java.io.IOException;
 import java.io.Serializable;
-import java.util.HashSet;
 import org.apache.beam.sdk.Pipeline;
 import org.apache.beam.sdk.PipelineResult;
 import org.apache.beam.sdk.coders.KvCoder;
@@ -138,25 +135,21 @@ import org.joda.time.DateTime;
  * pairs of (contact/host repo ID: pending deposit) for all RDE pending deposits for further
  * processing.
  *
- * <h3>{@link Contact}</h3>
- *
- * We first join most recent contact histories, represented by (contact repo ID: contact history
- * revision ID) pairs, with referenced contacts, represented by (contact repo ID: pending deposit)
- * pairs, on the contact repo ID, to remove unreferenced contact histories. Contact resources are
- * then loaded from the remaining referenced contact histories, and marshalled into (pending
- * deposit: deposit fragment) pairs.
- *
  * <h3>{@link Host}</h3>
  *
- * Similar to {@link Contact}, we join the most recent host history with referenced hosts to find
- * most recent referenced hosts. For external hosts we do the same treatment as we did on contacts
- * and obtain the (pending deposit: deposit fragment) pairs. For subordinate hosts, we need to find
- * the superordinate domain in order to properly handle pending transfer in the deposit as well. So
- * we first find the superordinate domain repo ID from the host and join the (superordinate domain
- * repo ID: (subordinate host repo ID: (pending deposit: revision ID))) pair with the (domain repo
- * ID: revision ID) pair obtained from the domain history query in order to map the host at
- * watermark to the domain at watermark. We then proceed to create the (pending deposit: deposit
- * fragment) pair for subordinate hosts using the added domain information.
+ * <p>We first join most recent host histories, represented by (host repo ID: host history revision
+ * ID) pairs, with referenced hosts, represented by (host repo ID: pending deposit) pairs, on the
+ * host repo ID, to remove unreferenced host histories. Host resources are then loaded from the
+ * remaining referenced host histories, and marshalled into (pending deposit: deposit fragment)
+ * pairs.
+ *
+ * <p>For subordinate hosts, we need to find the superordinate domain in order to properly handle
+ * pending transfer in the deposit as well. So we first find the superordinate domain repo ID from
+ * the host and join the (superordinate domain repo ID: (subordinate host repo ID: (pending deposit:
+ * revision ID))) pair with the (domain repo ID: revision ID) pair obtained from the domain history
+ * query in order to map the host at watermark to the domain at watermark. We then proceed to create
+ * the (pending deposit: deposit fragment) pair for subordinate hosts using the added domain
+ * information.
  *
  * <h2>Processing {@link DepositFragment}</h2>
  *
@@ -184,10 +177,10 @@ public class RdePipeline implements Serializable {
   private final CloudTasksUtils cloudTasksUtils;
   private final RdeMarshaller marshaller;
 
-  // Registrars to be excluded from data escrow. Not including the sandbox-only OTE type so that
-  // if sneaks into production we would get an extra signal.
+  // Registrars to be excluded from data escrow (i.e. all registrar types that have a null IANA
+  // identifier and thus would not be valid according to the RDE schema).
   private static final ImmutableSet<Type> IGNORED_REGISTRAR_TYPES =
-      Sets.immutableEnumSet(Registrar.Type.MONITORING, Registrar.Type.TEST);
+      Sets.immutableEnumSet(Registrar.Type.MONITORING, Registrar.Type.OTE, Registrar.Type.TEST);
 
   private static final FluentLogger logger = FluentLogger.forEnclosingClass();
 
@@ -230,9 +223,6 @@ public class RdePipeline implements Serializable {
     PCollection<KV<String, Long>> domainHistories =
         getMostRecentHistoryEntries(pipeline, DomainHistory.class);
 
-    PCollection<KV<String, Long>> contactHistories =
-        getMostRecentHistoryEntries(pipeline, ContactHistory.class);
-
     PCollection<KV<String, Long>> hostHistories =
         getMostRecentHistoryEntries(pipeline, HostHistory.class);
 
@@ -241,10 +231,6 @@ public class RdePipeline implements Serializable {
     PCollection<KV<PendingDeposit, DepositFragment>> domainFragments =
         processedDomainHistories.get(DOMAIN_FRAGMENTS);
 
-    PCollection<KV<PendingDeposit, DepositFragment>> contactFragments =
-        processContactHistories(
-            processedDomainHistories.get(REFERENCED_CONTACTS), contactHistories);
-
     PCollectionTuple processedHosts =
         processHostHistories(processedDomainHistories.get(REFERENCED_HOSTS), hostHistories);
 
@@ -256,7 +242,6 @@ public class RdePipeline implements Serializable {
 
     return PCollectionList.of(registrarFragments)
         .and(domainFragments)
-        .and(contactFragments)
         .and(externalHostFragments)
         .and(subordinateHostFragments)
         .apply(
@@ -437,7 +422,6 @@ public class RdePipeline implements Serializable {
   private PCollectionTuple processDomainHistories(PCollection<KV<String, Long>> domainHistories) {
     Counter activeDomainCounter = Metrics.counter("RDE", "ActiveDomainBase");
     Counter domainFragmentCounter = Metrics.counter("RDE", "DomainFragment");
-    Counter referencedContactCounter = Metrics.counter("RDE", "ReferencedContact");
     Counter referencedHostCounter = Metrics.counter("RDE", "ReferencedHost");
     return domainHistories.apply(
         "Map DomainHistory to DepositFragment " + "and emit referenced Contact and Host",
@@ -463,19 +447,8 @@ public class RdePipeline implements Serializable {
                                       KV.of(
                                           pendingDeposit,
                                           marshaller.marshalDomain(domain, pendingDeposit.mode())));
-                              // Contacts and hosts are only deposited in RDE, not BRDA.
+                              // Hosts are only deposited in RDE, not BRDA.
                               if (pendingDeposit.mode() == RdeMode.FULL) {
-                                HashSet<Serializable> contacts = new HashSet<>();
-                                domain.getAdminContact().ifPresent(c -> contacts.add(c.getKey()));
-                                domain.getTechContact().ifPresent(c -> contacts.add(c.getKey()));
-                                domain.getRegistrant().ifPresent(c -> contacts.add(c.getKey()));
-                                domain.getBillingContact().ifPresent(c -> contacts.add(c.getKey()));
-                                referencedContactCounter.inc(contacts.size());
-                                contacts.forEach(
-                                    contactRepoId ->
-                                        receiver
-                                            .get(REFERENCED_CONTACTS)
-                                            .output(KV.of((String) contactRepoId, pendingDeposit)));
                                 if (domain.getNsHosts() != null) {
                                   referencedHostCounter.inc(domain.getNsHosts().size());
                                   domain
@@ -497,38 +470,6 @@ public class RdePipeline implements Serializable {
                 DOMAIN_FRAGMENTS, TupleTagList.of(REFERENCED_CONTACTS).and(REFERENCED_HOSTS)));
   }
 
-  private PCollection<KV<PendingDeposit, DepositFragment>> processContactHistories(
-      PCollection<KV<String, PendingDeposit>> referencedContacts,
-      PCollection<KV<String, Long>> contactHistories) {
-    Counter contactFragmentCounter = Metrics.counter("RDE", "ContactFragment");
-    return removeUnreferencedResource(referencedContacts, contactHistories, Contact.class)
-        .apply(
-            "Map Contact to DepositFragment",
-            FlatMapElements.into(
-                    kvs(
-                        TypeDescriptor.of(PendingDeposit.class),
-                        TypeDescriptor.of(DepositFragment.class)))
-                .via(
-                    (KV<String, CoGbkResult> kv) -> {
-                      Contact contact =
-                          (Contact)
-                              loadResourceByHistoryEntryId(
-                                  ContactHistory.class,
-                                  kv.getKey(),
-                                  kv.getValue().getAll(REVISION_ID));
-                      DepositFragment fragment = marshaller.marshalContact(contact);
-                      ImmutableSet<KV<PendingDeposit, DepositFragment>> fragments =
-                          Streams.stream(kv.getValue().getAll(PENDING_DEPOSIT))
-                              // The same contact could be used by multiple domains, therefore
-                              // matched to the same pending deposit multiple times.
-                              .distinct()
-                              .map(pendingDeposit -> KV.of(pendingDeposit, fragment))
-                              .collect(toImmutableSet());
-                      contactFragmentCounter.inc(fragments.size());
-                      return fragments;
-                    }));
-  }
-
   private PCollectionTuple processHostHistories(
       PCollection<KV<String, PendingDeposit>> referencedHosts,
       PCollection<KV<String, Long>> hostHistories) {

core/src/main/java/google/registry/beam/resave/ResaveAllEppResourcesPipeline.java

@@ -25,7 +25,6 @@ import com.google.common.collect.Streams;
 import google.registry.beam.common.RegistryJpaIO;
 import google.registry.beam.common.RegistryJpaIO.Read;
 import google.registry.model.EppResource;
-import google.registry.model.contact.Contact;
 import google.registry.model.domain.Domain;
 import google.registry.model.domain.DomainBase;
 import google.registry.model.host.Host;
@@ -56,7 +55,7 @@ import org.joda.time.DateTime;
 public class ResaveAllEppResourcesPipeline implements Serializable {
 
   private static final ImmutableSet<Class<? extends EppResource>> EPP_RESOURCE_CLASSES =
-      ImmutableSet.of(Contact.class, Domain.class, Host.class);
+      ImmutableSet.of(Domain.class, Host.class);
 
   /**
    * There exist three possible situations where we know we'll want to project domains to the
@@ -92,25 +91,12 @@ public class ResaveAllEppResourcesPipeline implements Serializable {
 
   void setupPipeline(Pipeline pipeline) {
     if (options.getFast()) {
-      fastResaveContacts(pipeline);
       fastResaveDomains(pipeline);
     } else {
       EPP_RESOURCE_CLASSES.forEach(clazz -> forceResaveAllResources(pipeline, clazz));
     }
   }
 
-  /** Projects to the current time and saves any contacts with expired transfers. */
-  private void fastResaveContacts(Pipeline pipeline) {
-    Read<String, String> repoIdRead =
-        RegistryJpaIO.read(
-                "SELECT repoId FROM Contact WHERE transferData.transferStatus = 'PENDING' AND"
-                    + " transferData.pendingTransferExpirationTime < current_timestamp()",
-                String.class,
-                r -> r)
-            .withCoder(StringUtf8Coder.of());
-    projectAndResaveResources(pipeline, Contact.class, repoIdRead);
-  }
-
   /**
    * Projects to the current time and saves any domains with expired pending actions (e.g.
    * transfers, grace periods).

core/src/main/java/google/registry/beam/wipeout/WipeOutContactHistoryPiiPipeline.java

@@ -1,166 +0,0 @@
-// Copyright 2023 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.beam.wipeout;
-
-import static com.google.common.collect.ImmutableList.toImmutableList;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
-import static org.apache.beam.sdk.values.TypeDescriptors.voids;
-
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.Streams;
-import google.registry.beam.common.RegistryJpaIO;
-import google.registry.model.contact.ContactHistory;
-import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
-import google.registry.persistence.PersistenceModule.TransactionIsolationLevel;
-import google.registry.persistence.VKey;
-import java.io.Serializable;
-import org.apache.beam.sdk.Pipeline;
-import org.apache.beam.sdk.PipelineResult;
-import org.apache.beam.sdk.coders.KvCoder;
-import org.apache.beam.sdk.coders.StringUtf8Coder;
-import org.apache.beam.sdk.coders.VarLongCoder;
-import org.apache.beam.sdk.metrics.Counter;
-import org.apache.beam.sdk.metrics.Metrics;
-import org.apache.beam.sdk.options.PipelineOptionsFactory;
-import org.apache.beam.sdk.transforms.MapElements;
-import org.apache.beam.sdk.transforms.join.CoGroupByKey;
-import org.apache.beam.sdk.transforms.join.KeyedPCollectionTuple;
-import org.apache.beam.sdk.values.KV;
-import org.apache.beam.sdk.values.PCollection;
-import org.apache.beam.sdk.values.TupleTag;
-import org.joda.time.DateTime;
-
-/**
- * Definition of a Dataflow Flex pipeline template, which finds out {@link ContactHistory} entries
- * that are older than a given age (excluding the most recent one, even if it falls with the range)
- * and wipe out PII information in them.
- *
- * <p>To stage this template locally, run {@code ./nom_build :core:sBP --environment=alpha \
- * --pipeline=wipeOutContactHistoryPii}.
- *
- * <p>Then, you can run the staged template via the API client library, gCloud or a raw REST call.
- */
-public class WipeOutContactHistoryPiiPipeline implements Serializable {
-
-  private static final long serialVersionUID = -4111052675715913820L;
-  private static final TupleTag<Long> REVISIONS_TO_WIPE = new TupleTag<>();
-  private static final TupleTag<Long> MOST_RECENT_REVISION = new TupleTag<>();
-
-  private final DateTime cutoffTime;
-  private final boolean dryRun;
-  private final Counter contactsInScope =
-      Metrics.counter("WipeOutContactHistoryPii", "contacts in scope");
-  private final Counter historiesToWipe =
-      Metrics.counter("WipeOutContactHistoryPii", "contact histories to wipe PII from");
-  private final Counter historiesWiped =
-      Metrics.counter("WipeOutContactHistoryPii", "contact histories actually updated");
-
-  WipeOutContactHistoryPiiPipeline(WipeOutContactHistoryPiiPipelineOptions options) {
-    dryRun = options.getIsDryRun();
-    cutoffTime = DateTime.parse(options.getCutoffTime());
-  }
-
-  void setup(Pipeline pipeline) {
-    KeyedPCollectionTuple.of(REVISIONS_TO_WIPE, getHistoryEntriesToWipe(pipeline))
-        .and(MOST_RECENT_REVISION, getMostRecentHistoryEntries(pipeline))
-        .apply("Group by contact", CoGroupByKey.create())
-        .apply(
-            "Wipe out PII",
-            MapElements.into(voids())
-                .via(
-                    kv -> {
-                      String repoId = kv.getKey();
-                      long mostRecentRevision = kv.getValue().getOnly(MOST_RECENT_REVISION);
-                      ImmutableList<Long> revisionsToWipe =
-                          Streams.stream(kv.getValue().getAll(REVISIONS_TO_WIPE))
-                              .filter(e -> e != mostRecentRevision)
-                              .collect(toImmutableList());
-                      if (revisionsToWipe.isEmpty()) {
-                        return null;
-                      }
-                      contactsInScope.inc();
-                      tm().transact(
-                              () -> {
-                                for (long revisionId : revisionsToWipe) {
-                                  historiesToWipe.inc();
-                                  ContactHistory history =
-                                      tm().loadByKey(
-                                              VKey.create(
-                                                  ContactHistory.class,
-                                                  new HistoryEntryId(repoId, revisionId)));
-                                  // In the unlikely case where multiple pipelines run at the
-                                  // same time, or where the runner decides to rerun a particular
-                                  // transform, we might have a history entry that has already been
-                                  // wiped at this point. There's no need to wipe it again.
-                                  if (!dryRun
-                                      && history.getContactBase().isPresent()
-                                      && history.getContactBase().get().getEmailAddress() != null) {
-                                    historiesWiped.inc();
-                                    tm().update(history.asBuilder().wipeOutPii().build());
-                                  }
-                                }
-                              });
-                      return null;
-                    }));
-  }
-
-  PCollection<KV<String, Long>> getHistoryEntriesToWipe(Pipeline pipeline) {
-    return pipeline.apply(
-        "Find contact histories to wipee",
-        // Email is one of the required fields in EPP, meaning it's initially not null when it
-        // is set by EPP flows (even though it is nullalbe in the SQL schema). Therefore,
-        // checking if it's null is one way to avoid processing contact history entities that
-        // have been processed previously. Refer to RFC 5733 for more information.
-        RegistryJpaIO.read(
-                "SELECT repoId, revisionId FROM ContactHistory WHERE resource.email IS NOT NULL"
-                    + " AND modificationTime < :cutoffTime",
-                ImmutableMap.of("cutoffTime", cutoffTime),
-                Object[].class,
-                row -> KV.of((String) row[0], (long) row[1]))
-            .withCoder(KvCoder.of(StringUtf8Coder.of(), VarLongCoder.of())));
-  }
-
-  PCollection<KV<String, Long>> getMostRecentHistoryEntries(Pipeline pipeline) {
-    return pipeline.apply(
-        "Find the most recent historiy entry for each contact",
-        RegistryJpaIO.read(
-                "SELECT repoId, revisionId FROM ContactHistory"
-                    + " WHERE (repoId, modificationTime) IN"
-                    + " (SELECT repoId, MAX(modificationTime) FROM ContactHistory GROUP BY repoId)",
-                ImmutableMap.of(),
-                Object[].class,
-                row -> KV.of((String) row[0], (long) row[1]))
-            .withCoder(KvCoder.of(StringUtf8Coder.of(), VarLongCoder.of())));
-  }
-
-  PipelineResult run(Pipeline pipeline) {
-    setup(pipeline);
-    return pipeline.run();
-  }
-
-  public static void main(String[] args) {
-    PipelineOptionsFactory.register(WipeOutContactHistoryPiiPipelineOptions.class);
-    WipeOutContactHistoryPiiPipelineOptions options =
-        PipelineOptionsFactory.fromArgs(args)
-            .withValidation()
-            .as(WipeOutContactHistoryPiiPipelineOptions.class);
-    // Repeatable read should be more than enough since we are dealing with old history entries that
-    // are otherwise immutable.
-    options.setIsolationOverride(TransactionIsolationLevel.TRANSACTION_REPEATABLE_READ);
-    Pipeline pipeline = Pipeline.create(options);
-    new WipeOutContactHistoryPiiPipeline(options).run(pipeline);
-  }
-}

core/src/main/java/google/registry/beam/wipeout/WipeOutContactHistoryPiiPipelineOptions.java

@@ -1,37 +0,0 @@
-// Copyright 2023 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.beam.wipeout;
-
-import google.registry.beam.common.RegistryPipelineOptions;
-import org.apache.beam.sdk.options.Default;
-import org.apache.beam.sdk.options.Description;
-
-public interface WipeOutContactHistoryPiiPipelineOptions extends RegistryPipelineOptions {
-
-  @Description(
-      "A contact history entry with a history modification time before this time will have its PII"
-          + " wiped, unless it is the most entry for the contact.")
-  String getCutoffTime();
-
-  void setCutoffTime(String value);
-
-  @Description(
-      "If true, the wiped out billing events will not be saved but the pipeline metrics counter"
-          + " will still be updated.")
-  @Default.Boolean(false)
-  boolean getIsDryRun();
-
-  void setIsDryRun(boolean value);
-}

core/src/main/java/google/registry/bigquery/BigqueryConnection.java

@@ -279,20 +279,6 @@ public class BigqueryConnection implements AutoCloseable {
     private TableReference getTableReference() {
       return table.getTableReference().clone();
     }
-
-    /** Returns a string representation of the TableReference for the wrapped table. */
-    public String getStringReference() {
-      return tableReferenceToString(table.getTableReference());
-    }
-
-    /** Returns a string representation of the given TableReference. */
-    private static String tableReferenceToString(TableReference tableRef) {
-      return String.format(
-          "%s:%s.%s",
-          tableRef.getProjectId(),
-          tableRef.getDatasetId(),
-          tableRef.getTableId());
-    }
   }
 
   /**
@@ -398,29 +384,12 @@ public class BigqueryConnection implements AutoCloseable {
   }
 
   /**
-   * Starts an asynchronous query job to dump the results of the specified query into a local
-   * ImmutableTable object, row-keyed by the row number (indexed from 1), column-keyed by the
-   * TableFieldSchema for that column, and with the value object as the cell value.  Note that null
-   * values will not actually be null, but they can be checked for using Data.isNull().
+   * Dumps the results of the specified query into a local ImmutableTable object, row-keyed by the
+   * row number (indexed from 1), column-keyed by the TableFieldSchema for that column, and with the
+   * value object as the cell value.
    *
-   * <p>Returns a ListenableFuture that holds the ImmutableTable on success.
-   */
-  public ListenableFuture<ImmutableTable<Integer, TableFieldSchema, Object>>
-      queryToLocalTable(String querySql) {
-    Job job = new Job()
-        .setConfiguration(new JobConfiguration()
-            .setQuery(new JobConfigurationQuery()
-                .setQuery(querySql)
-                .setDefaultDataset(getDataset())));
-    return transform(runJobToCompletion(job), this::getQueryResults, directExecutor());
-  }
-
-  /**
-   * Returns the result of calling queryToLocalTable, but synchronously to avoid spawning new
-   * background threads, which App Engine doesn't support.
-   *
-   * @see <a href="https://cloud.google.com/appengine/docs/standard/java/runtime#Threads">App Engine
-   *     Runtime</a>
+   * <p>Note that null values will not actually be null, but they can be checked for using
+   * Data.isNull()
    */
   public ImmutableTable<Integer, TableFieldSchema, Object> queryToLocalTableSync(String querySql) {
     Job job = new Job()
@@ -634,10 +603,6 @@ public class BigqueryConnection implements AutoCloseable {
         });
   }
 
-  private ListenableFuture<Job> runJobToCompletion(final Job job) {
-    return service.submit(() -> runJob(job, null));
-  }
-
   /** Helper that returns true if a dataset with this name exists. */
   public boolean checkDatasetExists(String datasetName) throws IOException {
     try {
@@ -676,14 +641,6 @@ public class BigqueryConnection implements AutoCloseable {
         .setDatasetId(getDatasetId());
   }
 
-  /** Returns table reference with the projectId and datasetId filled out for you. */
-  public TableReference getTable(String tableName) {
-    return new TableReference()
-        .setProjectId(getProjectId())
-        .setDatasetId(getDatasetId())
-        .setTableId(tableName);
-  }
-
   /**
    * Helper that creates a dataset with this name if it doesn't already exist, and returns true if
    * creation took place.

core/src/main/java/google/registry/bsa/BsaDiffCreator.java

@@ -71,9 +71,7 @@ class BsaDiffCreator {
     Optional<String> previousJobName = schedule.latestCompleted().map(CompletedJob::jobName);
     /*
      * Memory usage is a concern when creating a diff, when the newest download needs to be held in
-     * memory in its entirety. The top-grade AppEngine VM has 3GB of memory, leaving less than 1.5GB
-     * to application memory footprint after subtracting overheads due to copying garbage collection
-     * and non-heap data etc. Assuming 400K labels, each of which on average included in 5 orders,
+     * memory in its entirety. Assuming 400K labels, each of which on average included in 5 orders,
      * the memory footprint is at least 300MB when loaded into a Hashset-backed Multimap (64-bit
      * JVM, with 12-byte object header, 16-byte array header, and 16-byte alignment).
      *

core/src/main/java/google/registry/bsa/BsaDownloadAction.java

@@ -41,7 +41,6 @@ import google.registry.bsa.persistence.DownloadScheduler;
 import google.registry.config.RegistryConfig.Config;
 import google.registry.model.tld.Tlds;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Response;
 import google.registry.request.auth.Auth;
 import google.registry.util.Clock;
@@ -51,7 +50,7 @@ import java.util.Optional;
 import java.util.stream.Stream;
 
 @Action(
-    service = GaeService.BSA,
+    service = Action.Service.BACKEND,
     path = BsaDownloadAction.PATH,
     method = {GET, POST},
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/bsa/BsaRefreshAction.java

@@ -31,7 +31,6 @@ import google.registry.bsa.persistence.RefreshScheduler;
 import google.registry.config.RegistryConfig.Config;
 import google.registry.model.tld.Tlds;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Response;
 import google.registry.request.auth.Auth;
 import google.registry.util.BatchedStreams;
@@ -42,7 +41,7 @@ import java.util.stream.Stream;
 import org.joda.time.Duration;
 
 @Action(
-    service = GaeService.BSA,
+    service = Action.Service.BACKEND,
     path = BsaRefreshAction.PATH,
     method = {GET, POST},
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/bsa/BsaValidateAction.java

@@ -53,7 +53,6 @@ import google.registry.model.domain.Domain;
 import google.registry.model.tld.Tld;
 import google.registry.model.tld.Tld.TldType;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Response;
 import google.registry.request.auth.Auth;
 import google.registry.util.Clock;
@@ -66,7 +65,7 @@ import org.joda.time.Duration;
 
 /** Validates the BSA data in the database against the most recent block lists. */
 @Action(
-    service = GaeService.BSA,
+    service = Action.Service.BACKEND,
     path = BsaValidateAction.PATH,
     method = {GET, POST},
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/bsa/UploadBsaUnavailableDomainsAction.java

@@ -42,7 +42,6 @@ import google.registry.model.tld.Tld;
 import google.registry.model.tld.Tld.TldType;
 import google.registry.model.tld.label.ReservedList;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.auth.Auth;
 import google.registry.util.Clock;
 import jakarta.inject.Inject;
@@ -78,7 +77,7 @@ import org.joda.time.DateTime;
  * <p>The file is also uploaded to GCS to preserve it as a record for ourselves.
  */
 @Action(
-    service = GaeService.BSA,
+    service = Action.Service.BACKEND,
     path = "/_dr/task/uploadBsaUnavailableNames",
     method = {GET, POST},
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/config/CredentialModule.java

@@ -44,8 +44,6 @@ public abstract class CredentialModule {
    * <p>The credential returned by the Cloud Runtime depends on the runtime environment:
    *
    * <ul>
-   *   <li>On App Engine, returns a scope-less {@code ComputeEngineCredentials} for
-   *       PROJECT_ID@appspot.gserviceaccount.com
    *   <li>On Compute Engine, returns a scope-less {@code ComputeEngineCredentials} for
    *       PROJECT_NUMBER-compute@developer.gserviceaccount.com
    *   <li>On end user host, this returns the credential downloaded by gcloud. Please refer to <a
@@ -87,8 +85,8 @@ public abstract class CredentialModule {
    * the application default credential user.
    *
    * <p>The Workspace domain must grant delegated admin access to the default service account user
-   * (project-id@appspot.gserviceaccount.com on AppEngine) with all scopes in {@code defaultScopes}
-   * and {@code delegationScopes}.
+   * (nomulus-service-account@{project-id}.iam.gserviceaccount.com on GCP) with all scopes in {@code
+   * defaultScopes} and {@code delegationScopes}.
    */
   @AdcDelegatedCredential
   @Provides
@@ -113,9 +111,9 @@ public abstract class CredentialModule {
    * Provides a {@link GoogleCredentialsBundle} for sending emails through Google Workspace.
    *
    * <p>The Workspace domain must grant delegated admin access to the default service account user
-   * (project-id@appspot.gserviceaccount.com on AppEngine) with all scopes in {@code defaultScopes}
-   * and {@code delegationScopes}. In addition, the user {@code gSuiteOutgoingEmailAddress} must
-   * have the permission to send emails.
+   * (nomulus-service-account@{project-id}.iam.gserviceaccount.com on GCP) with all scopes in {@code
+   * defaultScopes} and {@code delegationScopes}. In addition, the user {@code
+   * gSuiteOutgoingEmailAddress} must have the permission to send emails.
    */
   @GmailDelegatedCredential
   @Provides

core/src/main/java/google/registry/config/DelegatedCredentials.java

@@ -55,8 +55,9 @@ import org.apache.commons.codec.binary.Base64;
  *
  * <p>This class accepts the application-default-credential as {@code ServiceAccountSigner},
  * avoiding the need for exported private keys. In this case, the default credential user itself
- * (project-id@appspot.gserviceaccount.com on AppEngine) must have domain-wide delegation to the
- * Workspace APIs. The default credential user also must have the Token Creator role to itself.
+ * (nomulus-service-account@{project-id}.iam.gserviceaccount.com on GCP) must have domain-wide
+ * delegation to the Workspace APIs. The default credential user also must have the Token Creator
+ * role to itself.
  *
  * <p>If the user provides a credential {@code S} that carries its own private key, such as {@link
  * com.google.auth.oauth2.ServiceAccountCredentials}, this class can use {@code S} to impersonate

core/src/main/java/google/registry/config/RegistryConfig.java

@@ -36,8 +36,9 @@ import dagger.Provides;
 import google.registry.bsa.UploadBsaUnavailableDomainsAction;
 import google.registry.dns.ReadDnsRefreshRequestsAction;
 import google.registry.model.common.DnsRefreshRequest;
+import google.registry.mosapi.MosApiClient;
 import google.registry.persistence.transaction.JpaTransactionManager;
-import google.registry.request.Action.GkeService;
+import google.registry.request.Action.Service;
 import google.registry.util.RegistryEnvironment;
 import google.registry.util.YamlUtils;
 import jakarta.inject.Named;
@@ -142,15 +143,15 @@ public final class RegistryConfig {
     }
 
     /**
-     * Returns the roid suffix to be used for the roids of all contacts and hosts. E.g. a value of
-     * "ROID" would end up creating roids that look like "ABC123-ROID".
+     * Returns the roid suffix to be used for the roids of all hosts. E.g. a value of "ROID" would
+     * end up creating roids that look like "ABC123-ROID".
      *
      * @see <a href="http://www.iana.org/assignments/epp-repository-ids/epp-repository-ids.xhtml">
      *     Extensible Provisioning Protocol (EPP) Repository Identifiers</a>
      */
     @Provides
-    @Config("contactAndHostRoidSuffix")
-    public static String provideContactAndHostRoidSuffix(RegistryConfigSettings config) {
+    @Config("hostRoidSuffix")
+    public static String provideHostRoidSuffix(RegistryConfigSettings config) {
       return config.registryPolicy.contactAndHostRoidSuffix;
     }
 
@@ -961,7 +962,7 @@ public final class RegistryConfig {
     }
 
     /**
-     * Number of times to retry a GAE operation when {@code TransientFailureException} is thrown.
+     * Number of times to retry an operation when {@code TransientFailureException} is thrown.
      *
      * <p>The number of milliseconds it'll sleep before giving up is {@code (2^n - 2) * 100}.
      *
@@ -1023,18 +1024,6 @@ public final class RegistryConfig {
       return Duration.standardSeconds(config.monitoring.writeIntervalSeconds);
     }
 
-    /**
-     * The global automatic transfer length for contacts. After this amount of time has elapsed, the
-     * transfer is automatically approved.
-     *
-     * @see google.registry.flows.contact.ContactTransferRequestFlow
-     */
-    @Provides
-    @Config("contactAutomaticTransferLength")
-    public static Duration provideContactAutomaticTransferLength(RegistryConfigSettings config) {
-      return Duration.standardDays(config.registryPolicy.contactAutomaticTransferDays);
-    }
-
     /**
      * Returns the maximum number of entities that can be checked at one time in an EPP check flow.
      */
@@ -1263,12 +1252,6 @@ public final class RegistryConfig {
       return ImmutableSet.copyOf(config.sslCertificateValidation.allowedEcdsaCurves);
     }
 
-    @Provides
-    @Config("minMonthsBeforeWipeOut")
-    public static int provideMinMonthsBeforeWipeOut(RegistryConfigSettings config) {
-      return config.contactHistory.minMonthsBeforeWipeOut;
-    }
-
     @Provides
     @Config("jdbcBatchSize")
     public static int provideHibernateJdbcBatchSize(RegistryConfigSettings config) {
@@ -1415,6 +1398,58 @@ public final class RegistryConfig {
       return config.bsa.uploadUnavailableDomainsUrl;
     }
 
+    /**
+     * Returns the URL we send HTTP requests for MoSAPI.
+     *
+     * @see MosApiClient
+     */
+    @Provides
+    @Config("mosapiServiceUrl")
+    public static String provideMosapiServiceUrl(RegistryConfigSettings config) {
+      return config.mosapi.serviceUrl;
+    }
+
+    /**
+     * Returns the entityType we send HTTP requests for MoSAPI.
+     *
+     * @see MosApiClient
+     */
+    @Provides
+    @Config("mosapiEntityType")
+    public static String provideMosapiEntityType(RegistryConfigSettings config) {
+      return config.mosapi.entityType;
+    }
+
+    @Provides
+    @Config("mosapiTlsCertSecretName")
+    public static String provideMosapiTlsCertSecretName(RegistryConfigSettings config) {
+      return config.mosapi.tlsCertSecretName;
+    }
+
+    @Provides
+    @Config("mosapiTlsKeySecretName")
+    public static String provideMosapiTlsKeySecretName(RegistryConfigSettings config) {
+      return config.mosapi.tlsKeySecretName;
+    }
+
+    @Provides
+    @Config("mosapiTlds")
+    public static ImmutableSet<String> provideMosapiTlds(RegistryConfigSettings config) {
+      return ImmutableSet.copyOf(config.mosapi.tlds);
+    }
+
+    @Provides
+    @Config("mosapiServices")
+    public static ImmutableSet<String> provideMosapiServices(RegistryConfigSettings config) {
+      return ImmutableSet.copyOf(config.mosapi.services);
+    }
+
+    @Provides
+    @Config("mosapiTldThreadCount")
+    public static int provideMosapiTldThreads(RegistryConfigSettings config) {
+      return config.mosapi.tldThreadCount;
+    }
+
     private static String formatComments(String text) {
       return Splitter.on('\n').omitEmptyStrings().trimResults().splitToList(text).stream()
           .map(s -> "# " + s)
@@ -1422,7 +1457,7 @@ public final class RegistryConfig {
     }
   }
 
-  /** Returns the App Engine project ID, which is based off the environment name. */
+  /** Returns the project ID, which is based off the environment name. */
   public static String getProjectId() {
     return CONFIG_SETTINGS.get().gcpProject.projectId;
   }
@@ -1444,55 +1479,10 @@ public final class RegistryConfig {
     return CONFIG_SETTINGS.get().gcpProject.baseDomain;
   }
 
-  public static URL getServiceUrl(GkeService service) {
+  public static URL getServiceUrl(Service service) {
     return makeUrl(String.format("https://%s.%s", service.getServiceId(), getBaseDomain()));
   }
 
-  /**
-   * Returns the address of the Nomulus app default HTTP server.
-   *
-   * <p>This is used by the {@code nomulus} tool to connect to the App Engine remote API.
-   */
-  public static URL getDefaultServer() {
-    return makeUrl(CONFIG_SETTINGS.get().gcpProject.defaultServiceUrl);
-  }
-
-  /**
-   * Returns the address of the Nomulus app backend HTTP server.
-   *
-   * <p>This is used by the {@code nomulus} tool to connect to the App Engine remote API.
-   */
-  public static URL getBackendServer() {
-    return makeUrl(CONFIG_SETTINGS.get().gcpProject.backendServiceUrl);
-  }
-
-  /**
-   * Returns the address of the Nomulus app bsa HTTP server.
-   *
-   * <p>This is used by the {@code nomulus} tool to connect to the App Engine remote API.
-   */
-  public static URL getBsaServer() {
-    return makeUrl(CONFIG_SETTINGS.get().gcpProject.bsaServiceUrl);
-  }
-
-  /**
-   * Returns the address of the Nomulus app tools HTTP server.
-   *
-   * <p>This is used by the {@code nomulus} tool to connect to the App Engine remote API.
-   */
-  public static URL getToolsServer() {
-    return makeUrl(CONFIG_SETTINGS.get().gcpProject.toolsServiceUrl);
-  }
-
-  /**
-   * Returns the address of the Nomulus app pubapi HTTP server.
-   *
-   * <p>This is used by the {@code nomulus} tool to connect to the App Engine remote API.
-   */
-  public static URL getPubapiServer() {
-    return makeUrl(CONFIG_SETTINGS.get().gcpProject.pubapiServiceUrl);
-  }
-
   /** Returns the amount of time a singleton should be cached, before expiring. */
   public static java.time.Duration getSingletonCacheRefreshDuration() {
     return java.time.Duration.ofSeconds(CONFIG_SETTINGS.get().caching.singletonCacheRefreshSeconds);
@@ -1621,15 +1611,11 @@ public final class RegistryConfig {
     return CONFIG_SETTINGS.get().hibernate.jdbcFetchSize;
   }
 
-  /** Returns the roid suffix to be used for the roids of all contacts and hosts. */
-  public static String getContactAndHostRoidSuffix() {
+  /** Returns the roid suffix to be used for the roids of all hosts. */
+  public static String getHostRoidSuffix() {
     return CONFIG_SETTINGS.get().registryPolicy.contactAndHostRoidSuffix;
   }
 
-  /** Returns the global automatic transfer length for contacts. */
-  public static Duration getContactAutomaticTransferLength() {
-    return Duration.standardDays(CONFIG_SETTINGS.get().registryPolicy.contactAutomaticTransferDays);
-  }
 
   /** A discount for all sunrise domain creates, between 0.0 (no discount) and 1.0 (free). */
   public static double getSunriseDomainCreateDiscount() {

core/src/main/java/google/registry/config/RegistryConfigSettings.java

@@ -39,10 +39,10 @@ public class RegistryConfigSettings {
   public Beam beam;
   public RegistryTool registryTool;
   public SslCertificateValidation sslCertificateValidation;
-  public ContactHistory contactHistory;
   public DnsUpdate dnsUpdate;
   public BulkPricingPackageMonitoring bulkPricingPackageMonitoring;
   public Bsa bsa;
+  public MosApi mosapi;
 
   /** Configuration options that apply to the entire GCP project. */
   public static class GcpProject {
@@ -50,11 +50,6 @@ public class RegistryConfigSettings {
     public long projectIdNumber;
     public String locationId;
     public boolean isLocal;
-    public String defaultServiceUrl;
-    public String backendServiceUrl;
-    public String bsaServiceUrl;
-    public String toolsServiceUrl;
-    public String pubapiServiceUrl;
     public String baseDomain;
   }
 
@@ -91,7 +86,6 @@ public class RegistryConfigSettings {
     public String productName;
     public String customLogicFactoryClass;
     public String dnsCountQueryCoordinatorClass;
-    public int contactAutomaticTransferDays;
     public String greetingServerId;
     public List<String> registrarChangesNotificationEmailAddresses;
     public String defaultRegistrarWhoisServer;
@@ -227,11 +221,6 @@ public class RegistryConfigSettings {
     public String expirationWarningEmailSubjectText;
   }
 
-  /** Configuration for contact history. */
-  public static class ContactHistory {
-    public int minMonthsBeforeWipeOut;
-  }
-
   /** Configuration for dns update. */
   public static class DnsUpdate {
     public String dnsUpdateFailEmailSubjectText;
@@ -267,4 +256,15 @@ public class RegistryConfigSettings {
     public String unblockableDomainsUrl;
     public String uploadUnavailableDomainsUrl;
   }
+
+  /** Configuration for Mosapi. */
+  public static class MosApi {
+    public String serviceUrl;
+    public String tlsCertSecretName;
+    public String tlsKeySecretName;
+    public String entityType;
+    public List<String> tlds;
+    public List<String> services;
+    public int tldThreadCount;
+  }
 }

core/src/main/java/google/registry/config/files/default-config.yaml

@@ -12,17 +12,11 @@ gcpProject:
   projectIdNumber: 123456789012
   # Location of the GCP project, note that us-central1 and europe-west1 are special in that
   # they are used without the trailing number in GCP commands and Google Cloud Console.
-  # See: https://cloud.google.com/appengine/docs/locations as an example
+  # See: https://docs.cloud.google.com/compute/docs/regions-zones as an example
   locationId: registry-location-id
 
   # whether to use local/test credentials when connecting to the servers
   isLocal: true
-  # URLs of the services for the project.
-  defaultServiceUrl: https://default.example.com
-  backendServiceUrl: https://backend.example.com
-  bsaServiceUrl: https://bsa.example.com
-  toolsServiceUrl: https://tools.example.com
-  pubapiServiceUrl: https://pubapi.example.com
 
   # The base domain name of the registry service. Services are reachable at [service].baseDomain.
   baseDomain: registry.test
@@ -32,9 +26,9 @@ gSuite:
   domainName: domain-registry.example
 
   # Display name and email address used on outgoing emails through G Suite.
-  # The email address must be valid and have permission in the GAE app to send
-  # emails. For more info see:
-  # https://cloud.google.com/appengine/docs/standard/java/mail/#who_can_send_mail
+  # The email address must be valid and the domain must be set up to send emails.
+  # For more info see
+  # https://docs.cloud.google.com/compute/docs/tutorials/sending-mail
   outgoingEmailDisplayName: Example Registry
   outgoingEmailAddress: noreply@project-id.appspotmail.com
   # TODO(b/279671974): reuse `outgoingEmailAddress` after migration
@@ -69,9 +63,6 @@ registryPolicy:
   # See reporting/icann/DnsCountQueryCoordinator.java
   dnsCountQueryCoordinatorClass: google.registry.reporting.icann.DummyDnsCountQueryCoordinator
 
-  # Length of time after which contact transfers automatically conclude.
-  contactAutomaticTransferDays: 5
-
   # Server ID used in the 'svID' element of an EPP 'greeting'.
   greetingServerId: Nomulus Registry
 
@@ -201,18 +192,16 @@ hibernate:
   # but lock tables explicitly, either using framework-dependent API, or execute
   # "select table for update" statements directly.
   connectionIsolation: TRANSACTION_SERIALIZABLE
-  # Whether to log all SQL queries to App Engine logs. Overridable at runtime.
+  # Whether to log all SQL queries. Overridable at runtime.
   logSqlQueries: false
 
   # Connection pool configurations.
   hikariConnectionTimeout: 20000
   # Cloud SQL connections are a relatively scarce resource (maximum is 1000 as
   # of March 2021). The minimumIdle should be a small value so that machines may
-  # release connections after a demand spike. The maximumPoolSize is set to 10
-  # because that is the maximum number of concurrent requests a Nomulus server
-  # instance can handle (as limited by AppEngine for basic/manual scaling). Note
-  # that BEAM pipelines are not subject to the maximumPoolSize value defined
-  # here. See PersistenceModule.java for more information.
+  # release connections after a demand spike. Note that BEAM pipelines are not
+  # subject to the maximumPoolSize value defined here. See PersistenceModule.java
+  # for more information.
   hikariMinimumIdle: 1
   hikariMaximumPoolSize: 40
   hikariIdleTimeout: 300000
@@ -264,8 +253,8 @@ caching:
 
   # Maximum total number of static premium list entry entities to cache in
   # memory, across all premium lists for all TLDs. Tuning this up will use more
-  # memory (and might require using larger App Engine instances). Note that
-  # premium list entries that are absent are cached in addition to ones that are
+  # memory (and might require using larger instances). Note that premium list
+  # entries that are absent are cached in addition to ones that are
   # present, so the total cache size is not bounded by the total number of
   # premium price entries that exist.
   staticPremiumListMaxCachedEntries: 200000
@@ -346,12 +335,8 @@ credentialOAuth:
   localCredentialOauthScopes:
   # View and manage data in all Google Cloud APIs.
   - https://www.googleapis.com/auth/cloud-platform
-  # Call App Engine APIs locally.
-  - https://www.googleapis.com/auth/appengine.apis
   # View your email address.
   - https://www.googleapis.com/auth/userinfo.email
-  # View and manage your applications deployed on Google App Engine
-  - https://www.googleapis.com/auth/appengine.admin
   # The lifetime of an access token generated by our custom credentials classes
   # Must be shorter than one hour.
   tokenRefreshDelaySeconds: 1800
@@ -433,7 +418,7 @@ misc:
   spec11BccEmailAddresses:
     - abuse@example.com
 
-  # Number of times to retry a GAE operation when a transient exception is thrown.
+  # Number of times to retry an operation when a transient exception is thrown.
   # The number of milliseconds it'll sleep before giving up is (2^n - 2) * 100.
   transientFailureRetries: 12
 
@@ -462,11 +447,6 @@ registryTool:
   # OAuth client secret used by the tool.
   clientSecret: YOUR_CLIENT_SECRET
 
-# Configuration options for handling contact history.
-contactHistory:
-  # The number of months that a ContactHistory entity should be stored in the database.
-  minMonthsBeforeWipeOut: 18
-
 # Configuration options relevant to the DNS update functionality.
 dnsUpdate:
   dnsUpdateFailRegistryName: Example name
@@ -628,3 +608,34 @@ bsa:
   unblockableDomainsUrl: "https://"
   # API endpoint for uploading the list of unavailable domain names.
   uploadUnavailableDomainsUrl: "https://"
+
+mosapi:
+  # URL for the MosAPI
+  serviceUrl: https://mosapi.icann.org
+  # The type of entity being monitored.
+  # For registries, this is 'ry'
+  # For registrars, this is 'rr'
+  entityType: ry
+  # Add your List of TLDs to be monitored
+  tlds:
+  - your_tld1
+  - your_tld2
+  # Add tls cert secret name
+  # you configured in secret manager
+  tlsCertSecretName: YOUR_TLS_CERT_SECRET_NAME
+  # Add tls key secret name
+  # you configured in secret manager
+  tlsKeySecretName:  YOUR_TLS_KEY_SECRET_NAME
+  # List of services to check for each TLD.
+  services:
+  - "dns"
+  - "rdap"
+  - "rdds"
+  - "epp"
+  - "dnssec"
+
+  # Provides a fixed thread pool for parallel TLD processing.
+  # @see <a href="https://www.icann.org/mosapi-specification.pdf">
+  # ICANN MoSAPI Specification, Section 12.3</a>
+  tldThreadCount: 4
+

core/src/main/java/google/registry/config/files/tasks/cloud-scheduler-tasks-production.xml

@@ -322,4 +322,15 @@
     <service>bsa</service>
     <schedule>23 8,20 * * *</schedule>
   </task>
+
+  <task>
+    <url><![CDATA[/_dr/task/triggerMosApiServiceState]]></url>
+    <name>triggerMosApiServiceState</name>
+    <description>
+      Fetches the service state from MosAPI and triggers the metrics status for all TLDs.
+    </description>
+    <!-- Runs every 5 minutes. -->
+    <schedule>*/5 * * * *</schedule>
+  </task>
+
 </entries>

core/src/main/java/google/registry/cron/TldFanoutAction.java

@@ -40,14 +40,12 @@ import com.google.common.collect.Streams;
 import com.google.common.flogger.FluentLogger;
 import google.registry.batch.CloudTasksUtils;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
-import google.registry.request.Action.GkeService;
+import google.registry.request.Action.Service;
 import google.registry.request.Parameter;
 import google.registry.request.ParameterMap;
 import google.registry.request.RequestParameters;
 import google.registry.request.Response;
 import google.registry.request.auth.Auth;
-import google.registry.util.RegistryEnvironment;
 import jakarta.inject.Inject;
 import java.util.Optional;
 import java.util.stream.Stream;
@@ -59,8 +57,7 @@ import java.util.stream.Stream;
  *
  * <ul>
  *   <li>{@code endpoint} (Required) URL path of servlet to launch. This may contain pathargs.
- *   <li>{@code queue} (Required) Name of the App Engine push queue to which this task should be
- *       sent.
+ *   <li>{@code queue} (Required) Name of the queue to which this task should be sent.
  *   <li>{@code forEachRealTld} Launch the task in each real TLD namespace.
  *   <li>{@code forEachTestTld} Launch the task in each test TLD namespace.
  *   <li>{@code runInEmpty} Launch the task once, without the TLD argument.
@@ -80,7 +77,7 @@ import java.util.stream.Stream;
  * </ul>
  */
 @Action(
-    service = GaeService.BACKEND,
+    service = Service.BACKEND,
     path = "/_dr/cron/fanout",
     automaticallyPrintOk = true,
     auth = Auth.AUTH_ADMIN)
@@ -160,10 +157,6 @@ public final class TldFanoutAction implements Runnable {
       params.put(RequestParameters.PARAM_TLD, tld);
     }
     return cloudTasksUtils.createTaskWithJitter(
-        endpoint,
-        Action.Method.POST,
-        RegistryEnvironment.isOnJetty() ? GkeService.BACKEND : GaeService.BACKEND,
-        params,
-        jitterSeconds);
+        endpoint, Action.Method.POST, Service.BACKEND, params, jitterSeconds);
   }
 }

core/src/main/java/google/registry/dns/PublishDnsUpdatesAction.java

@@ -52,7 +52,6 @@ import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarPoc;
 import google.registry.model.tld.Tld;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Header;
 import google.registry.request.HttpException.ServiceUnavailableException;
 import google.registry.request.Parameter;
@@ -72,7 +71,7 @@ import org.joda.time.Duration;
 
 /** Task that sends domain and host updates to the DNS server. */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = PublishDnsUpdatesAction.PATH,
     method = POST,
     automaticallyPrintOk = true,

core/src/main/java/google/registry/dns/ReadDnsRefreshRequestsAction.java

@@ -45,7 +45,6 @@ import google.registry.dns.DnsUtils.TargetType;
 import google.registry.model.common.DnsRefreshRequest;
 import google.registry.model.tld.Tld;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Parameter;
 import google.registry.request.auth.Auth;
 import google.registry.util.Clock;
@@ -60,7 +59,7 @@ import org.joda.time.Duration;
  * table.
  */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = "/_dr/task/readDnsRefreshRequests",
     automaticallyPrintOk = true,
     method = POST,

core/src/main/java/google/registry/dns/RefreshDnsAction.java

@@ -26,7 +26,6 @@ import google.registry.model.annotations.ExternalMessagingName;
 import google.registry.model.domain.Domain;
 import google.registry.model.host.Host;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.HttpException.BadRequestException;
 import google.registry.request.HttpException.NotFoundException;
 import google.registry.request.Parameter;
@@ -36,7 +35,7 @@ import jakarta.inject.Inject;
 
 /** Action that manually triggers refresh of DNS information. */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = "/_dr/task/dnsRefresh",
     automaticallyPrintOk = true,
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/dns/RefreshDnsOnHostRenameAction.java

@@ -26,7 +26,6 @@ import google.registry.model.domain.Domain;
 import google.registry.model.host.Host;
 import google.registry.persistence.VKey;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Parameter;
 import google.registry.request.Response;
 import google.registry.request.auth.Auth;
@@ -34,7 +33,7 @@ import jakarta.inject.Inject;
 import org.joda.time.DateTime;
 
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = PATH,
     method = Action.Method.POST,
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/dns/writer/dnsupdate/DnsMessageTransport.java

@@ -36,8 +36,10 @@ import org.xbill.DNS.Opcode;
 /**
  * A transport for DNS messages. Sends/receives DNS messages over TCP using old-style {@link Socket}
  * s and the message framing defined in <a href="https://tools.ietf.org/html/rfc1035">RFC 1035</a>.
- * We would like use the dnsjava library's {@link org.xbill.DNS.SimpleResolver} class for this, but
- * it requires {@link java.nio.channels.SocketChannel} which is not supported on AppEngine.
+ *
+ * <p>TODO(b/463732345): now that we're no longer on AppEngine, see if we can use the dnsjava
+ * library's {@link org.xbill.DNS.SimpleResolver} class instead of this (that requires {@link
+ * java.nio.channels.SocketChannel} which is not supported on AppEngine).
  */
 public class DnsMessageTransport {
 

core/src/main/java/google/registry/export/ExportDomainListsAction.java

@@ -36,7 +36,6 @@ import google.registry.model.eppcommon.StatusValue;
 import google.registry.model.tld.Tld;
 import google.registry.model.tld.Tld.TldType;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.auth.Auth;
 import google.registry.storage.drive.DriveConnection;
 import google.registry.util.Clock;
@@ -58,7 +57,7 @@ import org.joda.time.DateTimeZone;
  * name TLD.txt into the domain-lists bucket. Note that this overwrites the files in place.
  */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = "/_dr/task/exportDomainLists",
     method = POST,
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/export/ExportPremiumTermsAction.java

@@ -33,7 +33,6 @@ import google.registry.model.tld.Tld;
 import google.registry.model.tld.label.PremiumList.PremiumEntry;
 import google.registry.model.tld.label.PremiumListDao;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Parameter;
 import google.registry.request.RequestParameters;
 import google.registry.request.Response;
@@ -46,7 +45,7 @@ import java.util.SortedSet;
 
 /** Action that exports the premium terms list for a TLD to Google Drive. */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = "/_dr/task/exportPremiumTerms",
     method = POST,
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/export/ExportReservedTermsAction.java

@@ -25,7 +25,6 @@ import com.google.common.flogger.FluentLogger;
 import com.google.common.net.MediaType;
 import google.registry.model.tld.Tld;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Parameter;
 import google.registry.request.RequestParameters;
 import google.registry.request.Response;
@@ -35,7 +34,7 @@ import jakarta.inject.Inject;
 
 /** Action that exports the publicly viewable reserved terms list for a TLD to Google Drive. */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = "/_dr/task/exportReservedTerms",
     method = POST,
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/export/SyncGroupMembersAction.java

@@ -34,7 +34,6 @@ import google.registry.groups.GroupsConnection.Role;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarPoc;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Response;
 import google.registry.request.auth.Auth;
 import google.registry.util.Retrier;
@@ -53,7 +52,7 @@ import javax.annotation.Nullable;
  * <p>This uses the <a href="https://developers.google.com/admin-sdk/directory/">Directory API</a>.
  */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = "/_dr/task/syncGroupMembers",
     method = POST,
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/export/sheet/SyncRegistrarsSheetAction.java

@@ -24,7 +24,6 @@ import static jakarta.servlet.http.HttpServletResponse.SC_OK;
 import com.google.common.flogger.FluentLogger;
 import google.registry.config.RegistryConfig.Config;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Parameter;
 import google.registry.request.Response;
 import google.registry.request.auth.Auth;
@@ -55,7 +54,7 @@ import org.joda.time.Duration;
  * @see SyncRegistrarsSheet
  */
 @Action(
-    service = GaeService.BACKEND,
+    service = Action.Service.BACKEND,
     path = SyncRegistrarsSheetAction.PATH,
     method = POST,
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/flows/CheckApiAction.java

@@ -54,7 +54,6 @@ import google.registry.model.tld.label.ReservationType;
 import google.registry.monitoring.whitebox.CheckApiMetric;
 import google.registry.monitoring.whitebox.CheckApiMetric.Availability;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Parameter;
 import google.registry.request.RequestParameters;
 import google.registry.request.Response;
@@ -72,7 +71,7 @@ import org.joda.time.DateTime;
  * user controlled, lest it open an XSS vector. Do not modify this to return the domain name in the
  * response.
  */
-@Action(service = GaeService.PUBAPI, path = "/check", auth = Auth.AUTH_PUBLIC)
+@Action(service = Action.Service.PUBAPI, path = "/check", auth = Auth.AUTH_PUBLIC)
 public class CheckApiAction implements Runnable {
 
   private static final FluentLogger logger = FluentLogger.forEnclosingClass();

core/src/main/java/google/registry/flows/EppTlsAction.java

@@ -15,7 +15,6 @@
 package google.registry.flows;
 
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Action.Method;
 import google.registry.request.Payload;
 import google.registry.request.auth.Auth;
@@ -27,7 +26,7 @@ import jakarta.servlet.http.HttpServletRequest;
  * to RFC 5730. Commands must be requested via POST.
  */
 @Action(
-    service = GaeService.DEFAULT,
+    service = Action.Service.FRONTEND,
     path = "/_dr/epp",
     method = Method.POST,
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/flows/EppToolAction.java

@@ -22,7 +22,6 @@ import dagger.Module;
 import dagger.Provides;
 import google.registry.model.eppcommon.ProtocolDefinition;
 import google.registry.request.Action;
-import google.registry.request.Action.GaeService;
 import google.registry.request.Action.Method;
 import google.registry.request.Parameter;
 import google.registry.request.auth.Auth;
@@ -31,7 +30,7 @@ import jakarta.servlet.http.HttpServletRequest;
 
 /** Runs EPP commands directly without logging in, verifying an XSRF token from the tool. */
 @Action(
-    service = GaeService.TOOLS,
+    service = Action.Service.BACKEND,
     path = EppToolAction.PATH,
     method = Method.POST,
     auth = Auth.AUTH_ADMIN)

core/src/main/java/google/registry/flows/FeeExtensionXmlTagNormalizer.java

@@ -0,0 +1,128 @@
+// Copyright 2026 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.package google.registry.flows;
+
+package google.registry.flows;
+
+import static google.registry.model.eppcommon.ProtocolDefinition.ServiceExtension.FEE_0_11;
+import static google.registry.model.eppcommon.ProtocolDefinition.ServiceExtension.FEE_0_12;
+import static google.registry.model.eppcommon.ProtocolDefinition.ServiceExtension.FEE_0_6;
+import static google.registry.model.eppcommon.ProtocolDefinition.ServiceExtension.FEE_1_00;
+
+import com.google.common.annotations.VisibleForTesting;
+import com.google.common.collect.ImmutableSet;
+import google.registry.model.eppcommon.EppXmlTransformer;
+import google.registry.model.eppcommon.ProtocolDefinition.ServiceExtension;
+import java.util.Optional;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+import java.util.stream.Collectors;
+
+/**
+ * Normalizes Fee extension namespace tags in EPP XML response messages.
+ *
+ * <p>Nomulus currently supports multiple versions of the Fee extension. With the current XML
+ * tooling, the namespace of every version is included in each EPP response, and as a result must
+ * use a unique XML tag. E.g., fee for extension v0.6, and fee12 for extension v0.12.
+ *
+ * <p>Some registrars are not XML namespace-aware and rely on the XML tags being specific literals.
+ * This makes it difficult to perform seamless rollout of new versions: if Nomulus reassigns a tag
+ * literal to a different version, it effectively forces all these registrars to upgrade at the time
+ * of the deployment.
+ *
+ * <p>This class can be used to normalize the namespace tag in EPP responses. Since every response
+ * message may use at most one version of the Fee extension, we can remove declared but unused
+ * versions from the message, thus freeing up the canonical tag ('fee') for the active version.
+ */
+public class FeeExtensionXmlTagNormalizer {
+
+  // So far we only have Fee extensions to process
+  private static final String CANONICAL_FEE_TAG = "fee";
+
+  private static final ImmutableSet<ServiceExtension> FEE_EXTENSIONS =
+      ImmutableSet.of(FEE_0_6, FEE_0_11, FEE_0_12, FEE_1_00);
+
+  private static final Pattern FEE_EXTENSION_IN_USE_PATTERN =
+      Pattern.compile(feeExtensionInUseRegex());
+
+  @VisibleForTesting
+  static String feeExtensionInUseRegex() {
+    return FEE_EXTENSIONS.stream()
+        .map(ServiceExtension::getXmlTag)
+        .map(tag -> String.format("\\b(%s):", tag))
+        .collect(Collectors.joining("|"));
+  }
+
+  /**
+   * Returns a EPP response that uses the canonical tag ({@code fee}) for the fee extension.
+   *
+   * <p>This method replaces any versioned tag, e.g., {@code fee12} with the canonical tag. It also
+   * removes unused namespace declarations and update the tag in the remaining declaration.
+   *
+   * <p>The input {@code xml} must be an EPP response message generated by the {@link
+   * EppXmlTransformer}. With this assumption, we can use regular expressions which is 10X faster
+   * than XML stream parsers.
+   */
+  public static String normalize(String xml) {
+    Optional<String> maybeFeeTagInUse = findFeeExtensionInUse(xml);
+    if (maybeFeeTagInUse.isEmpty()) {
+      return xml;
+    }
+    String feeTagInUse = maybeFeeTagInUse.get();
+    String normalized = xml;
+    for (ServiceExtension serviceExtension : FEE_EXTENSIONS) {
+      if (serviceExtension.getXmlTag().equals(feeTagInUse)) {
+        normalized = normalizeExtensionInUse(feeTagInUse, serviceExtension.getUri(), normalized);
+      } else {
+        normalized =
+            removeUnusedExtension(
+                serviceExtension.getXmlTag(), serviceExtension.getUri(), normalized);
+      }
+    }
+    return normalized;
+  }
+
+  static String removeUnusedExtension(String tag, String uri, String xml) {
+    String declaration = String.format("xmlns:%s=\"%s\"", tag, uri);
+    // There must be a leading whitespace, and it can be safely removed with the declaration.
+    return xml.replaceAll(String.format("\\s%s", declaration), "");
+  }
+
+  static String normalizeExtensionInUse(String tagInUse, String uriInUse, String xml) {
+    if (tagInUse.equals(CANONICAL_FEE_TAG)) {
+      return xml;
+    }
+    // Change the tag in the namespace declaration:
+    String currentDeclaration = String.format("xmlns:%s=\"%s\"", tagInUse, uriInUse);
+    String desiredDeclaraion = String.format("xmlns:fee=\"%s\"", uriInUse);
+    // The new tag at each site of use, with trailing colon:
+    String newTagWithColon = CANONICAL_FEE_TAG + ":";
+    return xml.replaceAll(String.format("\\b%s:", tagInUse), newTagWithColon)
+        .replaceAll(currentDeclaration, desiredDeclaraion);
+  }
+
+  static Optional<String> findFeeExtensionInUse(String xml) {
+    Matcher matcher = FEE_EXTENSION_IN_USE_PATTERN.matcher(xml);
+
+    if (!matcher.find()) {
+      return Optional.empty();
+    }
+    // We know only one extension is in use, so we can return on the first match
+    for (int i = 1; i <= matcher.groupCount(); i++) {
+      if (matcher.group(i) != null) {
+        return Optional.of(matcher.group(i));
+      }
+    }
+    throw new IllegalStateException("Should not reach here. Bad FEE_EXTENSION_IN_USE_PATTERN?");
+  }
+}

core/src/main/java/google/registry/flows/FlowModule.java

@@ -22,7 +22,6 @@ import com.google.common.base.Strings;
 import dagger.Module;
 import dagger.Provides;
 import google.registry.flows.picker.FlowPicker;
-import google.registry.model.contact.ContactHistory;
 import google.registry.model.domain.DomainHistory;
 import google.registry.model.domain.metadata.MetadataExtension;
 import google.registry.model.eppcommon.AuthInfo;
@@ -267,23 +266,6 @@ public class FlowModule {
     return builder;
   }
 
-  /**
-   * Provides a partially filled in {@link ContactHistory.Builder}
-   *
-   * <p>This is not marked with {@link FlowScope} so that each retry gets a fresh one. Otherwise,
-   * the fact that the builder is one-use would cause NPEs.
-   */
-  @Provides
-  static ContactHistory.Builder provideContactHistoryBuilder(
-      Trid trid,
-      @InputXml byte[] inputXmlBytes,
-      @Superuser boolean isSuperuser,
-      @RegistrarId String registrarId,
-      EppInput eppInput) {
-    return makeHistoryEntryBuilder(
-        new ContactHistory.Builder(), trid, inputXmlBytes, isSuperuser, registrarId, eppInput);
-  }
-
   /**
    * Provides a partially filled in {@link HostHistory.Builder}
    *

core/src/main/java/google/registry/flows/FlowReporter.java

@@ -51,7 +51,7 @@ public class FlowReporter {
   @Inject Class<? extends Flow> flowClass;
   @Inject FlowReporter() {}
 
-  /** Records information about the current flow execution in the GAE request logs. */
+  /** Records information about the current flow execution in the request logs. */
   public void recordToLogs() {
     // Explicitly log flow metadata separately from the EPP XML itself so that it stays compact
     // enough to be sure to fit in a single log entry (the XML part in rare cases could be long

core/src/main/java/google/registry/flows/FlowRunner.java

@@ -73,7 +73,7 @@ public class FlowRunner {
         eppRequestSource,
         isDryRun ? "DRY_RUN" : "LIVE",
         isSuperuser ? "SUPERUSER" : "NORMAL");
-    // Record flow info to the GAE request logs for reporting purposes if it's not a dry run.
+    // Record flow info to the request logs for reporting purposes if it's not a dry run.
     if (!isDryRun) {
       flowReporter.recordToLogs();
     }

core/src/main/java/google/registry/flows/ResourceFlowUtils.java

@@ -16,7 +16,6 @@ package google.registry.flows;
 
 import static com.google.common.collect.Sets.intersection;
 import static google.registry.model.EppResourceUtils.isLinked;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 
 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.Sets;
@@ -35,15 +34,14 @@ import google.registry.flows.exceptions.ResourceToDeleteIsReferencedException;
 import google.registry.flows.exceptions.TooManyResourceChecksException;
 import google.registry.model.EppResource;
 import google.registry.model.EppResource.ForeignKeyedEppResource;
-import google.registry.model.EppResource.ResourceWithTransferData;
 import google.registry.model.ForeignKeyUtils;
-import google.registry.model.contact.Contact;
 import google.registry.model.domain.Domain;
 import google.registry.model.domain.DomainBase;
 import google.registry.model.domain.Period;
 import google.registry.model.domain.rgp.GracePeriodStatus;
 import google.registry.model.eppcommon.AuthInfo;
 import google.registry.model.eppcommon.StatusValue;
+import google.registry.model.host.Host;
 import google.registry.model.transfer.TransferStatus;
 import google.registry.persistence.VKey;
 import java.util.List;
@@ -65,30 +63,26 @@ public final class ResourceFlowUtils {
     }
   }
 
-  /**
-   * Check whether if there are domains linked to the resource to be deleted. Throws an exception if
-   * so.
-   */
-  public static <R extends EppResource> void checkLinkedDomains(
-      final String targetId, final DateTime now, final Class<R> resourceClass) throws EppException {
-    VKey<R> key =
-        ForeignKeyUtils.loadKey(resourceClass, targetId, now)
-            .orElseThrow(() -> new ResourceDoesNotExistException(resourceClass, targetId));
+  /** Check if there are domains linked to the host to be deleted. Throws an exception if so. */
+  public static void checkLinkedDomains(final String targetId, final DateTime now)
+      throws EppException {
+    VKey<Host> key =
+        ForeignKeyUtils.loadKey(Host.class, targetId, now)
+            .orElseThrow(() -> new ResourceDoesNotExistException(Host.class, targetId));
     if (isLinked(key, now)) {
       throw new ResourceToDeleteIsReferencedException();
     }
   }
 
-  public static <R extends EppResource & ResourceWithTransferData> void verifyHasPendingTransfer(
-      R resource) throws NotPendingTransferException {
-    if (resource.getTransferData().getTransferStatus() != TransferStatus.PENDING) {
-      throw new NotPendingTransferException(resource.getForeignKey());
+  public static void verifyHasPendingTransfer(Domain domain) throws NotPendingTransferException {
+    if (domain.getTransferData().getTransferStatus() != TransferStatus.PENDING) {
+      throw new NotPendingTransferException(domain.getForeignKey());
     }
   }
 
-  public static <R extends EppResource & ResourceWithTransferData> void verifyTransferInitiator(
-      String registrarId, R resource) throws NotTransferInitiatorException {
-    if (!resource.getTransferData().getGainingRegistrarId().equals(registrarId)) {
+  public static void verifyTransferInitiator(String registrarId, Domain domain)
+      throws NotTransferInitiatorException {
+    if (!domain.getTransferData().getGainingRegistrarId().equals(registrarId)) {
       throw new NotTransferInitiatorException();
     }
   }
@@ -124,14 +118,6 @@ public final class ResourceFlowUtils {
     }
   }
 
-  /** Check that the given AuthInfo is either missing or else is valid for the given resource. */
-  public static void verifyOptionalAuthInfo(Optional<AuthInfo> authInfo, Contact contact)
-      throws EppException {
-    if (authInfo.isPresent()) {
-      verifyAuthInfo(authInfo.get(), contact);
-    }
-  }
-
   /** Check that the given AuthInfo is either missing or else is valid for the given resource. */
   public static void verifyOptionalAuthInfo(Optional<AuthInfo> authInfo, Domain domain)
       throws EppException {
@@ -142,37 +128,14 @@ public final class ResourceFlowUtils {
 
   /** Check that the given {@link AuthInfo} is valid for the given domain. */
   public static void verifyAuthInfo(AuthInfo authInfo, Domain domain) throws EppException {
-    final String authRepoId = authInfo.getPw().getRepoId();
-    String authPassword = authInfo.getPw().getValue();
-    if (authRepoId == null) {
-      // If no roid is specified, check the password against the domain's password.
-      String domainPassword = domain.getAuthInfo().getPw().getValue();
-      if (!domainPassword.equals(authPassword)) {
-        throw new BadAuthInfoForResourceException();
-      }
-      return;
-    }
-    // The roid should match one of the contacts.
-    Optional<VKey<Contact>> foundContact =
-        domain.getReferencedContacts().stream()
-            .filter(key -> key.getKey().equals(authRepoId))
-            .findFirst();
-    if (foundContact.isEmpty()) {
+    String authRepoId = authInfo.getPw().getRepoId();
+    // Previously one could auth against a contact, but we no longer hold any contact info
+    if (authRepoId != null) {
       throw new BadAuthInfoForResourceException();
     }
-    // Check the authInfo against the contact.
-    verifyAuthInfo(authInfo, tm().loadByKey(foundContact.get()));
-  }
-
-  /** Check that the given {@link AuthInfo} is valid for the given contact. */
-  public static void verifyAuthInfo(AuthInfo authInfo, Contact contact) throws EppException {
-    String authRepoId = authInfo.getPw().getRepoId();
     String authPassword = authInfo.getPw().getValue();
-    String contactPassword = contact.getAuthInfo().getPw().getValue();
-    if (!contactPassword.equals(authPassword)
-        // It's unnecessary to specify a repoId on a contact auth info, but if it's there validate
-        // it. The usual case of this is validating a domain's auth using this method.
-        || (authRepoId != null && !authRepoId.equals(contact.getRepoId()))) {
+    String domainPassword = domain.getAuthInfo().getPw().getValue();
+    if (!domainPassword.equals(authPassword)) {
       throw new BadAuthInfoForResourceException();
     }
   }
@@ -194,13 +157,27 @@ public final class ResourceFlowUtils {
     }
   }
 
-  /** Check that the same values aren't being added and removed in an update command. */
-  public static void checkSameValuesNotAddedAndRemoved(
-      ImmutableSet<?> fieldsToAdd, ImmutableSet<?> fieldsToRemove)
-      throws AddRemoveSameValueException {
+  /**
+   * Verifies the adds and removes on a resource.
+   *
+   * <p>This throws an exception in three different situations: if the same value is being both
+   * added and removed, if a value is being added that is already present, or if a value is being
+   * removed that isn't present.
+   */
+  public static <T> void verifyAddsAndRemoves(
+      ImmutableSet<T> existingFields, ImmutableSet<T> fieldsToAdd, ImmutableSet<T> fieldsToRemove)
+      throws AddRemoveSameValueException,
+          AddExistingValueException,
+          RemoveNonexistentValueException {
     if (!intersection(fieldsToAdd, fieldsToRemove).isEmpty()) {
       throw new AddRemoveSameValueException();
     }
+    if (!intersection(fieldsToAdd, existingFields).isEmpty()) {
+      throw new AddExistingValueException();
+    }
+    if (intersection(fieldsToRemove, existingFields).size() != fieldsToRemove.size()) {
+      throw new RemoveNonexistentValueException();
+    }
   }
 
   /** Check that all {@link StatusValue} objects in a set are client-settable. */
@@ -266,6 +243,20 @@ public final class ResourceFlowUtils {
     }
   }
 
+  /** Cannot add a value that is already present. */
+  public static class AddExistingValueException extends ParameterValuePolicyErrorException {
+    public AddExistingValueException() {
+      super("Cannot add a value that is already present");
+    }
+  }
+
+  /** Cannot remove a value that does not exist. */
+  public static class RemoveNonexistentValueException extends ParameterValuePolicyErrorException {
+    public RemoveNonexistentValueException() {
+      super("Cannot remove a value that does not exist");
+    }
+  }
+
   /** The specified status value cannot be set by clients. */
   public static class StatusNotClientSettableException extends ParameterValueRangeErrorException {
     public StatusNotClientSettableException(String statusValue) {

core/src/main/java/google/registry/flows/contact/ContactCheckFlow.java

@@ -14,60 +14,19 @@
 
 package google.registry.flows.contact;
 
-import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
-import static google.registry.flows.ResourceFlowUtils.verifyTargetIdCount;
 
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableSet;
-import google.registry.config.RegistryConfig.Config;
-import google.registry.flows.EppException;
-import google.registry.flows.ExtensionManager;
-import google.registry.flows.FlowModule.RegistrarId;
-import google.registry.flows.TransactionalFlow;
 import google.registry.flows.annotations.ReportingSpec;
-import google.registry.model.ForeignKeyUtils;
-import google.registry.model.contact.Contact;
-import google.registry.model.contact.ContactCommand.Check;
-import google.registry.model.eppinput.ResourceCommand;
-import google.registry.model.eppoutput.CheckData.ContactCheck;
-import google.registry.model.eppoutput.CheckData.ContactCheckData;
-import google.registry.model.eppoutput.EppResponse;
+import google.registry.flows.exceptions.ContactsProhibitedException;
 import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
-import google.registry.util.Clock;
 import jakarta.inject.Inject;
 
 /**
- * An EPP flow that checks whether a contact can be provisioned.
+ * An EPP flow that is meant to check whether a contact can be provisioned.
  *
- * <p>This flows can check the existence of multiple contacts simultaneously.
- *
- * @error {@link google.registry.flows.exceptions.TooManyResourceChecksException}
- * @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
+ * @error {@link ContactsProhibitedException}
  */
+@Deprecated
 @ReportingSpec(ActivityReportField.CONTACT_CHECK)
-public final class ContactCheckFlow implements TransactionalFlow {
-
-  @Inject ResourceCommand resourceCommand;
-  @Inject @RegistrarId String registrarId;
-  @Inject ExtensionManager extensionManager;
-  @Inject Clock clock;
-  @Inject @Config("maxChecks") int maxChecks;
-  @Inject EppResponse.Builder responseBuilder;
+public final class ContactCheckFlow extends ContactsProhibitedFlow {
   @Inject ContactCheckFlow() {}
-
-  @Override
-  public EppResponse run() throws EppException {
-    validateRegistrarIsLoggedIn(registrarId);
-    extensionManager.validate(); // There are no legal extensions for this flow.
-    ImmutableList<String> targetIds = ((Check) resourceCommand).getTargetIds();
-    verifyTargetIdCount(targetIds, maxChecks);
-    ImmutableSet<String> existingIds =
-        ForeignKeyUtils.loadKeys(Contact.class, targetIds, clock.nowUtc()).keySet();
-    ImmutableList.Builder<ContactCheck> checks = new ImmutableList.Builder<>();
-    for (String id : targetIds) {
-      boolean unused = !existingIds.contains(id);
-      checks.add(ContactCheck.create(unused, id, unused ? null : "In use"));
-    }
-    return responseBuilder.setResData(ContactCheckData.create(checks.build())).build();
-  }
 }

core/src/main/java/google/registry/flows/contact/ContactCreateFlow.java

@@ -14,94 +14,19 @@
 
 package google.registry.flows.contact;
 
-import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
-import static google.registry.flows.ResourceFlowUtils.verifyResourceDoesNotExist;
-import static google.registry.flows.contact.ContactFlowUtils.validateAsciiPostalInfo;
-import static google.registry.flows.contact.ContactFlowUtils.validateContactAgainstPolicy;
-import static google.registry.model.EppResourceUtils.createRepoId;
-import static google.registry.model.common.FeatureFlag.FeatureName.MINIMUM_DATASET_CONTACTS_PROHIBITED;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 
-import com.google.common.collect.ImmutableSet;
-import google.registry.config.RegistryConfig.Config;
-import google.registry.flows.EppException;
-import google.registry.flows.ExtensionManager;
-import google.registry.flows.FlowModule.RegistrarId;
-import google.registry.flows.FlowModule.TargetId;
-import google.registry.flows.MutatingFlow;
 import google.registry.flows.annotations.ReportingSpec;
 import google.registry.flows.exceptions.ContactsProhibitedException;
-import google.registry.flows.exceptions.ResourceAlreadyExistsForThisClientException;
-import google.registry.flows.exceptions.ResourceCreateContentionException;
-import google.registry.model.common.FeatureFlag;
-import google.registry.model.contact.Contact;
-import google.registry.model.contact.ContactCommand.Create;
-import google.registry.model.contact.ContactHistory;
-import google.registry.model.domain.metadata.MetadataExtension;
-import google.registry.model.eppinput.ResourceCommand;
-import google.registry.model.eppoutput.CreateData.ContactCreateData;
-import google.registry.model.eppoutput.EppResponse;
-import google.registry.model.reporting.HistoryEntry;
 import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
 import jakarta.inject.Inject;
-import org.joda.time.DateTime;
 
 /**
- * An EPP flow that creates a new contact.
+ * An EPP flow meant to create a new contact.
  *
- * @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
  * @error {@link ContactsProhibitedException}
- * @error {@link ResourceAlreadyExistsForThisClientException}
- * @error {@link ResourceCreateContentionException}
- * @error {@link ContactFlowUtils.BadInternationalizedPostalInfoException}
- * @error {@link ContactFlowUtils.DeclineContactDisclosureFieldDisallowedPolicyException}
  */
+@Deprecated
 @ReportingSpec(ActivityReportField.CONTACT_CREATE)
-public final class ContactCreateFlow implements MutatingFlow {
-
-  @Inject ResourceCommand resourceCommand;
-  @Inject ExtensionManager extensionManager;
-  @Inject @RegistrarId String registrarId;
-  @Inject @TargetId String targetId;
-  @Inject ContactHistory.Builder historyBuilder;
-  @Inject EppResponse.Builder responseBuilder;
-  @Inject @Config("contactAndHostRoidSuffix") String roidSuffix;
+public final class ContactCreateFlow extends ContactsProhibitedFlow {
   @Inject ContactCreateFlow() {}
-
-  @Override
-  public EppResponse run() throws EppException {
-    extensionManager.register(MetadataExtension.class);
-    validateRegistrarIsLoggedIn(registrarId);
-    extensionManager.validate();
-    if (FeatureFlag.isActiveNow(MINIMUM_DATASET_CONTACTS_PROHIBITED)) {
-      throw new ContactsProhibitedException();
-    }
-    Create command = (Create) resourceCommand;
-    DateTime now = tm().getTransactionTime();
-    verifyResourceDoesNotExist(Contact.class, targetId, now, registrarId);
-    Contact newContact =
-        new Contact.Builder()
-            .setContactId(targetId)
-            .setAuthInfo(command.getAuthInfo())
-            .setCreationRegistrarId(registrarId)
-            .setPersistedCurrentSponsorRegistrarId(registrarId)
-            .setRepoId(createRepoId(tm().allocateId(), roidSuffix))
-            .setFaxNumber(command.getFax())
-            .setVoiceNumber(command.getVoice())
-            .setDisclose(command.getDisclose())
-            .setEmailAddress(command.getEmail())
-            .setInternationalizedPostalInfo(command.getInternationalizedPostalInfo())
-            .setLocalizedPostalInfo(command.getLocalizedPostalInfo())
-            .build();
-    validateAsciiPostalInfo(newContact.getInternationalizedPostalInfo());
-    validateContactAgainstPolicy(newContact);
-    historyBuilder
-        .setType(HistoryEntry.Type.CONTACT_CREATE)
-        .setXmlBytes(null) // We don't want to store contact details in the history entry.
-        .setContact(newContact);
-    tm().insertAll(ImmutableSet.of(newContact, historyBuilder.build()));
-    return responseBuilder
-        .setResData(ContactCreateData.create(newContact.getContactId(), now))
-        .build();
-  }
 }

core/src/main/java/google/registry/flows/contact/ContactDeleteFlow.java

@@ -14,97 +14,20 @@
 
 package google.registry.flows.contact;
 
-import static google.registry.flows.FlowUtils.DELETE_PROHIBITED_STATUSES;
-import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
-import static google.registry.flows.ResourceFlowUtils.checkLinkedDomains;
-import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
-import static google.registry.flows.ResourceFlowUtils.verifyNoDisallowedStatuses;
-import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
-import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
-import static google.registry.model.ResourceTransferUtils.denyPendingTransfer;
-import static google.registry.model.ResourceTransferUtils.handlePendingTransferOnDelete;
-import static google.registry.model.eppoutput.Result.Code.SUCCESS;
-import static google.registry.model.transfer.TransferStatus.SERVER_CANCELLED;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 
-import com.google.common.collect.ImmutableSet;
-import google.registry.flows.EppException;
-import google.registry.flows.ExtensionManager;
-import google.registry.flows.FlowModule.RegistrarId;
-import google.registry.flows.FlowModule.Superuser;
-import google.registry.flows.FlowModule.TargetId;
-import google.registry.flows.MutatingFlow;
 import google.registry.flows.annotations.ReportingSpec;
-import google.registry.model.contact.Contact;
-import google.registry.model.contact.ContactHistory;
-import google.registry.model.domain.metadata.MetadataExtension;
-import google.registry.model.eppcommon.AuthInfo;
-import google.registry.model.eppcommon.StatusValue;
-import google.registry.model.eppcommon.Trid;
-import google.registry.model.eppoutput.EppResponse;
-import google.registry.model.reporting.HistoryEntry.Type;
+import google.registry.flows.exceptions.ContactsProhibitedException;
 import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
 import jakarta.inject.Inject;
-import java.util.Optional;
-import org.joda.time.DateTime;
 
 /**
- * An EPP flow that deletes a contact.
+ * An EPP flow that is meant to delete a contact.
  *
- * <p>Contacts that are in use by any domain cannot be deleted. The flow may return immediately if a
- * quick smoke check determines that deletion is impossible due to an existing reference. However, a
- * successful delete will always be asynchronous, as all existing domains must be checked for
- * references to the host before the deletion is allowed to proceed. A poll message will be written
- * with the success or failure message when the process is complete.
- *
- * @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
- * @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
- * @error {@link google.registry.flows.ResourceFlowUtils.ResourceNotOwnedException}
- * @error {@link google.registry.flows.exceptions.ResourceStatusProhibitsOperationException}
- * @error {@link google.registry.flows.exceptions.ResourceToDeleteIsReferencedException}
+ * @error {@link ContactsProhibitedException}
  */
+@Deprecated
 @ReportingSpec(ActivityReportField.CONTACT_DELETE)
-public final class ContactDeleteFlow implements MutatingFlow {
-
-  @Inject ExtensionManager extensionManager;
-  @Inject @RegistrarId String registrarId;
-  @Inject @TargetId String targetId;
-  @Inject Trid trid;
-  @Inject @Superuser boolean isSuperuser;
-  @Inject Optional<AuthInfo> authInfo;
-  @Inject ContactHistory.Builder historyBuilder;
-  @Inject EppResponse.Builder responseBuilder;
-
+public final class ContactDeleteFlow extends ContactsProhibitedFlow {
   @Inject
   ContactDeleteFlow() {}
-
-  @Override
-  public EppResponse run() throws EppException {
-    extensionManager.register(MetadataExtension.class);
-    validateRegistrarIsLoggedIn(registrarId);
-    extensionManager.validate();
-    DateTime now = tm().getTransactionTime();
-    checkLinkedDomains(targetId, now, Contact.class);
-    Contact existingContact = loadAndVerifyExistence(Contact.class, targetId, now);
-    verifyOptionalAuthInfo(authInfo, existingContact);
-    verifyNoDisallowedStatuses(existingContact, ImmutableSet.of(StatusValue.PENDING_DELETE));
-    if (!isSuperuser) {
-      verifyNoDisallowedStatuses(existingContact, DELETE_PROHIBITED_STATUSES);
-      verifyResourceOwnership(registrarId, existingContact);
-    }
-    // Handle pending transfers on contact deletion.
-    Contact newContact =
-        existingContact.getStatusValues().contains(StatusValue.PENDING_TRANSFER)
-            ? denyPendingTransfer(existingContact, SERVER_CANCELLED, now, registrarId)
-            : existingContact;
-    // Wipe out PII on contact deletion.
-    newContact =
-        newContact.asBuilder().wipeOut().setStatusValues(null).setDeletionTime(now).build();
-    ContactHistory contactHistory =
-        historyBuilder.setType(Type.CONTACT_DELETE).setContact(newContact).build();
-    handlePendingTransferOnDelete(existingContact, newContact, now, contactHistory);
-    tm().insert(contactHistory);
-    tm().update(newContact);
-    return responseBuilder.setResultFromCode(SUCCESS).build();
-  }
 }

core/src/main/java/google/registry/flows/contact/ContactFlowUtils.java

@@ -1,126 +0,0 @@
-// Copyright 2017 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.flows.contact;
-
-import static google.registry.model.contact.PostalInfo.Type.INTERNATIONALIZED;
-
-import com.google.common.base.CharMatcher;
-import com.google.common.base.Preconditions;
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.Sets;
-import google.registry.flows.EppException;
-import google.registry.flows.EppException.ParameterValuePolicyErrorException;
-import google.registry.flows.EppException.ParameterValueSyntaxErrorException;
-import google.registry.model.contact.Contact;
-import google.registry.model.contact.ContactAddress;
-import google.registry.model.contact.PostalInfo;
-import google.registry.model.poll.PendingActionNotificationResponse.ContactPendingActionNotificationResponse;
-import google.registry.model.poll.PollMessage;
-import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
-import google.registry.model.transfer.TransferData;
-import google.registry.model.transfer.TransferResponse.ContactTransferResponse;
-import java.util.Set;
-import javax.annotation.Nullable;
-import org.joda.time.DateTime;
-
-/** Static utility functions for contact flows. */
-public class ContactFlowUtils {
-  /** Check that an internationalized postal info has only ascii characters. */
-  static void validateAsciiPostalInfo(@Nullable PostalInfo internationalized) throws EppException {
-    if (internationalized != null) {
-      Preconditions.checkState(INTERNATIONALIZED.equals(internationalized.getType()));
-      ContactAddress address = internationalized.getAddress();
-      Set<String> fields = Sets.newHashSet(
-          internationalized.getName(),
-          internationalized.getOrg(),
-          address.getCity(),
-          address.getCountryCode(),
-          address.getState(),
-          address.getZip());
-      fields.addAll(address.getStreet());
-      for (String field : fields) {
-        if (field != null && !CharMatcher.ascii().matchesAllOf(field)) {
-          throw new BadInternationalizedPostalInfoException();
-        }
-      }
-    }
-  }
-
-  /** Check contact's state against server policy. */
-  static void validateContactAgainstPolicy(Contact contact) throws EppException {
-    if (contact.getDisclose() != null && !contact.getDisclose().getFlag()) {
-      throw new DeclineContactDisclosureFieldDisallowedPolicyException();
-    }
-  }
-
-  /** Create a poll message for the gaining client in a transfer. */
-  static PollMessage createGainingTransferPollMessage(
-      String targetId, TransferData transferData, DateTime now, HistoryEntryId contactHistoryId) {
-    return new PollMessage.OneTime.Builder()
-        .setRegistrarId(transferData.getGainingRegistrarId())
-        .setEventTime(transferData.getPendingTransferExpirationTime())
-        .setMsg(transferData.getTransferStatus().getMessage())
-        .setResponseData(
-            ImmutableList.of(
-                createTransferResponse(targetId, transferData),
-                ContactPendingActionNotificationResponse.create(
-                    targetId,
-                    transferData.getTransferStatus().isApproved(),
-                    transferData.getTransferRequestTrid(),
-                    now)))
-        .setContactHistoryId(contactHistoryId)
-        .build();
-  }
-
-  /** Create a poll message for the losing client in a transfer. */
-  static PollMessage createLosingTransferPollMessage(
-      String targetId, TransferData transferData, HistoryEntryId contactHistoryId) {
-    return new PollMessage.OneTime.Builder()
-        .setRegistrarId(transferData.getLosingRegistrarId())
-        .setEventTime(transferData.getPendingTransferExpirationTime())
-        .setMsg(transferData.getTransferStatus().getMessage())
-        .setResponseData(ImmutableList.of(createTransferResponse(targetId, transferData)))
-        .setContactHistoryId(contactHistoryId)
-        .build();
-  }
-
-  /** Create a {@link ContactTransferResponse} off of the info in a {@link TransferData}. */
-  static ContactTransferResponse createTransferResponse(
-      String targetId, TransferData transferData) {
-    return new ContactTransferResponse.Builder()
-        .setContactId(targetId)
-        .setGainingRegistrarId(transferData.getGainingRegistrarId())
-        .setLosingRegistrarId(transferData.getLosingRegistrarId())
-        .setPendingTransferExpirationTime(transferData.getPendingTransferExpirationTime())
-        .setTransferRequestTime(transferData.getTransferRequestTime())
-        .setTransferStatus(transferData.getTransferStatus())
-        .build();
-  }
-
-  /** Declining contact disclosure is disallowed by server policy. */
-  static class DeclineContactDisclosureFieldDisallowedPolicyException
-      extends ParameterValuePolicyErrorException {
-    public DeclineContactDisclosureFieldDisallowedPolicyException() {
-      super("Declining contact disclosure is disallowed by server policy.");
-    }
-  }
-
-  /** Internationalized postal infos can only contain ASCII characters. */
-  static class BadInternationalizedPostalInfoException extends ParameterValueSyntaxErrorException {
-    public BadInternationalizedPostalInfoException() {
-      super("Internationalized postal infos can only contain ASCII characters");
-    }
-  }
-}

core/src/main/java/google/registry/flows/contact/ContactInfoFlow.java

@@ -14,91 +14,20 @@
 
 package google.registry.flows.contact;
 
-import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
-import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
-import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
-import static google.registry.model.EppResourceUtils.isLinked;
 
-import com.google.common.collect.ImmutableSet;
-import google.registry.flows.EppException;
-import google.registry.flows.ExtensionManager;
-import google.registry.flows.FlowModule.RegistrarId;
-import google.registry.flows.FlowModule.Superuser;
-import google.registry.flows.FlowModule.TargetId;
-import google.registry.flows.TransactionalFlow;
 import google.registry.flows.annotations.ReportingSpec;
-import google.registry.model.contact.Contact;
-import google.registry.model.contact.ContactInfoData;
-import google.registry.model.eppcommon.AuthInfo;
-import google.registry.model.eppcommon.StatusValue;
-import google.registry.model.eppoutput.EppResponse;
+import google.registry.flows.exceptions.ContactsProhibitedException;
 import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
-import google.registry.util.Clock;
 import jakarta.inject.Inject;
-import java.util.Optional;
-import org.joda.time.DateTime;
 
 /**
- * An EPP flow that returns information about a contact.
+ * An EPP flow that is meant to return information about a contact.
  *
- * <p>The response includes the contact's postal info, phone numbers, emails, the authInfo which can
- * be used to request a transfer and the details of the contact's most recent transfer if it has
- * ever been transferred. Any registrar can see any contact's information, but the authInfo is only
- * visible to the registrar that owns the contact or to a registrar that already supplied it.
- *
- * @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
- * @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
- * @error {@link google.registry.flows.ResourceFlowUtils.ResourceNotOwnedException}
+ * @error {@link ContactsProhibitedException}
  */
+@Deprecated
 @ReportingSpec(ActivityReportField.CONTACT_INFO)
-public final class ContactInfoFlow implements TransactionalFlow {
-
-  @Inject ExtensionManager extensionManager;
-  @Inject Clock clock;
-  @Inject @RegistrarId String registrarId;
-  @Inject @TargetId String targetId;
-  @Inject Optional<AuthInfo> authInfo;
-  @Inject @Superuser boolean isSuperuser;
-  @Inject EppResponse.Builder responseBuilder;
-
+public final class ContactInfoFlow extends ContactsProhibitedFlow {
   @Inject
   ContactInfoFlow() {}
-
-  @Override
-  public EppResponse run() throws EppException {
-    DateTime now = clock.nowUtc();
-    validateRegistrarIsLoggedIn(registrarId);
-    extensionManager.validate(); // There are no legal extensions for this flow.
-    Contact contact = loadAndVerifyExistence(Contact.class, targetId, now);
-    if (!isSuperuser) {
-      verifyResourceOwnership(registrarId, contact);
-    }
-    boolean includeAuthInfo =
-        registrarId.equals(contact.getCurrentSponsorRegistrarId()) || authInfo.isPresent();
-    ImmutableSet.Builder<StatusValue> statusValues = new ImmutableSet.Builder<>();
-    statusValues.addAll(contact.getStatusValues());
-    if (isLinked(contact.createVKey(), now)) {
-      statusValues.add(StatusValue.LINKED);
-    }
-    return responseBuilder
-        .setResData(
-            ContactInfoData.newBuilder()
-                .setContactId(contact.getContactId())
-                .setRepoId(contact.getRepoId())
-                .setStatusValues(statusValues.build())
-                .setPostalInfos(contact.getPostalInfosAsList())
-                .setVoiceNumber(contact.getVoiceNumber())
-                .setFaxNumber(contact.getFaxNumber())
-                .setEmailAddress(contact.getEmailAddress())
-                .setCurrentSponsorRegistrarId(contact.getCurrentSponsorRegistrarId())
-                .setCreationRegistrarId(contact.getCreationRegistrarId())
-                .setCreationTime(contact.getCreationTime())
-                .setLastEppUpdateRegistrarId(contact.getLastEppUpdateRegistrarId())
-                .setLastEppUpdateTime(contact.getLastEppUpdateTime())
-                .setLastTransferTime(contact.getLastTransferTime())
-                .setAuthInfo(includeAuthInfo ? contact.getAuthInfo() : null)
-                .setDisclose(contact.getDisclose())
-                .build())
-        .build();
-  }
 }

core/src/main/java/google/registry/flows/contact/ContactTransferApproveFlow.java

@@ -14,92 +14,19 @@
 
 package google.registry.flows.contact;
 
-import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
-import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
-import static google.registry.flows.ResourceFlowUtils.verifyHasPendingTransfer;
-import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
-import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
-import static google.registry.flows.contact.ContactFlowUtils.createGainingTransferPollMessage;
-import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
-import static google.registry.model.ResourceTransferUtils.approvePendingTransfer;
-import static google.registry.model.reporting.HistoryEntry.Type.CONTACT_TRANSFER_APPROVE;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 
-import com.google.common.collect.ImmutableSet;
-import google.registry.flows.EppException;
-import google.registry.flows.ExtensionManager;
-import google.registry.flows.FlowModule.RegistrarId;
-import google.registry.flows.FlowModule.TargetId;
-import google.registry.flows.MutatingFlow;
 import google.registry.flows.annotations.ReportingSpec;
-import google.registry.model.contact.Contact;
-import google.registry.model.contact.ContactHistory;
-import google.registry.model.domain.metadata.MetadataExtension;
-import google.registry.model.eppcommon.AuthInfo;
-import google.registry.model.eppinput.ResourceCommand;
-import google.registry.model.eppoutput.EppResponse;
-import google.registry.model.poll.PollMessage;
+import google.registry.flows.exceptions.ContactsProhibitedException;
 import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
-import google.registry.model.transfer.TransferStatus;
 import jakarta.inject.Inject;
-import java.util.Optional;
-import org.joda.time.DateTime;
 
 /**
- * An EPP flow that approves a pending transfer on a contact.
+ * An EPP flow that is meant to approve a pending transfer on a contact.
  *
- * <p>The "gaining" registrar requests a transfer from the "losing" (aka current) registrar. The
- * losing registrar has a "transfer" time period to respond (by default five days) after which the
- * transfer is automatically approved. Within that window, this flow allows the losing client to
- * explicitly approve the transfer request, which then becomes effective immediately.
- *
- * @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
- * @error {@link google.registry.flows.ResourceFlowUtils.BadAuthInfoForResourceException}
- * @error {@link google.registry.flows.ResourceFlowUtils.ResourceNotOwnedException}
- * @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
- * @error {@link google.registry.flows.exceptions.NotPendingTransferException}
+ * @error {@link ContactsProhibitedException}
  */
+@Deprecated
 @ReportingSpec(ActivityReportField.CONTACT_TRANSFER_APPROVE)
-public final class ContactTransferApproveFlow implements MutatingFlow {
-
-  @Inject ResourceCommand resourceCommand;
-  @Inject ExtensionManager extensionManager;
-  @Inject @RegistrarId String registrarId;
-  @Inject @TargetId String targetId;
-  @Inject Optional<AuthInfo> authInfo;
-  @Inject ContactHistory.Builder historyBuilder;
-  @Inject EppResponse.Builder responseBuilder;
+public final class ContactTransferApproveFlow extends ContactsProhibitedFlow {
   @Inject ContactTransferApproveFlow() {}
-
-  /**
-   * The logic in this flow, which handles client approvals, very closely parallels the logic in
-   * {@link Contact#cloneProjectedAtTime} which handles implicit server approvals.
-   */
-  @Override
-  public EppResponse run() throws EppException {
-    extensionManager.register(MetadataExtension.class);
-    validateRegistrarIsLoggedIn(registrarId);
-    extensionManager.validate();
-    DateTime now = tm().getTransactionTime();
-    Contact existingContact = loadAndVerifyExistence(Contact.class, targetId, now);
-    verifyOptionalAuthInfo(authInfo, existingContact);
-    verifyHasPendingTransfer(existingContact);
-    verifyResourceOwnership(registrarId, existingContact);
-    Contact newContact =
-        approvePendingTransfer(existingContact, TransferStatus.CLIENT_APPROVED, now);
-    ContactHistory contactHistory =
-        historyBuilder.setType(CONTACT_TRANSFER_APPROVE).setContact(newContact).build();
-    // Create a poll message for the gaining client.
-    PollMessage gainingPollMessage =
-        createGainingTransferPollMessage(
-            targetId, newContact.getTransferData(), now, contactHistory.getHistoryEntryId());
-    tm().insertAll(ImmutableSet.of(contactHistory, gainingPollMessage));
-    tm().update(newContact);
-    // Delete the billing event and poll messages that were written in case the transfer would have
-    // been implicitly server approved.
-    tm().delete(existingContact.getTransferData().getServerApproveEntities());
-    return responseBuilder
-        .setResData(createTransferResponse(targetId, newContact.getTransferData()))
-        .build();
-  }
 }

core/src/main/java/google/registry/flows/contact/ContactTransferCancelFlow.java

@@ -14,88 +14,19 @@
 
 package google.registry.flows.contact;
 
-import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
-import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
-import static google.registry.flows.ResourceFlowUtils.verifyHasPendingTransfer;
-import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
-import static google.registry.flows.ResourceFlowUtils.verifyTransferInitiator;
-import static google.registry.flows.contact.ContactFlowUtils.createLosingTransferPollMessage;
-import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
-import static google.registry.model.ResourceTransferUtils.denyPendingTransfer;
-import static google.registry.model.reporting.HistoryEntry.Type.CONTACT_TRANSFER_CANCEL;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 
-import com.google.common.collect.ImmutableSet;
-import google.registry.flows.EppException;
-import google.registry.flows.ExtensionManager;
-import google.registry.flows.FlowModule.RegistrarId;
-import google.registry.flows.FlowModule.TargetId;
-import google.registry.flows.MutatingFlow;
 import google.registry.flows.annotations.ReportingSpec;
-import google.registry.model.contact.Contact;
-import google.registry.model.contact.ContactHistory;
-import google.registry.model.domain.metadata.MetadataExtension;
-import google.registry.model.eppcommon.AuthInfo;
-import google.registry.model.eppinput.ResourceCommand;
-import google.registry.model.eppoutput.EppResponse;
-import google.registry.model.poll.PollMessage;
+import google.registry.flows.exceptions.ContactsProhibitedException;
 import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
-import google.registry.model.transfer.TransferStatus;
 import jakarta.inject.Inject;
-import java.util.Optional;
-import org.joda.time.DateTime;
 
 /**
- * An EPP flow that cancels a pending transfer on a contact.
+ * An EPP flow that is meant to cancel a pending transfer on a contact.
  *
- * <p>The "gaining" registrar requests a transfer from the "losing" (aka current) registrar. The
- * losing registrar has a "transfer" time period to respond (by default five days) after which the
- * transfer is automatically approved. Within that window, this flow allows the gaining client to
- * withdraw the transfer request.
- *
- * @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
- * @error {@link google.registry.flows.ResourceFlowUtils.BadAuthInfoForResourceException}
- * @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
- * @error {@link google.registry.flows.exceptions.NotPendingTransferException}
- * @error {@link google.registry.flows.exceptions.NotTransferInitiatorException}
+ * @error {@link ContactsProhibitedException}
  */
+@Deprecated
 @ReportingSpec(ActivityReportField.CONTACT_TRANSFER_CANCEL)
-public final class ContactTransferCancelFlow implements MutatingFlow {
-
-  @Inject ResourceCommand resourceCommand;
-  @Inject ExtensionManager extensionManager;
-  @Inject Optional<AuthInfo> authInfo;
-  @Inject @RegistrarId String registrarId;
-  @Inject @TargetId String targetId;
-  @Inject ContactHistory.Builder historyBuilder;
-  @Inject EppResponse.Builder responseBuilder;
+public final class ContactTransferCancelFlow extends ContactsProhibitedFlow {
   @Inject ContactTransferCancelFlow() {}
-
-  @Override
-  public EppResponse run() throws EppException {
-    extensionManager.register(MetadataExtension.class);
-    validateRegistrarIsLoggedIn(registrarId);
-    extensionManager.validate();
-    DateTime now = tm().getTransactionTime();
-    Contact existingContact = loadAndVerifyExistence(Contact.class, targetId, now);
-    verifyOptionalAuthInfo(authInfo, existingContact);
-    verifyHasPendingTransfer(existingContact);
-    verifyTransferInitiator(registrarId, existingContact);
-    Contact newContact =
-        denyPendingTransfer(existingContact, TransferStatus.CLIENT_CANCELLED, now, registrarId);
-    ContactHistory contactHistory =
-        historyBuilder.setType(CONTACT_TRANSFER_CANCEL).setContact(newContact).build();
-    // Create a poll message for the losing client.
-    PollMessage losingPollMessage =
-        createLosingTransferPollMessage(
-            targetId, newContact.getTransferData(), contactHistory.getHistoryEntryId());
-    tm().insertAll(ImmutableSet.of(contactHistory, losingPollMessage));
-    tm().update(newContact);
-    // Delete the billing event and poll messages that were written in case the transfer would have
-    // been implicitly server approved.
-    tm().delete(existingContact.getTransferData().getServerApproveEntities());
-    return responseBuilder
-        .setResData(createTransferResponse(targetId, newContact.getTransferData()))
-        .build();
-  }
 }

core/src/main/java/google/registry/flows/contact/ContactTransferQueryFlow.java

@@ -14,74 +14,19 @@
 
 package google.registry.flows.contact;
 
-import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
-import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
-import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
-import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
 
-import google.registry.flows.EppException;
-import google.registry.flows.ExtensionManager;
-import google.registry.flows.FlowModule.RegistrarId;
-import google.registry.flows.FlowModule.TargetId;
-import google.registry.flows.TransactionalFlow;
 import google.registry.flows.annotations.ReportingSpec;
-import google.registry.flows.exceptions.NoTransferHistoryToQueryException;
-import google.registry.flows.exceptions.NotAuthorizedToViewTransferException;
-import google.registry.model.contact.Contact;
-import google.registry.model.eppcommon.AuthInfo;
-import google.registry.model.eppoutput.EppResponse;
+import google.registry.flows.exceptions.ContactsProhibitedException;
 import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
-import google.registry.util.Clock;
 import jakarta.inject.Inject;
-import java.util.Optional;
 
 /**
- * An EPP flow that queries a pending transfer on a contact.
+ * An EPP flow that is meant to query a pending transfer on a contact.
  *
- * <p>The "gaining" registrar requests a transfer from the "losing" (aka current) registrar. The
- * losing registrar has a "transfer" time period to respond (by default five days) after which the
- * transfer is automatically approved. This flow can be used by the gaining or losing registrars (or
- * anyone with the correct authId) to see the status of a transfer, which may still be pending or
- * may have been approved, rejected, cancelled or implicitly approved by virtue of the transfer
- * period expiring.
- *
- * @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
- * @error {@link google.registry.flows.ResourceFlowUtils.BadAuthInfoForResourceException}
- * @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
- * @error {@link google.registry.flows.exceptions.NoTransferHistoryToQueryException}
- * @error {@link google.registry.flows.exceptions.NotAuthorizedToViewTransferException}
+ * @error {@link ContactsProhibitedException}
  */
+@Deprecated
 @ReportingSpec(ActivityReportField.CONTACT_TRANSFER_QUERY)
-public final class ContactTransferQueryFlow implements TransactionalFlow {
-
-  @Inject ExtensionManager extensionManager;
-  @Inject Optional<AuthInfo> authInfo;
-  @Inject @RegistrarId String registrarId;
-  @Inject @TargetId String targetId;
-  @Inject Clock clock;
-  @Inject EppResponse.Builder responseBuilder;
+public final class ContactTransferQueryFlow extends ContactsProhibitedFlow {
   @Inject ContactTransferQueryFlow() {}
-
-  @Override
-  public EppResponse run() throws EppException {
-    validateRegistrarIsLoggedIn(registrarId);
-    extensionManager.validate(); // There are no legal extensions for this flow.
-    Contact contact = loadAndVerifyExistence(Contact.class, targetId, clock.nowUtc());
-    verifyOptionalAuthInfo(authInfo, contact);
-    // Most of the fields on the transfer response are required, so there's no way to return valid
-    // XML if the object has never been transferred (and hence the fields aren't populated).
-    if (contact.getTransferData().getTransferStatus() == null) {
-      throw new NoTransferHistoryToQueryException();
-    }
-    // Note that the authorization info on the command (if present) has already been verified. If
-    // it's present, then the other checks are unnecessary.
-    if (authInfo.isEmpty()
-        && !registrarId.equals(contact.getTransferData().getGainingRegistrarId())
-        && !registrarId.equals(contact.getTransferData().getLosingRegistrarId())) {
-      throw new NotAuthorizedToViewTransferException();
-    }
-    return responseBuilder
-        .setResData(createTransferResponse(targetId, contact.getTransferData()))
-        .build();
-  }
 }

core/src/main/java/google/registry/flows/contact/ContactTransferRejectFlow.java

@@ -14,85 +14,19 @@
 
 package google.registry.flows.contact;
 
-import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
-import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
-import static google.registry.flows.ResourceFlowUtils.verifyHasPendingTransfer;
-import static google.registry.flows.ResourceFlowUtils.verifyOptionalAuthInfo;
-import static google.registry.flows.ResourceFlowUtils.verifyResourceOwnership;
-import static google.registry.flows.contact.ContactFlowUtils.createGainingTransferPollMessage;
-import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
-import static google.registry.model.ResourceTransferUtils.denyPendingTransfer;
-import static google.registry.model.reporting.HistoryEntry.Type.CONTACT_TRANSFER_REJECT;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 
-import com.google.common.collect.ImmutableSet;
-import google.registry.flows.EppException;
-import google.registry.flows.ExtensionManager;
-import google.registry.flows.FlowModule.RegistrarId;
-import google.registry.flows.FlowModule.TargetId;
-import google.registry.flows.MutatingFlow;
 import google.registry.flows.annotations.ReportingSpec;
-import google.registry.model.contact.Contact;
-import google.registry.model.contact.ContactHistory;
-import google.registry.model.domain.metadata.MetadataExtension;
-import google.registry.model.eppcommon.AuthInfo;
-import google.registry.model.eppoutput.EppResponse;
-import google.registry.model.poll.PollMessage;
+import google.registry.flows.exceptions.ContactsProhibitedException;
 import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
-import google.registry.model.transfer.TransferStatus;
 import jakarta.inject.Inject;
-import java.util.Optional;
-import org.joda.time.DateTime;
 
 /**
- * An EPP flow that rejects a pending transfer on a contact.
+ * An EPP flow that is meant to reject a pending transfer on a contact.
  *
- * <p>The "gaining" registrar requests a transfer from the "losing" (aka current) registrar. The
- * losing registrar has a "transfer" time period to respond (by default five days) after which the
- * transfer is automatically approved. Within that window, this flow allows the losing client to
- * reject the transfer request.
- *
- * @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
- * @error {@link google.registry.flows.ResourceFlowUtils.BadAuthInfoForResourceException}
- * @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
- * @error {@link google.registry.flows.ResourceFlowUtils.ResourceNotOwnedException}
- * @error {@link google.registry.flows.exceptions.NotPendingTransferException}
+ * @error {@link ContactsProhibitedException}
  */
+@Deprecated
 @ReportingSpec(ActivityReportField.CONTACT_TRANSFER_REJECT)
-public final class ContactTransferRejectFlow implements MutatingFlow {
-
-  @Inject ExtensionManager extensionManager;
-  @Inject Optional<AuthInfo> authInfo;
-  @Inject @RegistrarId String registrarId;
-  @Inject @TargetId String targetId;
-  @Inject ContactHistory.Builder historyBuilder;
-  @Inject EppResponse.Builder responseBuilder;
+public final class ContactTransferRejectFlow extends ContactsProhibitedFlow {
   @Inject ContactTransferRejectFlow() {}
-
-  @Override
-  public EppResponse run() throws EppException {
-    extensionManager.register(MetadataExtension.class);
-    validateRegistrarIsLoggedIn(registrarId);
-    extensionManager.validate();
-    DateTime now = tm().getTransactionTime();
-    Contact existingContact = loadAndVerifyExistence(Contact.class, targetId, now);
-    verifyOptionalAuthInfo(authInfo, existingContact);
-    verifyHasPendingTransfer(existingContact);
-    verifyResourceOwnership(registrarId, existingContact);
-    Contact newContact =
-        denyPendingTransfer(existingContact, TransferStatus.CLIENT_REJECTED, now, registrarId);
-    ContactHistory contactHistory =
-        historyBuilder.setType(CONTACT_TRANSFER_REJECT).setContact(newContact).build();
-    PollMessage gainingPollMessage =
-        createGainingTransferPollMessage(
-            targetId, newContact.getTransferData(), now, contactHistory.getHistoryEntryId());
-    tm().insertAll(ImmutableSet.of(contactHistory, gainingPollMessage));
-    tm().update(newContact);
-    // Delete the billing event and poll messages that were written in case the transfer would have
-    // been implicitly server approved.
-    tm().delete(existingContact.getTransferData().getServerApproveEntities());
-    return responseBuilder
-        .setResData(createTransferResponse(targetId, newContact.getTransferData()))
-        .build();
-  }
 }

core/src/main/java/google/registry/flows/contact/ContactTransferRequestFlow.java

@@ -14,162 +14,20 @@
 
 package google.registry.flows.contact;
 
-import static google.registry.flows.FlowUtils.createHistoryEntryId;
-import static google.registry.flows.FlowUtils.validateRegistrarIsLoggedIn;
-import static google.registry.flows.ResourceFlowUtils.loadAndVerifyExistence;
-import static google.registry.flows.ResourceFlowUtils.verifyAuthInfo;
-import static google.registry.flows.ResourceFlowUtils.verifyAuthInfoPresentForResourceTransfer;
-import static google.registry.flows.ResourceFlowUtils.verifyNoDisallowedStatuses;
-import static google.registry.flows.contact.ContactFlowUtils.createGainingTransferPollMessage;
-import static google.registry.flows.contact.ContactFlowUtils.createLosingTransferPollMessage;
-import static google.registry.flows.contact.ContactFlowUtils.createTransferResponse;
-import static google.registry.model.eppoutput.Result.Code.SUCCESS_WITH_ACTION_PENDING;
-import static google.registry.model.reporting.HistoryEntry.Type.CONTACT_TRANSFER_REQUEST;
-import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 
-import com.google.common.collect.ImmutableSet;
-import google.registry.config.RegistryConfig.Config;
-import google.registry.flows.EppException;
-import google.registry.flows.ExtensionManager;
-import google.registry.flows.FlowModule.RegistrarId;
-import google.registry.flows.FlowModule.TargetId;
-import google.registry.flows.MutatingFlow;
 import google.registry.flows.annotations.ReportingSpec;
-import google.registry.flows.exceptions.AlreadyPendingTransferException;
-import google.registry.flows.exceptions.ObjectAlreadySponsoredException;
-import google.registry.model.contact.Contact;
-import google.registry.model.contact.ContactHistory;
-import google.registry.model.domain.metadata.MetadataExtension;
-import google.registry.model.eppcommon.AuthInfo;
-import google.registry.model.eppcommon.StatusValue;
-import google.registry.model.eppcommon.Trid;
-import google.registry.model.eppoutput.EppResponse;
-import google.registry.model.poll.PollMessage;
-import google.registry.model.reporting.HistoryEntry.HistoryEntryId;
+import google.registry.flows.exceptions.ContactsProhibitedException;
 import google.registry.model.reporting.IcannReportingTypes.ActivityReportField;
-import google.registry.model.transfer.ContactTransferData;
-import google.registry.model.transfer.TransferStatus;
 import jakarta.inject.Inject;
-import java.util.Optional;
-import org.joda.time.DateTime;
-import org.joda.time.Duration;
 
 /**
- * An EPP flow that requests a transfer on a contact.
+ * An EPP flow that is meant to request a transfer on a contact.
  *
- * <p>The "gaining" registrar requests a transfer from the "losing" (aka current) registrar. The
- * losing registrar has a "transfer" time period to respond (by default five days) after which the
- * transfer is automatically approved. Within that window, the transfer might be approved explicitly
- * by the losing registrar or rejected, and the gaining registrar can also cancel the transfer
- * request.
- *
- * @error {@link google.registry.flows.FlowUtils.NotLoggedInException}
- * @error {@link google.registry.flows.ResourceFlowUtils.BadAuthInfoForResourceException}
- * @error {@link google.registry.flows.ResourceFlowUtils.ResourceDoesNotExistException}
- * @error {@link google.registry.flows.exceptions.AlreadyPendingTransferException}
- * @error {@link google.registry.flows.exceptions.MissingTransferRequestAuthInfoException}
- * @error {@link google.registry.flows.exceptions.ObjectAlreadySponsoredException}
- * @error {@link google.registry.flows.exceptions.ResourceStatusProhibitsOperationException}
+ * @error {@link ContactsProhibitedException}
  */
+@Deprecated
 @ReportingSpec(ActivityReportField.CONTACT_TRANSFER_REQUEST)
-public final class ContactTransferRequestFlow implements MutatingFlow {
-
-  private static final ImmutableSet<StatusValue> DISALLOWED_STATUSES =
-      ImmutableSet.of(
-          StatusValue.CLIENT_TRANSFER_PROHIBITED,
-          StatusValue.PENDING_DELETE,
-          StatusValue.SERVER_TRANSFER_PROHIBITED);
-
-  @Inject ExtensionManager extensionManager;
-  @Inject Optional<AuthInfo> authInfo;
-  @Inject @RegistrarId String gainingClientId;
-  @Inject @TargetId String targetId;
-
-  @Inject
-  @Config("contactAutomaticTransferLength")
-  Duration automaticTransferLength;
-
-  @Inject ContactHistory.Builder historyBuilder;
-  @Inject Trid trid;
-  @Inject EppResponse.Builder responseBuilder;
-
+public final class ContactTransferRequestFlow extends ContactsProhibitedFlow {
   @Inject
   ContactTransferRequestFlow() {}
-
-  @Override
-  public EppResponse run() throws EppException {
-    extensionManager.register(MetadataExtension.class);
-    validateRegistrarIsLoggedIn(gainingClientId);
-    extensionManager.validate();
-    DateTime now = tm().getTransactionTime();
-    Contact existingContact = loadAndVerifyExistence(Contact.class, targetId, now);
-    verifyAuthInfoPresentForResourceTransfer(authInfo);
-    verifyAuthInfo(authInfo.get(), existingContact);
-    // Verify that the resource does not already have a pending transfer.
-    if (TransferStatus.PENDING.equals(existingContact.getTransferData().getTransferStatus())) {
-      throw new AlreadyPendingTransferException(targetId);
-    }
-    String losingClientId = existingContact.getCurrentSponsorRegistrarId();
-    // Verify that this client doesn't already sponsor this resource.
-    if (gainingClientId.equals(losingClientId)) {
-      throw new ObjectAlreadySponsoredException();
-    }
-    verifyNoDisallowedStatuses(existingContact, DISALLOWED_STATUSES);
-
-    DateTime transferExpirationTime = now.plus(automaticTransferLength);
-    ContactTransferData serverApproveTransferData =
-        new ContactTransferData.Builder()
-            .setTransferRequestTime(now)
-            .setTransferRequestTrid(trid)
-            .setGainingRegistrarId(gainingClientId)
-            .setLosingRegistrarId(losingClientId)
-            .setPendingTransferExpirationTime(transferExpirationTime)
-            .setTransferStatus(TransferStatus.SERVER_APPROVED)
-            .build();
-    HistoryEntryId contactHistoryId = createHistoryEntryId(existingContact);
-    historyBuilder
-        .setRevisionId(contactHistoryId.getRevisionId())
-        .setType(CONTACT_TRANSFER_REQUEST);
-    // If the transfer is server approved, this message will be sent to the losing registrar. */
-    PollMessage serverApproveLosingPollMessage =
-        createLosingTransferPollMessage(targetId, serverApproveTransferData, contactHistoryId);
-    // If the transfer is server approved, this message will be sent to the gaining registrar. */
-    PollMessage serverApproveGainingPollMessage =
-        createGainingTransferPollMessage(
-            targetId, serverApproveTransferData, now, contactHistoryId);
-    ContactTransferData pendingTransferData =
-        serverApproveTransferData
-            .asBuilder()
-            .setTransferStatus(TransferStatus.PENDING)
-            .setServerApproveEntities(
-                serverApproveGainingPollMessage.getContactRepoId(),
-                contactHistoryId.getRevisionId(),
-                ImmutableSet.of(
-                    serverApproveGainingPollMessage.createVKey(),
-                    serverApproveLosingPollMessage.createVKey()))
-            .build();
-    // When a transfer is requested, a poll message is created to notify the losing registrar.
-    PollMessage requestPollMessage =
-        createLosingTransferPollMessage(targetId, pendingTransferData, contactHistoryId)
-            .asBuilder()
-            .setEventTime(now) // Unlike the serverApprove messages, this applies immediately.
-            .build();
-    Contact newContact =
-        existingContact
-            .asBuilder()
-            .setTransferData(pendingTransferData)
-            .addStatusValue(StatusValue.PENDING_TRANSFER)
-            .build();
-    tm().update(newContact);
-    tm().insertAll(
-            ImmutableSet.of(
-                historyBuilder.setContact(newContact).build(),
-                requestPollMessage,
-                serverApproveGainingPollMessage,
-                serverApproveLosingPollMessage));
-    return responseBuilder
-        .setResultFromCode(SUCCESS_WITH_ACTION_PENDING)
-        .setResData(createTransferResponse(targetId, newContact.getTransferData()))
-        .build();
-  }
 }