Change the default config for perTransactionIsolation to true (#2196)

This was already set to true in all environments except prod last week. Now that the release has gone out and we have not seen any issues, we should feel safe turning this on in production as well.

build.gradle

@@ -60,9 +60,8 @@ dependencyLocking {
 }
 
 node {
-  download = true
-  version = "16.14.0"
-  npmVersion = "6.14.11"
+  download = false
+  version = "16.19.0"
 }
 
 wrapper {

console-webapp/src/app/app.component.scss

@@ -37,7 +37,7 @@
       background-color: transparent;
     }
     .active {
-      background: #eae1e1;
+      background-color: var(--secondary);
     }
   }
   &__content-wrapper {

console-webapp/src/app/app.component.ts

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { Component, ViewChild } from '@angular/core';
+import { AfterViewInit, Component, ViewChild } from '@angular/core';
 import { RegistrarService } from './registrar/registrar.service';
 import { UserDataService } from './shared/services/userData.service';
 import { GlobalLoaderService } from './shared/services/globalLoader.service';
@@ -24,7 +24,7 @@ import { MatSidenav } from '@angular/material/sidenav';
   templateUrl: './app.component.html',
   styleUrls: ['./app.component.scss'],
 })
-export class AppComponent {
+export class AppComponent implements AfterViewInit {
   renderRouter: boolean = true;
 
   @ViewChild('sidenav')

console-webapp/src/app/app.module.ts

@@ -48,6 +48,11 @@ import { DomainsWidgetComponent } from './home/widgets/domains-widget.component'
 import { SettingsWidgetComponent } from './home/widgets/settings-widget.component';
 import { UserDataService } from './shared/services/userData.service';
 import WhoisComponent from './settings/whois/whois.component';
+import { SnackBarModule } from './snackbar.module';
+import {
+  RegistrarDetailsComponent,
+  RegistrarDetailsWrapperComponent,
+} from './registrar/registrarDetails.component';
 
 @NgModule({
   declarations: [
@@ -62,6 +67,8 @@ import WhoisComponent from './settings/whois/whois.component';
     HomeComponent,
     PromotionsWidgetComponent,
     RegistrarComponent,
+    RegistrarDetailsComponent,
+    RegistrarDetailsWrapperComponent,
     RegistrarSelectorComponent,
     ResourcesWidgetComponent,
     SecurityComponent,
@@ -79,6 +86,7 @@ import WhoisComponent from './settings/whois/whois.component';
     FormsModule,
     HttpClientModule,
     MaterialModule,
+    SnackBarModule,
   ],
   providers: [
     BackendService,

console-webapp/src/app/header/header.component.html

@@ -1,24 +1,30 @@
-<p>
+<p class="console-app__header">
   <mat-toolbar color="primary">
     <button mat-icon-button aria-label="Open menu" (click)="toggleNavPane()">
       <mat-icon>menu</mat-icon>
     </button>
-    <span>
-      <a
-        [routerLink]="'/home'"
-        routerLinkActive="active"
-        class="console-app__logo"
-      >
-        Google Registry
-      </a>
-    </span>
+    <a
+      [routerLink]="'/home'"
+      routerLinkActive="active"
+      class="console-app__logo"
+    >
+      Google Registry
+    </a>
     <span class="spacer"></span>
     <app-registrar-selector />
     <button mat-icon-button aria-label="Open FAQ">
       <mat-icon>question_mark</mat-icon>
     </button>
-    <button mat-icon-button aria-label="Open user info">
+    <button
+      mat-icon-button
+      [matMenuTriggerFor]="menu"
+      #menuTrigger
+      aria-label="Open user info"
+    >
       <mat-icon>person</mat-icon>
     </button>
+    <mat-menu #menu="matMenu">
+      <button mat-menu-item (click)="logOut()">Log out</button>
+    </mat-menu>
   </mat-toolbar>
 </p>

console-webapp/src/app/header/header.component.scss

@@ -17,6 +17,21 @@
     color: inherit;
     text-decoration: none;
   }
+  &__header {
+    @media (max-width: 599px) {
+      .mat-toolbar {
+        padding: 0;
+      }
+      .console-app__logo {
+        font-size: 16px;
+      }
+      button {
+        padding-left: 0;
+        padding-right: 0;
+        width: 30px;
+      }
+    }
+  }
 }
 .spacer {
   flex: 1;

console-webapp/src/app/header/header.component.ts

@@ -28,4 +28,8 @@ export class HeaderComponent {
     this.isNavOpen = !this.isNavOpen;
     this.toggleNavOpen.emit(this.isNavOpen);
   }
+
+  logOut() {
+    window.open('/console?gcp-iap-mode=CLEAR_LOGIN_COOKIE', '_self');
+  }
 }

console-webapp/src/app/home/home.component.scss

@@ -29,4 +29,9 @@
       }
     }
   }
+  @media (max-width: 510px) {
+    .console-app__widget-wrapper__wide {
+      grid-column: initial;
+    }
+  }
 }

console-webapp/src/app/home/widgets/contact-widget.component.html

@@ -5,21 +5,23 @@
         <mat-icon class="console-app__widget-icon">call</mat-icon>
         <h1 class="console-app__widget-title">Contact Support</h1>
         <h4 class="secondary-text text-center">
-          View Google Registry support email and phone information
+          Let us know if you have any questions
         </h4>
       </div>
       <div class="console-app__widget_right">
-        <button mat-button color="primary" class="console-app__widget-link">
-          Give us a Call
-        </button>
+        <div class="console-app__widget-section-header">Give us a Call</div>
         <p class="secondary-text">
-          Call Google Registry support at <b>+1 (404) 978 8419</b>
+          Call {{ userDataService.userData?.productName }} support at
+          <a href="tel:{{ userDataService.userData?.supportPhoneNumber }}">{{
+            userDataService.userData?.supportPhoneNumber
+          }}</a>
         </p>
-        <button mat-button color="primary" class="console-app__widget-link">
-          Send us an Email
-        </button>
+        <div class="console-app__widget-section-header">Send us an Email</div>
         <p class="secondary-text">
-          Email Google Registry at <b>support@google.com</b>
+          Email {{ userDataService.userData?.productName }} at
+          <a href="mailto:{{ userDataService.userData?.supportEmail }}">{{
+            userDataService.userData?.supportEmail
+          }}</a>
         </p>
       </div>
     </div>

console-webapp/src/app/home/widgets/contact-widget.component.ts

@@ -13,11 +13,12 @@
 // limitations under the License.
 
 import { Component } from '@angular/core';
+import { UserDataService } from 'src/app/shared/services/userData.service';
 
 @Component({
   selector: '[app-contact-widget]',
   templateUrl: './contact-widget.component.html',
 })
 export class ContactWidgetComponent {
-  constructor() {}
+  constructor(public userDataService: UserDataService) {}
 }

console-webapp/src/app/home/widgets/resources-widget.component.html

@@ -4,6 +4,7 @@
       <a
         class="console-app__widget_left"
         href="{{ userDataService.userData?.technicalDocsUrl }}"
+        target="_blank"
       >
         <mat-icon class="console-app__widget-icon">menu_book</mat-icon>
         <h1 class="console-app__widget-title">Resources</h1>

console-webapp/src/app/material.module.ts

@@ -45,6 +45,7 @@ import { DialogModule } from '@angular/cdk/dialog';
 import { MatSidenavModule } from '@angular/material/sidenav';
 import { MatSnackBarModule } from '@angular/material/snack-bar';
 import { MatPaginatorModule } from '@angular/material/paginator';
+import { MatChipsModule } from '@angular/material/chips';
 
 @NgModule({
   exports: [
@@ -81,6 +82,7 @@ import { MatPaginatorModule } from '@angular/material/paginator';
     DialogModule,
     MatSnackBarModule,
     MatPaginatorModule,
+    MatChipsModule,
   ],
 })
 export class MaterialModule {}

console-webapp/src/app/registrar/emptyRegistrar.component.scss

@@ -8,6 +8,7 @@
     left: 50%;
     top: 50%;
     transform: translate(-50%, -50%);
+    white-space: nowrap;
 
     &-icon {
       transform: scale(3);

console-webapp/src/app/registrar/registrar-selector.component.html

@@ -1,10 +1,21 @@
 <div class="console-app__registrar">
-  <div>
+  <button
+    mat-button
+    [routerLink]="'/settings/registrars'"
+    routerLinkActive="active"
+    *ngIf="isMobile; else desktop"
+  >
+    {{ registrarService.activeRegistrarId || "Select registrar" }}
+    <mat-icon>open_in_new</mat-icon>
+  </button>
+  <ng-template #desktop>
     <mat-form-field class="mat-form-field-density-5" appearance="fill">
       <mat-label>Registrar</mat-label>
       <mat-select
         [ngModel]="registrarService.activeRegistrarId"
-        (selectionChange)="registrarService.updateRegistrar($event.value)"
+        (selectionChange)="
+          registrarService.updateSelectedRegistrar($event.value)
+        "
       >
         <mat-option
           *ngFor="let registrar of registrarService.registrars"
@@ -14,5 +25,5 @@
         </mat-option>
       </mat-select>
     </mat-form-field>
-  </div>
+  </ng-template>
 </div>

console-webapp/src/app/registrar/registrar-selector.component.ts

@@ -12,14 +12,35 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { Component } from '@angular/core';
+import { Component, OnInit } from '@angular/core';
 import { RegistrarService } from './registrar.service';
+import { BreakpointObserver } from '@angular/cdk/layout';
+import { distinctUntilChanged } from 'rxjs';
+
+const MOBILE_LAYOUT_BREAKPOINT = '(max-width: 599px)';
 
 @Component({
   selector: 'app-registrar-selector',
   templateUrl: './registrar-selector.component.html',
   styleUrls: ['./registrar-selector.component.scss'],
 })
-export class RegistrarSelectorComponent {
-  constructor(protected registrarService: RegistrarService) {}
+export class RegistrarSelectorComponent implements OnInit {
+  protected isMobile: boolean = false;
+
+  readonly breakpoint$ = this.breakpointObserver
+    .observe([MOBILE_LAYOUT_BREAKPOINT])
+    .pipe(distinctUntilChanged());
+
+  constructor(
+    protected registrarService: RegistrarService,
+    protected breakpointObserver: BreakpointObserver
+  ) {}
+
+  ngOnInit(): void {
+    this.breakpoint$.subscribe(() => this.breakpointChanged());
+  }
+
+  private breakpointChanged() {
+    this.isMobile = this.breakpointObserver.isMatched(MOBILE_LAYOUT_BREAKPOINT);
+  }
 }

console-webapp/src/app/registrar/registrar.guard.ts

@@ -13,7 +13,11 @@
 // limitations under the License.
 
 import { Injectable } from '@angular/core';
-import { Router } from '@angular/router';
+import {
+  ActivatedRouteSnapshot,
+  Router,
+  RouterStateSnapshot,
+} from '@angular/router';
 
 import { RegistrarService } from './registrar.service';
 
@@ -26,13 +30,16 @@ export class RegistrarGuard {
     private registrarService: RegistrarService
   ) {}
 
-  canActivate(): Promise<boolean> | boolean {
+  canActivate(
+    _: ActivatedRouteSnapshot,
+    state: RouterStateSnapshot
+  ): Promise<boolean> | boolean {
     if (this.registrarService.activeRegistrarId) {
       return true;
     }
-    // Get the full URL including any nested children (skip the initial '#/')
-    // NB: an empty nextUrl takes the user to the home page
-    const nextUrl = location.hash.split('#/')[1] || '';
-    return this.router.navigate([`/empty-registrar`, { nextUrl }]);
+    return this.router.navigate([
+      `/empty-registrar`,
+      { nextUrl: state.url || '' },
+    ]);
   }
 }

console-webapp/src/app/registrar/registrar.service.ts

@@ -73,7 +73,7 @@ export class RegistrarService implements GlobalLoader {
     )[0];
   }
 
-  public updateRegistrar(registrarId: string) {
+  public updateSelectedRegistrar(registrarId: string) {
     this.activeRegistrarId = registrarId;
     this.activeRegistrarIdChange.next(registrarId);
   }
@@ -89,8 +89,6 @@ export class RegistrarService implements GlobalLoader {
   }
 
   loadingTimeout() {
-    this._snackBar.open('Timeout loading registrars', undefined, {
-      duration: 1500,
-    });
+    this._snackBar.open('Timeout loading registrars');
   }
 }

console-webapp/src/app/registrar/registrarDetails.component.html

@@ -0,0 +1,40 @@
+<div class="registrarDetails">
+  <h3 mat-dialog-title>Edit Registrar: {{ registrarInEdit.registrarId }}</h3>
+  <div mat-dialog-content>
+    <form (ngSubmit)="saveAndClose($event)">
+      <mat-form-field class="registrarDetails__input">
+        <mat-label>Registry Lock:</mat-label>
+        <mat-select
+          [(ngModel)]="registrarInEdit.registryLockAllowed"
+          name="registryLockAllowed"
+        >
+          <mat-option [value]="true">True</mat-option>
+          <mat-option [value]="false">False</mat-option>
+        </mat-select>
+      </mat-form-field>
+      <mat-form-field class="registrarDetails__input">
+        <mat-label>Onboarded TLDs: </mat-label>
+        <mat-chip-grid #chipGrid aria-label="Enter TLD">
+          <mat-chip-row
+            *ngFor="let tld of registrarInEdit.allowedTlds"
+            (removed)="removeTLD(tld)"
+          >
+            {{ tld }}
+            <button matChipRemove aria-label="'remove ' + tld">
+              <mat-icon>cancel</mat-icon>
+            </button>
+          </mat-chip-row>
+        </mat-chip-grid>
+        <input
+          placeholder="New tld..."
+          [matChipInputFor]="chipGrid"
+          (matChipInputTokenEnd)="addTLD($event)"
+        />
+      </mat-form-field>
+      <mat-dialog-actions>
+        <button mat-button (click)="onCancel($event)">Cancel</button>
+        <button type="submit" mat-button color="primary">Save</button>
+      </mat-dialog-actions>
+    </form>
+  </div>
+</div>

console-webapp/src/app/registrar/registrarDetails.component.scss

@@ -0,0 +1,8 @@
+.registrarDetails {
+  min-width: 30vw;
+
+  &__input {
+    display: block;
+    margin-top: 0.5rem;
+  }
+}

console-webapp/src/app/registrar/registrarDetails.component.ts

@@ -0,0 +1,105 @@
+// Copyright 2023 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import { Component, Injector } from '@angular/core';
+import { Registrar, RegistrarService } from './registrar.service';
+import { BreakpointObserver } from '@angular/cdk/layout';
+import {
+  MAT_BOTTOM_SHEET_DATA,
+  MatBottomSheet,
+  MatBottomSheetRef,
+} from '@angular/material/bottom-sheet';
+import {
+  MAT_DIALOG_DATA,
+  MatDialog,
+  MatDialogRef,
+} from '@angular/material/dialog';
+import { MatChipInputEvent } from '@angular/material/chips';
+
+const MOBILE_LAYOUT_BREAKPOINT = '(max-width: 599px)';
+
+@Component({
+  selector: 'app-registrar-details',
+  templateUrl: './registrarDetails.component.html',
+  styleUrls: ['./registrarDetails.component.scss'],
+})
+export class RegistrarDetailsComponent {
+  registrarInEdit!: Registrar;
+  private elementRef:
+    | MatBottomSheetRef<RegistrarDetailsComponent>
+    | MatDialogRef<RegistrarDetailsComponent>;
+
+  constructor(
+    protected registrarService: RegistrarService,
+    private injector: Injector
+  ) {
+    // We only inject one, either Dialog or Bottom Sheet data
+    // so one of the injectors is expected to fail
+    try {
+      var params = this.injector.get(MAT_DIALOG_DATA);
+      this.elementRef = this.injector.get(MatDialogRef);
+    } catch (e) {
+      var params = this.injector.get(MAT_BOTTOM_SHEET_DATA);
+      this.elementRef = this.injector.get(MatBottomSheetRef);
+    }
+    this.registrarInEdit = JSON.parse(JSON.stringify(params.registrar));
+  }
+
+  onCancel(e: MouseEvent) {
+    if (this.elementRef instanceof MatBottomSheetRef) {
+      this.elementRef.dismiss();
+    } else if (this.elementRef instanceof MatDialogRef) {
+      this.elementRef.close();
+    }
+  }
+
+  saveAndClose(e: MouseEvent) {
+    // TODO: Implement save call to API
+    this.onCancel(e);
+  }
+
+  addTLD(e: MatChipInputEvent) {
+    this.removeTLD(e.value); // Prevent dups
+    this.registrarInEdit.allowedTlds = this.registrarInEdit.allowedTlds?.concat(
+      [e.value.toLowerCase()]
+    );
+  }
+
+  removeTLD(tld: string) {
+    this.registrarInEdit.allowedTlds = this.registrarInEdit.allowedTlds?.filter(
+      (v) => v != tld
+    );
+  }
+}
+
+@Component({
+  selector: 'app-registrar-details-wrapper',
+  template: '',
+})
+export class RegistrarDetailsWrapperComponent {
+  constructor(
+    private dialog: MatDialog,
+    private bottomSheet: MatBottomSheet,
+    protected breakpointObserver: BreakpointObserver
+  ) {}
+
+  open(registrar: Registrar) {
+    const config = { data: { registrar } };
+    if (this.breakpointObserver.isMatched(MOBILE_LAYOUT_BREAKPOINT)) {
+      this.bottomSheet.open(RegistrarDetailsComponent, config);
+    } else {
+      this.dialog.open(RegistrarDetailsComponent, config);
+    }
+  }
+}

console-webapp/src/app/registrar/registrarsTable.component.html

@@ -1,25 +1,54 @@
 <div class="console-app__registrars">
-  <table
-    mat-table
-    [dataSource]="registrarService.registrars"
+  <mat-form-field class="console-app__registrars-filter">
+    <mat-label>Search</mat-label>
+    <input
+      matInput
+      (keyup)="applyFilter($event)"
+      placeholder="..."
+      type="search"
+    />
+    <mat-icon matPrefix>search</mat-icon>
+  </mat-form-field>
+  <mat-table
+    [dataSource]="dataSource"
     class="mat-elevation-z8"
+    class="console-app__registrars-table"
+    matSort
   >
+    <ng-container matColumnDef="edit">
+      <mat-header-cell *matHeaderCellDef></mat-header-cell>
+      <mat-cell *matCellDef="let row">
+        <button
+          mat-icon-button
+          color="primary"
+          aria-label="Edit registrar"
+          (click)="openDetails($event, row)"
+        >
+          <mat-icon>edit</mat-icon>
+        </button>
+      </mat-cell>
+    </ng-container>
+
     <ng-container
       *ngFor="let column of columns"
       [matColumnDef]="column.columnDef"
     >
-      <th mat-header-cell *matHeaderCellDef>
-        {{ column.header }}
-      </th>
-      <td mat-cell *matCellDef="let row" [innerHTML]="column.cell(row)"></td>
+      <mat-header-cell *matHeaderCellDef> {{ column.header }} </mat-header-cell>
+      <mat-cell *matCellDef="let row" [innerHTML]="column.cell(row)"></mat-cell>
     </ng-container>
+    <mat-header-row *matHeaderRowDef="displayedColumns"></mat-header-row>
+    <mat-row
+      *matRowDef="let row; columns: displayedColumns"
+      (click)="registrarService.updateSelectedRegistrar(row.registrarId)"
+    ></mat-row>
+  </mat-table>
 
-    <tr mat-header-row *matHeaderRowDef="displayedColumns"></tr>
-    <tr mat-row *matRowDef="let row; columns: displayedColumns"></tr>
-  </table>
   <mat-paginator
     class="mat-elevation-z8"
     [pageSizeOptions]="[5, 10, 20]"
     showFirstLastButtons
   ></mat-paginator>
+  <app-registrar-details-wrapper
+    #registrarDetailsView
+  ></app-registrar-details-wrapper>
 </div>

console-webapp/src/app/registrar/registrarsTable.component.scss

@@ -1,5 +1,36 @@
 .console-app {
+  $min-width: 756px;
+
   &__registrars {
     margin-top: 1.5rem;
+    width: 100%;
+    overflow: auto;
+  }
+
+  &__registrars-filter {
+    min-width: $min-width !important;
+    width: 100%;
+  }
+
+  &__registrars-table {
+    min-width: $min-width !important;
+  }
+
+  .mat-mdc-paginator {
+    min-width: $min-width !important;
+  }
+
+  .mat-column {
+    &-edit {
+      max-width: 55px;
+      padding-left: 5px;
+    }
+    &-driveId {
+      min-width: 200px;
+      word-break: break-all;
+    }
+    &-registryLockAllowed {
+      max-width: 80px;
+    }
   }
 }

console-webapp/src/app/registrar/registrarsTable.component.ts

@@ -12,16 +12,22 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-import { Component } from '@angular/core';
+import { Component, ViewChild, ViewEncapsulation } from '@angular/core';
 import { Registrar, RegistrarService } from './registrar.service';
+import { MatPaginator } from '@angular/material/paginator';
+import { MatSort } from '@angular/material/sort';
+import { MatTableDataSource } from '@angular/material/table';
+import { RegistrarDetailsWrapperComponent } from './registrarDetails.component';
 
 @Component({
   selector: 'app-registrar',
   templateUrl: './registrarsTable.component.html',
   styleUrls: ['./registrarsTable.component.scss'],
+  encapsulation: ViewEncapsulation.None,
 })
 export class RegistrarComponent {
   public static PATH = 'registrars';
+  dataSource: MatTableDataSource<Registrar>;
   columns = [
     {
       columnDef: 'registrarId',
@@ -71,6 +77,31 @@ export class RegistrarComponent {
       cell: (record: Registrar) => `${record.driveFolderId || ''}`,
     },
   ];
-  displayedColumns = this.columns.map((c) => c.columnDef);
-  constructor(protected registrarService: RegistrarService) {}
+  displayedColumns = ['edit'].concat(this.columns.map((c) => c.columnDef));
+
+  @ViewChild(MatPaginator) paginator!: MatPaginator;
+  @ViewChild(MatSort) sort!: MatSort;
+  @ViewChild('registrarDetailsView')
+  detailsComponentWrapper!: RegistrarDetailsWrapperComponent;
+
+  constructor(protected registrarService: RegistrarService) {
+    this.dataSource = new MatTableDataSource<Registrar>(
+      registrarService.registrars
+    );
+  }
+
+  ngAfterViewInit() {
+    this.dataSource.paginator = this.paginator;
+    this.dataSource.sort = this.sort;
+  }
+
+  openDetails(event: MouseEvent, registrar: Registrar) {
+    event.stopPropagation();
+    this.detailsComponentWrapper.open(registrar);
+  }
+
+  applyFilter(event: Event) {
+    const filterValue = (event.target as HTMLInputElement).value;
+    this.dataSource.filter = filterValue.trim().toLowerCase();
+  }
 }

console-webapp/src/app/settings/contact/contact-details.component.html

@@ -1,7 +1,7 @@
 <h3 mat-dialog-title>Contact details</h3>
 <div mat-dialog-content>
   <form (ngSubmit)="saveAndClose($event)">
-    <div>
+    <p>
       <mat-form-field class="contact-details__input">
         <mat-label>Name: </mat-label>
         <input
@@ -11,9 +11,9 @@
           [ngModelOptions]="{ standalone: true }"
         />
       </mat-form-field>
-    </div>
+    </p>
 
-    <div>
+    <p>
       <mat-form-field class="contact-details__input">
         <mat-label>Primary account email: </mat-label>
         <input
@@ -25,9 +25,9 @@
           [ngModelOptions]="{ standalone: true }"
         />
       </mat-form-field>
-    </div>
+    </p>
 
-    <div>
+    <p>
       <mat-form-field class="contact-details__input">
         <mat-label>Phone: </mat-label>
         <input
@@ -36,9 +36,9 @@
           [ngModelOptions]="{ standalone: true }"
         />
       </mat-form-field>
-    </div>
+    </p>
 
-    <div>
+    <p>
       <mat-form-field class="contact-details__input">
         <mat-label>Fax: </mat-label>
         <input
@@ -47,7 +47,7 @@
           [ngModelOptions]="{ standalone: true }"
         />
       </mat-form-field>
-    </div>
+    </p>
 
     <div class="contact-details__group">
       <label>Contact type:</label>

console-webapp/src/app/settings/contact/contact.component.ts

@@ -129,9 +129,7 @@ export class ContactDetailsDialogComponent {
     operationObservable.subscribe({
       complete: this.onCloseCallback.bind(this),
       error: (err: HttpErrorResponse) => {
-        this._snackBar.open(err.error, undefined, {
-          duration: 1500,
-        });
+        this._snackBar.open(err.error);
       },
     });
   }
@@ -175,9 +173,7 @@ export default class ContactComponent {
     if (confirm(`Please confirm contact ${contact.name} delete`)) {
       this.contactService.deleteContact(contact).subscribe({
         error: (err: HttpErrorResponse) => {
-          this._snackBar.open(err.error, undefined, {
-            duration: 1500,
-          });
+          this._snackBar.open(err.error);
         },
       });
     }

console-webapp/src/app/settings/security/security.component.ts

@@ -64,9 +64,7 @@ export default class SecurityComponent {
         this.resetDataSource();
       },
       error: (err: HttpErrorResponse) => {
-        this._snackBar.open(err.error, undefined, {
-          duration: 1500,
-        });
+        this._snackBar.open(err.error);
       },
     });
     this.cancel();

console-webapp/src/app/settings/settings.component.scss

@@ -15,9 +15,9 @@
 .console-settings {
   .mdc-tab {
     &.active-link {
-      border-bottom: 2px solid #673ab7;
+      border-bottom: 2px solid var(--primary);
       .mdc-tab__text-label {
-        color: #673ab7;
+        color: var(--primary);
       }
     }
   }

console-webapp/src/app/settings/whois/whois.component.scss

@@ -24,14 +24,14 @@
     display: flex;
     flex-wrap: wrap;
     margin-bottom: 5px;
-    min-width: 450px;
+    min-width: 400px;
     width: 50%;
     max-width: 50%;
   }
   &__section-description {
     display: inline-block;
     margin-block-start: 1em;
-    min-width: 150px;
+    width: 160px;
   }
   &__section-form {
     display: inline-block;

console-webapp/src/app/settings/whois/whois.component.ts

@@ -61,9 +61,8 @@ export default class WhoisComponent {
         this.resetDataSource();
       },
       error: (err: HttpErrorResponse) => {
-        this._snackBar.open(err.error, undefined, {
-          duration: 1500,
-        });
+        this._snackBar.open(err.error);
+        this.loading = false;
       },
     });
     this.cancel();

console-webapp/src/app/shared/services/backend.service.ts

@@ -95,7 +95,7 @@ export class BackendService {
 
   getUserData(): Observable<UserData> {
     return this.http
-      .get<UserData>(`/console-api/userdata`)
+      .get<UserData>('/console-api/userdata')
       .pipe(catchError((err) => this.errorCatcher<UserData>(err)));
   }
 

console-webapp/src/app/shared/services/userData.service.ts

@@ -19,8 +19,11 @@ import { MatSnackBar } from '@angular/material/snack-bar';
 import { GlobalLoader, GlobalLoaderService } from './globalLoader.service';
 
 export interface UserData {
-  isAdmin: boolean;
   globalRole: string;
+  isAdmin: boolean;
+  productName: string;
+  supportEmail: string;
+  supportPhoneNumber: string;
   technicalDocsUrl: string;
 }
 
@@ -49,8 +52,6 @@ export class UserDataService implements GlobalLoader {
   }
 
   loadingTimeout() {
-    this._snackBar.open('Timeout loading user data', undefined, {
-      duration: 1500,
-    });
+    this._snackBar.open('Timeout loading user data');
   }
 }

console-webapp/src/app/snackbar.module.ts

@@ -0,0 +1,24 @@
+// Copyright 2023 The Nomulus Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import { NgModule } from '@angular/core';
+import { MAT_SNACK_BAR_DEFAULT_OPTIONS } from '@angular/material/snack-bar';
+
+/** Provides a default set of options for the snack bar. */
+@NgModule({
+  providers: [
+    { provide: MAT_SNACK_BAR_DEFAULT_OPTIONS, useValue: { duration: 5000 } },
+  ],
+})
+export class SnackBarModule {}

console-webapp/src/styles.scss

@@ -44,13 +44,19 @@ body {
     &-link {
       padding: 0 !important;
       text-align: left;
-      height: 20px !important;
       min-width: auto !important;
+      height: min-content !important;
+    }
+    &-section-header {
+      font-weight: 500;
+      color: var(--primary) !important;
     }
     &-title {
       color: var(--primary) !important;
+      text-align: center;
     }
     &-icon {
+      color: var(--text);
       font-size: 5rem;
       line-height: 5rem;
       height: 5rem !important;

console-webapp/src/theme.scss

@@ -17,20 +17,9 @@ $theme-accent: mat.define-palette(mat.$pink-palette, A200, A100, A400);
 // The warn palette is optional (defaults to red).
 $theme-warn: mat.define-palette(mat.$red-palette);
 
-// Create the theme object. A theme consists of configurations for individual
-// theming systems such as "color" or "typography".
-$theme: mat.define-light-theme(
-  (
-    color: (
-      primary: $theme-primary,
-      accent: $theme-accent,
-      warn: $theme-warn,
-    ),
-    density: 0,
-  )
-);
-
-/** Application specific section **/
+/** 
+** Application specific section - Global styles and mixins
+**/
 
 @mixin form-field-density($density) {
   $field-typography: mat.define-typography-config(
@@ -46,19 +35,6 @@ $theme: mat.define-light-theme(
   @include form-field-density(-5);
 }
 
-$foreground: map.merge($theme, mat.$light-theme-foreground-palette);
-
-// Access and define a class with secondary color exposed
-.secondary-text {
-  color: map.get($foreground, "secondary-text");
-}
-
-:root {
-  --primary: #{mat.get-color-from-palette($theme-primary, 500)};
-  --secondary: #{map.get($foreground, "secondary-text")};
-}
-
-@include mat.all-component-themes($theme);
 @import "@angular/material/theming";
 
 // Define application specific typography settings, font-family, etc
@@ -67,3 +43,61 @@ $typography-configuration: mat-typography-config(
 );
 
 @include angular-material-typography($typography-configuration);
+
+/** 
+** Light theme
+**/
+$light-theme: mat.define-light-theme(
+  (
+    color: (
+      primary: $theme-primary,
+      accent: $theme-accent,
+      warn: $theme-warn,
+    ),
+    density: 0,
+  )
+);
+
+// Access and define a class with secondary color exposed
+.secondary-text {
+  color: map.get(mat.$light-theme-foreground-palette, "secondary-text");
+}
+
+:root {
+  --text: #{map.get(mat.$light-theme-foreground-palette, "base")};
+  --primary: #{mat.get-color-from-palette($theme-primary, 500)};
+  --secondary: #{map.get(mat.$light-theme-foreground-palette, "secondary-text")};
+}
+
+@include mat.all-component-themes($light-theme);
+
+/** 
+** Dark theme
+**/
+$dark-theme: mat.define-dark-theme(
+  (
+    color: (
+      primary: mat.define-palette(mat.$pink-palette),
+      accent: mat.define-palette(mat.$blue-grey-palette),
+    ),
+    density: 0,
+  )
+);
+
+@mixin _apply-dark-mode-colors() {
+  @include mat.all-component-colors($dark-theme);
+
+  .secondary-text {
+    color: map.get(mat.$dark-theme-foreground-palette, "secondary-text");
+  }
+
+  :root {
+    --text: #{map.get(mat.$dark-theme-foreground-palette, "base")};
+    --primary: #{mat.get-color-from-palette(mat.$pink-palette, 500)};
+    --secondary: #{map.get(mat.$dark-theme-background-palette, "secondary-text")};
+  }
+}
+
+@media (prefers-color-scheme: dark) {
+  @include _apply-dark-mode-colors();
+}

core/src/main/java/google/registry/batch/BatchModule.java

@@ -43,6 +43,12 @@ public class BatchModule {
   public static final String PARAM_DRY_RUN = "dryRun";
   public static final String PARAM_FAST = "fast";
 
+  @Provides
+  @Parameter("url")
+  static String provideUrl(HttpServletRequest req) {
+    return extractRequiredParameter(req, "url");
+  }
+
   @Provides
   @Parameter("jobName")
   static Optional<String> provideJobName(HttpServletRequest req) {

core/src/main/java/google/registry/batch/CannedScriptExecutionAction.java

@@ -14,26 +14,20 @@
 
 package google.registry.batch;
 
-import static com.google.common.collect.ImmutableList.toImmutableList;
+import static google.registry.request.Action.Method.GET;
 import static google.registry.request.Action.Method.POST;
-import static google.registry.util.RegistrarUtils.normalizeRegistrarId;
+import static java.nio.charset.StandardCharsets.UTF_8;
 
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.Streams;
 import com.google.common.flogger.FluentLogger;
-import google.registry.config.RegistryConfig.Config;
-import google.registry.groups.GmailClient;
-import google.registry.groups.GroupsConnection;
-import google.registry.model.registrar.Registrar;
-import google.registry.model.registrar.RegistrarPoc;
 import google.registry.request.Action;
+import google.registry.request.Parameter;
+import google.registry.request.Response;
+import google.registry.request.UrlConnectionService;
+import google.registry.request.UrlConnectionUtils;
 import google.registry.request.auth.Auth;
-import google.registry.util.EmailMessage;
-import java.io.IOException;
-import java.util.Set;
+import java.net.URL;
 import javax.inject.Inject;
-import javax.mail.internet.AddressException;
-import javax.mail.internet.InternetAddress;
+import javax.net.ssl.HttpsURLConnection;
 
 /**
  * Action that executes a canned script specified by the caller.
@@ -50,88 +44,45 @@ import javax.mail.internet.InternetAddress;
 @Action(
     service = Action.Service.BACKEND,
     path = "/_dr/task/executeCannedScript",
-    method = POST,
+    method = {POST, GET},
     automaticallyPrintOk = true,
     auth = Auth.AUTH_API_ADMIN)
 public class CannedScriptExecutionAction implements Runnable {
   private static final FluentLogger logger = FluentLogger.forEnclosingClass();
 
-  private final GroupsConnection groupsConnection;
-  private final GmailClient gmailClient;
-
-  private final InternetAddress senderAddress;
-
-  private final InternetAddress recipientAddress;
-
-  private final String gSuiteDomainName;
+  @Inject UrlConnectionService urlConnectionService;
+  @Inject Response response;
 
   @Inject
-  CannedScriptExecutionAction(
-      GroupsConnection groupsConnection,
-      GmailClient gmailClient,
-      @Config("projectId") String projectId,
-      @Config("gSuiteDomainName") String gSuiteDomainName,
-      @Config("newAlertRecipientEmailAddress") InternetAddress recipientAddress) {
-    this.groupsConnection = groupsConnection;
-    this.gmailClient = gmailClient;
-    this.gSuiteDomainName = gSuiteDomainName;
-    try {
-      this.senderAddress = new InternetAddress(String.format("%s@%s", projectId, gSuiteDomainName));
-    } catch (AddressException e) {
-      throw new RuntimeException(e);
-    }
-    this.recipientAddress = recipientAddress;
-    logger.atInfo().log("Sender:%s; Recipient: %s.", this.senderAddress, this.recipientAddress);
-  }
+  @Parameter("url")
+  String url;
+
+  @Inject
+  CannedScriptExecutionAction() {}
 
   @Override
   public void run() {
+    Integer responseCode = null;
+    String responseContent = null;
     try {
-      // Invoke canned scripts here.
-      checkGroupApi();
-      EmailMessage message = createEmail();
-      this.gmailClient.sendEmail(message);
-      logger.atInfo().log("Finished running scripts.");
-    } catch (Throwable t) {
-      logger.atWarning().withCause(t).log("Error executing scripts.");
-      throw new RuntimeException("Execution failed.");
-    }
-  }
-
-  // Checks if Directory and GroupSettings still work after GWorkspace changes.
-  void checkGroupApi() {
-    ImmutableList<Registrar> registrars =
-        Streams.stream(Registrar.loadAllCached())
-            .filter(registrar -> registrar.isLive() && registrar.getType() == Registrar.Type.REAL)
-            .collect(toImmutableList());
-    logger.atInfo().log("Found %s registrars.", registrars.size());
-    for (Registrar registrar : registrars) {
-      for (final RegistrarPoc.Type type : RegistrarPoc.Type.values()) {
-        String groupKey =
-            String.format(
-                "%s-%s-contacts@%s",
-                normalizeRegistrarId(registrar.getRegistrarId()),
-                type.getDisplayName(),
-                gSuiteDomainName);
-        try {
-          Set<String> currentMembers = groupsConnection.getMembersOfGroup(groupKey);
-          logger.atInfo().log("%s has %s members.", groupKey, currentMembers.size());
-          // One success is enough for validation.
-          return;
-        } catch (IOException e) {
-          logger.atWarning().withCause(e).log("Failed to check %s", groupKey);
-        }
+      logger.atInfo().log("Connecting to: %s", url);
+      HttpsURLConnection connection =
+          (HttpsURLConnection) urlConnectionService.createConnection(new URL(url));
+      responseCode = connection.getResponseCode();
+      logger.atInfo().log("Code: %d", responseCode);
+      logger.atInfo().log("Headers: %s", connection.getHeaderFields());
+      responseContent = new String(UrlConnectionUtils.getResponseBytes(connection), UTF_8);
+      logger.atInfo().log("Response: %s", responseContent);
+    } catch (Exception e) {
+      logger.atWarning().withCause(e).log("Connection to %s failed", url);
+      throw new RuntimeException(e);
+    } finally {
+      if (responseCode != null) {
+        response.setStatus(responseCode);
+      }
+      if (responseContent != null) {
+        response.setPayload(responseContent);
       }
     }
-    logger.atInfo().log("Finished checking GroupApis.");
-  }
-
-  EmailMessage createEmail() {
-    return EmailMessage.newBuilder()
-        .setFrom(senderAddress)
-        .setSubject("Test: Please ignore<eom>.")
-        .setRecipients(ImmutableList.of(recipientAddress))
-        .setBody("Sent from Nomulus through Google Workspace.")
-        .build();
   }
 }

core/src/main/java/google/registry/config/RegistryConfig.java

@@ -879,6 +879,17 @@ public final class RegistryConfig {
       return Optional.ofNullable(config.misc.sheetExportId);
     }
 
+    /**
+     * Returns the desired delay between outgoing emails when sending in bulk.
+     *
+     * <p>Gmail apparently has unpublished limits on peak throughput over short period.
+     */
+    @Provides
+    @Config("emailThrottleDuration")
+    public static Duration provideEmailThrottleSeconds(RegistryConfigSettings config) {
+      return Duration.standardSeconds(config.misc.emailThrottleSeconds);
+    }
+
     /**
      * Returns the email address we send various alert e-mails to.
      *
@@ -1163,44 +1174,6 @@ public final class RegistryConfig {
       return CONFIG_SETTINGS.get();
     }
 
-    /**
-     * Provides the OAuth scopes that authentication logic should detect on access tokens.
-     *
-     * <p>This list should be a superset of the required OAuth scope set provided below. Note that
-     * ideally, this setting would not be required and all scopes on an access token would be
-     * detected automatically, but that is not the case due to the way {@code OAuthService} works.
-     *
-     * <p>This is an independent setting from the required OAuth scopes (below) to support use cases
-     * where certain actions require some additional scope (e.g. access to a user's Google Drive)
-     * but that scope shouldn't be required for authentication alone; in that case the Drive scope
-     * would be specified only for this setting, allowing that action to check for its presence.
-     */
-    @Provides
-    @Config("availableOauthScopes")
-    public static ImmutableSet<String> provideAvailableOauthScopes(RegistryConfigSettings config) {
-      return ImmutableSet.copyOf(config.auth.availableOauthScopes);
-    }
-
-    /**
-     * Provides the OAuth scopes that are required for authenticating successfully.
-     *
-     * <p>This set contains the scopes which must be present to authenticate a user. It should be a
-     * subset of the scopes we request from the OAuth interface, provided above.
-     *
-     * <p>If we feel the need, we could define additional fixed scopes, similar to the Java remote
-     * API, which requires at least one of:
-     *
-     * <ul>
-     *   <li>{@code https://www.googleapis.com/auth/appengine.apis}
-     *   <li>{@code https://www.googleapis.com/auth/cloud-platform}
-     * </ul>
-     */
-    @Provides
-    @Config("requiredOauthScopes")
-    public static ImmutableSet<String> provideRequiredOauthScopes(RegistryConfigSettings config) {
-      return ImmutableSet.copyOf(config.auth.requiredOauthScopes);
-    }
-
     /**
      * Provides service account email addresses allowed to authenticate with the app at {@link
      * google.registry.request.auth.AuthSettings.AuthLevel#APP} level.
@@ -1212,13 +1185,6 @@ public final class RegistryConfig {
       return ImmutableSet.copyOf(config.auth.allowedServiceAccountEmails);
     }
 
-    /** Provides the allowed OAuth client IDs (could be multibinding). */
-    @Provides
-    @Config("allowedOauthClientIds")
-    public static ImmutableSet<String> provideAllowedOauthClientIds(RegistryConfigSettings config) {
-      return ImmutableSet.copyOf(config.auth.allowedOauthClientIds);
-    }
-
     @Provides
     @Config("oauthClientId")
     public static String provideOauthClientId(RegistryConfigSettings config) {

core/src/main/java/google/registry/config/RegistryConfigSettings.java

@@ -58,9 +58,6 @@ public class RegistryConfigSettings {
 
   /** Configuration options for authenticating users. */
   public static class Auth {
-    public List<String> availableOauthScopes;
-    public List<String> requiredOauthScopes;
-    public List<String> allowedOauthClientIds;
     public List<String> allowedServiceAccountEmails;
     public String oauthClientId;
   }
@@ -208,6 +205,7 @@ public class RegistryConfigSettings {
   public static class Misc {
     public String sheetExportId;
     public boolean isEmailSendingEnabled;
+    public int emailThrottleSeconds;
     public String alertRecipientEmailAddress;
     // TODO(b/279671974): remove below field after migration
     public String newAlertRecipientEmailAddress;

core/src/main/java/google/registry/config/files/default-config.yaml

@@ -193,7 +193,7 @@ hibernate:
   # to true, nested transactions will throw an exception. If set to false, a
   # transaction with the isolation override specified will still execute at the
   # default level (specified below).
-  perTransactionIsolation: false
+  perTransactionIsolation: true
 
   # Make 'SERIALIZABLE' the default isolation level to ensure correctness.
   #
@@ -304,24 +304,6 @@ caching:
 # Note: Only allowedServiceAccountEmails and oauthClientId should be configured.
 # Other fields are related to OAuth-based authentication and will be removed.
 auth:
-  # Deprecated: Use OIDC-based auth instead. This field is for OAuth-based auth.
-  # OAuth scopes to detect on access tokens. Superset of requiredOauthScopes.
-  availableOauthScopes:
-  - https://www.googleapis.com/auth/userinfo.email
-
-  # Deprecated: Use OIDC-based auth instead. This field is for OAuth-based auth.
-  # OAuth scopes required for authenticating. Subset of availableOauthScopes.
-  requiredOauthScopes:
-  - https://www.googleapis.com/auth/userinfo.email
-
-  # Deprecated: Use OIDC-based auth instead. This field is for OAuth-based auth.
-  # OAuth client IDs that are allowed to authenticate and communicate with
-  # backend services, e.g. nomulus tool, EPP proxy, etc. The value in
-  # registryTool.clientId field should be included in this list. Client IDs are
-  # typically of the format
-  # numbers-alphanumerics.apps.googleusercontent.com
-  allowedOauthClientIds: []
-
   # Service accounts (e.g. default service account, account used by Cloud
   # Scheduler) allowed to send authenticated requests.
   allowedServiceAccountEmails:
@@ -443,6 +425,9 @@ misc:
   # Whether emails may be sent. For Prod and Sandbox this should be true.
   isEmailSendingEnabled: false
 
+  # Delay between bulk messages to avoid triggering Gmail fraud checks
+  emailThrottleSeconds: 30
+
   # Address we send alert summary emails to.
   alertRecipientEmailAddress: email@example.com
 

core/src/main/java/google/registry/config/files/nomulus-config-production-sample.yaml

@@ -1,76 +0,0 @@
-# This is a sample production config (to be deployed in the WEB-INF directory).
-# This is the same as what Google Registry runs in production, except with
-# placeholders for Google-specific settings.
-
-gcpProject:
-  projectId: placeholder
-  # Set to true if running against local servers (localhost)
-  isLocal: false
-  # The "<service>-dot-" prefix is used on the project ID in this URL in order
-  # to get around an issue with double-wildcard SSL certs.
-  defaultServiceUrl: https://domain-registry-placeholder.appspot.com
-  backendServiceUrl: https://backend-dot-domain-registry-placeholder.appspot.com
-  toolsServiceUrl: https://tools-dot-domain-registry-placeholder.appspot.com
-  pubapiServiceUrl: https://pubapi-dot-domain-registry-placeholder.appspot.com
-
-gSuite:
-  domainName: placeholder
-  outgoingEmailDisplayName: placeholder
-  outgoingEmailAddress: placeholder
-  adminAccountEmailAddress: placeholder
-  supportGroupEmailAddress: placeholder
-
-registryPolicy:
-  contactAndHostRoidSuffix: placeholder
-  productName: placeholder
-  greetingServerId: placeholder
-  registrarChangesNotificationEmailAddresses:
-    - placeholder
-    - placeholder
-  defaultRegistrarWhoisServer: placeholder
-  tmchCaMode: PRODUCTION
-  tmchCrlUrl: http://crl.icann.org/tmch.crl
-  tmchMarksDbUrl: https://ry.marksdb.org
-  checkApiServletClientId: placeholder
-  registryAdminClientId: placeholder
-  whoisDisclaimer: |
-    multi-line
-    placeholder
-
-icannReporting:
-  icannTransactionsReportingUploadUrl: https://ry-api.icann.org/report/registrar-transactions
-  icannActivityReportingUploadUrl: https://ry-api.icann.org/report/registry-functions-activity
-
-oAuth:
-  allowedOauthClientIds:
-    - placeholder.apps.googleusercontent.com
-    - placeholder-for-proxy
-
-rde:
-  reportUrlPrefix: https://ry-api.icann.org/report/registry-escrow-report
-  uploadUrl: sftp://placeholder@sftpipm2.ironmountain.com/Outbox
-  sshIdentityEmailAddress: placeholder
-
-registrarConsole:
-  logoFilename: placeholder
-  supportPhoneNumber: placeholder
-  supportEmailAddress: placeholder
-  announcementsEmailAddress: placeholder
-  integrationEmailAddress: placeholder
-  technicalDocsUrl: https://drive.google.com/drive/folders/placeholder
-
-misc:
-  sheetExportId: placeholder
-
-cloudDns:
-  rootUrl: null
-  servicePath: null
-
-keyring:
-  activeKeyring: KMS
-  kms:
-    projectId: placeholder
-
-registryTool:
-  clientId: placeholder.apps.googleusercontent.com
-  clientSecret: placeholder

core/src/main/java/google/registry/env/qa/default/WEB-INF/cloud-scheduler-tasks.xml

@@ -59,13 +59,4 @@
     </description>
     <schedule>7 3 * * *</schedule>
   </task>
-
-  <task>
-    <url><![CDATA[/_dr/task/wipeOutCloudSql]]></url>
-    <name>wipeOutCloudSql</name>
-    <description>
-      This job runs an action that deletes all data in Cloud SQL.
-    </description>
-    <schedule>7 3 * * 6</schedule>
-  </task>
 </entries>

core/src/main/java/google/registry/flows/EppTlsAction.java

@@ -29,7 +29,7 @@ import javax.servlet.http.HttpSession;
     service = Action.Service.DEFAULT,
     path = "/_dr/epp",
     method = Method.POST,
-    auth = Auth.AUTH_API_PUBLIC)
+    auth = Auth.AUTH_API_ADMIN)
 public class EppTlsAction implements Runnable {
 
   @Inject @Payload byte[] inputXmlBytes;

core/src/main/java/google/registry/model/EntityYamlUtils.java

@@ -58,13 +58,13 @@ public class EntityYamlUtils {
     SimpleModule module = new SimpleModule();
     module.addSerializer(Money.class, new MoneySerializer());
     module.addDeserializer(Money.class, new MoneyDeserializer());
+    module.addSerializer(Duration.class, new DurationSerializer());
     ObjectMapper mapper =
         JsonMapper.builder(new YAMLFactory().disable(Feature.WRITE_DOC_START_MARKER))
             .disable(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS)
             .enable(MapperFeature.SORT_PROPERTIES_ALPHABETICALLY)
-            .build()
-            .registerModule(module);
-    mapper.findAndRegisterModules();
+            .build();
+    mapper.findAndRegisterModules().registerModule(module);
     return mapper;
   }
 
@@ -201,6 +201,24 @@ public class EntityYamlUtils {
     }
   }
 
+  /** A custom JSON serializer for a {@link Duration} object. */
+  public static class DurationSerializer extends StdSerializer<Duration> {
+
+    public DurationSerializer() {
+      this(null);
+    }
+
+    public DurationSerializer(Class<Duration> t) {
+      super(t);
+    }
+
+    @Override
+    public void serialize(Duration value, JsonGenerator gen, SerializerProvider provider)
+        throws IOException {
+      gen.writeString(value.toString());
+    }
+  }
+
   /** A custom JSON serializer for an Optional of a {@link Duration} object. */
   public static class OptionalDurationSerializer extends StdSerializer<Optional<Duration>> {
 
@@ -216,7 +234,7 @@ public class EntityYamlUtils {
     public void serialize(Optional<Duration> value, JsonGenerator gen, SerializerProvider provider)
         throws IOException {
       if (value.isPresent()) {
-        gen.writeNumber(value.get().getMillis());
+        gen.writeString(value.get().toString());
       } else {
         gen.writeNull();
       }

core/src/main/java/google/registry/model/console/User.java

@@ -35,21 +35,16 @@ import javax.persistence.Table;
 
 /** A console user, either a registry employee or a registrar partner. */
 @Entity
-@Table(
-    indexes = {
-      @Index(columnList = "gaiaId", name = "user_gaia_id_idx"),
-      @Index(columnList = "emailAddress", name = "user_email_address_idx")
-    })
+@Table(indexes = {@Index(columnList = "emailAddress", name = "user_email_address_idx")})
 public class User extends UpdateAutoTimestampEntity implements Buildable {
 
+  private static final long serialVersionUID = 6936728603828566721L;
+
   /** Autogenerated unique ID of this user. */
   @Id
   @GeneratedValue(strategy = GenerationType.IDENTITY)
   private Long id;
 
-  /** GAIA ID associated with the user in question. */
-  private String gaiaId;
-
   /** Email address of the user in question. */
   @Column(nullable = false)
   private String emailAddress;
@@ -71,10 +66,6 @@ public class User extends UpdateAutoTimestampEntity implements Buildable {
     return id;
   }
 
-  public String getGaiaId() {
-    return gaiaId;
-  }
-
   public String getEmailAddress() {
     return emailAddress;
   }
@@ -139,12 +130,6 @@ public class User extends UpdateAutoTimestampEntity implements Buildable {
       return super.build();
     }
 
-    public Builder setGaiaId(String gaiaId) {
-      checkArgument(!isNullOrEmpty(gaiaId), "Gaia ID cannot be null or empty");
-      getInstance().gaiaId = gaiaId;
-      return this;
-    }
-
     public Builder setEmailAddress(String emailAddress) {
       getInstance().emailAddress = checkValidEmail(emailAddress);
       return this;

core/src/main/java/google/registry/model/domain/token/AllocationToken.java

@@ -305,14 +305,14 @@ public class AllocationToken extends UpdateAutoTimestampEntity implements Builda
                   new CacheLoader<VKey<AllocationToken>, Optional<AllocationToken>>() {
                     @Override
                     public Optional<AllocationToken> load(VKey<AllocationToken> key) {
-                      return tm().transact(() -> tm().loadByKeyIfPresent(key));
+                      return tm().reTransact(() -> tm().loadByKeyIfPresent(key));
                     }
 
                     @Override
                     public Map<VKey<AllocationToken>, Optional<AllocationToken>> loadAll(
                         Iterable<? extends VKey<AllocationToken>> keys) {
                       ImmutableSet<VKey<AllocationToken>> keySet = ImmutableSet.copyOf(keys);
-                      return tm().transact(
+                      return tm().reTransact(
                               () ->
                                   keySet.stream()
                                       .collect(

core/src/main/java/google/registry/model/registrar/Registrar.java

@@ -200,7 +200,11 @@ public class Registrar extends UpdateAutoTimestampEntity implements Buildable, J
 
   /** A caching {@link Supplier} of a registrarId to {@link Registrar} map. */
   private static final Supplier<ImmutableMap<String, Registrar>> CACHE_BY_REGISTRAR_ID =
-      memoizeWithShortExpiration(() -> Maps.uniqueIndex(loadAll(), Registrar::getRegistrarId));
+      memoizeWithShortExpiration(
+          () ->
+              Maps.uniqueIndex(
+                  tm().reTransact(() -> tm().loadAllOf(Registrar.class)),
+                  Registrar::getRegistrarId));
 
   /**
    * Unique registrar client id. Must conform to "clIDType" as defined in RFC5730.

core/src/main/java/google/registry/model/smd/SignedMarkRevocationListDao.java

@@ -28,7 +28,7 @@ public class SignedMarkRevocationListDao {
   /** Loads the {@link SignedMarkRevocationList}. */
   static SignedMarkRevocationList load() {
     Optional<SignedMarkRevocationList> smdrl =
-        tm().transact(
+        tm().reTransact(
                 () -> {
                   Long revisionId =
                       tm().query("SELECT MAX(revisionId) FROM SignedMarkRevocationList", Long.class)

core/src/main/java/google/registry/model/tld/Tld.java

@@ -233,7 +233,8 @@ public class Tld extends ImmutableObject implements Buildable, UnsafeSerializabl
               new CacheLoader<String, Tld>() {
                 @Override
                 public Tld load(final String tld) {
-                  return tm().transact(() -> tm().loadByKeyIfPresent(createVKey(tld))).orElse(null);
+                  return tm().reTransact(() -> tm().loadByKeyIfPresent(createVKey(tld)))
+                      .orElse(null);
                 }
 
                 @Override
@@ -241,7 +242,7 @@ public class Tld extends ImmutableObject implements Buildable, UnsafeSerializabl
                   ImmutableMap<String, VKey<Tld>> keysMap =
                       toMap(ImmutableSet.copyOf(tlds), Tld::createVKey);
                   Map<VKey<? extends Tld>, Tld> entities =
-                      tm().transact(() -> tm().loadByKeysIfPresent(keysMap.values()));
+                      tm().reTransact(() -> tm().loadByKeysIfPresent(keysMap.values()));
                   return Maps.transformEntries(keysMap, (k, v) -> entities.getOrDefault(v, null));
                 }
               });

core/src/main/java/google/registry/model/tld/Tlds.java

@@ -56,7 +56,7 @@ public final class Tlds {
   private static Supplier<ImmutableMap<String, TldType>> createFreshCache() {
     return memoizeWithShortExpiration(
         () ->
-            tm().transact(
+            tm().reTransact(
                     () -> {
                       EntityManager entityManager = tm().getEntityManager();
                       Stream<?> resultStream =

core/src/main/java/google/registry/module/backend/BackendComponent.java

@@ -43,8 +43,6 @@ import google.registry.rde.JSchModule;
 import google.registry.request.Modules.GsonModule;
 import google.registry.request.Modules.NetHttpTransportModule;
 import google.registry.request.Modules.UrlConnectionServiceModule;
-import google.registry.request.Modules.UrlFetchServiceModule;
-import google.registry.request.Modules.UrlFetchTransportModule;
 import google.registry.request.Modules.UserServiceModule;
 import google.registry.request.auth.AuthModule;
 import google.registry.util.UtilsModule;
@@ -80,8 +78,6 @@ import javax.inject.Singleton;
       SheetsServiceModule.class,
       StackdriverModule.class,
       UrlConnectionServiceModule.class,
-      UrlFetchServiceModule.class,
-      UrlFetchTransportModule.class,
       UserServiceModule.class,
       VoidDnsWriterModule.class,
       UtilsModule.class

core/src/main/java/google/registry/rdap/UpdateRegistrarRdapBaseUrlsAction.java

@@ -14,22 +14,26 @@
 
 package google.registry.rdap;
 
+import static com.google.api.client.http.HttpStatusCodes.STATUS_CODE_OK;
+import static com.google.common.net.HttpHeaders.ACCEPT_ENCODING;
 import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 import static java.nio.charset.StandardCharsets.UTF_8;
 
-import com.google.api.client.http.GenericUrl;
-import com.google.api.client.http.HttpRequest;
-import com.google.api.client.http.HttpResponse;
-import com.google.api.client.http.HttpTransport;
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableSet;
 import com.google.common.flogger.FluentLogger;
-import com.google.common.io.ByteStreams;
 import google.registry.model.registrar.Registrar;
 import google.registry.request.Action;
+import google.registry.request.HttpException.InternalServerErrorException;
+import google.registry.request.UrlConnectionService;
+import google.registry.request.UrlConnectionUtils;
 import google.registry.request.auth.Auth;
+import google.registry.util.UrlConnectionException;
 import java.io.IOException;
 import java.io.StringReader;
+import java.net.HttpURLConnection;
+import java.net.URL;
+import java.security.GeneralSecurityException;
 import javax.inject.Inject;
 import org.apache.commons.csv.CSVFormat;
 import org.apache.commons.csv.CSVParser;
@@ -41,9 +45,9 @@ import org.apache.commons.csv.CSVRecord;
  * <p>This will update ALL the REAL registrars. If a REAL registrar doesn't have an RDAP entry in
  * MoSAPI, we'll delete any BaseUrls it has.
  *
- * <p>The ICANN base website that provides this information can be found at
- * https://www.iana.org/assignments/registrar-ids/registrar-ids.xhtml. The provided CSV endpoint
- * requires no authentication.
+ * <p>The ICANN base website that provides this information can be found at <a
+ * href=https://www.iana.org/assignments/registrar-ids/registrar-ids.xhtml>here</a>. The provided
+ * CSV endpoint requires no authentication.
  */
 @Action(
     service = Action.Service.BACKEND,
@@ -52,22 +56,26 @@ import org.apache.commons.csv.CSVRecord;
     auth = Auth.AUTH_API_ADMIN)
 public final class UpdateRegistrarRdapBaseUrlsAction implements Runnable {
 
-  private static final GenericUrl RDAP_IDS_URL =
-      new GenericUrl("https://www.iana.org/assignments/registrar-ids/registrar-ids-1.csv");
+  private static final String RDAP_IDS_URL =
+      "https://www.iana.org/assignments/registrar-ids/registrar-ids-1.csv";
   private static final FluentLogger logger = FluentLogger.forEnclosingClass();
 
-  @Inject HttpTransport httpTransport;
+  @Inject UrlConnectionService urlConnectionService;
 
   @Inject
   UpdateRegistrarRdapBaseUrlsAction() {}
 
   @Override
   public void run() {
-    ImmutableMap<String, String> ianaIdsToUrls = getIanaIdsToUrls();
-    tm().transact(() -> processAllRegistrars(ianaIdsToUrls));
+    try {
+      ImmutableMap<String, String> ianaIdsToUrls = getIanaIdsToUrls();
+      tm().transact(() -> processAllRegistrars(ianaIdsToUrls));
+    } catch (Exception e) {
+      throw new InternalServerErrorException("Error when retrieving RDAP base URL CSV file", e);
+    }
   }
 
-  private void processAllRegistrars(ImmutableMap<String, String> ianaIdsToUrls) {
+  private static void processAllRegistrars(ImmutableMap<String, String> ianaIdsToUrls) {
     int nonUpdatedRegistrars = 0;
     for (Registrar registrar : Registrar.loadAll()) {
       // Only update REAL registrars
@@ -95,23 +103,28 @@ public final class UpdateRegistrarRdapBaseUrlsAction implements Runnable {
     logger.atInfo().log("No change in RDAP base URLs for %d registrars", nonUpdatedRegistrars);
   }
 
-  private ImmutableMap<String, String> getIanaIdsToUrls() {
+  private ImmutableMap<String, String> getIanaIdsToUrls()
+      throws IOException, GeneralSecurityException {
     CSVParser csv;
+    HttpURLConnection connection = urlConnectionService.createConnection(new URL(RDAP_IDS_URL));
+    // Explictly set the accepted encoding, as we know Brotli causes us problems when talking to
+    // ICANN.
+    connection.setRequestProperty(ACCEPT_ENCODING, "gzip");
+    String csvString;
     try {
-      HttpRequest request = httpTransport.createRequestFactory().buildGetRequest(RDAP_IDS_URL);
-      // AppEngine might insert accept-encodings for us if we use the default gzip, so remove it
-      request.getHeaders().setAcceptEncoding(null);
-      HttpResponse response = request.execute();
-      String csvString = new String(ByteStreams.toByteArray(response.getContent()), UTF_8);
-      csv =
-          CSVFormat.Builder.create(CSVFormat.DEFAULT)
-              .setHeader()
-              .setSkipHeaderRecord(true)
-              .build()
-              .parse(new StringReader(csvString));
-    } catch (IOException e) {
-      throw new RuntimeException("Error when retrieving RDAP base URL CSV file", e);
+      if (connection.getResponseCode() != STATUS_CODE_OK) {
+        throw new UrlConnectionException("Failed to load RDAP base URLs from ICANN", connection);
+      }
+      csvString = new String(UrlConnectionUtils.getResponseBytes(connection), UTF_8);
+    } finally {
+      connection.disconnect();
     }
+    csv =
+        CSVFormat.Builder.create(CSVFormat.DEFAULT)
+            .setHeader()
+            .setSkipHeaderRecord(true)
+            .build()
+            .parse(new StringReader(csvString));
     ImmutableMap.Builder<String, String> result = new ImmutableMap.Builder<>();
     for (CSVRecord record : csv) {
       String ianaIdentifierString = record.get("ID");

core/src/main/java/google/registry/rde/RdeReporter.java

@@ -14,25 +14,23 @@
 
 package google.registry.rde;
 
-import static com.google.appengine.api.urlfetch.FetchOptions.Builder.validateCertificate;
-import static com.google.appengine.api.urlfetch.HTTPMethod.PUT;
-import static com.google.common.io.BaseEncoding.base64;
-import static com.google.common.net.HttpHeaders.AUTHORIZATION;
-import static com.google.common.net.HttpHeaders.CONTENT_TYPE;
+import static com.google.api.client.http.HttpStatusCodes.STATUS_CODE_BAD_REQUEST;
+import static com.google.api.client.http.HttpStatusCodes.STATUS_CODE_OK;
+import static google.registry.request.UrlConnectionUtils.getResponseBytes;
+import static google.registry.request.UrlConnectionUtils.setBasicAuth;
+import static google.registry.request.UrlConnectionUtils.setPayload;
 import static google.registry.util.DomainNameUtils.canonicalizeHostname;
 import static java.nio.charset.StandardCharsets.UTF_8;
-import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
-import static javax.servlet.http.HttpServletResponse.SC_OK;
 
-import com.google.appengine.api.urlfetch.HTTPHeader;
-import com.google.appengine.api.urlfetch.HTTPRequest;
+import com.google.api.client.http.HttpMethods;
 import com.google.appengine.api.urlfetch.HTTPResponse;
-import com.google.appengine.api.urlfetch.URLFetchService;
 import com.google.common.flogger.FluentLogger;
+import com.google.common.net.MediaType;
 import google.registry.config.RegistryConfig.Config;
 import google.registry.keyring.api.KeyModule.Key;
 import google.registry.request.HttpException.InternalServerErrorException;
-import google.registry.util.Retrier;
+import google.registry.request.UrlConnectionService;
+import google.registry.util.UrlConnectionException;
 import google.registry.xjc.XjcXmlTransformer;
 import google.registry.xjc.iirdea.XjcIirdeaResponseElement;
 import google.registry.xjc.iirdea.XjcIirdeaResult;
@@ -40,10 +38,11 @@ import google.registry.xjc.rdeheader.XjcRdeHeader;
 import google.registry.xjc.rdereport.XjcRdeReportReport;
 import google.registry.xml.XmlException;
 import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.net.HttpURLConnection;
 import java.net.MalformedURLException;
-import java.net.SocketTimeoutException;
 import java.net.URL;
-import java.util.Arrays;
+import java.security.GeneralSecurityException;
 import javax.inject.Inject;
 
 /**
@@ -59,49 +58,47 @@ public class RdeReporter {
    * @see <a href="http://tools.ietf.org/html/draft-lozano-icann-registry-interfaces-05#section-4">
    *     ICANN Registry Interfaces - Interface details</a>
    */
-  private static final String REPORT_MIME = "text/xml";
+  private static final MediaType MEDIA_TYPE = MediaType.XML_UTF_8;
 
-  @Inject Retrier retrier;
-  @Inject URLFetchService urlFetchService;
+  @Inject UrlConnectionService urlConnectionService;
 
   @Inject @Config("rdeReportUrlPrefix") String reportUrlPrefix;
   @Inject @Key("icannReportingPassword") String password;
   @Inject RdeReporter() {}
 
   /** Uploads {@code reportBytes} to ICANN. */
-  public void send(byte[] reportBytes) throws XmlException {
-    XjcRdeReportReport report = XjcXmlTransformer.unmarshal(
-        XjcRdeReportReport.class, new ByteArrayInputStream(reportBytes));
+  public void send(byte[] reportBytes) throws XmlException, GeneralSecurityException, IOException {
+    XjcRdeReportReport report =
+        XjcXmlTransformer.unmarshal(
+            XjcRdeReportReport.class, new ByteArrayInputStream(reportBytes));
     XjcRdeHeader header = report.getHeader().getValue();
 
     // Send a PUT request to ICANN's HTTPS server.
     URL url = makeReportUrl(header.getTld(), report.getId());
     String username = header.getTld() + "_ry";
-    String token = base64().encode(String.format("%s:%s", username, password).getBytes(UTF_8));
-    final HTTPRequest req = new HTTPRequest(url, PUT, validateCertificate().setDeadline(60d));
-    req.addHeader(new HTTPHeader(CONTENT_TYPE, REPORT_MIME));
-    req.addHeader(new HTTPHeader(AUTHORIZATION, "Basic " + token));
-    req.setPayload(reportBytes);
     logger.atInfo().log("Sending report:\n%s", new String(reportBytes, UTF_8));
-    HTTPResponse rsp =
-        retrier.callWithRetry(
-            () -> {
-              HTTPResponse rsp1 = urlFetchService.fetch(req);
-              int responseCode = rsp1.getResponseCode();
-              if (responseCode != SC_OK && responseCode != SC_BAD_REQUEST) {
-                logger.atSevere().log(
-                    "Failure when trying to PUT RDE report to ICANN server: %d\n%s",
-                    responseCode, Arrays.toString(rsp1.getContent()));
-                throw new RuntimeException("Error uploading deposits to ICANN");
-              }
-              return rsp1;
-            },
-            SocketTimeoutException.class);
+    HttpURLConnection connection = urlConnectionService.createConnection(url);
+    connection.setRequestMethod(HttpMethods.PUT);
+    setBasicAuth(connection, username, password);
+    setPayload(connection, reportBytes, MEDIA_TYPE.toString());
+    int responseCode;
+    byte[] responseBytes;
 
-    // Ensure the XML response is valid. The EPP result code would not be 1000 if we get an
-    // SC_BAD_REQUEST as the HTTP response code.
-    XjcIirdeaResult result = parseResult(rsp.getContent());
-    if (result.getCode().getValue() != 1000) {
+    try {
+      responseCode = connection.getResponseCode();
+      if (responseCode != STATUS_CODE_OK && responseCode != STATUS_CODE_BAD_REQUEST) {
+        logger.atWarning().log("Connection to RDE report server failed: %d", responseCode);
+        throw new UrlConnectionException("PUT failed", connection);
+      }
+      responseBytes = getResponseBytes(connection);
+    } finally {
+      connection.disconnect();
+    }
+
+    // We know that an HTTP 200 response can only contain a result code of
+    // 1000 (i. e. success), there is no need to parse it.
+    if (responseCode != STATUS_CODE_OK) {
+      XjcIirdeaResult result = parseResult(responseBytes);
       logger.atWarning().log(
           "Rejected when trying to PUT RDE report to ICANN server: %d %s\n%s",
           result.getCode().getValue(), result.getMsg(), result.getDescription());
@@ -116,10 +113,11 @@ public class RdeReporter {
    *     href="http://tools.ietf.org/html/draft-lozano-icann-registry-interfaces-05#section-4.1">
    *     ICANN Registry Interfaces - IIRDEA Result Object</a>
    */
-  private XjcIirdeaResult parseResult(byte[] responseBytes) throws XmlException {
+  private static XjcIirdeaResult parseResult(byte[] responseBytes) throws XmlException {
     logger.atInfo().log("Received response:\n%s", new String(responseBytes, UTF_8));
-    XjcIirdeaResponseElement response = XjcXmlTransformer.unmarshal(
-        XjcIirdeaResponseElement.class, new ByteArrayInputStream(responseBytes));
+    XjcIirdeaResponseElement response =
+        XjcXmlTransformer.unmarshal(
+            XjcIirdeaResponseElement.class, new ByteArrayInputStream(responseBytes));
     return response.getResult();
   }
 

core/src/main/java/google/registry/reporting/billing/BillingEmailUtils.java

@@ -53,7 +53,7 @@ public class BillingEmailUtils {
       GmailClient gmailClient,
       YearMonth yearMonth,
       @Config("gSuiteOutgoingEmailAddress") InternetAddress outgoingEmailAddress,
-      @Config("alertRecipientEmailAddress") InternetAddress alertRecipientAddress,
+      @Config("newAlertRecipientEmailAddress") InternetAddress alertRecipientAddress,
       @Config("invoiceEmailRecipients") ImmutableList<InternetAddress> invoiceEmailRecipients,
       @Config("invoiceReplyToEmailAddress") Optional<InternetAddress> replyToEmailAddress,
       @Config("billingBucket") String billingBucket,

core/src/main/java/google/registry/reporting/icann/IcannHttpReporter.java

@@ -14,33 +14,31 @@
 
 package google.registry.reporting.icann;
 
+import static com.google.api.client.http.HttpStatusCodes.STATUS_CODE_BAD_REQUEST;
+import static com.google.api.client.http.HttpStatusCodes.STATUS_CODE_OK;
 import static com.google.common.base.Preconditions.checkArgument;
 import static com.google.common.net.MediaType.CSV_UTF_8;
 import static google.registry.model.tld.Tlds.assertTldExists;
-import static java.nio.charset.StandardCharsets.UTF_8;
 
-import com.google.api.client.http.ByteArrayContent;
-import com.google.api.client.http.GenericUrl;
-import com.google.api.client.http.HttpHeaders;
-import com.google.api.client.http.HttpRequest;
-import com.google.api.client.http.HttpResponse;
-import com.google.api.client.http.HttpResponseException;
-import com.google.api.client.http.HttpStatusCodes;
-import com.google.api.client.http.HttpTransport;
+import com.google.api.client.http.HttpMethods;
 import com.google.common.base.Ascii;
 import com.google.common.base.Splitter;
 import com.google.common.flogger.FluentLogger;
-import com.google.common.io.BaseEncoding;
-import com.google.common.io.ByteStreams;
 import google.registry.config.RegistryConfig.Config;
 import google.registry.keyring.api.KeyModule.Key;
 import google.registry.reporting.icann.IcannReportingModule.ReportType;
+import google.registry.request.UrlConnectionService;
+import google.registry.request.UrlConnectionUtils;
 import google.registry.xjc.XjcXmlTransformer;
 import google.registry.xjc.iirdea.XjcIirdeaResponseElement;
 import google.registry.xjc.iirdea.XjcIirdeaResult;
 import google.registry.xml.XmlException;
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
+import java.net.HttpURLConnection;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.security.GeneralSecurityException;
 import java.util.List;
 import javax.inject.Inject;
 import org.joda.time.YearMonth;
@@ -62,78 +60,64 @@ public class IcannHttpReporter {
 
   private static final FluentLogger logger = FluentLogger.forEnclosingClass();
 
-  @Inject HttpTransport httpTransport;
-  @Inject @Key("icannReportingPassword") String password;
-  @Inject @Config("icannTransactionsReportingUploadUrl") String icannTransactionsUrl;
-  @Inject @Config("icannActivityReportingUploadUrl") String icannActivityUrl;
-  @Inject IcannHttpReporter() {}
+  @Inject UrlConnectionService urlConnectionService;
+
+  @Inject
+  @Key("icannReportingPassword")
+  String password;
+
+  @Inject
+  @Config("icannTransactionsReportingUploadUrl")
+  String icannTransactionsUrl;
+
+  @Inject
+  @Config("icannActivityReportingUploadUrl")
+  String icannActivityUrl;
+
+  @Inject
+  IcannHttpReporter() {}
 
   /** Uploads {@code reportBytes} to ICANN, returning whether or not it succeeded. */
-  public boolean send(byte[] reportBytes, String reportFilename) throws XmlException, IOException {
+  public boolean send(byte[] reportBytes, String reportFilename)
+      throws GeneralSecurityException, XmlException, IOException {
     validateReportFilename(reportFilename);
-    GenericUrl uploadUrl = new GenericUrl(makeUrl(reportFilename));
-    HttpRequest request =
-        httpTransport
-            .createRequestFactory()
-            .buildPutRequest(uploadUrl, new ByteArrayContent(CSV_UTF_8.toString(), reportBytes));
-
-    HttpHeaders headers = request.getHeaders();
-    headers.setBasicAuthentication(getTld(reportFilename) + "_ry", password);
-    headers.setContentType(CSV_UTF_8.toString());
-    request.setHeaders(headers);
-    request.setFollowRedirects(false);
-    request.setThrowExceptionOnExecuteError(false);
-
-    HttpResponse response = null;
+    URL uploadUrl = makeUrl(reportFilename);
     logger.atInfo().log(
-        "Sending report to %s with content length %d.",
-        uploadUrl, request.getContent().getLength());
-    boolean success = true;
+        "Sending report to %s with content length %d.", uploadUrl, reportBytes.length);
+    HttpURLConnection connection = urlConnectionService.createConnection(uploadUrl);
+    connection.setRequestMethod(HttpMethods.PUT);
+    UrlConnectionUtils.setBasicAuth(connection, getTld(reportFilename) + "_ry", password);
+    UrlConnectionUtils.setPayload(connection, reportBytes, CSV_UTF_8.toString());
+    connection.setInstanceFollowRedirects(false);
+
+    int responseCode;
+    byte[] content;
     try {
-      response = request.execute();
-      // Only responses with a 200 or 400 status have a body. For everything else, throw so that
-      // the caller catches it and prints the stack trace.
-      if (response.getStatusCode() != HttpStatusCodes.STATUS_CODE_OK
-          && response.getStatusCode() != HttpStatusCodes.STATUS_CODE_BAD_REQUEST) {
-        throw new HttpResponseException(response);
-      }
-      byte[] content;
-      try {
-        content = ByteStreams.toByteArray(response.getContent());
-      } finally {
-        response.getContent().close();
-      }
-      logger.atInfo().log(
-          "Received response code %d\n\n"
-              + "Response headers: %s\n\n"
-              + "Response content in UTF-8: %s\n\n"
-              + "Response content in HEX: %s",
-          response.getStatusCode(),
-          response.getHeaders(),
-          new String(content, UTF_8),
-          BaseEncoding.base16().encode(content));
-      // For reasons unclear at the moment, when we parse the response content using UTF-8 we get
-      // garbled texts. Since we know that an HTTP 200 response can only contain a result code of
-      // 1000 (i. e. success), there is no need to parse it.
-      if (response.getStatusCode() == HttpStatusCodes.STATUS_CODE_BAD_REQUEST) {
-        success = false;
-        XjcIirdeaResult result = parseResult(content);
-        logger.atWarning().log(
-            "PUT rejected, status code %s:\n%s\n%s",
-            result.getCode().getValue(), result.getMsg(), result.getDescription());
+      responseCode = connection.getResponseCode();
+      // Only responses with a 200 or 400 status have a body. For everything else, we can return
+      // false early.
+      if (responseCode != STATUS_CODE_OK && responseCode != STATUS_CODE_BAD_REQUEST) {
+        logger.atWarning().log("Connection to ICANN server failed", connection);
+        return false;
       }
+      content = UrlConnectionUtils.getResponseBytes(connection);
     } finally {
-      if (response != null) {
-        response.disconnect();
-      } else {
-        success = false;
-        logger.atWarning().log("Received null response from ICANN server at %s", uploadUrl);
-      }
+      connection.disconnect();
     }
-    return success;
+    // We know that an HTTP 200 response can only contain a result code of
+    // 1000 (i. e. success), there is no need to parse it.
+    // See: https://tools.ietf.org/html/draft-lozano-icann-registry-interfaces-13#page-16
+    if (responseCode != STATUS_CODE_OK) {
+      XjcIirdeaResult result = parseResult(content);
+      logger.atWarning().log(
+          "PUT rejected, status code %s:\n%s\n%s",
+          result.getCode().getValue(), result.getMsg(), result.getDescription());
+      return false;
+    }
+    return true;
   }
 
-  private XjcIirdeaResult parseResult(byte[] content) throws XmlException {
+  private static XjcIirdeaResult parseResult(byte[] content) throws XmlException {
     XjcIirdeaResponseElement response =
         XjcXmlTransformer.unmarshal(
             XjcIirdeaResponseElement.class, new ByteArrayInputStream(content));
@@ -141,7 +125,7 @@ public class IcannHttpReporter {
   }
 
   /** Verifies a given report filename matches the pattern tld-reportType-yyyyMM.csv. */
-  private void validateReportFilename(String filename) {
+  private static void validateReportFilename(String filename) {
     checkArgument(
         filename.matches("[a-z0-9.\\-]+-((activity)|(transactions))-[0-9]{6}\\.csv"),
         "Expected file format: tld-reportType-yyyyMM.csv, got %s instead",
@@ -149,12 +133,12 @@ public class IcannHttpReporter {
     assertTldExists(getTld(filename));
   }
 
-  private String getTld(String filename) {
+  private static String getTld(String filename) {
     // Extract the TLD, up to second-to-last hyphen in the filename (works with international TLDs)
     return filename.substring(0, filename.lastIndexOf('-', filename.lastIndexOf('-') - 1));
   }
 
-  private String makeUrl(String filename) {
+  private URL makeUrl(String filename) throws MalformedURLException {
     // Filename is in the format tld-reportType-yearMonth.csv
     String tld = getTld(filename);
     // Remove the tld- prefix and csv suffix
@@ -164,7 +148,7 @@ public class IcannHttpReporter {
     // Re-add hyphen between year and month, because ICANN is inconsistent between filename and URL
     String yearMonth =
         YearMonth.parse(elements.get(1), DateTimeFormat.forPattern("yyyyMM")).toString("yyyy-MM");
-    return String.format("%s/%s/%s", getUrlPrefix(reportType), tld, yearMonth);
+    return new URL(String.format("%s/%s/%s", getUrlPrefix(reportType), tld, yearMonth));
   }
 
   private String getUrlPrefix(ReportType reportType) {

core/src/main/java/google/registry/reporting/spec11/Spec11EmailUtils.java

@@ -37,11 +37,13 @@ import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarPoc;
 import google.registry.reporting.spec11.soy.Spec11EmailSoyInfo;
 import google.registry.util.EmailMessage;
+import google.registry.util.Sleeper;
 import java.util.List;
 import java.util.Map;
 import javax.inject.Inject;
 import javax.mail.MessagingException;
 import javax.mail.internet.InternetAddress;
+import org.joda.time.Duration;
 import org.joda.time.LocalDate;
 
 /** Provides e-mail functionality for Spec11 tasks, such as sending Spec11 reports to registrars. */
@@ -57,6 +59,8 @@ public class Spec11EmailUtils {
           .build()
           .compileToTofu();
   private final GmailClient gmailClient;
+  private final Sleeper sleeper;
+  private final Duration emailThrottleDuration;
   private final InternetAddress outgoingEmailAddress;
   private final ImmutableList<InternetAddress> spec11BccEmailAddresses;
   private final InternetAddress alertRecipientAddress;
@@ -66,12 +70,16 @@ public class Spec11EmailUtils {
   @Inject
   Spec11EmailUtils(
       GmailClient gmailClient,
+      Sleeper sleeper,
+      @Config("emailThrottleDuration") Duration emailThrottleDuration,
       @Config("newAlertRecipientEmailAddress") InternetAddress alertRecipientAddress,
       @Config("spec11OutgoingEmailAddress") InternetAddress spec11OutgoingEmailAddress,
       @Config("spec11BccEmailAddresses") ImmutableList<InternetAddress> spec11BccEmailAddresses,
       @Config("spec11WebResources") ImmutableList<String> spec11WebResources,
       @Config("registryName") String registryName) {
     this.gmailClient = gmailClient;
+    this.sleeper = sleeper;
+    this.emailThrottleDuration = emailThrottleDuration;
     this.outgoingEmailAddress = spec11OutgoingEmailAddress;
     this.spec11BccEmailAddresses = spec11BccEmailAddresses;
     this.alertRecipientAddress = alertRecipientAddress;
@@ -94,6 +102,13 @@ public class Spec11EmailUtils {
     for (RegistrarThreatMatches registrarThreatMatches : registrarThreatMatchesSet) {
       RegistrarThreatMatches filteredMatches = filterOutNonPublishedMatches(registrarThreatMatches);
       if (!filteredMatches.threatMatches().isEmpty()) {
+        if (numRegistrarsEmailed > 0) {
+          try {
+            sleeper.sleep(emailThrottleDuration);
+          } catch (InterruptedException ie) {
+            throw new RuntimeException(ie);
+          }
+        }
         try {
           // Handle exceptions individually per registrar so that one failed email doesn't prevent
           // the rest from being sent.
@@ -156,7 +171,7 @@ public class Spec11EmailUtils {
     gmailClient.sendEmail(
         EmailMessage.newBuilder()
             .setSubject(subject)
-            .setBody(getContent(date, soyTemplateInfo, registrarThreatMatches))
+            .setBody(getEmailBody(date, soyTemplateInfo, registrarThreatMatches))
             .setContentType(MediaType.HTML_UTF_8)
             .setFrom(outgoingEmailAddress)
             .addRecipient(getEmailAddressForRegistrar(registrarThreatMatches.clientId()))
@@ -164,7 +179,7 @@ public class Spec11EmailUtils {
             .build());
   }
 
-  private String getContent(
+  private String getEmailBody(
       LocalDate date,
       SoyTemplateInfo soyTemplateInfo,
       RegistrarThreatMatches registrarThreatMatches) {
@@ -175,7 +190,7 @@ public class Spec11EmailUtils {
             .map(
                 threatMatch ->
                     ImmutableMap.of(
-                        "domainName", threatMatch.domainName(),
+                        "domainName", toEmailSafeString(threatMatch.domainName()),
                         "threatType", threatMatch.threatType()))
             .collect(toImmutableList());
 
@@ -190,6 +205,12 @@ public class Spec11EmailUtils {
     return renderer.render();
   }
 
+  // Mutates a known bad domain to pass spam checks by Email sender and clients, as suggested by
+  // the Gmail abuse-detection team.
+  private String toEmailSafeString(String knownUnsafeDomain) {
+    return knownUnsafeDomain.replace(".", "[.]");
+  }
+
   /** Sends an e-mail indicating the state of the spec11 pipeline, with a given subject and body. */
   void sendAlertEmail(String subject, String body) {
     try {

core/src/main/java/google/registry/request/Modules.java

@@ -14,20 +14,18 @@
 
 package google.registry.request;
 
-import com.google.api.client.extensions.appengine.http.UrlFetchTransport;
 import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport;
-import com.google.api.client.http.HttpTransport;
 import com.google.api.client.http.javanet.NetHttpTransport;
 import com.google.api.client.json.JsonFactory;
 import com.google.api.client.json.gson.GsonFactory;
-import com.google.appengine.api.urlfetch.URLFetchService;
-import com.google.appengine.api.urlfetch.URLFetchServiceFactory;
 import com.google.appengine.api.users.UserService;
 import com.google.appengine.api.users.UserServiceFactory;
 import dagger.Module;
 import dagger.Provides;
 import java.net.HttpURLConnection;
 import javax.inject.Singleton;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
 
 /** Dagger modules for App Engine services and other vendor classes. */
 public final class Modules {
@@ -37,18 +35,16 @@ public final class Modules {
   public static final class UrlConnectionServiceModule {
     @Provides
     static UrlConnectionService provideUrlConnectionService() {
-      return url -> (HttpURLConnection) url.openConnection();
-    }
-  }
-
-  /** Dagger module for {@link URLFetchService}. */
-  @Module
-  public static final class UrlFetchServiceModule {
-    private static final URLFetchService fetchService = URLFetchServiceFactory.getURLFetchService();
-
-    @Provides
-    static URLFetchService provideUrlFetchService() {
-      return fetchService;
+      return url -> {
+        HttpURLConnection connection = (HttpURLConnection) url.openConnection();
+        if (connection instanceof HttpsURLConnection) {
+          HttpsURLConnection httpsConnection = (HttpsURLConnection) connection;
+          SSLContext tls13Context = SSLContext.getInstance("TLSv1.3");
+          tls13Context.init(null, null, null);
+          httpsConnection.setSSLSocketFactory(tls13Context.getSocketFactory());
+        }
+        return connection;
+      };
     }
   }
 
@@ -72,17 +68,6 @@ public final class Modules {
     }
   }
 
-  /** Dagger module that causes the App Engine's URL fetcher to be used for Google APIs requests. */
-  @Module
-  public static final class UrlFetchTransportModule {
-    private static final UrlFetchTransport HTTP_TRANSPORT = new UrlFetchTransport();
-
-    @Provides
-    static HttpTransport provideHttpTransport() {
-      return HTTP_TRANSPORT;
-    }
-  }
-
   /**
    * Dagger module that provides standard {@link NetHttpTransport}. Used in non App Engine
    * environment.

core/src/main/java/google/registry/request/RequestHandler.java

@@ -17,6 +17,7 @@ package google.registry.request;
 import static com.google.common.base.Preconditions.checkNotNull;
 import static com.google.common.net.MediaType.PLAIN_TEXT_UTF_8;
 import static javax.servlet.http.HttpServletResponse.SC_FORBIDDEN;
+import static javax.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
 import static javax.servlet.http.HttpServletResponse.SC_METHOD_NOT_ALLOWED;
 import static javax.servlet.http.HttpServletResponse.SC_NOT_FOUND;
 
@@ -162,6 +163,10 @@ public class RequestHandler<C> {
     } catch (HttpException e) {
       e.send(rsp);
       success = false;
+    } catch (Exception e) {
+      rsp.setStatus(SC_INTERNAL_SERVER_ERROR);
+      rsp.getWriter().write("Internal server error, please try again later");
+      logger.atSevere().withCause(e).log("Encountered internal server error");
     } finally {
       requestMetrics.record(
           new Duration(startTime, clock.nowUtc()),

core/src/main/java/google/registry/request/UrlConnectionUtils.java

@@ -27,15 +27,20 @@ import com.google.common.io.ByteStreams;
 import com.google.common.net.MediaType;
 import java.io.DataOutputStream;
 import java.io.IOException;
+import java.io.InputStream;
 import java.net.URLConnection;
 import java.util.Random;
 
-/** Utilities for common functionality relating to {@link java.net.URLConnection}s. */
-public class UrlConnectionUtils {
+/** Utilities for common functionality relating to {@link URLConnection}s. */
+public final class UrlConnectionUtils {
+
+  private UrlConnectionUtils() {}
 
   /** Retrieves the response from the given connection as a byte array. */
   public static byte[] getResponseBytes(URLConnection connection) throws IOException {
-    return ByteStreams.toByteArray(connection.getInputStream());
+    try (InputStream is = connection.getInputStream()) {
+      return ByteStreams.toByteArray(is);
+    }
   }
 
   /** Sets auth on the given connection with the given username/password. */

core/src/main/java/google/registry/request/auth/Auth.java

@@ -15,8 +15,6 @@
 package google.registry.request.auth;
 
 import com.google.common.collect.ImmutableList;
-import google.registry.flows.EppTlsAction;
-import google.registry.flows.TlsCredentials;
 import google.registry.request.auth.AuthSettings.AuthLevel;
 import google.registry.request.auth.AuthSettings.AuthMethod;
 import google.registry.request.auth.AuthSettings.UserPolicy;
@@ -48,30 +46,18 @@ public enum Auth {
    * Allows anyone to access, as long as they are logged in.
    *
    * <p>This is used by legacy registrar console programmatic endpoints (those that extend {@link
-   * JsonGetAction}, which are accessed via XHR requests sent from a logged-in user when performing
+   * JsonGetAction}), which are accessed via XHR requests sent from a logged-in user when performing
    * actions on the console.
    */
   AUTH_PUBLIC_LOGGED_IN(
       ImmutableList.of(AuthMethod.API, AuthMethod.LEGACY), AuthLevel.USER, UserPolicy.PUBLIC),
 
   /**
-   * Allows any client to access, as long as they are logged in via API-based authentication
-   * mechanisms.
+   * Allows only the app itself (via service accounts) or admins to access.
    *
-   * <p>This is used by the proxy to access Nomulus endpoints. The proxy service account does NOT
-   * have admin privileges. For EPP, we handle client authentication within {@link EppTlsAction},
-   * using {@link TlsCredentials}. For WHOIS, anyone connecting to the proxy can access.
-   *
-   * <p>Note that the proxy service account DOES need to be allow-listed in the {@code
-   * auth.allowedServiceAccountEmails} field in the config YAML file in order for OIDC-based
-   * authentication to pass.
-   */
-  AUTH_API_PUBLIC(ImmutableList.of(AuthMethod.API), AuthLevel.APP, UserPolicy.PUBLIC),
-
-  /**
-   * Allows only admins to access.
-   *
-   * <p>This applies to the majority of the endpoints.
+   * <p>This applies to the majority of the endpoints. For APP level authentication to work, the
+   * associated service account needs to be allowlisted in the {@code
+   * auth.allowedServiceAccountEmails} field in the config YAML file.
    */
   AUTH_API_ADMIN(ImmutableList.of(AuthMethod.API), AuthLevel.APP, UserPolicy.ADMIN);
 

core/src/main/java/google/registry/request/auth/AuthModule.java

@@ -16,8 +16,6 @@ package google.registry.request.auth;
 
 import static com.google.common.net.HttpHeaders.AUTHORIZATION;
 
-import com.google.appengine.api.oauth.OAuthService;
-import com.google.appengine.api.oauth.OAuthServiceFactory;
 import com.google.auth.oauth2.TokenVerifier;
 import com.google.common.collect.ImmutableList;
 import dagger.Module;
@@ -36,9 +34,6 @@ public class AuthModule {
   // IAP-signed JWT will be in this header.
   // See https://cloud.google.com/iap/docs/signed-headers-howto#securing_iap_headers.
   public static final String IAP_HEADER_NAME = "X-Goog-IAP-JWT-Assertion";
-  // GAE will put the content in header "proxy-authorization" in this header when it routes the
-  // request to the app.
-  public static final String PROXY_HEADER_NAME = "X-Google-Proxy-Authorization";
   public static final String BEARER_PREFIX = "Bearer ";
   // TODO: Change the IAP audience format once we are on GKE.
   // See: https://cloud.google.com/iap/docs/signed-headers-howto#verifying_the_jwt_payload
@@ -46,16 +41,12 @@ public class AuthModule {
   private static final String IAP_ISSUER_URL = "https://cloud.google.com/iap";
   private static final String REGULAR_ISSUER_URL = "https://accounts.google.com";
 
-  /** Provides the custom authentication mechanisms (including OAuth and OIDC). */
+  /** Provides the custom authentication mechanisms. */
   @Provides
   ImmutableList<AuthenticationMechanism> provideApiAuthenticationMechanisms(
-      OAuthAuthenticationMechanism oauthAuthenticationMechanism,
       IapOidcAuthenticationMechanism iapOidcAuthenticationMechanism,
       RegularOidcAuthenticationMechanism regularOidcAuthenticationMechanism) {
-    return ImmutableList.of(
-        oauthAuthenticationMechanism,
-        iapOidcAuthenticationMechanism,
-        regularOidcAuthenticationMechanism);
+    return ImmutableList.of(iapOidcAuthenticationMechanism, regularOidcAuthenticationMechanism);
   }
 
   @Qualifier
@@ -64,12 +55,6 @@ public class AuthModule {
   @Qualifier
   @interface RegularOidc {}
 
-  /** Provides the OAuthService instance. */
-  @Provides
-  OAuthService provideOauthService() {
-    return OAuthServiceFactory.getOAuthService();
-  }
-
   @Provides
   @IapOidc
   @Singleton
@@ -98,11 +83,7 @@ public class AuthModule {
   @Singleton
   TokenExtractor provideRegularTokenExtractor() {
     return request -> {
-      // TODO: only check the Authorizaiton header after the migration to OIDC is complete.
-      String rawToken = request.getHeader(PROXY_HEADER_NAME);
-      if (rawToken == null) {
-        rawToken = request.getHeader(AUTHORIZATION);
-      }
+      String rawToken = request.getHeader(AUTHORIZATION);
       if (rawToken != null && rawToken.startsWith(BEARER_PREFIX)) {
         return rawToken.substring(BEARER_PREFIX.length());
       }

core/src/main/java/google/registry/request/auth/AuthResult.java

@@ -14,7 +14,9 @@
 
 package google.registry.request.auth;
 
-import static com.google.common.base.Preconditions.checkNotNull;
+import static com.google.common.base.Preconditions.checkArgument;
+import static google.registry.request.auth.AuthSettings.AuthLevel.APP;
+import static google.registry.request.auth.AuthSettings.AuthLevel.USER;
 
 import com.google.auto.value.AutoValue;
 import google.registry.request.auth.AuthSettings.AuthLevel;
@@ -22,8 +24,8 @@ import java.util.Optional;
 import javax.annotation.Nullable;
 
 /**
- * Results of authentication for a given HTTP request, as emitted by an
- * {@link AuthenticationMechanism}.
+ * Results of authentication for a given HTTP request, as emitted by an {@link
+ * AuthenticationMechanism}.
  */
 @AutoValue
 public abstract class AuthResult {
@@ -33,6 +35,10 @@ public abstract class AuthResult {
   /** Information about the authenticated user, if there is one. */
   public abstract Optional<UserAuthInfo> userAuthInfo();
 
+  /** Service account email of the authenticated app, if there is one. */
+  @SuppressWarnings("unused") // The service account will be logged upon successful login.
+  public abstract Optional<String> appServiceAccount();
+
   public boolean isAuthenticated() {
     return authLevel() != AuthLevel.NONE;
   }
@@ -47,15 +53,27 @@ public abstract class AuthResult {
         .orElse("<logged-out user>");
   }
 
-  public static AuthResult create(AuthLevel authLevel) {
-    return new AutoValue_AuthResult(authLevel, Optional.empty());
+  public static AuthResult createApp(String email) {
+    return create(APP, null, email);
   }
 
-  public static AuthResult create(AuthLevel authLevel, @Nullable UserAuthInfo userAuthInfo) {
-    if (authLevel == AuthLevel.USER) {
-      checkNotNull(userAuthInfo);
-    }
-    return new AutoValue_AuthResult(authLevel, Optional.ofNullable(userAuthInfo));
+  public static AuthResult createUser(UserAuthInfo userAuthInfo) {
+    return create(USER, userAuthInfo, null);
+  }
+
+  private static AuthResult create(
+      AuthLevel authLevel, @Nullable UserAuthInfo userAuthInfo, @Nullable String email) {
+    checkArgument(
+        userAuthInfo == null || email == null,
+        "User auth info and service account email cannot be specificed at the same time");
+    checkArgument(
+        authLevel != USER || userAuthInfo != null,
+        "User auth info must be specified for auth level USER");
+    checkArgument(
+        authLevel != APP || email != null,
+        "Service account email must be specified for auth level APP");
+    return new AutoValue_AuthResult(
+        authLevel, Optional.ofNullable(userAuthInfo), Optional.ofNullable(email));
   }
 
   /**
@@ -67,5 +85,5 @@ public abstract class AuthResult {
    * returns NOT_AUTHENTICATED in this case, as opposed to absent() if authentication failed and was
    * required. So as a return from an authorization check, this can be treated as a success.
    */
-  public static final AuthResult NOT_AUTHENTICATED = create(AuthLevel.NONE);
+  public static final AuthResult NOT_AUTHENTICATED = create(AuthLevel.NONE, null, null);
 }

core/src/main/java/google/registry/request/auth/AuthSettings.java

@@ -17,6 +17,7 @@ package google.registry.request.auth;
 import com.google.auto.value.AutoValue;
 import com.google.common.collect.ImmutableList;
 import com.google.errorprone.annotations.Immutable;
+import google.registry.model.console.UserRoles;
 
 /**
  * Parameters used to configure the authenticator.
@@ -42,7 +43,10 @@ public abstract class AuthSettings {
   /** Available methods for authentication. */
   public enum AuthMethod {
 
-    /** Authentication methods suitable for API-style access, such as OAuth 2. */
+    /**
+     * Authentication methods suitable for API-style access, such as {@link
+     * OidcTokenAuthenticationMechanism}.
+     */
     API,
 
     /** Legacy authentication using cookie-based App Engine Users API. Must come last if present. */
@@ -68,10 +72,11 @@ public abstract class AuthSettings {
     /**
      * Authentication required, but user not required.
      *
-     * <p>In Auth: Authentication is required, but app-internal authentication (which isn't
-     * associated with a specific user) is permitted.
+     * <p>In Auth: authentication is required, but App-internal authentication (which isn't
+     * associated with a specific user, but a service account) is permitted. Examples include
+     * requests from Cloud Tasks, Cloud Scheduler, and the proxy.
      *
-     * <p>In AuthResult: App-internal authentication was successful.
+     * <p>In AuthResult: App-internal authentication (via service accounts) was successful.
      */
     APP,
 
@@ -93,10 +98,14 @@ public abstract class AuthSettings {
     PUBLIC,
 
     /**
-     * If there is a user, it must be an admin, as determined by isUserAdmin().
+     * If there is a user, it must be an admin, as determined by {@link UserAuthInfo#isUserAdmin()}.
      *
-     * <p>Note that, according to App Engine, anybody with access to the app in the GCP Console,
+     * <p>Note that, if the user returned is an App Engine {@link
+     * com.google.appengine.api.users.User} , anybody with access to the app in the GCP Console,
      * including editors and viewers, is an admin.
+     *
+     * <p>On the other hand, if the user is a {@link google.registry.model.console.User}, the admin
+     * role is explicitly defined in that object via the {@link UserRoles#isAdmin()} method.
      */
     ADMIN
   }

core/src/main/java/google/registry/request/auth/AuthenticationMechanism.java

@@ -19,7 +19,7 @@ import javax.servlet.http.HttpServletRequest;
 /**
  * A particular way to authenticate an HTTP request, returning an {@link AuthResult}.
  *
- * <p>For instance, a request could be authenticated using OAuth, via special request headers, etc.
+ * <p>For instance, a request could be authenticated using OIDC, via special request headers, etc.
  */
 public interface AuthenticationMechanism {
 

core/src/main/java/google/registry/request/auth/LegacyAuthenticationMechanism.java

@@ -16,8 +16,7 @@ package google.registry.request.auth;
 
 import static com.google.common.base.Strings.emptyToNull;
 import static com.google.common.base.Strings.nullToEmpty;
-import static google.registry.request.auth.AuthSettings.AuthLevel.NONE;
-import static google.registry.request.auth.AuthSettings.AuthLevel.USER;
+import static google.registry.request.auth.AuthResult.NOT_AUTHENTICATED;
 import static google.registry.security.XsrfTokenManager.P_CSRF_TOKEN;
 import static google.registry.security.XsrfTokenManager.X_CSRF_TOKEN;
 
@@ -49,15 +48,14 @@ public class LegacyAuthenticationMechanism implements AuthenticationMechanism {
   @Override
   public AuthResult authenticate(HttpServletRequest request) {
     if (!userService.isUserLoggedIn()) {
-      return AuthResult.create(NONE);
+      return NOT_AUTHENTICATED;
     }
 
     if (!SAFE_METHODS.contains(request.getMethod()) && !validateXsrf(request)) {
-      return AuthResult.create(NONE);
+      return NOT_AUTHENTICATED;
     }
 
-    return AuthResult.create(
-        USER,
+    return AuthResult.createUser(
         UserAuthInfo.create(userService.getCurrentUser(), userService.isUserAdmin()));
   }
 

core/src/main/java/google/registry/request/auth/OAuthAuthenticationMechanism.java

@@ -1,136 +0,0 @@
-// Copyright 2017 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.request.auth;
-
-import static com.google.common.net.HttpHeaders.AUTHORIZATION;
-import static google.registry.request.auth.AuthModule.BEARER_PREFIX;
-import static google.registry.request.auth.AuthSettings.AuthLevel.NONE;
-import static google.registry.request.auth.AuthSettings.AuthLevel.USER;
-
-import com.google.appengine.api.oauth.OAuthRequestException;
-import com.google.appengine.api.oauth.OAuthService;
-import com.google.appengine.api.oauth.OAuthServiceFailureException;
-import com.google.appengine.api.users.User;
-import com.google.common.collect.ImmutableSet;
-import com.google.common.flogger.FluentLogger;
-import google.registry.config.RegistryConfig.Config;
-import google.registry.config.RegistryEnvironment;
-import javax.inject.Inject;
-import javax.servlet.http.HttpServletRequest;
-
-/**
- * OAuth authentication mechanism, using the OAuthService interface.
- *
- * <p>Only OAuth version 2 is supported.
- */
-public class OAuthAuthenticationMechanism implements AuthenticationMechanism {
-
-  private static final FluentLogger logger = FluentLogger.forEnclosingClass();
-
-  private final OAuthService oauthService;
-
-  /** The available OAuth scopes for which {@link OAuthService} should check. */
-  private final ImmutableSet<String> availableOauthScopes;
-
-  /** The OAuth scopes which must all be present for authentication to succeed. */
-  private final ImmutableSet<String> requiredOauthScopes;
-
-  private final ImmutableSet<String> allowedOauthClientIds;
-
-  @Inject
-  public OAuthAuthenticationMechanism(
-      OAuthService oauthService,
-      @Config("availableOauthScopes") ImmutableSet<String> availableOauthScopes,
-      @Config("requiredOauthScopes") ImmutableSet<String> requiredOauthScopes,
-      @Config("allowedOauthClientIds") ImmutableSet<String> allowedOauthClientIds) {
-    this.oauthService = oauthService;
-    this.availableOauthScopes = availableOauthScopes;
-    this.requiredOauthScopes = requiredOauthScopes;
-    this.allowedOauthClientIds = allowedOauthClientIds;
-  }
-
-  @Override
-  public AuthResult authenticate(HttpServletRequest request) {
-
-    // Make sure that there is an Authorization header in Bearer form. OAuthService also accepts
-    // tokens in the request body and URL string, but we should not use those, since they are more
-    // likely to be logged than the Authorization header. Checking to make sure there's a token also
-    // avoids unnecessary RPCs, since OAuthService itself does not check whether the header is
-    // present. In theory, there could be more than one Authorization header, but we only check the
-    // first one, because there's not a legitimate use case for having more than one, and
-    // OAuthService itself only looks at the first one anyway.
-    String header = request.getHeader(AUTHORIZATION);
-    if ((header == null) || !header.startsWith(BEARER_PREFIX)) {
-      if (header != null) {
-        logger.atInfo().log("Invalid authorization header.");
-      }
-      return AuthResult.create(NONE);
-    }
-    // Assume that, if a bearer token is found, it's what OAuthService will use to attempt
-    // authentication. This is not technically guaranteed by the contract of OAuthService; see
-    // OAuthTokenInfo for more information.
-    String rawAccessToken =
-        RegistryEnvironment.get() == RegistryEnvironment.PRODUCTION
-            ? "Raw token redacted in prod"
-            : header.substring(BEARER_PREFIX.length());
-
-    // Get the OAuth information. The various oauthService method calls use a single cached
-    // authentication result, so we can call them one by one.
-    User currentUser;
-    boolean isUserAdmin;
-    String oauthClientId;
-    ImmutableSet<String> authorizedScopes;
-    try {
-      String[] availableOauthScopeArray = availableOauthScopes.toArray(new String[0]);
-      currentUser = oauthService.getCurrentUser(availableOauthScopeArray);
-      isUserAdmin = oauthService.isUserAdmin(availableOauthScopeArray);
-      logger.atInfo().log(
-          "Current user: %s (%s).", currentUser, isUserAdmin ? "admin" : "not admin");
-      oauthClientId = oauthService.getClientId(availableOauthScopeArray);
-      logger.atInfo().log("OAuth client ID: %s", oauthClientId);
-      authorizedScopes =
-          ImmutableSet.copyOf(oauthService.getAuthorizedScopes(availableOauthScopeArray));
-      logger.atInfo().log("Authorized scope(s): %s", authorizedScopes);
-    } catch (OAuthRequestException | OAuthServiceFailureException e) {
-      logger.atInfo().withCause(e).log("Unable to get OAuth information.");
-      return AuthResult.create(NONE);
-    }
-    if ((currentUser == null) || (oauthClientId == null) || (authorizedScopes == null)) {
-      return AuthResult.create(NONE);
-    }
-
-    // Make sure that the client ID matches, to avoid a confused deputy attack; see:
-    // http://stackoverflow.com/a/17439317/1179226
-    if (!allowedOauthClientIds.contains(oauthClientId)) {
-      logger.atInfo().log("OAuth client ID is not allowed.");
-      return AuthResult.create(NONE);
-    }
-
-    // Make sure that all required scopes are present.
-    if (!authorizedScopes.containsAll(requiredOauthScopes)) {
-      logger.atInfo().log("Missing required scope(s).");
-      return AuthResult.create(NONE);
-    }
-
-    // Create the {@link AuthResult}, including the OAuth token info.
-    return AuthResult.create(
-        USER,
-        UserAuthInfo.create(
-            currentUser,
-            isUserAdmin,
-            OAuthTokenInfo.create(
-                ImmutableSet.copyOf(authorizedScopes), oauthClientId, rawAccessToken)));
-  }
-}

core/src/main/java/google/registry/request/auth/OAuthTokenInfo.java

@@ -1,48 +0,0 @@
-// Copyright 2017 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.request.auth;
-
-import com.google.auto.value.AutoValue;
-import com.google.common.collect.ImmutableSet;
-
-/** Information provided by the OAuth authentication mechanism (only) about the session. */
-@AutoValue
-public abstract class OAuthTokenInfo {
-
-  /** Authorized OAuth scopes granted by the access token provided with the request. */
-  abstract ImmutableSet<String> authorizedScopes();
-
-  /** OAuth client ID from the access token provided with the request. */
-  abstract String oauthClientId();
-
-  /**
-   * Raw OAuth access token value provided with the request, for passing along to downstream APIs as
-   * appropriate.
-   *
-   * <p>Note that the request parsing code makes certain assumptions about whether the Authorization
-   * header was used as the source of the token. Because OAuthService could theoretically fall back
-   * to some other source of authentication, it might be possible for rawAccessToken not to have
-   * been the source of OAuth authentication. Looking at the code of OAuthService, that could not
-   * currently happen, but if OAuthService were modified in the future so that it tried the bearer
-   * token, and then when that failed, fell back to another, successful authentication path, then
-   * rawAccessToken might not be valid.
-   */
-  abstract String rawAccessToken();
-
-  static OAuthTokenInfo create(
-      ImmutableSet<String> authorizedScopes, String oauthClientId, String rawAccessToken) {
-    return new AutoValue_OAuthTokenInfo(authorizedScopes, oauthClientId, rawAccessToken);
-  }
-}

core/src/main/java/google/registry/request/auth/OidcTokenAuthenticationMechanism.java

@@ -14,8 +14,6 @@
 
 package google.registry.request.auth;
 
-import static google.registry.request.auth.AuthSettings.AuthLevel.APP;
-
 import com.google.api.client.json.webtoken.JsonWebSignature;
 import com.google.auth.oauth2.TokenVerifier;
 import com.google.common.annotations.VisibleForTesting;
@@ -97,12 +95,11 @@ public abstract class OidcTokenAuthenticationMechanism implements Authentication
     }
     Optional<User> maybeUser = UserDao.loadUser(email);
     if (maybeUser.isPresent()) {
-      return AuthResult.create(AuthLevel.USER, UserAuthInfo.create(maybeUser.get()));
+      return AuthResult.createUser(UserAuthInfo.create(maybeUser.get()));
     }
-    // TODO: implement caching so we don't have to look up the database for every request.
     logger.atInfo().log("No end user found for email address %s", email);
     if (serviceAccountEmails.stream().anyMatch(e -> e.equals(email))) {
-      return AuthResult.create(APP);
+      return AuthResult.createApp(email);
     }
     logger.atInfo().log("No service account found for email address %s", email);
     logger.atWarning().log(
@@ -153,15 +150,8 @@ public abstract class OidcTokenAuthenticationMechanism implements Authentication
    *
    * <p>If the endpoint is not behind IAP, we can try to authenticate the OIDC token supplied in the
    * request header directly. Ideally we would like all endpoints to be behind IAP, but being able
-   * to authenticate the token directly provides us with the flexibility to do away with OAuth-based
-   * {@link OAuthAuthenticationMechanism} that is tied to App Engine runtime without having to turn
-   * on IAP, which is an all-or-nothing switch for each GAE service (i.e. no way to turn it on only
-   * for certain GAE endpoints).
-   *
-   * <p>Note that this mechanism will try to first extract the token under the "proxy-authorization"
-   * header, before trying "authorization". This is because currently the GAE OAuth service always
-   * uses "authorization", and we would like to provide a way for both auth mechanisms to be working
-   * at the same time for the same request.
+   * to authenticate the token directly provides us with some extra flexibility that comes in handy,
+   * at least during the migration to GKE.
    *
    * @see <a href=https://datatracker.ietf.org/doc/html/rfc6750>Bearer Token Usage</a>
    */

core/src/main/java/google/registry/request/auth/RequestAuthenticator.java

@@ -60,7 +60,8 @@ public class RequestAuthenticator {
     if (auth.minimumLevel() == APP && !authResult.isAuthenticated()) {
       logger.atWarning().log("Not authorized; no authentication found.");
       return Optional.empty();
-    } else if (auth.minimumLevel() == USER && authResult.authLevel() != USER) {
+    }
+    if (auth.minimumLevel() == USER && authResult.authLevel() != USER) {
       logger.atWarning().log("Not authorized; no authenticated user.");
       return Optional.empty();
     }
@@ -81,12 +82,12 @@ public class RequestAuthenticator {
    * @param req the {@link HttpServletRequest}; some authentication mechanisms use HTTP headers
    * @return an authentication result; if no authentication was made, returns NOT_AUTHENTICATED
    */
-  private AuthResult authenticate(AuthSettings auth, HttpServletRequest req) {
+  AuthResult authenticate(AuthSettings auth, HttpServletRequest req) {
     checkAuthConfig(auth);
     for (AuthMethod authMethod : auth.methods()) {
       AuthResult authResult;
       switch (authMethod) {
-          // API-based user authentication mechanisms, such as OAuth and OIDC.
+          // API-based user authentication mechanisms, such as OIDC.
         case API:
           for (AuthenticationMechanism authMechanism : apiAuthenticationMechanisms) {
             authResult = authMechanism.authenticate(req);
@@ -113,10 +114,9 @@ public class RequestAuthenticator {
 
   /** Validates an AuthSettings object, checking for invalid setting combinations. */
   static void checkAuthConfig(AuthSettings auth) {
-    ImmutableList<AuthMethod> authMethods = ImmutableList.copyOf(auth.methods());
-    checkArgument(!authMethods.isEmpty(), "Must specify at least one auth method");
+    checkArgument(!auth.methods().isEmpty(), "Must specify at least one auth method");
     checkArgument(
-        Ordering.explicit(AuthMethod.API, AuthMethod.LEGACY).isStrictlyOrdered(authMethods),
+        Ordering.explicit(AuthMethod.API, AuthMethod.LEGACY).isStrictlyOrdered(auth.methods()),
         "Auth methods must be unique and strictly in order - API, LEGACY");
     checkArgument(
         (auth.minimumLevel() != NONE) || (auth.userPolicy() != ADMIN),

core/src/main/java/google/registry/request/auth/UserAuthInfo.java

@@ -22,6 +22,8 @@ import java.util.Optional;
 @AutoValue
 public abstract class UserAuthInfo {
 
+  public abstract Optional<google.registry.model.console.User> consoleUser();
+
   /** User object from the AppEngine Users API. */
   public abstract Optional<User> appEngineUser();
 
@@ -34,11 +36,6 @@ public abstract class UserAuthInfo {
    */
   public abstract boolean isUserAdmin();
 
-  public abstract Optional<google.registry.model.console.User> consoleUser();
-
-  /** Used by the OAuth authentication mechanism (only) to return information about the session. */
-  public abstract Optional<OAuthTokenInfo> oauthTokenInfo();
-
   public String getEmailAddress() {
     return appEngineUser()
         .map(User::getEmail)
@@ -51,20 +48,12 @@ public abstract class UserAuthInfo {
         .orElseGet(() -> consoleUser().get().getEmailAddress());
   }
 
-  public static UserAuthInfo create(
-      User user, boolean isUserAdmin) {
-    return new AutoValue_UserAuthInfo(
-        Optional.of(user), isUserAdmin, Optional.empty(), Optional.empty());
-  }
-
-  public static UserAuthInfo create(
-      User user, boolean isUserAdmin, OAuthTokenInfo oauthTokenInfo) {
-    return new AutoValue_UserAuthInfo(
-        Optional.of(user), isUserAdmin, Optional.empty(), Optional.of(oauthTokenInfo));
+  public static UserAuthInfo create(User user, boolean isUserAdmin) {
+    return new AutoValue_UserAuthInfo(Optional.empty(), Optional.of(user), isUserAdmin);
   }
 
   public static UserAuthInfo create(google.registry.model.console.User user) {
     return new AutoValue_UserAuthInfo(
-        Optional.empty(), user.getUserRoles().isAdmin(), Optional.of(user), Optional.empty());
+        Optional.of(user), Optional.empty(), user.getUserRoles().isAdmin());
   }
 }

core/src/main/java/google/registry/tmch/Marksdb.java

@@ -121,6 +121,8 @@ public final class Marksdb {
       return getResponseBytes(connection);
     } catch (IOException e) {
       throw new IOException(String.format("Error connecting to MarksDB at URL %s", url), e);
+    } finally {
+      connection.disconnect();
     }
   }
 

core/src/main/java/google/registry/tmch/NordnUploadAction.java

@@ -225,6 +225,8 @@ public final class NordnUploadAction implements Runnable {
       cloudTasksUtils.enqueue(NordnVerifyAction.QUEUE, makeVerifyTask(new URL(location)));
     } catch (IOException e) {
       throw new IOException(String.format("Error connecting to MarksDB at URL %s", url), e);
+    } finally {
+      connection.disconnect();
     }
   }
 

core/src/main/java/google/registry/tmch/NordnVerifyAction.java

@@ -148,6 +148,8 @@ public final class NordnVerifyAction implements Runnable {
       return log;
     } catch (IOException e) {
       throw new IOException(String.format("Error connecting to MarksDB at URL %s", url), e);
+    } finally {
+      connection.disconnect();
     }
   }
 }

core/src/main/java/google/registry/tools/ConfigureTldCommand.java

@@ -71,6 +71,11 @@ public class ConfigureTldCommand extends MutatingCommand {
               + " configuration in the database.")
   boolean breakglass;
 
+  @Parameter(
+      names = {"-d", "--dryrun"},
+      description = "Does not execute the entity mutation")
+  boolean dryrun;
+
   @Inject ObjectMapper mapper;
 
   @Inject
@@ -126,6 +131,9 @@ public class ConfigureTldCommand extends MutatingCommand {
 
   @Override
   protected boolean dontRunCommand() {
+    if (dryrun) {
+      return true;
+    }
     if (!newDiff) {
       if (oldTldInBreakglass && !breakglass) {
         // Run command to remove breakglass mode

core/src/main/java/google/registry/tools/RegistryCli.java

@@ -43,7 +43,8 @@ final class RegistryCli implements CommandRunner {
   // The environment parameter is parsed twice: once here, and once with {@link
   // RegistryToolEnvironment#parseFromArgs} in the {@link RegistryTool#main} function.
   //
-  // The flag names must be in sync between the two, and also - this is ugly and we should feel bad.
+  // The flag names must be in sync between the two, and also - this is ugly, and we should feel
+  // bad.
   @Parameter(
       names = {"-e", "--environment"},
       description = "Sets the default environment to run the command.")
@@ -55,22 +56,21 @@ final class RegistryCli implements CommandRunner {
   private boolean showAllCommands;
 
   @Parameter(
-      names = {"--credential"},
+      names = "--credential",
       description =
           "Name of a JSON file containing credential information used by the tool. "
               + "If not set, credentials saved by running `nomulus login' will be used.")
   private String credentialJson = null;
 
   @Parameter(
-      names = {"--sql_access_info"},
+      names = "--sql_access_info",
       description =
           "Name of a file containing space-separated SQL access info used when deploying "
               + "Beam pipelines")
   private String sqlAccessInfoFile = null;
 
   // Do not make this final - compile-time constant inlining may interfere with JCommander.
-  @ParametersDelegate
-  private LoggingParameters loggingParams = new LoggingParameters();
+  @ParametersDelegate private LoggingParameters loggingParams = new LoggingParameters();
 
   RegistryToolComponent component;
 
@@ -105,8 +105,8 @@ final class RegistryCli implements CommandRunner {
     jcommander.setProgramName(programName);
 
     // Create all command instances. It would be preferrable to do this in the constructor, but
-    // JCommander mutates the command instances and doesn't reset them so we have to do it for every
-    // run.
+    // JCommander mutates the command instances and doesn't reset them, so we have to do it for
+    // every run.
     try {
       for (Map.Entry<String, ? extends Class<? extends Command>> entry : commands.entrySet()) {
         Command command = entry.getValue().getDeclaredConstructor().newInstance();
@@ -169,7 +169,7 @@ final class RegistryCli implements CommandRunner {
     Command command =
         (Command)
             Iterables.getOnlyElement(jcommander.getCommands().get(parsedCommand).getObjects());
-    loggingParams.configureLogging();  // Must be called after parameters are parsed.
+    loggingParams.configureLogging(); // Must be called after parameters are parsed.
 
     try {
       runCommand(command);

core/src/main/java/google/registry/tools/RegistryToolComponent.java

@@ -39,7 +39,6 @@ import google.registry.privileges.secretmanager.SecretManagerModule;
 import google.registry.rde.RdeModule;
 import google.registry.request.Modules.GsonModule;
 import google.registry.request.Modules.UrlConnectionServiceModule;
-import google.registry.request.Modules.UrlFetchServiceModule;
 import google.registry.request.Modules.UserServiceModule;
 import google.registry.tools.AuthModule.LocalCredentialModule;
 import google.registry.util.UtilsModule;
@@ -77,7 +76,6 @@ import javax.inject.Singleton;
       SecretManagerKeyringModule.class,
       SecretManagerModule.class,
       UrlConnectionServiceModule.class,
-      UrlFetchServiceModule.class,
       UserServiceModule.class,
       UtilsModule.class,
       VoidDnsWriterModule.class,
@@ -123,6 +121,7 @@ interface RegistryToolComponent {
   void inject(GetDomainCommand command);
 
   void inject(GetHostCommand command);
+
   void inject(GetKeyringSecretCommand command);
 
   void inject(GetSqlCredentialCommand command);

core/src/main/java/google/registry/tools/RequestFactoryModule.java

@@ -14,7 +14,7 @@
 
 package google.registry.tools;
 
-import static com.google.common.net.HttpHeaders.PROXY_AUTHORIZATION;
+import static com.google.common.net.HttpHeaders.AUTHORIZATION;
 
 import com.google.api.client.http.HttpRequestFactory;
 import com.google.api.client.http.javanet.NetHttpTransport;
@@ -54,13 +54,11 @@ final class RequestFactoryModule {
       return new NetHttpTransport()
           .createRequestFactory(
               request -> {
-                // Use the standard credential initializer to set the Authorization header
-                credentialsBundle.getHttpRequestInitializer().initialize(request);
-                // Set OIDC token as the alternative bearer token.
+                // Set OIDC token as the bearer token.
                 request
                     .getHeaders()
                     .set(
-                        PROXY_AUTHORIZATION,
+                        AUTHORIZATION,
                         "Bearer "
                             + OidcTokenUtils.createOidcToken(credentialsBundle, oauthClientId));
                 // GAE request times out after 10 min, so here we set the timeout to 10 min. This is

core/src/main/java/google/registry/tools/server/RefreshDnsForAllDomainsAction.java

@@ -19,6 +19,7 @@ import static com.google.common.collect.ImmutableList.toImmutableList;
 import static com.google.common.collect.Iterables.getLast;
 import static google.registry.dns.DnsUtils.requestDomainDnsRefresh;
 import static google.registry.model.tld.Tlds.assertTldsExist;
+import static google.registry.persistence.PersistenceModule.TransactionIsolationLevel.TRANSACTION_REPEATABLE_READ;
 import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 import static google.registry.request.RequestParameters.PARAM_TLDS;
 import static google.registry.util.DateTimeUtils.END_OF_TIME;
@@ -82,13 +83,16 @@ public class RefreshDnsForAllDomainsAction implements Runnable {
   public void run() {
     assertTldsExist(tlds);
     checkArgument(batchSize > 0, "Must specify a positive number for batch size");
-    int smearMinutes = tm().transact(this::calculateSmearMinutes);
+    int smearMinutes = tm().transact(this::calculateSmearMinutes, TRANSACTION_REPEATABLE_READ);
 
     ImmutableList<String> domainsBatch;
     @Nullable String lastInPreviousBatch = null;
     do {
       Optional<String> lastInPreviousBatchOpt = Optional.ofNullable(lastInPreviousBatch);
-      domainsBatch = tm().transact(() -> refreshBatch(lastInPreviousBatchOpt, smearMinutes));
+      domainsBatch =
+          tm().transact(
+                  () -> refreshBatch(lastInPreviousBatchOpt, smearMinutes),
+                  TRANSACTION_REPEATABLE_READ);
       lastInPreviousBatch = domainsBatch.isEmpty() ? null : getLast(domainsBatch);
     } while (domainsBatch.size() == batchSize);
   }

core/src/main/java/google/registry/ui/server/console/ConsoleUserDataAction.java

@@ -40,15 +40,24 @@ public class ConsoleUserDataAction implements JsonGetAction {
 
   private final AuthResult authResult;
   private final Response response;
+  private final String productName;
+  private final String supportPhoneNumber;
+  private final String supportEmail;
   private final String technicalDocsUrl;
 
   @Inject
   public ConsoleUserDataAction(
       AuthResult authResult,
       Response response,
+      @Config("productName") String productName,
+      @Config("supportEmail") String supportEmail,
+      @Config("supportPhoneNumber") String supportPhoneNumber,
       @Config("technicalDocsUrl") String technicalDocsUrl) {
     this.response = response;
     this.authResult = authResult;
+    this.productName = productName;
+    this.supportEmail = supportEmail;
+    this.supportPhoneNumber = supportPhoneNumber;
     this.technicalDocsUrl = technicalDocsUrl;
   }
 
@@ -74,6 +83,10 @@ public class ConsoleUserDataAction implements JsonGetAction {
                 // auth checks.
                 "isAdmin", user.getUserRoles().isAdmin(),
                 "globalRole", user.getUserRoles().getGlobalRole(),
+                // Include static contact resources in this call to minimize round trips
+                "productName", productName,
+                "supportEmail", supportEmail,
+                "supportPhoneNumber", supportPhoneNumber,
                 // Is used by UI to construct a link to registry resources
                 "technicalDocsUrl", technicalDocsUrl));
 

core/src/main/java/google/registry/ui/server/console/settings/SecurityAction.java

@@ -17,7 +17,6 @@ package google.registry.ui.server.console.settings;
 import static google.registry.persistence.transaction.TransactionManagerFactory.tm;
 import static google.registry.request.Action.Method.POST;
 
-import avro.shaded.com.google.common.collect.ImmutableList;
 import com.google.api.client.http.HttpStatusCodes;
 import com.google.gson.Gson;
 import google.registry.flows.certs.CertificateChecker;
@@ -103,42 +102,31 @@ public class SecurityAction implements JsonGetAction {
             .asBuilder()
             .setIpAddressAllowList(registrarParameter.getIpAddressAllowList());
 
-    boolean hasInvalidCerts =
-        ImmutableList.of(
-                registrarParameter.getClientCertificate(),
-                registrarParameter.getFailoverClientCertificate())
-            .stream()
-            .filter(Optional::isPresent)
-            .map(Optional::get)
-            .anyMatch(
-                cert -> {
-                  try {
-                    certificateChecker.validateCertificate(cert);
-                    return false;
-                  } catch (InsecureCertificateException e) {
-                    return true;
-                  }
-                });
-
-    if (hasInvalidCerts) {
+    try {
+      if (!savedRegistrar
+          .getClientCertificate()
+          .equals(registrarParameter.getClientCertificate())) {
+        if (registrarParameter.getClientCertificate().isPresent()) {
+          String newClientCert = registrarParameter.getClientCertificate().get();
+          certificateChecker.validateCertificate(newClientCert);
+          updatedRegistrar.setClientCertificate(newClientCert, tm().getTransactionTime());
+        }
+      }
+      if (!savedRegistrar
+          .getFailoverClientCertificate()
+          .equals(registrarParameter.getFailoverClientCertificate())) {
+        if (registrarParameter.getFailoverClientCertificate().isPresent()) {
+          String newFailoverCert = registrarParameter.getFailoverClientCertificate().get();
+          certificateChecker.validateCertificate(newFailoverCert);
+          updatedRegistrar.setFailoverClientCertificate(newFailoverCert, tm().getTransactionTime());
+        }
+      }
+    } catch (InsecureCertificateException e) {
       response.setStatus(HttpStatusCodes.STATUS_CODE_BAD_REQUEST);
-      response.setPayload("Insecure Certificate in parameter");
+      response.setPayload("Invalid certificate in parameter");
       return;
     }
 
-    registrarParameter
-        .getClientCertificate()
-        .ifPresent(
-            newClientCert ->
-                updatedRegistrar.setClientCertificate(newClientCert, tm().getTransactionTime()));
-
-    registrarParameter
-        .getFailoverClientCertificate()
-        .ifPresent(
-            failoverCert ->
-                updatedRegistrar.setFailoverClientCertificate(
-                    failoverCert, tm().getTransactionTime()));
-
     tm().put(updatedRegistrar.build());
     response.setStatus(HttpStatusCodes.STATUS_CODE_OK);
   }

core/src/main/java/google/registry/whois/WhoisAction.java

@@ -51,7 +51,7 @@ import org.joda.time.DateTime;
     service = Action.Service.PUBAPI,
     path = "/_dr/whois",
     method = POST,
-    auth = Auth.AUTH_API_PUBLIC)
+    auth = Auth.AUTH_API_ADMIN)
 public class WhoisAction implements Runnable {
 
   private static final FluentLogger logger = FluentLogger.forEnclosingClass();

core/src/test/java/google/registry/groups/DirectoryGroupsConnectionTest.java

@@ -34,7 +34,7 @@ import com.google.api.client.http.HttpTransport;
 import com.google.api.client.http.LowLevelHttpRequest;
 import com.google.api.client.http.LowLevelHttpResponse;
 import com.google.api.client.json.Json;
-import com.google.api.client.json.jackson2.JacksonFactory;
+import com.google.api.client.json.gson.GsonFactory;
 import com.google.api.client.testing.http.HttpTesting;
 import com.google.api.client.testing.http.MockHttpTransport;
 import com.google.api.client.testing.http.MockLowLevelHttpRequest;
@@ -300,6 +300,6 @@ class DirectoryGroupsConnectionTest {
     HttpRequest request = transport.createRequestFactory()
         .buildGetRequest(HttpTesting.SIMPLE_GENERIC_URL)
         .setThrowExceptionOnExecuteError(false);
-    return GoogleJsonResponseException.from(new JacksonFactory(), request.execute());
+    return GoogleJsonResponseException.from(new GsonFactory(), request.execute());
   }
 }

core/src/test/java/google/registry/model/console/UserDaoTest.java

@@ -30,13 +30,11 @@ public class UserDaoTest extends EntityTestCase {
     User user1 =
         new User.Builder()
             .setEmailAddress("email@email.com")
-            .setGaiaId("gaiaId")
             .setUserRoles(new UserRoles.Builder().setGlobalRole(GlobalRole.SUPPORT_AGENT).build())
             .build();
     User user2 =
         new User.Builder()
             .setEmailAddress("foo@bar.com")
-            .setGaiaId("otherId")
             .setUserRoles(new UserRoles.Builder().setGlobalRole(GlobalRole.SUPPORT_AGENT).build())
             .build();
     UserDao.saveUser(user1);
@@ -54,7 +52,6 @@ public class UserDaoTest extends EntityTestCase {
     User user =
         new User.Builder()
             .setEmailAddress("email@email.com")
-            .setGaiaId("gaiaId")
             .setUserRoles(new UserRoles.Builder().setGlobalRole(GlobalRole.SUPPORT_AGENT).build())
             .build();
     UserDao.saveUser(user);
@@ -71,13 +68,11 @@ public class UserDaoTest extends EntityTestCase {
     User user1 =
         new User.Builder()
             .setEmailAddress("email@email.com")
-            .setGaiaId("gaiaId")
             .setUserRoles(new UserRoles.Builder().setGlobalRole(GlobalRole.SUPPORT_AGENT).build())
             .build();
     User user2 =
         new User.Builder()
             .setEmailAddress("email@email.com")
-            .setGaiaId("otherId")
             .setUserRoles(new UserRoles.Builder().setGlobalRole(GlobalRole.SUPPORT_AGENT).build())
             .build();
     UserDao.saveUser(user1);

core/src/test/java/google/registry/model/console/UserTest.java

@@ -30,10 +30,9 @@ public class UserTest extends EntityTestCase {
   }
 
   @Test
-  void testPersistence_lookupByGaiaId() {
+  void testPersistence_lookupByEmail() {
     User user =
         new User.Builder()
-            .setGaiaId("gaiaId")
             .setEmailAddress("email@email.com")
             .setUserRoles(
                 new UserRoles.Builder().setGlobalRole(GlobalRole.FTE).setIsAdmin(true).build())
@@ -43,10 +42,11 @@ public class UserTest extends EntityTestCase {
             () -> {
               assertAboutImmutableObjects()
                   .that(
-                      tm().query("FROM User WHERE gaiaId = 'gaiaId'", User.class).getSingleResult())
+                      tm().query("FROM User WHERE emailAddress = 'email@email.com'", User.class)
+                          .getSingleResult())
                   .isEqualExceptFields(user, "id", "updateTimestamp");
               assertThat(
-                      tm().query("FROM User WHERE gaiaId = 'badGaiaId'", User.class)
+                      tm().query("FROM User WHERE emailAddress = 'nobody@email.com'", User.class)
                           .getResultList())
                   .isEmpty();
             });
@@ -55,9 +55,6 @@ public class UserTest extends EntityTestCase {
   @Test
   void testFailure_badInputs() {
     User.Builder builder = new User.Builder();
-    assertThat(assertThrows(IllegalArgumentException.class, () -> builder.setGaiaId(null)))
-        .hasMessageThat()
-        .isEqualTo("Gaia ID cannot be null or empty");
     assertThat(assertThrows(IllegalArgumentException.class, () -> builder.setEmailAddress("")))
         .hasMessageThat()
         .isEqualTo("Provided email  is not a valid email address");
@@ -72,7 +69,7 @@ public class UserTest extends EntityTestCase {
     assertThat(assertThrows(IllegalArgumentException.class, () -> builder.setUserRoles(null)))
         .hasMessageThat()
         .isEqualTo("User roles cannot be null");
-    
+
     assertThat(assertThrows(IllegalArgumentException.class, builder::build))
         .hasMessageThat()
         .isEqualTo("Email address cannot be null");
@@ -99,7 +96,6 @@ public class UserTest extends EntityTestCase {
 
     User user =
         new User.Builder()
-            .setGaiaId("gaiaId")
             .setEmailAddress("email@email.com")
             .setUserRoles(new UserRoles.Builder().setGlobalRole(GlobalRole.FTE).build())
             .build();

core/src/test/java/google/registry/rdap/RdapActionBaseTestCase.java

@@ -28,7 +28,6 @@ import google.registry.persistence.transaction.JpaTestExtensions;
 import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationTestExtension;
 import google.registry.request.Actions;
 import google.registry.request.auth.AuthResult;
-import google.registry.request.auth.AuthSettings.AuthLevel;
 import google.registry.request.auth.UserAuthInfo;
 import google.registry.testing.FakeClock;
 import google.registry.testing.FakeResponse;
@@ -48,13 +47,11 @@ abstract class RdapActionBaseTestCase<A extends RdapActionBase> {
       new JpaTestExtensions.Builder().buildIntegrationTestExtension();
 
   protected static final AuthResult AUTH_RESULT =
-      AuthResult.create(
-          AuthLevel.USER,
+      AuthResult.createUser(
           UserAuthInfo.create(new User("rdap.user@user.com", "gmail.com", "12345"), false));
 
   protected static final AuthResult AUTH_RESULT_ADMIN =
-      AuthResult.create(
-          AuthLevel.USER,
+      AuthResult.createUser(
           UserAuthInfo.create(new User("rdap.admin@google.com", "gmail.com", "12345"), true));
 
   protected FakeResponse response = new FakeResponse();

core/src/test/java/google/registry/rdap/UpdateRegistrarRdapBaseUrlsActionTest.java

@@ -18,20 +18,27 @@ import static com.google.common.truth.Truth.assertThat;
 import static google.registry.testing.DatabaseHelper.createTld;
 import static google.registry.testing.DatabaseHelper.loadRegistrar;
 import static google.registry.testing.DatabaseHelper.persistSimpleResource;
+import static javax.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
+import static javax.servlet.http.HttpServletResponse.SC_OK;
 import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
 
-import com.google.api.client.http.HttpResponseException;
-import com.google.api.client.http.HttpStatusCodes;
-import com.google.api.client.http.LowLevelHttpRequest;
-import com.google.api.client.testing.http.MockHttpTransport;
-import com.google.api.client.testing.http.MockLowLevelHttpRequest;
-import com.google.api.client.testing.http.MockLowLevelHttpResponse;
 import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableSet;
 import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.RegistrarAddress;
 import google.registry.persistence.transaction.JpaTestExtensions;
 import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationTestExtension;
+import google.registry.request.HttpException.InternalServerErrorException;
+import google.registry.testing.FakeUrlConnectionService;
+import google.registry.util.UrlConnectionException;
+import java.io.ByteArrayInputStream;
+import java.net.HttpURLConnection;
+import java.net.URL;
+import java.nio.charset.StandardCharsets;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.RegisterExtension;
@@ -61,44 +68,26 @@ public final class UpdateRegistrarRdapBaseUrlsActionTest {
   public JpaIntegrationTestExtension jpa =
       new JpaTestExtensions.Builder().buildIntegrationTestExtension();
 
-  private static class TestHttpTransport extends MockHttpTransport {
-    private MockLowLevelHttpRequest requestSent;
-    private MockLowLevelHttpResponse response;
-
-    void setResponse(MockLowLevelHttpResponse response) {
-      this.response = response;
-    }
-
-    MockLowLevelHttpRequest getRequestSent() {
-      return requestSent;
-    }
-
-    @Override
-    public LowLevelHttpRequest buildRequest(String method, String url) {
-      assertThat(method).isEqualTo("GET");
-      MockLowLevelHttpRequest httpRequest = new MockLowLevelHttpRequest(url);
-      httpRequest.setResponse(response);
-      requestSent = httpRequest;
-      return httpRequest;
-    }
-  }
-
-  private TestHttpTransport httpTransport;
+  private final HttpURLConnection connection = mock(HttpURLConnection.class);
+  private final FakeUrlConnectionService urlConnectionService =
+      new FakeUrlConnectionService(connection);
   private UpdateRegistrarRdapBaseUrlsAction action;
 
   @BeforeEach
-  void beforeEach() {
+  void beforeEach() throws Exception {
     action = new UpdateRegistrarRdapBaseUrlsAction();
-    httpTransport = new TestHttpTransport();
-    action.httpTransport = httpTransport;
-    setValidResponse();
+    action.urlConnectionService = urlConnectionService;
+    when(connection.getResponseCode()).thenReturn(SC_OK);
+    when(connection.getInputStream())
+        .thenReturn(new ByteArrayInputStream(CSV_REPLY.getBytes(StandardCharsets.UTF_8)));
     createTld("tld");
   }
 
-  private void assertCorrectRequestSent() {
-    assertThat(httpTransport.getRequestSent().getUrl())
-        .isEqualTo("https://www.iana.org/assignments/registrar-ids/registrar-ids-1.csv");
-    assertThat(httpTransport.getRequestSent().getHeaders().get("accept-encoding")).isNull();
+  private void assertCorrectRequestSent() throws Exception {
+    assertThat(urlConnectionService.getConnectedUrls())
+        .containsExactly(
+            new URL("https://www.iana.org/assignments/registrar-ids/registrar-ids-1.csv"));
+    verify(connection).setRequestProperty("Accept-Encoding", "gzip");
   }
 
   private static void persistRegistrar(
@@ -119,14 +108,8 @@ public final class UpdateRegistrarRdapBaseUrlsActionTest {
             .build());
   }
 
-  private void setValidResponse() {
-    MockLowLevelHttpResponse csvResponse = new MockLowLevelHttpResponse();
-    csvResponse.setContent(CSV_REPLY);
-    httpTransport.setResponse(csvResponse);
-  }
-
   @Test
-  void testUnknownIana_cleared() {
+  void testUnknownIana_cleared() throws Exception {
     // The IANA ID isn't in the CSV reply
     persistRegistrar("someRegistrar", 4123L, Registrar.Type.REAL, "http://rdap.example/blah");
     action.run();
@@ -135,7 +118,7 @@ public final class UpdateRegistrarRdapBaseUrlsActionTest {
   }
 
   @Test
-  void testKnownIana_changed() {
+  void testKnownIana_changed() throws Exception {
     // The IANA ID is in the CSV reply
     persistRegistrar("someRegistrar", 1448L, Registrar.Type.REAL, "http://rdap.example/blah");
     action.run();
@@ -145,7 +128,7 @@ public final class UpdateRegistrarRdapBaseUrlsActionTest {
   }
 
   @Test
-  void testKnownIana_notReal_noChange() {
+  void testKnownIana_notReal_noChange() throws Exception {
     // The IANA ID is in the CSV reply
     persistRegistrar("someRegistrar", 9999L, Registrar.Type.INTERNAL, "http://rdap.example/blah");
     // Real registrars should actually change
@@ -159,7 +142,7 @@ public final class UpdateRegistrarRdapBaseUrlsActionTest {
   }
 
   @Test
-  void testKnownIana_notReal_nullIANA_noChange() {
+  void testKnownIana_notReal_nullIANA_noChange() throws Exception {
     persistRegistrar("someRegistrar", null, Registrar.Type.TEST, "http://rdap.example/blah");
     action.run();
     assertCorrectRequestSent();
@@ -168,29 +151,30 @@ public final class UpdateRegistrarRdapBaseUrlsActionTest {
   }
 
   @Test
-  void testFailure_serverErrorResponse() {
-    MockLowLevelHttpResponse badResponse = new MockLowLevelHttpResponse();
-    badResponse.setZeroContent();
-    badResponse.setStatusCode(HttpStatusCodes.STATUS_CODE_SERVER_ERROR);
-    httpTransport.setResponse(badResponse);
-
-    RuntimeException thrown = assertThrows(RuntimeException.class, action::run);
+  void testFailure_serverErrorResponse() throws Exception {
+    when(connection.getResponseCode()).thenReturn(SC_INTERNAL_SERVER_ERROR);
+    when(connection.getInputStream())
+        .thenReturn(new ByteArrayInputStream("".getBytes(StandardCharsets.UTF_8)));
+    InternalServerErrorException thrown =
+        assertThrows(InternalServerErrorException.class, action::run);
+    verify(connection, times(0)).getInputStream();
     assertThat(thrown).hasMessageThat().isEqualTo("Error when retrieving RDAP base URL CSV file");
     Throwable cause = thrown.getCause();
-    assertThat(cause).isInstanceOf(HttpResponseException.class);
+    assertThat(cause).isInstanceOf(UrlConnectionException.class);
     assertThat(cause)
         .hasMessageThat()
-        .isEqualTo("500\nGET https://www.iana.org/assignments/registrar-ids/registrar-ids-1.csv");
+        .contains("https://www.iana.org/assignments/registrar-ids/registrar-ids-1.csv");
   }
 
   @Test
-  void testFailure_invalidCsv() {
-    MockLowLevelHttpResponse csvResponse = new MockLowLevelHttpResponse();
-    csvResponse.setContent("foo,bar\nbaz,foo");
-    httpTransport.setResponse(csvResponse);
+  void testFailure_invalidCsv() throws Exception {
+    when(connection.getInputStream())
+        .thenReturn(new ByteArrayInputStream("foo,bar\nbaz,foo".getBytes(StandardCharsets.UTF_8)));
 
-    IllegalArgumentException thrown = assertThrows(IllegalArgumentException.class, action::run);
+    InternalServerErrorException thrown =
+        assertThrows(InternalServerErrorException.class, action::run);
     assertThat(thrown)
+        .hasCauseThat()
         .hasMessageThat()
         .isEqualTo("Mapping for ID not found, expected one of [foo, bar]");
   }

core/src/test/java/google/registry/rde/RdeReportActionTest.java

@@ -14,7 +14,9 @@
 
 package google.registry.rde;
 
-import static com.google.appengine.api.urlfetch.HTTPMethod.PUT;
+import static com.google.api.client.http.HttpStatusCodes.STATUS_CODE_BAD_REQUEST;
+import static com.google.api.client.http.HttpStatusCodes.STATUS_CODE_OK;
+import static com.google.api.client.http.HttpStatusCodes.STATUS_CODE_UNAUTHORIZED;
 import static com.google.common.net.MediaType.PLAIN_TEXT_UTF_8;
 import static com.google.common.truth.Truth.assertThat;
 import static google.registry.model.common.Cursor.CursorType.RDE_REPORT;
@@ -24,25 +26,17 @@ import static google.registry.persistence.transaction.TransactionManagerFactory.
 import static google.registry.testing.DatabaseHelper.createTld;
 import static google.registry.testing.DatabaseHelper.loadByKey;
 import static google.registry.testing.DatabaseHelper.persistResource;
-import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
-import static javax.servlet.http.HttpServletResponse.SC_OK;
 import static org.joda.time.Duration.standardDays;
 import static org.joda.time.Duration.standardSeconds;
 import static org.junit.jupiter.api.Assertions.assertThrows;
-import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.verifyNoMoreInteractions;
 import static org.mockito.Mockito.when;
 
-import com.google.appengine.api.urlfetch.HTTPHeader;
-import com.google.appengine.api.urlfetch.HTTPRequest;
-import com.google.appengine.api.urlfetch.HTTPResponse;
-import com.google.appengine.api.urlfetch.URLFetchService;
 import com.google.cloud.storage.BlobId;
 import com.google.cloud.storage.contrib.nio.testing.LocalStorageHelper;
-import com.google.common.base.Ascii;
-import com.google.common.collect.ImmutableMap;
 import com.google.common.io.ByteSource;
 import google.registry.gcs.GcsUtils;
 import google.registry.model.common.Cursor;
@@ -53,25 +47,23 @@ import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationT
 import google.registry.request.HttpException.InternalServerErrorException;
 import google.registry.request.HttpException.NoContentException;
 import google.registry.testing.BouncyCastleProviderExtension;
-import google.registry.testing.FakeClock;
 import google.registry.testing.FakeKeyringModule;
 import google.registry.testing.FakeResponse;
-import google.registry.testing.FakeSleeper;
-import google.registry.util.Retrier;
+import google.registry.testing.FakeUrlConnectionService;
+import google.registry.util.UrlConnectionException;
 import google.registry.xjc.XjcXmlTransformer;
 import google.registry.xjc.rdereport.XjcRdeReportReport;
 import google.registry.xml.XmlException;
 import java.io.ByteArrayInputStream;
-import java.net.SocketTimeoutException;
+import java.io.ByteArrayOutputStream;
+import java.net.HttpURLConnection;
 import java.nio.charset.StandardCharsets;
-import java.util.Map;
 import java.util.Optional;
 import org.bouncycastle.openpgp.PGPPublicKey;
 import org.joda.time.DateTime;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.RegisterExtension;
-import org.mockito.ArgumentCaptor;
 
 /** Unit tests for {@link RdeReportAction}. */
 public class RdeReportActionTest {
@@ -89,9 +81,11 @@ public class RdeReportActionTest {
 
   private final FakeResponse response = new FakeResponse();
   private final EscrowTaskRunner runner = mock(EscrowTaskRunner.class);
-  private final URLFetchService urlFetchService = mock(URLFetchService.class);
-  private final ArgumentCaptor<HTTPRequest> request = ArgumentCaptor.forClass(HTTPRequest.class);
-  private final HTTPResponse httpResponse = mock(HTTPResponse.class);
+  private final HttpURLConnection httpUrlConnection = mock(HttpURLConnection.class);
+  private final FakeUrlConnectionService urlConnectionService =
+      new FakeUrlConnectionService(httpUrlConnection);
+  private final ByteArrayOutputStream connectionOutputStream = new ByteArrayOutputStream();
+
   private final PGPPublicKey encryptKey =
       new FakeKeyringModule().get().getRdeStagingEncryptionKey();
   private final GcsUtils gcsUtils = new GcsUtils(LocalStorageHelper.getOptions());
@@ -102,9 +96,8 @@ public class RdeReportActionTest {
   private RdeReportAction createAction() {
     RdeReporter reporter = new RdeReporter();
     reporter.reportUrlPrefix = "https://rde-report.example";
-    reporter.urlFetchService = urlFetchService;
+    reporter.urlConnectionService = urlConnectionService;
     reporter.password = "foo";
-    reporter.retrier = new Retrier(new FakeSleeper(new FakeClock()), 3);
     RdeReportAction action = new RdeReportAction();
     action.gcsUtils = gcsUtils;
     action.response = response;
@@ -126,6 +119,9 @@ public class RdeReportActionTest {
     persistResource(Cursor.createScoped(RDE_UPLOAD, DateTime.parse("2006-06-07TZ"), registry));
     gcsUtils.createFromBytes(reportFile, Ghostryde.encode(REPORT_XML.read(), encryptKey));
     tm().transact(() -> RdeRevision.saveRevision("test", DateTime.parse("2006-06-06TZ"), FULL, 0));
+    when(httpUrlConnection.getOutputStream()).thenReturn(connectionOutputStream);
+    when(httpUrlConnection.getResponseCode()).thenReturn(STATUS_CODE_OK);
+    when(httpUrlConnection.getInputStream()).thenReturn(IIRDEA_GOOD_XML.openBufferedStream());
   }
 
   @Test
@@ -142,24 +138,20 @@ public class RdeReportActionTest {
 
   @Test
   void testRunWithLock() throws Exception {
-    when(httpResponse.getResponseCode()).thenReturn(SC_OK);
-    when(httpResponse.getContent()).thenReturn(IIRDEA_GOOD_XML.read());
-    when(urlFetchService.fetch(request.capture())).thenReturn(httpResponse);
     createAction().runWithLock(loadRdeReportCursor());
     assertThat(response.getStatus()).isEqualTo(200);
     assertThat(response.getContentType()).isEqualTo(PLAIN_TEXT_UTF_8);
     assertThat(response.getPayload()).isEqualTo("OK test 2006-06-06T00:00:00.000Z\n");
 
     // Verify the HTTP request was correct.
-    assertThat(request.getValue().getMethod()).isSameInstanceAs(PUT);
-    assertThat(request.getValue().getURL().getProtocol()).isEqualTo("https");
-    assertThat(request.getValue().getURL().getPath()).endsWith("/test/20101017001");
-    Map<String, String> headers = mapifyHeaders(request.getValue().getHeaders());
-    assertThat(headers).containsEntry("CONTENT_TYPE", "text/xml");
-    assertThat(headers).containsEntry("AUTHORIZATION", "Basic dGVzdF9yeTpmb28=");
+    verify(httpUrlConnection).setRequestMethod("PUT");
+    assertThat(httpUrlConnection.getURL().getProtocol()).isEqualTo("https");
+    assertThat(httpUrlConnection.getURL().getPath()).endsWith("/test/20101017001");
+    verify(httpUrlConnection).setRequestProperty("Content-Type", "text/xml; charset=utf-8");
+    verify(httpUrlConnection).setRequestProperty("Authorization", "Basic dGVzdF9yeTpmb28=");
 
     // Verify the payload XML was the same as what's in testdata/report.xml.
-    XjcRdeReportReport report = parseReport(request.getValue().getPayload());
+    XjcRdeReportReport report = parseReport(connectionOutputStream.toByteArray());
     assertThat(report.getId()).isEqualTo("20101017001");
     assertThat(report.getCrDate()).isEqualTo(DateTime.parse("2010-10-17T00:15:00.0Z"));
     assertThat(report.getWatermark()).isEqualTo(DateTime.parse("2010-10-17T00:00:00Z"));
@@ -167,9 +159,6 @@ public class RdeReportActionTest {
 
   @Test
   void testRunWithLock_withPrefix() throws Exception {
-    when(httpResponse.getResponseCode()).thenReturn(SC_OK);
-    when(httpResponse.getContent()).thenReturn(IIRDEA_GOOD_XML.read());
-    when(urlFetchService.fetch(request.capture())).thenReturn(httpResponse);
     RdeReportAction action = createAction();
     action.runWithLock(loadRdeReportCursor());
     assertThat(response.getStatus()).isEqualTo(200);
@@ -177,15 +166,14 @@ public class RdeReportActionTest {
     assertThat(response.getPayload()).isEqualTo("OK test 2006-06-06T00:00:00.000Z\n");
 
     // Verify the HTTP request was correct.
-    assertThat(request.getValue().getMethod()).isSameInstanceAs(PUT);
-    assertThat(request.getValue().getURL().getProtocol()).isEqualTo("https");
-    assertThat(request.getValue().getURL().getPath()).endsWith("/test/20101017001");
-    Map<String, String> headers = mapifyHeaders(request.getValue().getHeaders());
-    assertThat(headers).containsEntry("CONTENT_TYPE", "text/xml");
-    assertThat(headers).containsEntry("AUTHORIZATION", "Basic dGVzdF9yeTpmb28=");
+    verify(httpUrlConnection).setRequestMethod("PUT");
+    assertThat(httpUrlConnection.getURL().getProtocol()).isEqualTo("https");
+    assertThat(httpUrlConnection.getURL().getPath()).endsWith("/test/20101017001");
+    verify(httpUrlConnection).setRequestProperty("Content-Type", "text/xml; charset=utf-8");
+    verify(httpUrlConnection).setRequestProperty("Authorization", "Basic dGVzdF9yeTpmb28=");
 
     // Verify the payload XML was the same as what's in testdata/report.xml.
-    XjcRdeReportReport report = parseReport(request.getValue().getPayload());
+    XjcRdeReportReport report = parseReport(connectionOutputStream.toByteArray());
     assertThat(report.getId()).isEqualTo("20101017001");
     assertThat(report.getCrDate()).isEqualTo(DateTime.parse("2010-10-17T00:15:00.0Z"));
     assertThat(report.getWatermark()).isEqualTo(DateTime.parse("2010-10-17T00:00:00Z"));
@@ -200,9 +188,6 @@ public class RdeReportActionTest {
 
   @Test
   void testRunWithLock_withoutPrefix() throws Exception {
-    when(httpResponse.getResponseCode()).thenReturn(SC_OK);
-    when(httpResponse.getContent()).thenReturn(IIRDEA_GOOD_XML.read());
-    when(urlFetchService.fetch(request.capture())).thenReturn(httpResponse);
     RdeReportAction action = createAction();
     action.prefix = Optional.empty();
     gcsUtils.delete(reportFile);
@@ -225,15 +210,14 @@ public class RdeReportActionTest {
     assertThat(response.getPayload()).isEqualTo("OK test 2006-06-06T00:00:00.000Z\n");
 
     // Verify the HTTP request was correct.
-    assertThat(request.getValue().getMethod()).isSameInstanceAs(PUT);
-    assertThat(request.getValue().getURL().getProtocol()).isEqualTo("https");
-    assertThat(request.getValue().getURL().getPath()).endsWith("/test/20101017001");
-    Map<String, String> headers = mapifyHeaders(request.getValue().getHeaders());
-    assertThat(headers).containsEntry("CONTENT_TYPE", "text/xml");
-    assertThat(headers).containsEntry("AUTHORIZATION", "Basic dGVzdF9yeTpmb28=");
+    verify(httpUrlConnection).setRequestMethod("PUT");
+    assertThat(httpUrlConnection.getURL().getProtocol()).isEqualTo("https");
+    assertThat(httpUrlConnection.getURL().getPath()).endsWith("/test/20101017001");
+    verify(httpUrlConnection).setRequestProperty("Content-Type", "text/xml; charset=utf-8");
+    verify(httpUrlConnection).setRequestProperty("Authorization", "Basic dGVzdF9yeTpmb28=");
 
     // Verify the payload XML was the same as what's in testdata/report.xml.
-    XjcRdeReportReport report = parseReport(request.getValue().getPayload());
+    XjcRdeReportReport report = parseReport(connectionOutputStream.toByteArray());
     assertThat(report.getId()).isEqualTo("20101017001");
     assertThat(report.getCrDate()).isEqualTo(DateTime.parse("2010-10-17T00:15:00.0Z"));
     assertThat(report.getWatermark()).isEqualTo(DateTime.parse("2010-10-17T00:00:00Z"));
@@ -246,9 +230,6 @@ public class RdeReportActionTest {
     PGPPublicKey encryptKey = new FakeKeyringModule().get().getRdeStagingEncryptionKey();
     gcsUtils.createFromBytes(newReport, Ghostryde.encode(REPORT_XML.read(), encryptKey));
     tm().transact(() -> RdeRevision.saveRevision("test", DateTime.parse("2006-06-06TZ"), FULL, 1));
-    when(httpResponse.getResponseCode()).thenReturn(SC_OK);
-    when(httpResponse.getContent()).thenReturn(IIRDEA_GOOD_XML.read());
-    when(urlFetchService.fetch(request.capture())).thenReturn(httpResponse);
     createAction().runWithLock(loadRdeReportCursor());
     assertThat(response.getStatus()).isEqualTo(200);
   }
@@ -281,9 +262,8 @@ public class RdeReportActionTest {
 
   @Test
   void testRunWithLock_badRequest_throws500WithErrorInfo() throws Exception {
-    when(httpResponse.getResponseCode()).thenReturn(SC_BAD_REQUEST);
-    when(httpResponse.getContent()).thenReturn(IIRDEA_BAD_XML.read());
-    when(urlFetchService.fetch(request.capture())).thenReturn(httpResponse);
+    when(httpUrlConnection.getResponseCode()).thenReturn(STATUS_CODE_BAD_REQUEST);
+    when(httpUrlConnection.getInputStream()).thenReturn(IIRDEA_BAD_XML.openBufferedStream());
     InternalServerErrorException thrown =
         assertThrows(
             InternalServerErrorException.class,
@@ -292,38 +272,19 @@ public class RdeReportActionTest {
   }
 
   @Test
-  void testRunWithLock_fetchFailed_throwsRuntimeException() throws Exception {
-    class ExpectedThrownException extends RuntimeException {}
-    when(urlFetchService.fetch(any(HTTPRequest.class))).thenThrow(new ExpectedThrownException());
-    assertThrows(
-        ExpectedThrownException.class, () -> createAction().runWithLock(loadRdeReportCursor()));
-  }
-
-  @Test
-  void testRunWithLock_socketTimeout_doesRetry() throws Exception {
-    when(httpResponse.getResponseCode()).thenReturn(SC_OK);
-    when(httpResponse.getContent()).thenReturn(IIRDEA_GOOD_XML.read());
-    when(urlFetchService.fetch(request.capture()))
-        .thenThrow(new SocketTimeoutException())
-        .thenReturn(httpResponse);
-    createAction().runWithLock(loadRdeReportCursor());
-    assertThat(response.getStatus()).isEqualTo(200);
-    assertThat(response.getContentType()).isEqualTo(PLAIN_TEXT_UTF_8);
-    assertThat(response.getPayload()).isEqualTo("OK test 2006-06-06T00:00:00.000Z\n");
+  void testRunWithLock_notAuthorized() throws Exception {
+    when(httpUrlConnection.getResponseCode()).thenReturn(STATUS_CODE_UNAUTHORIZED);
+    UrlConnectionException thrown =
+        assertThrows(
+            UrlConnectionException.class, () -> createAction().runWithLock(loadRdeReportCursor()));
+    verify(httpUrlConnection, times(0)).getInputStream();
+    assertThat(thrown).hasMessageThat().contains("PUT failed");
   }
 
   private DateTime loadRdeReportCursor() {
     return loadByKey(Cursor.createScopedVKey(RDE_REPORT, registry)).getCursorTime();
   }
 
-  private static ImmutableMap<String, String> mapifyHeaders(Iterable<HTTPHeader> headers) {
-    ImmutableMap.Builder<String, String> builder = new ImmutableMap.Builder<>();
-    for (HTTPHeader header : headers) {
-      builder.put(Ascii.toUpperCase(header.getName().replace('-', '_')), header.getValue());
-    }
-    return builder.build();
-  }
-
   private static XjcRdeReportReport parseReport(byte[] data) {
     try {
       return XjcXmlTransformer.unmarshal(XjcRdeReportReport.class, new ByteArrayInputStream(data));

core/src/test/java/google/registry/reporting/icann/IcannHttpReporterTest.java

@@ -14,28 +14,27 @@
 
 package google.registry.reporting.icann;
 
-import static com.google.common.net.MediaType.CSV_UTF_8;
-import static com.google.common.net.MediaType.PLAIN_TEXT_UTF_8;
+import static com.google.api.client.http.HttpStatusCodes.STATUS_CODE_BAD_REQUEST;
+import static com.google.api.client.http.HttpStatusCodes.STATUS_CODE_OK;
+import static com.google.api.client.http.HttpStatusCodes.STATUS_CODE_SERVER_ERROR;
 import static com.google.common.truth.Truth.assertThat;
 import static google.registry.testing.DatabaseHelper.createTld;
 import static java.nio.charset.StandardCharsets.UTF_8;
 import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
 
-import com.google.api.client.http.HttpResponseException;
-import com.google.api.client.http.HttpStatusCodes;
-import com.google.api.client.http.LowLevelHttpRequest;
-import com.google.api.client.http.LowLevelHttpResponse;
-import com.google.api.client.testing.http.MockHttpTransport;
-import com.google.api.client.testing.http.MockLowLevelHttpRequest;
-import com.google.api.client.testing.http.MockLowLevelHttpResponse;
-import com.google.api.client.util.Base64;
 import com.google.api.client.util.StringUtils;
+import com.google.common.io.BaseEncoding;
 import com.google.common.io.ByteSource;
 import google.registry.persistence.transaction.JpaTestExtensions;
 import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationTestExtension;
-import java.io.IOException;
-import java.util.List;
-import java.util.Map;
+import google.registry.testing.FakeUrlConnectionService;
+import java.io.ByteArrayOutputStream;
+import java.net.HttpURLConnection;
+import java.net.URL;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.RegisterExtension;
@@ -46,103 +45,75 @@ class IcannHttpReporterTest {
   private static final ByteSource IIRDEA_GOOD_XML = ReportingTestData.loadBytes("iirdea_good.xml");
   private static final ByteSource IIRDEA_BAD_XML = ReportingTestData.loadBytes("iirdea_bad.xml");
   private static final byte[] FAKE_PAYLOAD = "test,csv\n1,2".getBytes(UTF_8);
+  private static final IcannHttpReporter reporter = new IcannHttpReporter();
 
-  private MockLowLevelHttpRequest mockRequest;
+  private final HttpURLConnection connection = mock(HttpURLConnection.class);
+  private final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+  private final FakeUrlConnectionService urlConnectionService =
+      new FakeUrlConnectionService(connection);
 
   @RegisterExtension
   final JpaIntegrationTestExtension jpa =
       new JpaTestExtensions.Builder().buildIntegrationTestExtension();
 
-  private MockHttpTransport createMockTransport(
-      int statusCode, final ByteSource iirdeaResponse) {
-    return new MockHttpTransport() {
-      @Override
-      public LowLevelHttpRequest buildRequest(String method, String url) {
-        mockRequest =
-            new MockLowLevelHttpRequest() {
-              @Override
-              public LowLevelHttpResponse execute() throws IOException {
-                MockLowLevelHttpResponse response = new MockLowLevelHttpResponse();
-                response.setStatusCode(statusCode);
-                response.setContentType(PLAIN_TEXT_UTF_8.toString());
-                response.setContent(iirdeaResponse.read());
-                return response;
-              }
-            };
-        mockRequest.setUrl(url);
-        return mockRequest;
-      }
-    };
-  }
-
-  private MockHttpTransport createMockTransport(final ByteSource iirdeaResponse) {
-    return createMockTransport(HttpStatusCodes.STATUS_CODE_OK, iirdeaResponse);
-  }
-
   @BeforeEach
-  void beforeEach() {
+  void beforeEach() throws Exception {
     createTld("test");
     createTld("xn--abc123");
-  }
-
-  private IcannHttpReporter createReporter() {
-    IcannHttpReporter reporter = new IcannHttpReporter();
-    reporter.httpTransport = createMockTransport(IIRDEA_GOOD_XML);
+    when(connection.getOutputStream()).thenReturn(outputStream);
+    when(connection.getResponseCode()).thenReturn(STATUS_CODE_OK);
+    when(connection.getInputStream()).thenReturn(IIRDEA_GOOD_XML.openBufferedStream());
+    reporter.urlConnectionService = urlConnectionService;
     reporter.password = "fakePass";
     reporter.icannTransactionsUrl = "https://fake-transactions.url";
     reporter.icannActivityUrl = "https://fake-activity.url";
-    return reporter;
   }
 
   @Test
   void testSuccess() throws Exception {
-    IcannHttpReporter reporter = createReporter();
-    reporter.send(FAKE_PAYLOAD, "test-transactions-201706.csv");
+    assertThat(reporter.send(FAKE_PAYLOAD, "test-transactions-201706.csv")).isTrue();
 
-    assertThat(mockRequest.getUrl()).isEqualTo("https://fake-transactions.url/test/2017-06");
-    Map<String, List<String>> headers = mockRequest.getHeaders();
+    assertThat(urlConnectionService.getConnectedUrls())
+        .containsExactly(new URL("https://fake-transactions.url/test/2017-06"));
     String userPass = "test_ry:fakePass";
     String expectedAuth =
-        String.format("Basic %s", Base64.encodeBase64String(StringUtils.getBytesUtf8(userPass)));
-    assertThat(headers.get("authorization")).containsExactly(expectedAuth);
-    assertThat(headers.get("content-type")).containsExactly(CSV_UTF_8.toString());
+        String.format("Basic %s", BaseEncoding.base64().encode(StringUtils.getBytesUtf8(userPass)));
+    verify(connection).setRequestProperty("Authorization", expectedAuth);
+    verify(connection).setRequestProperty("Content-Type", "text/csv; charset=utf-8");
+    assertThat(outputStream.toByteArray()).isEqualTo(FAKE_PAYLOAD);
   }
 
   @Test
   void testSuccess_internationalTld() throws Exception {
-    IcannHttpReporter reporter = createReporter();
-    reporter.send(FAKE_PAYLOAD, "xn--abc123-transactions-201706.csv");
+    assertThat(reporter.send(FAKE_PAYLOAD, "xn--abc123-transactions-201706.csv")).isTrue();
 
-    assertThat(mockRequest.getUrl()).isEqualTo("https://fake-transactions.url/xn--abc123/2017-06");
-    Map<String, List<String>> headers = mockRequest.getHeaders();
+    assertThat(urlConnectionService.getConnectedUrls())
+        .containsExactly(new URL("https://fake-transactions.url/xn--abc123/2017-06"));
     String userPass = "xn--abc123_ry:fakePass";
     String expectedAuth =
-        String.format("Basic %s", Base64.encodeBase64String(StringUtils.getBytesUtf8(userPass)));
-    assertThat(headers.get("authorization")).containsExactly(expectedAuth);
-    assertThat(headers.get("content-type")).containsExactly(CSV_UTF_8.toString());
+        String.format("Basic %s", BaseEncoding.base64().encode(StringUtils.getBytesUtf8(userPass)));
+    verify(connection).setRequestProperty("Authorization", expectedAuth);
+    verify(connection).setRequestProperty("Content-Type", "text/csv; charset=utf-8");
+    assertThat(outputStream.toByteArray()).isEqualTo(FAKE_PAYLOAD);
   }
 
   @Test
   void testFail_BadIirdeaResponse() throws Exception {
-    IcannHttpReporter reporter = createReporter();
-    reporter.httpTransport =
-        createMockTransport(HttpStatusCodes.STATUS_CODE_BAD_REQUEST, IIRDEA_BAD_XML);
+    when(connection.getInputStream()).thenReturn(IIRDEA_BAD_XML.openBufferedStream());
+    when(connection.getResponseCode()).thenReturn(STATUS_CODE_BAD_REQUEST);
     assertThat(reporter.send(FAKE_PAYLOAD, "test-transactions-201706.csv")).isFalse();
+    verify(connection).getInputStream();
   }
 
   @Test
-  void testFail_transportException() {
-    IcannHttpReporter reporter = createReporter();
-    reporter.httpTransport =
-        createMockTransport(HttpStatusCodes.STATUS_CODE_FORBIDDEN, ByteSource.empty());
-    assertThrows(
-        HttpResponseException.class,
-        () -> reporter.send(FAKE_PAYLOAD, "test-transactions-201706.csv"));
+  void testFail_OtherBadHttpResponse() throws Exception {
+    when(connection.getResponseCode()).thenReturn(STATUS_CODE_SERVER_ERROR);
+    assertThat(reporter.send(FAKE_PAYLOAD, "test-transactions-201706.csv")).isFalse();
+    verify(connection, times(0)).getInputStream();
   }
 
   @Test
   void testFail_invalidFilename_nonSixDigitYearMonth() {
-    IcannHttpReporter reporter = createReporter();
     IllegalArgumentException thrown =
         assertThrows(
             IllegalArgumentException.class,
@@ -156,7 +127,6 @@ class IcannHttpReporterTest {
 
   @Test
   void testFail_invalidFilename_notActivityOrTransactions() {
-    IcannHttpReporter reporter = createReporter();
     IllegalArgumentException thrown =
         assertThrows(
             IllegalArgumentException.class,
@@ -169,7 +139,6 @@ class IcannHttpReporterTest {
 
   @Test
   void testFail_invalidFilename_invalidTldName() {
-    IcannHttpReporter reporter = createReporter();
     IllegalArgumentException thrown =
         assertThrows(
             IllegalArgumentException.class,
@@ -183,7 +152,6 @@ class IcannHttpReporterTest {
 
   @Test
   void testFail_invalidFilename_tldDoesntExist() {
-    IcannHttpReporter reporter = createReporter();
     IllegalArgumentException thrown =
         assertThrows(
             IllegalArgumentException.class,

core/src/test/java/google/registry/reporting/spec11/Spec11EmailUtilsTest.java

@@ -26,6 +26,8 @@ import static google.registry.testing.DatabaseHelper.loadByEntity;
 import static google.registry.testing.DatabaseHelper.persistActiveHost;
 import static google.registry.testing.DatabaseHelper.persistResource;
 import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.same;
 import static org.mockito.Mockito.doThrow;
 import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
@@ -41,11 +43,13 @@ import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationT
 import google.registry.reporting.spec11.soy.Spec11EmailSoyInfo;
 import google.registry.testing.DatabaseHelper;
 import google.registry.util.EmailMessage;
+import google.registry.util.Sleeper;
 import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.Optional;
 import javax.mail.MessagingException;
 import javax.mail.internet.InternetAddress;
+import org.joda.time.Duration;
 import org.joda.time.LocalDate;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -101,6 +105,8 @@ class Spec11EmailUtilsTest {
       new JpaTestExtensions.Builder().buildIntegrationTestExtension();
 
   @Mock private GmailClient gmailClient;
+  @Mock private Sleeper sleeper;
+  private Duration emailThrottleDuration = Duration.millis(1);
   private Spec11EmailUtils emailUtils;
   private ArgumentCaptor<EmailMessage> contentCaptor;
   private final LocalDate date = new LocalDate(2018, 7, 15);
@@ -114,6 +120,8 @@ class Spec11EmailUtilsTest {
     emailUtils =
         new Spec11EmailUtils(
             gmailClient,
+            sleeper,
+            emailThrottleDuration,
             new InternetAddress("my-receiver@test.com"),
             new InternetAddress("abuse@test.com"),
             ImmutableList.of(
@@ -128,6 +136,19 @@ class Spec11EmailUtilsTest {
     persistDomainWithHost("c.com", host);
   }
 
+  @Test
+  void testSuccess_sleepsBetweenSending() throws Exception {
+    emailUtils.emailSpec11Reports(
+        date,
+        Spec11EmailSoyInfo.MONTHLY_SPEC_11_EMAIL,
+        "Super Cool Registry Monthly Threat Detector [2018-07-15]",
+        sampleThreatMatches());
+    // We inspect individual parameters because Message doesn't implement equals().
+    verify(gmailClient, times(3)).sendEmail(any(EmailMessage.class));
+    // Sleep once between two reports sent in a tight loop. No sleep before the final alert message.
+    verify(sleeper, times(1)).sleep(same(emailThrottleDuration));
+  }
+
   @Test
   void testSuccess_emailMonthlySpec11Reports() throws Exception {
     emailUtils.emailSpec11Reports(
@@ -144,7 +165,7 @@ class Spec11EmailUtilsTest {
         "the.registrar@example.com",
         ImmutableList.of("abuse@test.com", "bcc@test.com"),
         "Super Cool Registry Monthly Threat Detector [2018-07-15]",
-        String.format(MONTHLY_EMAIL_FORMAT, "<tr><td>a.com</td><td>MALWARE</td></tr>"),
+        String.format(MONTHLY_EMAIL_FORMAT, "<tr><td>a[.]com</td><td>MALWARE</td></tr>"),
         Optional.of(MediaType.HTML_UTF_8));
     validateMessage(
         capturedContents.get(1),
@@ -154,7 +175,7 @@ class Spec11EmailUtilsTest {
         "Super Cool Registry Monthly Threat Detector [2018-07-15]",
         String.format(
             MONTHLY_EMAIL_FORMAT,
-            "<tr><td>b.com</td><td>MALWARE</td></tr><tr><td>c.com</td><td>MALWARE</td></tr>"),
+            "<tr><td>b[.]com</td><td>MALWARE</td></tr><tr><td>c[.]com</td><td>MALWARE</td></tr>"),
         Optional.of(MediaType.HTML_UTF_8));
     validateMessage(
         capturedContents.get(2),
@@ -182,7 +203,7 @@ class Spec11EmailUtilsTest {
         "the.registrar@example.com",
         ImmutableList.of("abuse@test.com", "bcc@test.com"),
         "Super Cool Registry Daily Threat Detector [2018-07-15]",
-        String.format(DAILY_EMAIL_FORMAT, "<tr><td>a.com</td><td>MALWARE</td></tr>"),
+        String.format(DAILY_EMAIL_FORMAT, "<tr><td>a[.]com</td><td>MALWARE</td></tr>"),
         Optional.of(MediaType.HTML_UTF_8));
     validateMessage(
         capturedMessages.get(1),
@@ -192,7 +213,7 @@ class Spec11EmailUtilsTest {
         "Super Cool Registry Daily Threat Detector [2018-07-15]",
         String.format(
             DAILY_EMAIL_FORMAT,
-            "<tr><td>b.com</td><td>MALWARE</td></tr><tr><td>c.com</td><td>MALWARE</td></tr>"),
+            "<tr><td>b[.]com</td><td>MALWARE</td></tr><tr><td>c[.]com</td><td>MALWARE</td></tr>"),
         Optional.of(MediaType.HTML_UTF_8));
     validateMessage(
         capturedMessages.get(2),
@@ -223,7 +244,7 @@ class Spec11EmailUtilsTest {
         "new.registrar@example.com",
         ImmutableList.of("abuse@test.com", "bcc@test.com"),
         "Super Cool Registry Monthly Threat Detector [2018-07-15]",
-        String.format(MONTHLY_EMAIL_FORMAT, "<tr><td>c.com</td><td>MALWARE</td></tr>"),
+        String.format(MONTHLY_EMAIL_FORMAT, "<tr><td>c[.]com</td><td>MALWARE</td></tr>"),
         Optional.of(MediaType.HTML_UTF_8));
     validateMessage(
         capturedContents.get(1),
@@ -256,7 +277,7 @@ class Spec11EmailUtilsTest {
         "the.registrar@example.com",
         ImmutableList.of("abuse@test.com", "bcc@test.com"),
         "Super Cool Registry Monthly Threat Detector [2018-07-15]",
-        String.format(MONTHLY_EMAIL_FORMAT, "<tr><td>a.com</td><td>MALWARE</td></tr>"),
+        String.format(MONTHLY_EMAIL_FORMAT, "<tr><td>a[.]com</td><td>MALWARE</td></tr>"),
         Optional.of(MediaType.HTML_UTF_8));
     validateMessage(
         capturedContents.get(1),
@@ -266,7 +287,7 @@ class Spec11EmailUtilsTest {
         "Super Cool Registry Monthly Threat Detector [2018-07-15]",
         String.format(
             MONTHLY_EMAIL_FORMAT,
-            "<tr><td>b.com</td><td>MALWARE</td></tr><tr><td>c.com</td><td>MALWARE</td></tr>"),
+            "<tr><td>b[.]com</td><td>MALWARE</td></tr><tr><td>c[.]com</td><td>MALWARE</td></tr>"),
         Optional.of(MediaType.HTML_UTF_8));
     validateMessage(
         capturedContents.get(2),
@@ -311,7 +332,7 @@ class Spec11EmailUtilsTest {
         "the.registrar@example.com",
         ImmutableList.of("abuse@test.com", "bcc@test.com"),
         "Super Cool Registry Monthly Threat Detector [2018-07-15]",
-        String.format(MONTHLY_EMAIL_FORMAT, "<tr><td>a.com</td><td>MALWARE</td></tr>"),
+        String.format(MONTHLY_EMAIL_FORMAT, "<tr><td>a[.]com</td><td>MALWARE</td></tr>"),
         Optional.of(MediaType.HTML_UTF_8));
     validateMessage(
         capturedMessages.get(1),
@@ -321,7 +342,7 @@ class Spec11EmailUtilsTest {
         "Super Cool Registry Monthly Threat Detector [2018-07-15]",
         String.format(
             MONTHLY_EMAIL_FORMAT,
-            "<tr><td>b.com</td><td>MALWARE</td></tr><tr><td>c.com</td><td>MALWARE</td></tr>"),
+            "<tr><td>b[.]com</td><td>MALWARE</td></tr><tr><td>c[.]com</td><td>MALWARE</td></tr>"),
         Optional.of(MediaType.HTML_UTF_8));
     validateMessage(
         capturedMessages.get(2),

core/src/test/java/google/registry/request/RequestHandlerTest.java

@@ -20,6 +20,7 @@ import static google.registry.request.Action.Method.GET;
 import static google.registry.request.Action.Method.POST;
 import static google.registry.request.auth.Auth.AUTH_API_ADMIN;
 import static google.registry.request.auth.Auth.AUTH_PUBLIC;
+import static google.registry.request.auth.AuthResult.NOT_AUTHENTICATED;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.mock;
@@ -228,7 +229,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("GET");
     when(req.getRequestURI()).thenReturn("/bumblebee");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -242,7 +243,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("POST");
     when(req.getRequestURI()).thenReturn("/bumblebee");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -255,7 +256,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("GET");
     when(req.getRequestURI()).thenReturn("/bumblebee/hive");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -268,7 +269,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("POST");
     when(req.getRequestURI()).thenReturn("/sloth");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -284,7 +285,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("POST");
     when(req.getRequestURI()).thenReturn("/sloth/nest");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -296,7 +297,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("GET");
     when(req.getRequestURI()).thenReturn("/fail");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -311,7 +312,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("GET");
     when(req.getRequestURI()).thenReturn("/failAtConstruction");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -324,7 +325,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("GET");
     when(req.getRequestURI()).thenReturn("/bogus");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -336,7 +337,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("POST");
     when(req.getRequestURI()).thenReturn("/fail");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -348,7 +349,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("FIREAWAY");
     when(req.getRequestURI()).thenReturn("/fail");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -364,7 +365,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("get");
     when(req.getRequestURI()).thenReturn("/bumblebee");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -386,7 +387,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("POST");
     when(req.getRequestURI()).thenReturn("/safe-sloth");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -399,7 +400,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("GET");
     when(req.getRequestURI()).thenReturn("/safe-sloth");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -412,7 +413,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("GET");
     when(req.getRequestURI()).thenReturn("/auth/none");
     when(requestAuthenticator.authorize(AUTH_PUBLIC.authSettings(), req))
-        .thenReturn(Optional.of(AuthResult.create(AuthLevel.NONE)));
+        .thenReturn(Optional.of(NOT_AUTHENTICATED));
 
     handler.handleRequest(req, rsp);
 
@@ -440,8 +441,7 @@ public final class RequestHandlerTest {
     when(req.getMethod()).thenReturn("GET");
     when(req.getRequestURI()).thenReturn("/auth/adminUser");
     when(requestAuthenticator.authorize(AUTH_API_ADMIN.authSettings(), req))
-        .thenReturn(
-            Optional.of(AuthResult.create(AuthLevel.USER, UserAuthInfo.create(testUser, true))));
+        .thenReturn(Optional.of(AuthResult.createUser(UserAuthInfo.create(testUser, true))));
 
     handler.handleRequest(req, rsp);
 
@@ -449,7 +449,6 @@ public final class RequestHandlerTest {
     assertThat(providedAuthResult.authLevel()).isEqualTo(AuthLevel.USER);
     assertThat(providedAuthResult.userAuthInfo()).isPresent();
     assertThat(providedAuthResult.userAuthInfo().get().appEngineUser()).hasValue(testUser);
-    assertThat(providedAuthResult.userAuthInfo().get().oauthTokenInfo()).isEmpty();
     assertMetric("/auth/adminUser", GET, AuthLevel.USER, true);
   }
 }

core/src/test/java/google/registry/request/auth/AuthenticatedRegistrarAccessorTest.java

@@ -15,6 +15,7 @@
 package google.registry.request.auth;
 
 import static com.google.common.truth.Truth.assertThat;
+import static google.registry.request.auth.AuthResult.NOT_AUTHENTICATED;
 import static google.registry.request.auth.AuthenticatedRegistrarAccessor.Role.ADMIN;
 import static google.registry.request.auth.AuthenticatedRegistrarAccessor.Role.OWNER;
 import static google.registry.testing.DatabaseHelper.loadRegistrar;
@@ -40,7 +41,6 @@ import google.registry.model.registrar.Registrar;
 import google.registry.model.registrar.Registrar.State;
 import google.registry.persistence.transaction.JpaTestExtensions;
 import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationTestExtension;
-import google.registry.request.auth.AuthSettings.AuthLevel;
 import google.registry.request.auth.AuthenticatedRegistrarAccessor.RegistrarAccessDeniedException;
 import google.registry.util.JdkLoggerConfig;
 import java.util.Optional;
@@ -75,7 +75,7 @@ class AuthenticatedRegistrarAccessorTest {
 
   private static final AuthResult USER = createAuthResult(false);
   private static final AuthResult GAE_ADMIN = createAuthResult(true);
-  private static final AuthResult NO_USER = AuthResult.create(AuthLevel.NONE);
+  private static final AuthResult NO_USER = NOT_AUTHENTICATED;
   private static final Optional<String> SUPPORT_GROUP = Optional.of("support@registry.example");
   /** Registrar ID of a REAL registrar with a RegistrarContact for USER and GAE_ADMIN. */
   private static final String REGISTRAR_ID_WITH_CONTACT = "TheRegistrar";
@@ -94,8 +94,7 @@ class AuthenticatedRegistrarAccessorTest {
    * @param isAdmin if true, the user is an administrator for the app-engine project.
    */
   private static AuthResult createAuthResult(boolean isAdmin) {
-    return AuthResult.create(
-        AuthLevel.USER,
+    return AuthResult.createUser(
         UserAuthInfo.create(new User("johndoe@theregistrar.com", "theregistrar.com"), isAdmin));
   }
 
@@ -295,8 +294,7 @@ class AuthenticatedRegistrarAccessorTest {
   void testGetRegistrarForUser_inContacts_isNotAdmin_caseInsensitive() throws Exception {
     expectGetRegistrarSuccess(
         REGISTRAR_ID_WITH_CONTACT,
-        AuthResult.create(
-            AuthLevel.USER,
+        AuthResult.createUser(
             UserAuthInfo.create(new User("JohnDoe@theregistrar.com", "theregistrar.com"), false)),
         "user JohnDoe@theregistrar.com has [OWNER] access to registrar TheRegistrar");
     verify(lazyGroupsConnection).get();
@@ -417,12 +415,11 @@ class AuthenticatedRegistrarAccessorTest {
   void testConsoleUser_admin() {
     google.registry.model.console.User consoleUser =
         new google.registry.model.console.User.Builder()
-            .setGaiaId("gaiaId")
             .setEmailAddress("email@email.com")
             .setUserRoles(
                 new UserRoles.Builder().setIsAdmin(true).setGlobalRole(GlobalRole.FTE).build())
             .build();
-    AuthResult authResult = AuthResult.create(AuthLevel.USER, UserAuthInfo.create(consoleUser));
+    AuthResult authResult = AuthResult.createUser(UserAuthInfo.create(consoleUser));
     AuthenticatedRegistrarAccessor registrarAccessor =
         new AuthenticatedRegistrarAccessor(
             authResult, ADMIN_REGISTRAR_ID, SUPPORT_GROUP, lazyGroupsConnection);
@@ -444,11 +441,10 @@ class AuthenticatedRegistrarAccessorTest {
     // not admins
     google.registry.model.console.User consoleUser =
         new google.registry.model.console.User.Builder()
-            .setGaiaId("gaiaId")
             .setEmailAddress("email@email.com")
             .setUserRoles(new UserRoles.Builder().setGlobalRole(GlobalRole.SUPPORT_AGENT).build())
             .build();
-    AuthResult authResult = AuthResult.create(AuthLevel.USER, UserAuthInfo.create(consoleUser));
+    AuthResult authResult = AuthResult.createUser(UserAuthInfo.create(consoleUser));
     AuthenticatedRegistrarAccessor registrarAccessor =
         new AuthenticatedRegistrarAccessor(
             authResult, ADMIN_REGISTRAR_ID, SUPPORT_GROUP, lazyGroupsConnection);
@@ -462,7 +458,6 @@ class AuthenticatedRegistrarAccessorTest {
     // Registrar employees should have OWNER access to their registrars
     google.registry.model.console.User consoleUser =
         new google.registry.model.console.User.Builder()
-            .setGaiaId("gaiaId")
             .setEmailAddress("email@email.com")
             .setUserRoles(
                 new UserRoles.Builder()
@@ -474,7 +469,7 @@ class AuthenticatedRegistrarAccessorTest {
                             RegistrarRole.ACCOUNT_MANAGER))
                     .build())
             .build();
-    AuthResult authResult = AuthResult.create(AuthLevel.USER, UserAuthInfo.create(consoleUser));
+    AuthResult authResult = AuthResult.createUser(UserAuthInfo.create(consoleUser));
     AuthenticatedRegistrarAccessor registrarAccessor =
         new AuthenticatedRegistrarAccessor(
             authResult, ADMIN_REGISTRAR_ID, SUPPORT_GROUP, lazyGroupsConnection);

core/src/test/java/google/registry/request/auth/OidcTokenAuthenticationMechanismTest.java

@@ -18,7 +18,6 @@ import static com.google.common.net.HttpHeaders.AUTHORIZATION;
 import static com.google.common.truth.Truth.assertThat;
 import static google.registry.request.auth.AuthModule.BEARER_PREFIX;
 import static google.registry.request.auth.AuthModule.IAP_HEADER_NAME;
-import static google.registry.request.auth.AuthModule.PROXY_HEADER_NAME;
 import static google.registry.testing.DatabaseHelper.insertInDb;
 import static org.mockito.ArgumentMatchers.eq;
 import static org.mockito.Mockito.mock;
@@ -61,7 +60,6 @@ public class OidcTokenAuthenticationMechanismTest {
   private final User user =
       new User.Builder()
           .setEmailAddress(email)
-          .setGaiaId(gaiaId)
           .setUserRoles(
               new UserRoles.Builder().setIsAdmin(true).setGlobalRole(GlobalRole.FTE).build())
           .build();
@@ -93,9 +91,8 @@ public class OidcTokenAuthenticationMechanismTest {
 
   @Test
   void testAuthResultBypass() {
-    OidcTokenAuthenticationMechanism.setAuthResultForTesting(AuthResult.create(AuthLevel.APP));
-    assertThat(authenticationMechanism.authenticate(null))
-        .isEqualTo(AuthResult.create(AuthLevel.APP));
+    OidcTokenAuthenticationMechanism.setAuthResultForTesting(AuthResult.NOT_AUTHENTICATED);
+    assertThat(authenticationMechanism.authenticate(null)).isEqualTo(AuthResult.NOT_AUTHENTICATED);
   }
 
   @Test
@@ -141,7 +138,6 @@ public class OidcTokenAuthenticationMechanismTest {
     User serviceUser =
         new User.Builder()
             .setEmailAddress("service@email.test")
-            .setGaiaId("service-gaia-id")
             .setUserRoles(
                 new UserRoles.Builder().setIsAdmin(true).setGlobalRole(GlobalRole.FTE).build())
             .build();
@@ -171,16 +167,10 @@ public class OidcTokenAuthenticationMechanismTest {
   void testRegular_tokenExtractor() throws Exception {
     useRegularOidcMechanism();
     // The token does not have the "Bearer " prefix.
-    when(request.getHeader(PROXY_HEADER_NAME)).thenReturn(rawToken);
+    when(request.getHeader(AUTHORIZATION)).thenReturn(rawToken);
     assertThat(authenticationMechanism.tokenExtractor.extract(request)).isNull();
 
     // The token is in the correct format.
-    when(request.getHeader(PROXY_HEADER_NAME))
-        .thenReturn(String.format("%s%s", BEARER_PREFIX, rawToken));
-    assertThat(authenticationMechanism.tokenExtractor.extract(request)).isEqualTo(rawToken);
-
-    // The token is in the correct format, and under the alternative header.
-    when(request.getHeader(PROXY_HEADER_NAME)).thenReturn(null);
     when(request.getHeader(AUTHORIZATION))
         .thenReturn(String.format("%s%s", BEARER_PREFIX, rawToken));
     assertThat(authenticationMechanism.tokenExtractor.extract(request)).isEqualTo(rawToken);

core/src/test/java/google/registry/request/auth/RequestAuthenticatorTest.java

@@ -14,361 +14,276 @@
 
 package google.registry.request.auth;
 
-import static com.google.common.net.HttpHeaders.AUTHORIZATION;
 import static com.google.common.truth.Truth.assertThat;
 import static com.google.common.truth.Truth8.assertThat;
+import static google.registry.request.auth.AuthResult.NOT_AUTHENTICATED;
+import static google.registry.request.auth.AuthSettings.AuthLevel.APP;
+import static google.registry.request.auth.AuthSettings.AuthLevel.NONE;
+import static google.registry.request.auth.AuthSettings.AuthLevel.USER;
+import static google.registry.request.auth.AuthSettings.AuthMethod.API;
+import static google.registry.request.auth.AuthSettings.AuthMethod.LEGACY;
+import static google.registry.request.auth.AuthSettings.UserPolicy.ADMIN;
+import static google.registry.request.auth.AuthSettings.UserPolicy.PUBLIC;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.verifyNoInteractions;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.verifyNoMoreInteractions;
 import static org.mockito.Mockito.when;
 
-import com.google.appengine.api.users.User;
-import com.google.appengine.api.users.UserService;
 import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableSet;
-import google.registry.persistence.transaction.JpaTestExtensions;
-import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationTestExtension;
+import google.registry.model.console.GlobalRole;
+import google.registry.model.console.User;
+import google.registry.model.console.UserRoles;
 import google.registry.request.auth.AuthSettings.AuthLevel;
 import google.registry.request.auth.AuthSettings.AuthMethod;
 import google.registry.request.auth.AuthSettings.UserPolicy;
-import google.registry.security.XsrfTokenManager;
-import google.registry.testing.FakeClock;
-import google.registry.testing.FakeOAuthService;
-import google.registry.testing.FakeUserService;
 import java.util.Optional;
 import javax.servlet.http.HttpServletRequest;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.RegisterExtension;
 
 /** Unit tests for {@link RequestAuthenticator}. */
 class RequestAuthenticatorTest {
 
-  @RegisterExtension
-  final JpaIntegrationTestExtension jpa =
-      new JpaTestExtensions.Builder().buildIntegrationTestExtension();
+  private static final AuthResult APP_AUTH = AuthResult.createApp("app@registry.example");
 
-  private static final AuthSettings AUTH_NONE =
-      AuthSettings.create(ImmutableList.of(AuthMethod.API), AuthLevel.NONE, UserPolicy.PUBLIC);
+  private static final AuthResult USER_PUBLIC_AUTH =
+      AuthResult.createUser(
+          UserAuthInfo.create(
+              new User.Builder()
+                  .setEmailAddress("user@registry.example")
+                  .setUserRoles(
+                      new UserRoles.Builder()
+                          .setIsAdmin(false)
+                          .setGlobalRole(GlobalRole.NONE)
+                          .build())
+                  .build()));
 
-  private static final AuthSettings AUTH_ANY_USER_ANY_METHOD =
-      AuthSettings.create(
-          ImmutableList.of(AuthMethod.API, AuthMethod.LEGACY), AuthLevel.USER, UserPolicy.PUBLIC);
+  private static final AuthResult USER_ADMIN_AUTH =
+      AuthResult.createUser(
+          UserAuthInfo.create(
+              new User.Builder()
+                  .setEmailAddress("admin@registry.example")
+                  .setUserRoles(
+                      new UserRoles.Builder()
+                          .setIsAdmin(true)
+                          .setGlobalRole(GlobalRole.FTE)
+                          .build())
+                  .build()));
 
-  private static final AuthSettings AUTH_ANY_USER_NO_LEGACY =
-      AuthSettings.create(ImmutableList.of(AuthMethod.API), AuthLevel.USER, UserPolicy.PUBLIC);
-
-  private static final AuthSettings AUTH_ADMIN_USER_ANY_METHOD =
-      AuthSettings.create(
-          ImmutableList.of(AuthMethod.API, AuthMethod.LEGACY), AuthLevel.USER, UserPolicy.ADMIN);
-
-  private static final AuthSettings AUTH_NO_METHODS =
-      AuthSettings.create(ImmutableList.of(), AuthLevel.APP, UserPolicy.PUBLIC);
-
-  private static final AuthSettings AUTH_WRONG_METHOD_ORDERING =
-      AuthSettings.create(
-          ImmutableList.of(AuthMethod.LEGACY, AuthMethod.API), AuthLevel.APP, UserPolicy.PUBLIC);
-
-  private static final AuthSettings AUTH_DUPLICATE_METHODS =
-      AuthSettings.create(
-          ImmutableList.of(AuthMethod.API, AuthMethod.API), AuthLevel.APP, UserPolicy.PUBLIC);
-
-  private static final AuthSettings AUTH_NONE_REQUIRES_ADMIN =
-      AuthSettings.create(ImmutableList.of(AuthMethod.API), AuthLevel.NONE, UserPolicy.ADMIN);
-
-  private final UserService mockUserService = mock(UserService.class);
   private final HttpServletRequest req = mock(HttpServletRequest.class);
 
-  private final User testUser = new User("test@google.com", "test@google.com");
-  private final FakeUserService fakeUserService = new FakeUserService();
-  private final XsrfTokenManager xsrfTokenManager =
-      new XsrfTokenManager(new FakeClock(), fakeUserService);
-  private final FakeOAuthService fakeOAuthService =
-      new FakeOAuthService(
-          false /* isOAuthEnabled */,
-          testUser,
-          false /* isUserAdmin */,
-          "test-client-id",
-          ImmutableList.of("test-scope1", "test-scope2", "nontest-scope"));
+  private final AuthenticationMechanism apiAuthenticationMechanism1 =
+      mock(AuthenticationMechanism.class);
+  private final AuthenticationMechanism apiAuthenticationMechanism2 =
+      mock(AuthenticationMechanism.class);
+  private final LegacyAuthenticationMechanism legacyAuthenticationMechanism =
+      mock(LegacyAuthenticationMechanism.class);
+
+  private Optional<AuthResult> authorize(AuthLevel authLevel, UserPolicy userPolicy) {
+    return new RequestAuthenticator(
+            ImmutableList.of(apiAuthenticationMechanism1, apiAuthenticationMechanism2),
+            legacyAuthenticationMechanism)
+        .authorize(AuthSettings.create(ImmutableList.of(API, LEGACY), authLevel, userPolicy), req);
+  }
+
+  private AuthResult authenticate(AuthMethod... methods) {
+    return new RequestAuthenticator(
+            ImmutableList.of(apiAuthenticationMechanism1, apiAuthenticationMechanism2),
+            legacyAuthenticationMechanism)
+        .authenticate(AuthSettings.create(ImmutableList.copyOf(methods), NONE, PUBLIC), req);
+  }
 
   @BeforeEach
   void beforeEach() {
-    when(req.getMethod()).thenReturn("POST");
-  }
-
-  private RequestAuthenticator createRequestAuthenticator(UserService userService) {
-    return new RequestAuthenticator(
-        ImmutableList.of(
-            new OAuthAuthenticationMechanism(
-                fakeOAuthService,
-                ImmutableSet.of("test-scope1", "test-scope2", "test-scope3"),
-                ImmutableSet.of("test-scope1", "test-scope2"),
-                ImmutableSet.of("test-client-id", "other-test-client-id"))),
-        new LegacyAuthenticationMechanism(userService, xsrfTokenManager));
-  }
-
-  private Optional<AuthResult> runTest(UserService userService, AuthSettings auth) {
-    return createRequestAuthenticator(userService).authorize(auth, req);
+    when(apiAuthenticationMechanism1.authenticate(req)).thenReturn(NOT_AUTHENTICATED);
+    when(apiAuthenticationMechanism2.authenticate(req)).thenReturn(NOT_AUTHENTICATED);
+    when(legacyAuthenticationMechanism.authenticate(req)).thenReturn(NOT_AUTHENTICATED);
   }
 
   @Test
-  void testNoAuthNeeded_noneFound() {
-    Optional<AuthResult> authResult = runTest(mockUserService, AUTH_NONE);
-
-    verifyNoInteractions(mockUserService);
-    assertThat(authResult).isPresent();
-    assertThat(authResult.get().authLevel()).isEqualTo(AuthLevel.NONE);
+  void testAuthorize_noneRequired() {
+    for (AuthResult resultFound :
+        ImmutableList.of(NOT_AUTHENTICATED, APP_AUTH, USER_ADMIN_AUTH, USER_PUBLIC_AUTH)) {
+      when(apiAuthenticationMechanism1.authenticate(req)).thenReturn(resultFound);
+      assertThat(authorize(NONE, PUBLIC)).hasValue(resultFound);
+    }
   }
 
   @Test
-  void testAnyUserAnyMethod_notLoggedIn() {
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ANY_USER_ANY_METHOD);
+  void testAuthorize_appPublicRequired() {
+    authorize(APP, PUBLIC);
+    assertThat(authorize(APP, PUBLIC)).isEmpty();
 
-    assertThat(authResult).isEmpty();
+    for (AuthResult resultFound : ImmutableList.of(APP_AUTH, USER_ADMIN_AUTH, USER_PUBLIC_AUTH)) {
+      when(apiAuthenticationMechanism1.authenticate(req)).thenReturn(resultFound);
+      assertThat(authorize(APP, PUBLIC)).hasValue(resultFound);
+    }
   }
 
   @Test
-  void testAnyUserAnyMethod_xsrfFailure() {
-    fakeUserService.setUser(testUser, false);
+  void testAuthorize_appAdminRequired() {
+    for (AuthResult resultFound : ImmutableList.of(NOT_AUTHENTICATED, USER_PUBLIC_AUTH)) {
+      when(apiAuthenticationMechanism1.authenticate(req)).thenReturn(resultFound);
+      assertThat(authorize(APP, ADMIN)).isEmpty();
+    }
 
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ANY_USER_ANY_METHOD);
-
-    assertThat(authResult).isEmpty();
+    for (AuthResult resultFound : ImmutableList.of(APP_AUTH, USER_ADMIN_AUTH)) {
+      when(apiAuthenticationMechanism1.authenticate(req)).thenReturn(resultFound);
+      assertThat(authorize(APP, ADMIN)).hasValue(resultFound);
+    }
   }
 
   @Test
-  void testAnyUserAnyMethod_success() {
-    fakeUserService.setUser(testUser, false /* isAdmin */);
-    when(req.getHeader(XsrfTokenManager.X_CSRF_TOKEN))
-        .thenReturn(xsrfTokenManager.generateToken(testUser.getEmail()));
+  void testAuthorize_userPublicRequired() {
+    for (AuthResult resultFound : ImmutableList.of(NOT_AUTHENTICATED, APP_AUTH)) {
+      when(apiAuthenticationMechanism1.authenticate(req)).thenReturn(resultFound);
+      assertThat(authorize(USER, PUBLIC)).isEmpty();
+    }
 
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ANY_USER_ANY_METHOD);
-
-    assertThat(authResult).isPresent();
-    assertThat(authResult.get().authLevel()).isEqualTo(AuthLevel.USER);
-    assertThat(authResult.get().userAuthInfo()).isPresent();
-    assertThat(authResult.get().userAuthInfo().get().appEngineUser()).hasValue(testUser);
-    assertThat(authResult.get().userAuthInfo().get().isUserAdmin()).isFalse();
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo()).isEmpty();
+    for (AuthResult resultFound : ImmutableList.of(USER_PUBLIC_AUTH, USER_ADMIN_AUTH)) {
+      when(apiAuthenticationMechanism1.authenticate(req)).thenReturn(resultFound);
+      assertThat(authorize(USER, PUBLIC)).hasValue(resultFound);
+    }
   }
 
   @Test
-  void testAnyUserAnyMethod_xsrfNotRequiredForGet() {
-    fakeUserService.setUser(testUser, false);
-    when(req.getMethod()).thenReturn("GET");
+  void testAuthorize_userAdminRequired() {
+    for (AuthResult resultFound : ImmutableList.of(NOT_AUTHENTICATED, APP_AUTH, USER_PUBLIC_AUTH)) {
+      when(apiAuthenticationMechanism1.authenticate(req)).thenReturn(resultFound);
+      assertThat(authorize(USER, ADMIN)).isEmpty();
+    }
 
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ANY_USER_ANY_METHOD);
-
-    assertThat(authResult).isPresent();
-    assertThat(authResult.get().authLevel()).isEqualTo(AuthLevel.USER);
-    assertThat(authResult.get().userAuthInfo()).isPresent();
-    assertThat(authResult.get().userAuthInfo().get().appEngineUser()).hasValue(testUser);
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo()).isEmpty();
+    when(apiAuthenticationMechanism1.authenticate(req)).thenReturn(USER_ADMIN_AUTH);
+    assertThat(authorize(USER, ADMIN)).hasValue(USER_ADMIN_AUTH);
   }
 
   @Test
-  void testAdminUserAnyMethod_notLoggedIn() {
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ADMIN_USER_ANY_METHOD);
-
-    assertThat(authResult).isEmpty();
+  void testAuthenticate_apiFirst() {
+    when(apiAuthenticationMechanism1.authenticate(req)).thenReturn(APP_AUTH);
+    assertThat(authenticate(API, LEGACY)).isEqualTo(APP_AUTH);
+    verify(apiAuthenticationMechanism1).authenticate(req);
+    verifyNoMoreInteractions(apiAuthenticationMechanism1);
+    verifyNoMoreInteractions(apiAuthenticationMechanism2);
+    verifyNoMoreInteractions(legacyAuthenticationMechanism);
   }
 
   @Test
-  void testAdminUserAnyMethod_notAdminUser() {
-    fakeUserService.setUser(testUser, false /* isAdmin */);
-
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ADMIN_USER_ANY_METHOD);
-
-    assertThat(authResult).isEmpty();
+  void testAuthenticate_apiSecond() {
+    when(apiAuthenticationMechanism2.authenticate(req)).thenReturn(APP_AUTH);
+    assertThat(authenticate(API, LEGACY)).isEqualTo(APP_AUTH);
+    verify(apiAuthenticationMechanism1).authenticate(req);
+    verify(apiAuthenticationMechanism2).authenticate(req);
+    verifyNoMoreInteractions(apiAuthenticationMechanism1);
+    verifyNoMoreInteractions(apiAuthenticationMechanism2);
+    verifyNoMoreInteractions(legacyAuthenticationMechanism);
   }
 
   @Test
-  void testAdminUserAnyMethod_xsrfFailure() {
-    fakeUserService.setUser(testUser, true);
-
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ADMIN_USER_ANY_METHOD);
-
-    assertThat(authResult).isEmpty();
+  void testAuthenticate_legacy() {
+    when(legacyAuthenticationMechanism.authenticate(req)).thenReturn(APP_AUTH);
+    assertThat(authenticate(API, LEGACY)).isEqualTo(APP_AUTH);
+    verify(apiAuthenticationMechanism1).authenticate(req);
+    verify(apiAuthenticationMechanism2).authenticate(req);
+    verify(legacyAuthenticationMechanism).authenticate(req);
+    verifyNoMoreInteractions(apiAuthenticationMechanism1);
+    verifyNoMoreInteractions(apiAuthenticationMechanism2);
+    verifyNoMoreInteractions(legacyAuthenticationMechanism);
   }
 
   @Test
-  void testAdminUserAnyMethod_success() {
-    fakeUserService.setUser(testUser, true /* isAdmin */);
-    when(req.getHeader(XsrfTokenManager.X_CSRF_TOKEN))
-        .thenReturn(xsrfTokenManager.generateToken(testUser.getEmail()));
-
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ADMIN_USER_ANY_METHOD);
-
-    assertThat(authResult).isPresent();
-    assertThat(authResult.get().authLevel()).isEqualTo(AuthLevel.USER);
-    assertThat(authResult.get().userAuthInfo()).isPresent();
-    assertThat(authResult.get().userAuthInfo().get().appEngineUser()).hasValue(testUser);
-    assertThat(authResult.get().userAuthInfo().get().isUserAdmin()).isTrue();
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo()).isEmpty();
+  void testAuthenticate_returnFirstResult() {
+    // API auth 2 returns an authenticted auth result, so we don't bother trying the next auth
+    // (legacy auth).
+    when(apiAuthenticationMechanism2.authenticate(req)).thenReturn(APP_AUTH);
+    when(legacyAuthenticationMechanism.authenticate(req)).thenReturn(USER_PUBLIC_AUTH);
+    assertThat(authenticate(API, LEGACY)).isEqualTo(APP_AUTH);
+    verify(apiAuthenticationMechanism1).authenticate(req);
+    verify(apiAuthenticationMechanism2).authenticate(req);
+    verifyNoMoreInteractions(apiAuthenticationMechanism1);
+    verifyNoMoreInteractions(apiAuthenticationMechanism2);
+    verifyNoMoreInteractions(legacyAuthenticationMechanism);
   }
 
   @Test
-  void testOAuth_success() {
-    fakeOAuthService.setUser(testUser);
-    fakeOAuthService.setOAuthEnabled(true);
-    when(req.getHeader(AUTHORIZATION)).thenReturn("Bearer TOKEN");
-
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ANY_USER_NO_LEGACY);
-
-    assertThat(authResult).isPresent();
-    assertThat(authResult.get().authLevel()).isEqualTo(AuthLevel.USER);
-    assertThat(authResult.get().userAuthInfo()).isPresent();
-    assertThat(authResult.get().userAuthInfo().get().appEngineUser()).hasValue(testUser);
-    assertThat(authResult.get().userAuthInfo().get().isUserAdmin()).isFalse();
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo()).isPresent();
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().authorizedScopes())
-        .containsAtLeast("test-scope1", "test-scope2");
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().oauthClientId())
-        .isEqualTo("test-client-id");
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().rawAccessToken())
-        .isEqualTo("TOKEN");
+  void testAuthenticate_notAuthenticated() {
+    assertThat(authenticate(API, LEGACY)).isEqualTo(NOT_AUTHENTICATED);
+    verify(apiAuthenticationMechanism1).authenticate(req);
+    verify(apiAuthenticationMechanism2).authenticate(req);
+    verify(legacyAuthenticationMechanism).authenticate(req);
+    verifyNoMoreInteractions(apiAuthenticationMechanism1);
+    verifyNoMoreInteractions(apiAuthenticationMechanism2);
+    verifyNoMoreInteractions(legacyAuthenticationMechanism);
   }
 
   @Test
-  void testOAuthAdmin_success() {
-    fakeOAuthService.setUser(testUser);
-    fakeOAuthService.setUserAdmin(true);
-    fakeOAuthService.setOAuthEnabled(true);
-    when(req.getHeader(AUTHORIZATION)).thenReturn("Bearer TOKEN");
-
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ANY_USER_NO_LEGACY);
-
-    assertThat(authResult).isPresent();
-    assertThat(authResult.get().authLevel()).isEqualTo(AuthLevel.USER);
-    assertThat(authResult.get().userAuthInfo()).isPresent();
-    assertThat(authResult.get().userAuthInfo().get().appEngineUser()).hasValue(testUser);
-    assertThat(authResult.get().userAuthInfo().get().isUserAdmin()).isTrue();
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo()).isPresent();
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().authorizedScopes())
-        .containsAtLeast("test-scope1", "test-scope2");
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().oauthClientId())
-        .isEqualTo("test-client-id");
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().rawAccessToken())
-        .isEqualTo("TOKEN");
+  void testAuthenticate_apiOnly() {
+    when(legacyAuthenticationMechanism.authenticate(req)).thenReturn(USER_PUBLIC_AUTH);
+    assertThat(authenticate(API)).isEqualTo(NOT_AUTHENTICATED);
+    verify(apiAuthenticationMechanism1).authenticate(req);
+    verify(apiAuthenticationMechanism2).authenticate(req);
+    verifyNoMoreInteractions(apiAuthenticationMechanism1);
+    verifyNoMoreInteractions(apiAuthenticationMechanism2);
+    verifyNoMoreInteractions(legacyAuthenticationMechanism);
   }
 
   @Test
-  void testOAuthMissingAuthenticationToken_failure() {
-    fakeOAuthService.setUser(testUser);
-    fakeOAuthService.setOAuthEnabled(true);
-
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ANY_USER_NO_LEGACY);
-
-    assertThat(authResult).isEmpty();
+  void testAuthenticate_legacyOnly() {
+    when(apiAuthenticationMechanism1.authenticate(req)).thenReturn(USER_PUBLIC_AUTH);
+    assertThat(authenticate(LEGACY)).isEqualTo(NOT_AUTHENTICATED);
+    verify(legacyAuthenticationMechanism).authenticate(req);
+    verifyNoMoreInteractions(apiAuthenticationMechanism1);
+    verifyNoMoreInteractions(apiAuthenticationMechanism2);
+    verifyNoMoreInteractions(legacyAuthenticationMechanism);
   }
 
   @Test
-  void testOAuthClientIdMismatch_failure() {
-    fakeOAuthService.setUser(testUser);
-    fakeOAuthService.setOAuthEnabled(true);
-    fakeOAuthService.setClientId("wrong-client-id");
-    when(req.getHeader(AUTHORIZATION)).thenReturn("Bearer TOKEN");
-
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ANY_USER_NO_LEGACY);
-
-    assertThat(authResult).isEmpty();
-  }
-
-  @Test
-  void testOAuthNoScopes_failure() {
-    fakeOAuthService.setUser(testUser);
-    fakeOAuthService.setOAuthEnabled(true);
-    fakeOAuthService.setAuthorizedScopes();
-    when(req.getHeader(AUTHORIZATION)).thenReturn("Bearer TOKEN");
-
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ANY_USER_NO_LEGACY);
-
-    assertThat(authResult).isEmpty();
-  }
-
-  @Test
-  void testOAuthMissingScope_failure() {
-    fakeOAuthService.setUser(testUser);
-    fakeOAuthService.setOAuthEnabled(true);
-    fakeOAuthService.setAuthorizedScopes("test-scope1", "test-scope3");
-    when(req.getHeader(AUTHORIZATION)).thenReturn("Bearer TOKEN");
-
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ANY_USER_NO_LEGACY);
-
-    assertThat(authResult).isEmpty();
-  }
-
-  @Test
-  void testOAuthExtraScope_success() {
-    fakeOAuthService.setUser(testUser);
-    fakeOAuthService.setOAuthEnabled(true);
-    fakeOAuthService.setAuthorizedScopes("test-scope1", "test-scope2", "test-scope3");
-    when(req.getHeader(AUTHORIZATION)).thenReturn("Bearer TOKEN");
-
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ANY_USER_NO_LEGACY);
-
-    assertThat(authResult).isPresent();
-    assertThat(authResult.get().authLevel()).isEqualTo(AuthLevel.USER);
-    assertThat(authResult.get().userAuthInfo()).isPresent();
-    assertThat(authResult.get().userAuthInfo().get().appEngineUser()).hasValue(testUser);
-    assertThat(authResult.get().userAuthInfo().get().isUserAdmin()).isFalse();
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo()).isPresent();
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().authorizedScopes())
-        .containsAtLeast("test-scope1", "test-scope2", "test-scope3");
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().oauthClientId())
-        .isEqualTo("test-client-id");
-    assertThat(authResult.get().userAuthInfo().get().oauthTokenInfo().get().rawAccessToken())
-        .isEqualTo("TOKEN");
-  }
-
-  @Test
-  void testAnyUserNoLegacy_failureWithLegacyUser() {
-    fakeUserService.setUser(testUser, false /* isAdmin */);
-
-    Optional<AuthResult> authResult = runTest(fakeUserService, AUTH_ANY_USER_NO_LEGACY);
-
-    assertThat(authResult).isEmpty();
-  }
-
-  @Test
-  void testCheckAuthConfig_noMethods_failure() {
+  void testFailure_checkAuthConfig_noMethods() {
     IllegalArgumentException thrown =
         assertThrows(
             IllegalArgumentException.class,
-            () -> RequestAuthenticator.checkAuthConfig(AUTH_NO_METHODS));
+            () ->
+                RequestAuthenticator.checkAuthConfig(
+                    AuthSettings.create(ImmutableList.of(), NONE, PUBLIC)));
     assertThat(thrown).hasMessageThat().contains("Must specify at least one auth method");
   }
 
   @Test
-  void testCheckAuthConfig_wrongMethodOrdering_failure() {
+  void testFailure_checkAuthConfig_wrongMethodOrder() {
     IllegalArgumentException thrown =
         assertThrows(
             IllegalArgumentException.class,
-            () -> RequestAuthenticator.checkAuthConfig(AUTH_WRONG_METHOD_ORDERING));
+            () ->
+                RequestAuthenticator.checkAuthConfig(
+                    AuthSettings.create(ImmutableList.of(LEGACY, API), NONE, PUBLIC)));
     assertThat(thrown)
         .hasMessageThat()
         .contains("Auth methods must be unique and strictly in order - API, LEGACY");
   }
 
   @Test
-  void testCheckAuthConfig_noneAuthLevelRequiresAdmin_failure() {
+  void testFailure_CheckAuthConfig_duplicateMethods() {
     IllegalArgumentException thrown =
         assertThrows(
             IllegalArgumentException.class,
-            () -> RequestAuthenticator.checkAuthConfig(AUTH_NONE_REQUIRES_ADMIN));
+            () ->
+                RequestAuthenticator.checkAuthConfig(
+                    AuthSettings.create(ImmutableList.of(API, API), NONE, PUBLIC)));
+    assertThat(thrown)
+        .hasMessageThat()
+        .contains("Auth methods must be unique and strictly in order - API, LEGACY");
+  }
+
+  @Test
+  void testFailure_checkAuthConfig_noneAuthLevelRequiresAdmin() {
+    IllegalArgumentException thrown =
+        assertThrows(
+            IllegalArgumentException.class,
+            () ->
+                RequestAuthenticator.checkAuthConfig(
+                    AuthSettings.create(ImmutableList.of(API, LEGACY), NONE, ADMIN)));
     assertThat(thrown)
         .hasMessageThat()
         .contains("Actions with minimal auth level at NONE should not specify ADMIN user policy");
   }
-
-  @Test
-  void testCheckAuthConfig_DuplicateMethods_failure() {
-    IllegalArgumentException thrown =
-        assertThrows(
-            IllegalArgumentException.class,
-            () -> RequestAuthenticator.checkAuthConfig(AUTH_DUPLICATE_METHODS));
-    assertThat(thrown)
-        .hasMessageThat()
-        .contains("Auth methods must be unique and strictly in order - API, LEGACY");
-  }
 }

core/src/test/java/google/registry/schema/integration/SqlIntegrationTestSuite.java

@@ -61,7 +61,7 @@ import org.junit.runner.RunWith;
  * and have at least one test method that persists a JPA entity declared in persistence.xml.
  *
  * <p>Note that with {@link JpaIntegrationWithCoverageExtension}, each method starts with an empty
- * database. Therefore this is not the right place for verifying backwards data compatibility in
+ * database. Therefore, this is not the right place for verifying backwards data compatibility in
  * end-to-end functional tests.
  *
  * <p>As of April 2020, none of the before/after annotations ({@code BeforeClass} and {@code
@@ -107,7 +107,9 @@ import org.junit.runner.RunWith;
   // AfterSuiteTest must be the last entry. See class javadoc for details.
   AfterSuiteTest.class
 })
-public class SqlIntegrationTestSuite {
+public final class SqlIntegrationTestSuite {
+
+  private SqlIntegrationTestSuite() {}
 
   @BeforeAll // Not yet supported in JUnit 5. Called through BeforeSuiteTest.
   public static void initJpaEntityCoverage() {

core/src/test/java/google/registry/security/XsrfTokenManagerTest.java

@@ -16,13 +16,15 @@ package google.registry.security;
 
 import static com.google.common.truth.Truth.assertThat;
 import static google.registry.util.DateTimeUtils.START_OF_TIME;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
 
 import com.google.appengine.api.users.User;
+import com.google.appengine.api.users.UserService;
 import com.google.common.base.Splitter;
 import google.registry.persistence.transaction.JpaTestExtensions;
 import google.registry.persistence.transaction.JpaTestExtensions.JpaIntegrationTestExtension;
 import google.registry.testing.FakeClock;
-import google.registry.testing.FakeUserService;
 import org.joda.time.Duration;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -37,14 +39,16 @@ class XsrfTokenManagerTest {
 
   private final User testUser = new User("test@example.com", "test@example.com");
   private final FakeClock clock = new FakeClock(START_OF_TIME);
-  private final FakeUserService userService = new FakeUserService();
+  private final UserService userService = mock(UserService.class);
   private final XsrfTokenManager xsrfTokenManager = new XsrfTokenManager(clock, userService);
 
   private String token;
 
   @BeforeEach
   void beforeEach() {
-    userService.setUser(testUser, false);
+    when(userService.isUserLoggedIn()).thenReturn(true);
+    when(userService.getCurrentUser()).thenReturn(testUser);
+    when(userService.isUserAdmin()).thenReturn(false);
     token = xsrfTokenManager.generateToken(testUser.getEmail());
   }
 

core/src/test/java/google/registry/server/RegistryTestServer.java

@@ -84,7 +84,7 @@ public final class RegistryTestServer {
 
   private final TestServer server;
 
-  /** @see TestServer#TestServer(HostAndPort, ImmutableMap, ImmutableList, ImmutableList) */
+  /** @see TestServer#TestServer(HostAndPort, ImmutableMap, ImmutableList) */
   public RegistryTestServer(HostAndPort address) {
     server = new TestServer(address, RUNFILES, ROUTES);
   }
@@ -104,7 +104,7 @@ public final class RegistryTestServer {
     server.stop();
   }
 
-  /** @see TestServer#getUrl(java.lang.String) */
+  /** @see TestServer#getUrl(String) */
   public URL getUrl(String path) {
     return server.getUrl(path);
   }

core/src/test/java/google/registry/server/RegistryTestServerMain.java

@@ -25,7 +25,6 @@ import google.registry.model.console.UserRoles;
 import google.registry.persistence.transaction.JpaTestExtensions;
 import google.registry.persistence.transaction.JpaTransactionManagerExtension;
 import google.registry.request.auth.AuthResult;
-import google.registry.request.auth.AuthSettings.AuthLevel;
 import google.registry.request.auth.OidcTokenAuthenticationMechanism;
 import google.registry.request.auth.UserAuthInfo;
 import google.registry.testing.UserInfo;
@@ -144,12 +143,11 @@ public final class RegistryTestServerMain {
     User user =
         new User.Builder()
             .setEmailAddress(loginEmail)
-            .setGaiaId("123457890")
             .setUserRoles(userRoles)
             .setRegistryLockPassword("registryLockPassword")
             .build();
     OidcTokenAuthenticationMechanism.setAuthResultForTesting(
-        AuthResult.create(AuthLevel.USER, UserAuthInfo.create(user)));
+        AuthResult.createUser(UserAuthInfo.create(user)));
     new JpaTestExtensions.Builder().buildIntegrationTestExtension().beforeEach(null);
     JpaTransactionManagerExtension.loadInitialData();
     System.out.printf("%sLoading fixtures...%s\n", BLUE, RESET);

core/src/test/java/google/registry/testing/FakeOAuthService.java

@@ -1,130 +0,0 @@
-// Copyright 2017 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.testing;
-
-import com.google.appengine.api.oauth.OAuthRequestException;
-import com.google.appengine.api.oauth.OAuthService;
-import com.google.appengine.api.users.User;
-import com.google.common.collect.ImmutableList;
-import java.util.List;
-
-/** A fake {@link OAuthService} implementation for testing. */
-public class FakeOAuthService implements OAuthService {
-
-  private boolean isOAuthEnabled;
-  private User currentUser;
-  private boolean isUserAdmin;
-  private String clientId;
-  private ImmutableList<String> authorizedScopes;
-
-  public FakeOAuthService(
-      boolean isOAuthEnabled,
-      User currentUser,
-      boolean isUserAdmin,
-      String clientId,
-      List<String> authorizedScopes) {
-    this.isOAuthEnabled = isOAuthEnabled;
-    this.currentUser = currentUser;
-    this.isUserAdmin = isUserAdmin;
-    this.clientId = clientId;
-    this.authorizedScopes = ImmutableList.copyOf(authorizedScopes);
-  }
-
-  public void setOAuthEnabled(boolean isOAuthEnabled) {
-    this.isOAuthEnabled = isOAuthEnabled;
-  }
-
-  public void setUser(User currentUser) {
-    this.currentUser = currentUser;
-  }
-
-  public void setUserAdmin(boolean isUserAdmin) {
-    this.isUserAdmin = isUserAdmin;
-  }
-
-  public void setClientId(String clientId) {
-    this.clientId = clientId;
-  }
-
-  public void setAuthorizedScopes(String... scopes) {
-    this.authorizedScopes = ImmutableList.copyOf(scopes);
-  }
-
-  @Override
-  public User getCurrentUser() throws OAuthRequestException {
-    if (!isOAuthEnabled) {
-      throw new OAuthRequestException("invalid OAuth request");
-    }
-    return currentUser;
-  }
-
-  @Override
-  public User getCurrentUser(String scope) throws OAuthRequestException {
-    return getCurrentUser();
-  }
-
-  @Override
-  public User getCurrentUser(String... scopes) throws OAuthRequestException {
-    return getCurrentUser();
-  }
-
-  @Override
-  public boolean isUserAdmin() throws OAuthRequestException {
-    if (!isOAuthEnabled) {
-      throw new OAuthRequestException("invalid OAuth request");
-    }
-    return isUserAdmin;
-  }
-
-  @Override
-  public boolean isUserAdmin(String scope) throws OAuthRequestException {
-    return isUserAdmin();
-  }
-
-  @Override
-  public boolean isUserAdmin(String... scopes) throws OAuthRequestException {
-    return isUserAdmin();
-  }
-
-  @Override
-  public String getClientId(String scope) throws OAuthRequestException {
-    if (!isOAuthEnabled) {
-      throw new OAuthRequestException("invalid OAuth request");
-    }
-    return clientId;
-  }
-
-  @Override
-  public String getClientId(String... scopes) throws OAuthRequestException {
-    if (!isOAuthEnabled) {
-      throw new OAuthRequestException("invalid OAuth request");
-    }
-    return clientId;
-  }
-
-  @Override
-  public String[] getAuthorizedScopes(String... scopes) throws OAuthRequestException {
-    if (!isOAuthEnabled) {
-      throw new OAuthRequestException("invalid OAuth request");
-    }
-    return authorizedScopes.toArray(new String[0]);
-  }
-
-  @Deprecated
-  @Override
-  public String getOAuthConsumerKey() {
-    throw new UnsupportedOperationException();
-  }
-}

core/src/test/java/google/registry/testing/FakeUrlConnectionService.java

@@ -16,6 +16,7 @@ package google.registry.testing;
 
 import static org.mockito.Mockito.when;
 
+import com.google.common.collect.ImmutableList;
 import google.registry.request.UrlConnectionService;
 import java.net.HttpURLConnection;
 import java.net.URL;
@@ -26,15 +27,10 @@ import java.util.List;
 public class FakeUrlConnectionService implements UrlConnectionService {
 
   private final HttpURLConnection mockConnection;
-  private final List<URL> connectedUrls;
+  private final List<URL> connectedUrls = new ArrayList<>();
 
   public FakeUrlConnectionService(HttpURLConnection mockConnection) {
-    this(mockConnection, new ArrayList<>());
-  }
-
-  public FakeUrlConnectionService(HttpURLConnection mockConnection, List<URL> connectedUrls) {
     this.mockConnection = mockConnection;
-    this.connectedUrls = connectedUrls;
   }
 
   @Override
@@ -43,4 +39,8 @@ public class FakeUrlConnectionService implements UrlConnectionService {
     when(mockConnection.getURL()).thenReturn(url);
     return mockConnection;
   }
+
+  public ImmutableList<URL> getConnectedUrls() {
+    return ImmutableList.copyOf(connectedUrls);
+  }
 }

core/src/test/java/google/registry/testing/FakeUserService.java

@@ -1,76 +0,0 @@
-// Copyright 2017 The Nomulus Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package google.registry.testing;
-
-import com.google.appengine.api.users.User;
-import com.google.appengine.api.users.UserService;
-import google.registry.model.annotations.DeleteAfterMigration;
-import java.util.Set;
-import javax.annotation.Nullable;
-
-/** Fake implementation of {@link UserService} for testing. */
-@DeleteAfterMigration
-public class FakeUserService implements UserService {
-
-  @Nullable private User user = null;
-  private boolean isAdmin = false;
-
-  public void setUser(@Nullable User user, boolean isAdmin) {
-    this.user = user;
-    this.isAdmin = isAdmin;
-  }
-
-  @Override
-  public String createLoginURL(String destinationURL) {
-    return String.format("/login?dest=%s", destinationURL);
-  }
-
-  @Override
-  public String createLoginURL(String destinationURL, String authDomain) {
-    return createLoginURL(destinationURL);
-  }
-
-  @Deprecated
-  @Override
-  public String createLoginURL(String destinationURL, String authDomain, String federatedIdentity,
-      Set<String> attributesRequest) {
-    throw new UnsupportedOperationException();
-  }
-
-  @Override
-  public String createLogoutURL(String destinationURL) {
-    return String.format("/logout?dest=%s", destinationURL);
-  }
-
-  @Override
-  public String createLogoutURL(String destinationURL, String authDomain) {
-    return createLogoutURL(destinationURL);
-  }
-
-  @Override
-  public boolean isUserLoggedIn() {
-    return user != null;
-  }
-
-  @Override
-  public boolean isUserAdmin() {
-    return isAdmin;
-  }
-
-  @Override
-  public User getCurrentUser() {
-    return user;
-  }
-}