Save session data directly in a cookie

[jianglai]

The new CookieSessionMetadata makes the Nomulus EPP endpoint stateless. The session data is stored in the cookie, which has the same lifetime as the connection/session itself. This makes the session information global and therefore the release process seamless as no session needs to be re-established via proxy restart, as long as the proxy stays connected to the client, and no period during which stale session information exists on the proxy but not on the newly deployed backend itself exists. It also makes it possible to horizontally scale the frontend deployment like other stateless services.

Also removed a redundant JDK version check in tests as we require at least JDK 21 now. There are some JDK versions which are not all digits (e.g. 21.0.5-ea) that cause the parsing to fail.

TESTED=Deployed to crash. Verified that proxy restart is no longer needed and no "no logged in" errors appeared during a release.

This change is 

[jianglai]

Reviewed 7 of 10 files at r1, 1 of 1 files at r2, 1 of 1 files at r3, 1 of 1 files at r4, 2 of 2 files at r5, 2 of 2 files at r6, all commit messages.
Reviewable status: complete! all files reviewed, all discussions resolved (waiting on @jianglai)

[jianglai]

Reviewed 1 of 1 files at r7, all commit messages.
Reviewable status: complete! all files reviewed, all discussions resolved (waiting on @jianglai)

[ptkach]

Reviewed 1 of 10 files at r1, 1 of 1 files at r3, 1 of 1 files at r7, all commit messages.
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @jianglai)

---

core/src/main/java/google/registry/flows/CookieSessionMetadata.java line 68 at r7 (raw file):

                String sessionInfo = decode(matcher.group(1));
                matcher = REGISTRAR_ID_PATTERN.matcher(sessionInfo);
                if (matcher.find()) {

This kind of approach (parsing string,then regexping) sometimes can lead to errors that hard to find, so I think we might want to have some logging to all of the patter matchers to make sure that we can trace back what's been matched in the cookie and that it worked as expected.

[ptkach]

Reviewable status: 9 of 10 files reviewed, 2 unresolved discussions (waiting on @jianglai)

---

core/src/main/java/google/registry/flows/CookieSessionMetadata.java line 69 at r8 (raw file):

              if (matcher.find()) {
                String sessionInfo = decode(matcher.group(1));
                logger.atInfo().log("SESSION INFO: %s", sessionInfo);

As this doesn't actually provide any clarity on what matchers actually matched. I think logger.atInfo().log("SESSION INFO: %s", data.toString()); at the bottom would be more useful.

[jianglai]

Reviewed 1 of 1 files at r8, all commit messages.
Reviewable status: all files reviewed, 2 unresolved discussions (waiting on @ptkach)

---

core/src/main/java/google/registry/flows/CookieSessionMetadata.java line 68 at r7 (raw file):

Previously, ptkach (Pavlo Tkach) wrote…

This kind of approach (parsing string,then regexping) sometimes can lead to errors that hard to find, so I think we might want to have some logging to all of the patter matchers to make sure that we can trace back what's been matched in the cookie and that it worked as expected.

Done.

---

core/src/main/java/google/registry/flows/CookieSessionMetadata.java line 69 at r8 (raw file):

Previously, ptkach (Pavlo Tkach) wrote…

As this doesn't actually provide any clarity on what matchers actually matched. I think logger.atInfo().log("SESSION INFO: %s", data.toString()); at the bottom would be more useful.

We want the raw cookie because we can use it to deduce which part of the parsing went wrong.

As far logging the data itself, it is actually already logged here.

[ptkach]

Reviewed 5 of 10 files at r1, 1 of 2 files at r5, 1 of 1 files at r8, all commit messages.
Reviewable status: all files reviewed, 2 unresolved discussions (waiting on @jianglai)