fix: use netty shaded as compile dependency

Author: diegomarquezp

sdk-platform-java/pqc-test/pqc-test-common/src/main/java/com/google/api/gax/httpjson/PqcConnectivityTest.java

@@ -152,6 +152,19 @@ private void runGrpcTest(int port, boolean shouldSucceed) throws Exception {
             .setEndpoint("localhost:" + port)
             .setHeaderProvider(() -> java.util.Collections.emptyMap());
 
+    channelProviderBuilder.setChannelConfigurator(
+        new com.google.api.core.ApiFunction<io.grpc.ManagedChannelBuilder, io.grpc.ManagedChannelBuilder>() {
+          @Override
+          public io.grpc.ManagedChannelBuilder apply(io.grpc.ManagedChannelBuilder builder) {
+            builder.overrideAuthority("localhost");
+            if (port == grpcPqcPort) {
+              configureGrpcChannelForPqc(builder);
+            } else {
+              configureGrpcChannelForClassical(builder);
+            }
+            return builder;
+          }
+        });
 
     com.google.api.gax.grpc.InstantiatingGrpcChannelProvider channelProvider = channelProviderBuilder.build();
     com.google.api.gax.rpc.TransportChannel transportChannel = channelProvider.getTransportChannel();
@@ -210,4 +223,66 @@ public byte[] parse(InputStream stream) {
       }
     }
   }
+  private static void configureGrpcChannelForPqc(io.grpc.ManagedChannelBuilder<?> builder) {
+    if (!(builder instanceof NettyChannelBuilder)) {
+      throw new IllegalArgumentException(
+          "Unsupported channel builder type: " + builder.getClass().getName());
+    }
+    NettyChannelBuilder nettyBuilder = (NettyChannelBuilder) builder;
+
+    // Ensures HTTP/2 is used as it's required by gRPC
+    ApplicationProtocolConfig apn =
+        new ApplicationProtocolConfig(
+            ApplicationProtocolConfig.Protocol.ALPN,
+            ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE,
+            ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT,
+            "h2");
+
+    try {
+      java.security.Provider bcProvider = new org.bouncycastle.jce.provider.BouncyCastleProvider();
+      java.security.Provider bcJsseProvider =
+          new org.bouncycastle.jsse.provider.BouncyCastleJsseProvider(bcProvider);
+
+      SslContext shadedSslContext =
+          SslContextBuilder.forClient()
+              .sslProvider(io.grpc.netty.shaded.io.netty.handler.ssl.SslProvider.JDK)
+              .sslContextProvider(bcJsseProvider)
+              .protocols("TLSv1.3")
+              .applicationProtocolConfig(apn)
+              .trustManager(InsecureTrustManagerFactory.INSTANCE)
+              .build();
+
+      nettyBuilder.sslContext(shadedSslContext);
+    } catch (Exception e) {
+      throw new RuntimeException("Failed to configure shaded gRPC Netty channel for PQC", e);
+    }
+  }
+
+  private static void configureGrpcChannelForClassical(io.grpc.ManagedChannelBuilder<?> builder) {
+    if (!(builder instanceof NettyChannelBuilder)) {
+      throw new IllegalArgumentException(
+          "Unsupported channel builder type: " + builder.getClass().getName());
+    }
+    NettyChannelBuilder nettyBuilder = (NettyChannelBuilder) builder;
+
+    ApplicationProtocolConfig apn =
+        new ApplicationProtocolConfig(
+            ApplicationProtocolConfig.Protocol.ALPN,
+            ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE,
+            ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT,
+            "h2");
+
+    try {
+      SslContext shadedSslContext =
+          SslContextBuilder.forClient()
+              .applicationProtocolConfig(apn)
+              .trustManager(InsecureTrustManagerFactory.INSTANCE)
+              .build();
+
+      nettyBuilder.sslContext(shadedSslContext);
+    } catch (Exception e) {
+      throw new RuntimeException("Failed to configure shaded gRPC Netty channel for Classical", e);
+    }
+  }
 }
+