Fixup: Address comments from #12492

Author: sauravzg

xds/src/main/java/io/grpc/xds/GrpcBootstrapperImpl.java

@@ -19,14 +19,19 @@
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.collect.ImmutableMap;
 import com.google.errorprone.annotations.concurrent.GuardedBy;
+import io.grpc.CallCredentials;
 import io.grpc.ChannelCredentials;
 import io.grpc.internal.JsonUtil;
 import io.grpc.xds.client.BootstrapperImpl;
 import io.grpc.xds.client.XdsInitializationException;
 import io.grpc.xds.client.XdsLogger;
+import io.grpc.xds.internal.grpcservice.ChannelCredsConfig;
+import io.grpc.xds.internal.grpcservice.ConfiguredChannelCredentials;
+import io.grpc.xds.internal.grpcservice.GrpcServiceXdsContext;
 import java.io.IOException;
 import java.util.List;
 import java.util.Map;
+import java.util.Optional;
 import javax.annotation.Nullable;
 
 class GrpcBootstrapperImpl extends BootstrapperImpl {
@@ -97,7 +102,8 @@ protected String getJsonContent() throws XdsInitializationException, IOException
   @Override
   protected Object getImplSpecificConfig(Map<String, ?> serverConfig, String serverUri)
       throws XdsInitializationException {
-    return getChannelCredentials(serverConfig, serverUri);
+    ConfiguredChannelCredentials configuredChannel = getChannelCredentials(serverConfig, serverUri);
+    return configuredChannel != null ? configuredChannel.channelCredentials() : null;
   }
 
   @GuardedBy("GrpcBootstrapperImpl.class")
@@ -120,26 +126,26 @@ static synchronized BootstrapInfo defaultBootstrap() throws XdsInitializationExc
     return defaultBootstrap;
   }
 
-  private static ChannelCredentials getChannelCredentials(Map<String, ?> serverConfig,
-                                                          String serverUri)
+  private static ConfiguredChannelCredentials getChannelCredentials(Map<String, ?> serverConfig,
+                                                                  String serverUri)
       throws XdsInitializationException {
     List<?> rawChannelCredsList = JsonUtil.getList(serverConfig, "channel_creds");
     if (rawChannelCredsList == null || rawChannelCredsList.isEmpty()) {
       throw new XdsInitializationException(
           "Invalid bootstrap: server " + serverUri + " 'channel_creds' required");
     }
-    ChannelCredentials channelCredentials =
+    ConfiguredChannelCredentials credentials =
         parseChannelCredentials(JsonUtil.checkObjectList(rawChannelCredsList), serverUri);
-    if (channelCredentials == null) {
+    if (credentials == null) {
       throw new XdsInitializationException(
           "Server " + serverUri + ": no supported channel credentials found");
     }
-    return channelCredentials;
+    return credentials;
   }
 
   @Nullable
-  private static ChannelCredentials parseChannelCredentials(List<Map<String, ?>> jsonList,
-                                                            String serverUri)
+  private static ConfiguredChannelCredentials parseChannelCredentials(List<Map<String, ?>> jsonList,
+          String serverUri)
       throws XdsInitializationException {
     for (Map<String, ?> channelCreds : jsonList) {
       String type = JsonUtil.getString(channelCreds, "type");
@@ -155,9 +161,90 @@ private static ChannelCredentials parseChannelCredentials(List<Map<String, ?>> j
           config = ImmutableMap.of();
         }
 
-        return provider.newChannelCredentials(config);
+        ChannelCredentials creds = provider.newChannelCredentials(config);
+        if (creds == null) {
+          continue;
+        }
+        return ConfiguredChannelCredentials.create(creds, new JsonChannelCredsConfig(type, config));
       }
     }
     return null;
   }
+
+  @Override
+  protected Optional<Object> parseAllowedGrpcServices(
+      Map<String, ?> rawAllowedGrpcServices)
+      throws XdsInitializationException {
+    ImmutableMap.Builder<String, GrpcServiceXdsContext.AllowedGrpcService> builder =
+        ImmutableMap.builder();
+    for (String targetUri : rawAllowedGrpcServices.keySet()) {
+      Map<String, ?> serviceConfig = JsonUtil.getObject(rawAllowedGrpcServices, targetUri);
+      if (serviceConfig == null) {
+        throw new XdsInitializationException(
+            "Invalid allowed_grpc_services config for " + targetUri);
+      }
+      ConfiguredChannelCredentials configuredChannel =
+          getChannelCredentials(serviceConfig, targetUri);
+
+      Optional<CallCredentials> callCredentials = Optional.empty();
+      List<?> rawCallCredsList = JsonUtil.getList(serviceConfig, "call_creds");
+      if (rawCallCredsList != null && !rawCallCredsList.isEmpty()) {
+        callCredentials =
+            parseCallCredentials(JsonUtil.checkObjectList(rawCallCredsList), targetUri);
+      }
+
+      GrpcServiceXdsContext.AllowedGrpcService.Builder b = GrpcServiceXdsContext.AllowedGrpcService
+          .builder().configuredChannelCredentials(configuredChannel);
+      callCredentials.ifPresent(b::callCredentials);
+      builder.put(targetUri, b.build());
+    }
+    ImmutableMap<String, GrpcServiceXdsContext.AllowedGrpcService> parsed = builder.buildOrThrow();
+    return parsed.isEmpty() ? Optional.empty() : Optional.of(parsed);
+  }
+
+  @SuppressWarnings("unused")
+  private static Optional<CallCredentials> parseCallCredentials(List<Map<String, ?>> jsonList,
+                                                          String targetUri)
+      throws XdsInitializationException {
+    // TODO(sauravzg): Currently no xDS call credentials providers are implemented (no
+    // XdsCallCredentialsRegistry).
+    // As per A102/A97, we should just ignore unsupported call credentials types
+    // without throwing an exception.
+    return Optional.empty();
+  }
+
+  private static final class JsonChannelCredsConfig implements ChannelCredsConfig {
+    private final String type;
+    private final Map<String, ?> config;
+
+    JsonChannelCredsConfig(String type, Map<String, ?> config) {
+      this.type = type;
+      this.config = config;
+    }
+
+    @Override
+    public String type() {
+      return type;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+      if (this == o) {
+        return true;
+      }
+      if (o == null || getClass() != o.getClass()) {
+        return false;
+      }
+      JsonChannelCredsConfig that = (JsonChannelCredsConfig) o;
+      return java.util.Objects.equals(type, that.type)
+          && java.util.Objects.equals(config, that.config);
+    }
+
+    @Override
+    public int hashCode() {
+      return java.util.Objects.hash(type, config);
+    }
+  }
+
 }
+

xds/src/main/java/io/grpc/xds/client/Bootstrapper.java

@@ -26,6 +26,7 @@
 import io.grpc.xds.client.EnvoyProtoData.Node;
 import java.util.List;
 import java.util.Map;
+import java.util.Optional;
 import javax.annotation.Nullable;
 
 /**
@@ -205,6 +206,12 @@ public abstract static class BootstrapInfo {
      */
     public abstract ImmutableMap<String, AuthorityInfo> authorities();
 
+    /**
+     * Parsed allowed_grpc_services configuration.
+     * Returns an opaque object containing the parsed configuration.
+     */
+    public abstract Optional<Object> allowedGrpcServices();
+
     @VisibleForTesting
     public static Builder builder() {
       return new AutoValue_Bootstrapper_BootstrapInfo.Builder()
@@ -231,7 +238,10 @@ public abstract Builder clientDefaultListenerResourceNameTemplate(
 
       public abstract Builder authorities(Map<String, AuthorityInfo> authorities);
 
+      public abstract Builder allowedGrpcServices(Optional<Object> allowedGrpcServices);
+
       public abstract BootstrapInfo build();
     }
   }
+
 }

xds/src/main/java/io/grpc/xds/client/BootstrapperImpl.java

@@ -239,9 +239,20 @@ protected BootstrapInfo.Builder bootstrapBuilder(Map<String, ?> rawData)
       builder.authorities(authorityInfoMapBuilder.buildOrThrow());
     }
 
+    Map<String, ?> rawAllowedGrpcServices = JsonUtil.getObject(rawData, "allowed_grpc_services");
+    if (rawAllowedGrpcServices != null) {
+      builder.allowedGrpcServices(parseAllowedGrpcServices(rawAllowedGrpcServices));
+    }
+
     return builder;
   }
 
+  protected java.util.Optional<Object> parseAllowedGrpcServices(
+      Map<String, ?> rawAllowedGrpcServices)
+      throws XdsInitializationException {
+    return java.util.Optional.empty();
+  }
+
   private List<ServerInfo> parseServerInfos(List<?> rawServerConfigs, XdsLogger logger)
       throws XdsInitializationException {
     logger.log(XdsLogLevel.INFO, "Configured with {0} xDS servers", rawServerConfigs.size());

xds/src/main/java/io/grpc/xds/internal/MatcherParser.java

@@ -97,4 +97,25 @@ public static Matchers.StringMatcher parseStringMatcher(
                 "Unknown StringMatcher match pattern: " + proto.getMatchPatternCase());
     }
   }
+
+  /** Translates envoy proto FractionalPercent to internal FractionMatcher. */
+  public static Matchers.FractionMatcher parseFractionMatcher(
+      io.envoyproxy.envoy.type.v3.FractionalPercent proto) {
+    int denominator;
+    switch (proto.getDenominator()) {
+      case HUNDRED:
+        denominator = 100;
+        break;
+      case TEN_THOUSAND:
+        denominator = 10_000;
+        break;
+      case MILLION:
+        denominator = 1_000_000;
+        break;
+      case UNRECOGNIZED:
+      default:
+        throw new IllegalArgumentException("Unknown denominator type: " + proto.getDenominator());
+    }
+    return Matchers.FractionMatcher.create(proto.getNumerator(), denominator);
+  }
 }

xds/src/main/java/io/grpc/xds/internal/XdsHeaderValidator.java

@@ -0,0 +1,40 @@
+/*
+ * Copyright 2025 The gRPC Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.grpc.xds.internal;
+
+/**
+ * Utility for validating header keys and values against xDS and Envoy specifications.
+ */
+public final class XdsHeaderValidator {
+
+  private XdsHeaderValidator() {}
+
+  /**
+   * Returns whether the header parameter is valid. The length to check is either the
+   * length of the string value or the size of the binary raw value.
+   */
+  public static boolean isValid(String key, int valueLength) {
+    if (key.isEmpty() || !key.equals(key.toLowerCase(java.util.Locale.ROOT)) || key.length() > 16384
+        || key.equals("host") || key.startsWith(":")) {
+      return false;
+    }
+    if (valueLength > 16384) {
+      return false;
+    }
+    return true;
+  }
+}