Fixup 12492: Eliminate GrpcService..Provider classes

Author: sauravzg

xds/src/main/java/io/grpc/xds/internal/extauthz/ExtAuthzConfigParser.java

@@ -19,11 +19,12 @@
 import com.google.common.collect.ImmutableList;
 import io.envoyproxy.envoy.extensions.filters.http.ext_authz.v3.ExtAuthz;
 import io.grpc.internal.GrpcUtil;
+import io.grpc.xds.client.Bootstrapper.BootstrapInfo;
+import io.grpc.xds.client.Bootstrapper.ServerInfo;
 import io.grpc.xds.internal.MatcherParser;
 import io.grpc.xds.internal.grpcservice.GrpcServiceConfig;
 import io.grpc.xds.internal.grpcservice.GrpcServiceConfigParser;
 import io.grpc.xds.internal.grpcservice.GrpcServiceParseException;
-import io.grpc.xds.internal.grpcservice.GrpcServiceXdsContextProvider;
 import io.grpc.xds.internal.headermutations.HeaderMutationRulesParseException;
 import io.grpc.xds.internal.headermutations.HeaderMutationRulesParser;
 
@@ -44,7 +45,7 @@ private ExtAuthzConfigParser() {}
    * @throws ExtAuthzParseException if the proto is invalid or contains unsupported features.
    */
   public static ExtAuthzConfig parse(
-      ExtAuthz extAuthzProto, GrpcServiceXdsContextProvider contextProvider)
+      ExtAuthz extAuthzProto, BootstrapInfo bootstrapInfo, ServerInfo serverInfo)
       throws ExtAuthzParseException {
     if (!extAuthzProto.hasGrpcService()) {
       throw new ExtAuthzParseException(
@@ -53,7 +54,7 @@ public static ExtAuthzConfig parse(
     GrpcServiceConfig grpcServiceConfig;
     try {
       grpcServiceConfig =
-          GrpcServiceConfigParser.parse(extAuthzProto.getGrpcService(), contextProvider);
+          GrpcServiceConfigParser.parse(extAuthzProto.getGrpcService(), bootstrapInfo, serverInfo);
     } catch (GrpcServiceParseException e) {
       throw new ExtAuthzParseException("Failed to parse GrpcService config: " + e.getMessage(), e);
     }

xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceConfigParser.java

@@ -29,10 +29,14 @@
 import io.grpc.CompositeCallCredentials;
 import io.grpc.InsecureChannelCredentials;
 import io.grpc.Metadata;
+import io.grpc.NameResolverRegistry;
 import io.grpc.SecurityLevel;
 import io.grpc.alts.GoogleDefaultChannelCredentials;
 import io.grpc.auth.MoreCallCredentials;
 import io.grpc.xds.XdsChannelCredentials;
+import io.grpc.xds.client.Bootstrapper;
+import java.net.URI;
+import java.net.URISyntaxException;
 import java.time.Duration;
 import java.util.ArrayList;
 import java.util.Date;
@@ -71,15 +75,16 @@ private GrpcServiceConfigParser() {}
    * @return A {@link GrpcServiceConfig} instance.
    * @throws GrpcServiceParseException if the proto is invalid or uses unsupported features.
    */
-  public static GrpcServiceConfig parse(GrpcService grpcServiceProto,
-      GrpcServiceXdsContextProvider contextProvider)
+  public static GrpcServiceConfig parse(
+      GrpcService grpcServiceProto, Bootstrapper.BootstrapInfo bootstrapInfo,
+      Bootstrapper.ServerInfo serverInfo)
       throws GrpcServiceParseException {
     if (!grpcServiceProto.hasGoogleGrpc()) {
       throw new GrpcServiceParseException(
           "Unsupported: GrpcService must have GoogleGrpc, got: " + grpcServiceProto);
     }
     GrpcServiceConfig.GoogleGrpcConfig googleGrpcConfig =
-        parseGoogleGrpcConfig(grpcServiceProto.getGoogleGrpc(), contextProvider);
+        parseGoogleGrpcConfig(grpcServiceProto.getGoogleGrpc(), bootstrapInfo, serverInfo);
 
     GrpcServiceConfig.Builder builder = GrpcServiceConfig.builder().googleGrpc(googleGrpcConfig);
 
@@ -119,19 +124,41 @@ public static GrpcServiceConfig parse(GrpcService grpcServiceProto,
    * @throws GrpcServiceParseException if the proto is invalid.
    */
   public static GrpcServiceConfig.GoogleGrpcConfig parseGoogleGrpcConfig(
-      GrpcService.GoogleGrpc googleGrpcProto, GrpcServiceXdsContextProvider contextProvider)
+      GrpcService.GoogleGrpc googleGrpcProto, Bootstrapper.BootstrapInfo bootstrapInfo,
+      Bootstrapper.ServerInfo serverInfo)
       throws GrpcServiceParseException {
 
     String targetUri = googleGrpcProto.getTargetUri();
-    GrpcServiceXdsContext context = contextProvider.getContextForTarget(targetUri);
 
-    if (!context.isTargetUriSchemeSupported()) {
+    AllowedGrpcServices allowedGrpcServices = bootstrapInfo.allowedGrpcServices()
+        .filter(AllowedGrpcServices.class::isInstance)
+        .map(AllowedGrpcServices.class::cast)
+        .orElse(AllowedGrpcServices.empty());
+
+    boolean isTrustedControlPlane = serverInfo.isTrustedXdsServer();
+    Optional<AllowedGrpcService> override =
+        Optional.ofNullable(allowedGrpcServices.services().get(targetUri));
+
+    boolean isTargetUriSchemeSupported = false;
+    try {
+      URI uri = new URI(targetUri);
+      String scheme = uri.getScheme();
+      if (scheme == null) {
+        scheme = NameResolverRegistry.getDefaultRegistry().getDefaultScheme();
+      }
+      if (scheme != null) {
+        isTargetUriSchemeSupported =
+            NameResolverRegistry.getDefaultRegistry().getProviderForScheme(scheme) != null;
+      }
+    } catch (URISyntaxException e) {
+      // Fallback or ignore if not a valid URI
+    }
+
+    if (!isTargetUriSchemeSupported) {
       throw new GrpcServiceParseException("Target URI scheme is not resolvable: " + targetUri);
     }
 
-    if (!context.isTrustedControlPlane()) {
-      Optional<AllowedGrpcService> override =
-          context.validAllowedGrpcService();
+    if (!isTrustedControlPlane) {
       if (!override.isPresent()) {
         throw new GrpcServiceParseException(
             "Untrusted xDS server & URI not found in allowed_grpc_services: " + targetUri);

xds/src/main/java/io/grpc/xds/internal/grpcservice/GrpcServiceXdsContext.java

@@ -22,6 +22,7 @@
 import com.google.protobuf.Any;
 import com.google.protobuf.BoolValue;
 import io.envoyproxy.envoy.config.common.mutation_rules.v3.HeaderMutationRules;
+import io.envoyproxy.envoy.config.core.v3.GrpcService;
 import io.envoyproxy.envoy.config.core.v3.HeaderValue;
 import io.envoyproxy.envoy.config.core.v3.RuntimeFeatureFlag;
 import io.envoyproxy.envoy.config.core.v3.RuntimeFractionalPercent;
@@ -34,8 +35,12 @@
 import io.envoyproxy.envoy.type.v3.FractionalPercent;
 import io.envoyproxy.envoy.type.v3.FractionalPercent.DenominatorType;
 import io.grpc.Status;
+import io.grpc.xds.client.Bootstrapper.BootstrapInfo;
+import io.grpc.xds.client.Bootstrapper.ServerInfo;
+import io.grpc.xds.client.EnvoyProtoData.Node;
 import io.grpc.xds.internal.Matchers;
 import io.grpc.xds.internal.headermutations.HeaderMutationRulesConfig;
+import java.util.Collections;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -49,13 +54,23 @@ public class ExtAuthzConfigParserTest {
   private static final Any FAKE_ACCESS_TOKEN_CALL_CREDS =
       Any.pack(AccessTokenCredentials.newBuilder().setToken("fake-token").build());
 
+  private static BootstrapInfo dummyBootstrapInfo() {
+    return BootstrapInfo.builder()
+        .servers(
+            Collections.singletonList(ServerInfo.create("test_target", Collections.emptyMap())))
+        .node(Node.newBuilder().build()).build();
+  }
+
+  private static ServerInfo dummyServerInfo() {
+    return ServerInfo.create("test_target", Collections.emptyMap(), false, true, false, false);
+  }
+
   private ExtAuthz.Builder extAuthzBuilder;
 
   @Before
   public void setUp() {
     extAuthzBuilder = ExtAuthz.newBuilder()
-        .setGrpcService(io.envoyproxy.envoy.config.core.v3.GrpcService.newBuilder()
-            .setGoogleGrpc(io.envoyproxy.envoy.config.core.v3.GrpcService.GoogleGrpc.newBuilder()
+        .setGrpcService(GrpcService.newBuilder().setGoogleGrpc(GrpcService.GoogleGrpc.newBuilder()
                 .setTargetUri("test-cluster")
                 .addChannelCredentialsPlugin(GOOGLE_DEFAULT_CHANNEL_CREDS)
                 .addCallCredentialsPlugin(FAKE_ACCESS_TOKEN_CALL_CREDS).build())
@@ -67,7 +82,8 @@ public void parse_missingGrpcService_throws() {
     ExtAuthz extAuthz = ExtAuthz.newBuilder().build();
     try {
       ExtAuthzConfigParser.parse(extAuthz, 
-          io.grpc.xds.internal.grpcservice.GrpcServiceXdsContextTestUtil.dummyProvider());
+          dummyBootstrapInfo(),
+          dummyServerInfo());
       fail("Expected ExtAuthzParseException");
     } catch (ExtAuthzParseException e) {
       assertThat(e).hasMessageThat()
@@ -78,11 +94,12 @@ public void parse_missingGrpcService_throws() {
   @Test
   public void parse_invalidGrpcService_throws() {
     ExtAuthz extAuthz = ExtAuthz.newBuilder()
-        .setGrpcService(io.envoyproxy.envoy.config.core.v3.GrpcService.newBuilder().build())
+        .setGrpcService(GrpcService.newBuilder().build())
         .build();
     try {
       ExtAuthzConfigParser.parse(extAuthz, 
-          io.grpc.xds.internal.grpcservice.GrpcServiceXdsContextTestUtil.dummyProvider());
+          dummyBootstrapInfo(),
+          dummyServerInfo());
       fail("Expected ExtAuthzParseException");
     } catch (ExtAuthzParseException e) {
       assertThat(e).hasMessageThat().startsWith("Failed to parse GrpcService config:");
@@ -97,7 +114,8 @@ public void parse_invalidAllowExpression_throws() {
         .build();
     try {
       ExtAuthzConfigParser.parse(extAuthz, 
-          io.grpc.xds.internal.grpcservice.GrpcServiceXdsContextTestUtil.dummyProvider());
+          dummyBootstrapInfo(),
+          dummyServerInfo());
       fail("Expected ExtAuthzParseException");
     } catch (ExtAuthzParseException e) {
       assertThat(e).hasMessageThat().startsWith("Invalid regex pattern for allow_expression:");
@@ -112,7 +130,8 @@ public void parse_invalidDisallowExpression_throws() {
         .build();
     try {
       ExtAuthzConfigParser.parse(extAuthz, 
-          io.grpc.xds.internal.grpcservice.GrpcServiceXdsContextTestUtil.dummyProvider());
+          dummyBootstrapInfo(),
+          dummyServerInfo());
       fail("Expected ExtAuthzParseException");
     } catch (ExtAuthzParseException e) {
       assertThat(e).hasMessageThat().startsWith("Invalid regex pattern for disallow_expression:");
@@ -149,7 +168,8 @@ public void parse_success() throws ExtAuthzParseException {
             .build();
 
     ExtAuthzConfig config = ExtAuthzConfigParser.parse(extAuthz, 
-          io.grpc.xds.internal.grpcservice.GrpcServiceXdsContextTestUtil.dummyProvider());
+          dummyBootstrapInfo(),
+          dummyServerInfo());
 
     assertThat(config.grpcService().googleGrpc().target()).isEqualTo("test-cluster");
     assertThat(config.grpcService().timeout().get().getSeconds()).isEqualTo(5);
@@ -178,7 +198,8 @@ public void parse_saneDefaults() throws ExtAuthzParseException {
     ExtAuthz extAuthz = extAuthzBuilder.build();
 
     ExtAuthzConfig config = ExtAuthzConfigParser.parse(extAuthz, 
-          io.grpc.xds.internal.grpcservice.GrpcServiceXdsContextTestUtil.dummyProvider());
+          dummyBootstrapInfo(),
+          dummyServerInfo());
 
     assertThat(config.failureModeAllow()).isFalse();
     assertThat(config.failureModeAllowHeaderAdd()).isFalse();
@@ -199,7 +220,8 @@ public void parse_headerMutationRules_allowExpressionOnly() throws ExtAuthzParse
         .build();
 
     ExtAuthzConfig config = ExtAuthzConfigParser.parse(extAuthz, 
-          io.grpc.xds.internal.grpcservice.GrpcServiceXdsContextTestUtil.dummyProvider());
+          dummyBootstrapInfo(),
+          dummyServerInfo());
 
     assertThat(config.decoderHeaderMutationRules().isPresent()).isTrue();
     HeaderMutationRulesConfig rules = config.decoderHeaderMutationRules().get();
@@ -215,7 +237,8 @@ public void parse_headerMutationRules_disallowExpressionOnly() throws ExtAuthzPa
             .build()).build();
 
     ExtAuthzConfig config = ExtAuthzConfigParser.parse(extAuthz, 
-          io.grpc.xds.internal.grpcservice.GrpcServiceXdsContextTestUtil.dummyProvider());
+          dummyBootstrapInfo(),
+          dummyServerInfo());
 
     assertThat(config.decoderHeaderMutationRules().isPresent()).isTrue();
     HeaderMutationRulesConfig rules = config.decoderHeaderMutationRules().get();
@@ -231,7 +254,8 @@ public void parse_filterEnabled_hundred() throws ExtAuthzParseException {
         .build();
 
     ExtAuthzConfig config = ExtAuthzConfigParser.parse(extAuthz, 
-          io.grpc.xds.internal.grpcservice.GrpcServiceXdsContextTestUtil.dummyProvider());
+          dummyBootstrapInfo(),
+          dummyServerInfo());
 
     assertThat(config.filterEnabled()).isEqualTo(Matchers.FractionMatcher.create(25, 100));
   }
@@ -245,7 +269,8 @@ public void parse_filterEnabled_million() throws ExtAuthzParseException {
         .build();
 
     ExtAuthzConfig config = ExtAuthzConfigParser.parse(extAuthz, 
-          io.grpc.xds.internal.grpcservice.GrpcServiceXdsContextTestUtil.dummyProvider());
+          dummyBootstrapInfo(),
+          dummyServerInfo());
 
     assertThat(config.filterEnabled())
         .isEqualTo(Matchers.FractionMatcher.create(123456, 1_000_000));
@@ -260,7 +285,8 @@ public void parse_filterEnabled_unrecognizedDenominator() {
 
     try {
       ExtAuthzConfigParser.parse(extAuthz, 
-          io.grpc.xds.internal.grpcservice.GrpcServiceXdsContextTestUtil.dummyProvider());
+          dummyBootstrapInfo(),
+          dummyServerInfo());
       fail("Expected ExtAuthzParseException");
     } catch (ExtAuthzParseException e) {
       assertThat(e).hasMessageThat().isEqualTo("Unknown denominator type: UNRECOGNIZED");