[xDS] A97 - JWT token file call creds by Zgoda91 · Pull Request #12242 · grpc/grpc-java

Zgoda91 · 2025-07-23T19:12:50Z

Zgoda91 · 2025-07-28T06:36:24Z

@ejona86 Could you please review this PR when you get a chance? Thanks!

ejona86

The shape of what I saw looked good. I didn't pay attention to any of the tests yet. I need to look through the provider plumbing more. But wanted to send the comments I have.

alts/src/main/java/io/grpc/alts/JwtTokenFileCallCredentials.java

alts/src/testFixtures/java/io/grpc/alts/JwtTokenFileTestUtils.java

xds/src/main/java/io/grpc/xds/client/Bootstrapper.java

xds/src/main/java/io/grpc/xds/internal/JwtTokenFileXdsCredentialsProvider.java

alts/src/main/java/io/grpc/alts/JwtTokenFileCallCredentials.java

Zgoda91 · 2025-08-11T13:18:48Z

@ejona86 PR ready for second round

Zgoda91 · 2025-09-11T10:59:10Z

@ejona86 kindly reminder about this forgotten piece :)

ejona86

Just sending what I have.

We're going to want to make a clone of XdsCredentialsRegistry for CallCreds, because they are two different config namespaces, the gRFC says we'd create a new registry, and there's really no reason to provide both call creds and channel creds. However, I see that XdsCredentialsRegistry.getHardCodedClasses() should be deleted; we should just hard-code an empty list to InternalServiceProviders.loadAll(); none of this will be used on Android.

xds/src/test/java/io/grpc/xds/JwtTokenFileTestUtils.java

xds/src/main/java/io/grpc/xds/JwtTokenFileCallCredentials.java

xds/src/main/java/io/grpc/xds/XdsCredentialsProvider.java

xds/src/main/java/io/grpc/xds/GrpcBootstrapperImpl.java

xds/src/main/java/io/grpc/xds/GrpcXdsTransportFactory.java

Zgoda91 · 2025-10-01T06:51:43Z

@ejona86 - I applied the fixes from your latest comments.

I had to rebase the PR due to local compilation issues. However, all new changes can be found starting from commit 6: Default implementation for newCallCredentials

xds/src/main/java/io/grpc/xds/GrpcBootstrapperImpl.java

xds/src/main/java/io/grpc/xds/internal/JwtTokenFileXdsCredentialsProvider.java

xds/src/main/java/io/grpc/xds/XdsCredentialsProvider.java

xds/src/main/java/io/grpc/xds/internal/JwtTokenFileXdsCredentialsProvider.java

Zgoda91 · 2025-10-03T15:12:51Z

@ejona86 - newest changes published

ejona86

This is looking very close.

ejona86 · 2025-11-05T21:52:05Z

xds/src/main/java/io/grpc/xds/XdsCallCredentialsProvider.java

+ * configuration.
+ */
+@Internal
+public abstract class XdsCallCredentialsProvider {


I'm not wild about io.grpc.xds.internal (JwtTokenFileCallCredentials) depending on io.grpc.xds (XdsCallCredentialsProvider) which depends on io.grpc.xds.internal (XdsCallCredentialsRegistry). Can we move this class to internal, or the JWT stuff to io.grpc.xds?

Moved JWT classes to io.grpc.xds package

ejona86 · 2025-11-05T22:33:29Z

@Zgoda91, I fixed the Bazel build. You'll want to pull from your branch to pull in my commit before making further changes (or you'll need to merge later).

Zgoda91 force-pushed the A97_jwt_token_call_creds branch 4 times, most recently from a8f76b0 to c781460 Compare July 28, 2025 06:26

Zgoda91 marked this pull request as ready for review July 28, 2025 06:27

ejona86 self-requested a review August 6, 2025 21:11

ejona86 reviewed Aug 6, 2025

View reviewed changes

Zgoda91 force-pushed the A97_jwt_token_call_creds branch 2 times, most recently from 85495b0 to 9f97bb5 Compare August 11, 2025 12:36

ejona86 self-requested a review August 20, 2025 20:01

ejona86 reviewed Sep 23, 2025

View reviewed changes

ejona86 self-requested a review September 23, 2025 23:42

Zgoda91 added 11 commits September 30, 2025 10:48

JWT token file call creds

6b79ff2

Moving JwtToken related classes to xds package

f7fe53a

Fixing bazel build issues

494439c

Fixing typo in documentation

f3d5108

Removing separate CallCredentials from ServerInfo

13881d8

Default implementation for newCallCredentials

b61de62

Removed redundant method

fb3805a

Reverted change from transport factory

bdcfc0a

Improved JWT Token utils lib

dd1de65

Moved JWT call credentials to internal package

76e9e8f

Removed hardcoded class list for Android

3a36865

Zgoda91 force-pushed the A97_jwt_token_call_creds branch from 9f97bb5 to 3a36865 Compare September 30, 2025 13:52

ejona86 reviewed Oct 2, 2025

View reviewed changes

Improved JwtTokenFileXdsCredentialsProvider

743c248

Zgoda91 added 3 commits October 3, 2025 14:49

Inverted condition statements for readability

20a50c8

Added new provider and registry classes

b7c4e55

Activated new registry class in bootstrapping code

ae8d9e3

ejona86 reviewed Nov 5, 2025

View reviewed changes

Add missing deps for Bazel

df1208b

Moved JWT classes to io.grpc.xds

d3d2188

Conversation

Zgoda91 commented Jul 23, 2025

Uh oh!

Zgoda91 commented Jul 28, 2025

Uh oh!

ejona86 left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Zgoda91 commented Aug 11, 2025

Uh oh!

Zgoda91 commented Sep 11, 2025

Uh oh!

ejona86 left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Zgoda91 commented Oct 1, 2025

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Zgoda91 commented Oct 3, 2025

Uh oh!

ejona86 left a comment

Choose a reason for hiding this comment

Uh oh!

ejona86 Nov 5, 2025

Choose a reason for hiding this comment

Uh oh!

Zgoda91 Nov 7, 2025

Choose a reason for hiding this comment

Uh oh!

ejona86 commented Nov 5, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants