pass File to TlsChannelCredentials.

Author: rmehta19

gax-java/gax-grpc/src/main/java/com/google/api/gax/grpc/InstantiatingGrpcChannelProvider.java

@@ -64,10 +64,7 @@
 import io.grpc.auth.MoreCallCredentials;
 import io.grpc.s2a.S2AChannelCredentials;
 import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
 import java.io.IOException;
-import java.io.InputStream;
 import java.nio.charset.StandardCharsets;
 import java.security.GeneralSecurityException;
 import java.security.KeyStore;
@@ -452,7 +449,7 @@ ChannelCredentials createMtlsChannelCredentials() throws IOException, GeneralSec
    */
   @VisibleForTesting
   ChannelCredentials createMtlsToS2AChannelCredentials(
-      InputStream trustBundle, InputStream privateKey, InputStream certChain) throws IOException {
+      File trustBundle, File privateKey, File certChain) throws IOException {
     if (trustBundle == null || privateKey == null || certChain == null) {
       return null;
     }
@@ -508,24 +505,9 @@ ChannelCredentials createS2ASecuredChannelCredentials() {
     if (!rootFile.isFile() || !certKeyFile.isFile()) {
       // Try to connect to S2A using mTLS.
       ChannelCredentials mtlsToS2AChannelCredentials = null;
-      InputStream trustBundle = null;
-      InputStream privateKey = null;
-      InputStream certChain = null;
-      try {
-        trustBundle = new FileInputStream(MTLS_MDS_ROOT);
-        privateKey = new FileInputStream(MTLS_MDS_CERT_CHAIN_AND_KEY);
-        certChain = new FileInputStream(MTLS_MDS_CERT_CHAIN_AND_KEY);
-      } catch (FileNotFoundException ignore) {
-        // Fallback to plaintext-to-S2A connection on error.
-        LOG.log(
-            Level.WARNING,
-            "Cannot establish an mTLS connection to S2A due to error loading MTLS to MDS credentials, falling back to plaintext connection to S2A: "
-                + ignore.getMessage());
-        return createPlaintextToS2AChannelCredentials(plaintextAddress);
-      }
       try {
         mtlsToS2AChannelCredentials =
-            createMtlsToS2AChannelCredentials(trustBundle, privateKey, certChain);
+            createMtlsToS2AChannelCredentials(rootFile, certKeyFile, certKeyFile);
       } catch (IOException ignore) {
         // Fallback to plaintext-to-S2A connection on error.
         LOG.log(

gax-java/gax-grpc/src/test/java/com/google/api/gax/grpc/InstantiatingGrpcChannelProviderTest.java

@@ -58,8 +58,8 @@
 import io.grpc.ManagedChannelBuilder;
 import io.grpc.TlsChannelCredentials;
 import io.grpc.alts.ComputeEngineChannelBuilder;
+import java.io.File;
 import java.io.IOException;
-import java.io.InputStream;
 import java.security.GeneralSecurityException;
 import java.time.Duration;
 import java.util.ArrayList;
@@ -993,37 +993,36 @@ void createMtlsToS2AChannelCredentials_missingAllFiles_throws() throws IOExcepti
   void createMtlsToS2AChannelCredentials_missingRootFile_throws() throws IOException {
     InstantiatingGrpcChannelProvider provider =
         InstantiatingGrpcChannelProvider.newBuilder().build();
-    InputStream privateKey = this.getClass().getClassLoader().getResourceAsStream("client_key.pem");
-    InputStream certChain = this.getClass().getClassLoader().getResourceAsStream("client_cert.pem");
+    File privateKey = new File("src/test/resources/client_key.pem");
+    File certChain = new File("src/test/resources/client_cert.pem");
     assertThat(provider.createMtlsToS2AChannelCredentials(null, privateKey, certChain)).isNull();
   }
 
   @Test
   void createMtlsToS2AChannelCredentials_missingKeyFile_throws() throws IOException {
     InstantiatingGrpcChannelProvider provider =
         InstantiatingGrpcChannelProvider.newBuilder().build();
-    InputStream trustBundle = this.getClass().getClassLoader().getResourceAsStream("root_cert.pem");
-    InputStream certChain = this.getClass().getClassLoader().getResourceAsStream("client_cert.pem");
+    File trustBundle = new File("src/test/resources/root_cert.pem");
+    File certChain = new File("src/test/resources/client_cert.pem");
     assertThat(provider.createMtlsToS2AChannelCredentials(trustBundle, null, certChain)).isNull();
   }
 
   @Test
   void createMtlsToS2AChannelCredentials_missingCertChainFile_throws() throws IOException {
     InstantiatingGrpcChannelProvider provider =
         InstantiatingGrpcChannelProvider.newBuilder().build();
-    InputStream trustBundle = this.getClass().getClassLoader().getResourceAsStream("root_cert.pem");
-    InputStream privateKey = this.getClass().getClassLoader().getResourceAsStream("client_key.pem");
+    File trustBundle = new File("src/test/resources/root_cert.pem");
+    File privateKey = new File("src/test/resources/client_key.pem");
     assertThat(provider.createMtlsToS2AChannelCredentials(trustBundle, privateKey, null)).isNull();
   }
 
   @Test
   void createMtlsToS2AChannelCredentials_success() throws IOException {
     InstantiatingGrpcChannelProvider provider =
         InstantiatingGrpcChannelProvider.newBuilder().build();
-    InputStream trustBundle = this.getClass().getClassLoader().getResourceAsStream("root_cert.pem");
-    InputStream privateKey = this.getClass().getClassLoader().getResourceAsStream("client_key.pem");
-    InputStream certChain = this.getClass().getClassLoader().getResourceAsStream("client_cert.pem");
-    assertThat(trustBundle).isNotNull();
+    File trustBundle = new File("src/test/resources/root_cert.pem");
+    File privateKey = new File("src/test/resources/client_key.pem");
+    File certChain = new File("src/test/resources/client_cert.pem");
     assertEquals(
         provider.createMtlsToS2AChannelCredentials(trustBundle, privateKey, certChain).getClass(),
         TlsChannelCredentials.class);