Migrate users of ManagedChannelBuilder.{forTarget,forAddress} to ChannelCredentials

android-interop-testing/src/main/java/io/grpc/android/integrationtest/TesterOkHttpChannelBuilder.java

@@ -17,9 +17,12 @@
 package io.grpc.android.integrationtest;
 
 import android.support.annotation.Nullable;
+import io.grpc.ChannelCredentials;
+import io.grpc.Grpc;
+import io.grpc.InsecureChannelCredentials;
 import io.grpc.ManagedChannel;
 import io.grpc.ManagedChannelBuilder;
-import io.grpc.okhttp.OkHttpChannelBuilder;
+import io.grpc.okhttp.SslSocketFactoryChannelCredentials;
 import java.io.InputStream;
 import java.security.KeyStore;
 import java.security.cert.CertificateFactory;
@@ -40,21 +43,23 @@ class TesterOkHttpChannelBuilder {
       @Nullable String serverHostOverride,
       boolean useTls,
       @Nullable InputStream testCa) {
-    ManagedChannelBuilder<?> channelBuilder = ManagedChannelBuilder.forAddress(host, port)
+    ChannelCredentials credentials;
-        .maxInboundMessageSize(16 * 1024 * 1024);
-    if (serverHostOverride != null) {
-      // Force the hostname to match the cert the server uses.
-      channelBuilder.overrideAuthority(serverHostOverride);
-    }
     if (useTls) {
       try {
-        ((OkHttpChannelBuilder) channelBuilder).useTransportSecurity();
+        credentials = SslSocketFactoryChannelCredentials.create(getSslSocketFactory(testCa));
-        ((OkHttpChannelBuilder) channelBuilder).sslSocketFactory(getSslSocketFactory(testCa));
       } catch (Exception e) {
         throw new RuntimeException(e);
       }
     } else {
-      channelBuilder.usePlaintext();
+      credentials = InsecureChannelCredentials.create();
+    }
+
+    ManagedChannelBuilder<?> channelBuilder = Grpc.newChannelBuilderForAddress(
+          host, port, credentials)
+        .maxInboundMessageSize(16 * 1024 * 1024);
+    if (serverHostOverride != null) {
+      // Force the hostname to match the cert the server uses.
+      channelBuilder.overrideAuthority(serverHostOverride);
     }
     return channelBuilder.build();
   }

gae-interop-testing/gae-jdk8/src/main/java/io/grpc/testing/integration/LongLivedChannel.java

@@ -17,8 +17,9 @@
 package io.grpc.testing.integration;
 
 import com.google.protobuf.ByteString;
+import io.grpc.Grpc;
 import io.grpc.ManagedChannel;
-import io.grpc.ManagedChannelBuilder;
+import io.grpc.TlsChannelCredentials;
 import io.grpc.testing.integration.Messages.Payload;
 import io.grpc.testing.integration.Messages.SimpleRequest;
 import io.grpc.testing.integration.Messages.SimpleResponse;
@@ -40,7 +41,7 @@ import javax.servlet.http.HttpServletResponse;
 public final class LongLivedChannel extends HttpServlet {
   private static final String INTEROP_TEST_ADDRESS = "grpc-test.sandbox.googleapis.com:443";
   private final ManagedChannel channel =
-      ManagedChannelBuilder.forTarget(INTEROP_TEST_ADDRESS).build();
+      Grpc.newChannelBuilder(INTEROP_TEST_ADDRESS, TlsChannelCredentials.create()).build();
 
   @Override
   public void destroy() {

gae-interop-testing/gae-jdk8/src/main/java/io/grpc/testing/integration/NettyClientInteropServlet.java

@@ -19,7 +19,9 @@ package io.grpc.testing.integration;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
 
+import io.grpc.Grpc;
 import io.grpc.ManagedChannelBuilder;
+import io.grpc.TlsChannelCredentials;
 import io.grpc.netty.NettyChannelBuilder;
 import java.io.IOException;
 import java.io.PrintWriter;
@@ -131,7 +133,7 @@ public final class NettyClientInteropServlet extends HttpServlet {
           "1.8",
           System.getProperty("java.specification.version"));
       ManagedChannelBuilder<?> builder =
-          ManagedChannelBuilder.forTarget(INTEROP_TEST_ADDRESS)
+          Grpc.newChannelBuilder(INTEROP_TEST_ADDRESS, TlsChannelCredentials.create())
               .maxInboundMessageSize(AbstractInteropTest.MAX_MESSAGE_SIZE);
       assertTrue(builder instanceof NettyChannelBuilder);
       ((NettyChannelBuilder) builder)

interop-testing/src/main/java/io/grpc/testing/integration/TestServiceClient.java

@@ -18,26 +18,30 @@ package io.grpc.testing.integration;
 
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.io.Files;
+import io.grpc.ChannelCredentials;
+import io.grpc.Grpc;
+import io.grpc.InsecureChannelCredentials;
 import io.grpc.ManagedChannel;
 import io.grpc.ManagedChannelBuilder;
-import io.grpc.alts.AltsChannelBuilder;
+import io.grpc.TlsChannelCredentials;
-import io.grpc.alts.ComputeEngineChannelBuilder;
+import io.grpc.alts.AltsChannelCredentials;
-import io.grpc.alts.GoogleDefaultChannelBuilder;
+import io.grpc.alts.ComputeEngineChannelCredentials;
+import io.grpc.alts.GoogleDefaultChannelCredentials;
 import io.grpc.internal.GrpcUtil;
 import io.grpc.internal.testing.TestUtils;
 import io.grpc.netty.GrpcSslContexts;
+import io.grpc.netty.InsecureFromHttp1ChannelCredentials;
 import io.grpc.netty.InternalNettyChannelBuilder;
-import io.grpc.netty.NegotiationType;
 import io.grpc.netty.NettyChannelBuilder;
+import io.grpc.netty.NettySslContextChannelCredentials;
 import io.grpc.okhttp.InternalOkHttpChannelBuilder;
 import io.grpc.okhttp.OkHttpChannelBuilder;
+import io.grpc.okhttp.SslSocketFactoryChannelCredentials;
 import io.grpc.okhttp.internal.Platform;
-import io.netty.handler.ssl.SslContext;
 import java.io.File;
 import java.io.FileInputStream;
 import java.nio.charset.Charset;
 import java.util.concurrent.TimeUnit;
-import javax.net.ssl.SSLSocketFactory;
 
 /**
  * Application that starts a client for the {@link TestServiceGrpc.TestServiceImplBase} and runs
@@ -282,8 +286,8 @@ public class TestServiceClient {
         break;
 
       case COMPUTE_ENGINE_CHANNEL_CREDENTIALS: {
-        ManagedChannel channel = ComputeEngineChannelBuilder
+        ManagedChannel channel = Grpc.newChannelBuilderForAddress(
-            .forAddress(serverHost, serverPort).build();
+            serverHost, serverPort, ComputeEngineChannelCredentials.create()).build();
         try {
           TestServiceGrpc.TestServiceBlockingStub computeEngineStub =
               TestServiceGrpc.newBlockingStub(channel);
@@ -323,8 +327,8 @@ public class TestServiceClient {
       }
 
       case GOOGLE_DEFAULT_CREDENTIALS: {
-        ManagedChannel channel = GoogleDefaultChannelBuilder.forAddress(
+        ManagedChannel channel = Grpc.newChannelBuilderForAddress(
-            serverHost, serverPort).build();
+            serverHost, serverPort, GoogleDefaultChannelCredentials.create()).build();
         try {
           TestServiceGrpc.TestServiceBlockingStub googleDefaultStub =
               TestServiceGrpc.newBlockingStub(channel);
@@ -392,34 +396,56 @@ public class TestServiceClient {
   private class Tester extends AbstractInteropTest {
     @Override
     protected ManagedChannelBuilder<?> createChannelBuilder() {
-      if (customCredentialsType != null
+      ChannelCredentials channelCredentials;
-          && customCredentialsType.equals("google_default_credentials")) {
+      if (customCredentialsType != null) {
-        return GoogleDefaultChannelBuilder.forAddress(serverHost, serverPort);
+        useOkHttp = false; // Retain old behavior; avoids erroring if incompatible
-      }
+        if (customCredentialsType.equals("google_default_credentials")) {
-      if (customCredentialsType != null
+          channelCredentials = GoogleDefaultChannelCredentials.create();
-          && customCredentialsType.equals("compute_engine_channel_creds")) {
+        } else if (customCredentialsType.equals("compute_engine_channel_creds")) {
-        return ComputeEngineChannelBuilder.forAddress(serverHost, serverPort);
+          channelCredentials = ComputeEngineChannelCredentials.create();
-      }
+        } else {
-      if (useAlts) {
+          throw new IllegalArgumentException(
-        return AltsChannelBuilder.forAddress(serverHost, serverPort);
+              "Unknown custom credentials: " + customCredentialsType);
-      }
+        }
 
-      if (!useOkHttp) {
+      } else if (useAlts) {
-        SslContext sslContext = null;
+        useOkHttp = false; // Retain old behavior; avoids erroring if incompatible
-        if (useTestCa) {
+        channelCredentials = AltsChannelCredentials.create();
+
+      } else if (useTls) {
+        if (!useTestCa) {
+          channelCredentials = TlsChannelCredentials.create();
+        } else {
           try {
-            sslContext = GrpcSslContexts.forClient().trustManager(
+            if (useOkHttp) {
-                    TestUtils.loadCert("ca.pem")).build();
+              channelCredentials = SslSocketFactoryChannelCredentials.create(
+                  TestUtils.newSslSocketFactoryForCa(
+                      Platform.get().getProvider(), TestUtils.loadCert("ca.pem")));
+            } else {
+              channelCredentials = NettySslContextChannelCredentials.create(
+                  GrpcSslContexts.forClient().trustManager(
+                      TestUtils.loadCert("ca.pem")).build());
+            }
           } catch (Exception ex) {
             throw new RuntimeException(ex);
           }
         }
+
+      } else {
+        if (useH2cUpgrade) {
+          if (useOkHttp) {
+            throw new IllegalArgumentException("OkHttp does not support HTTP/1 upgrade");
+          } else {
+            channelCredentials = InsecureFromHttp1ChannelCredentials.create();
+          }
+        } else {
+          channelCredentials = InsecureChannelCredentials.create();
+        }
+      }
+      if (!useOkHttp) {
         NettyChannelBuilder nettyBuilder =
-            NettyChannelBuilder.forAddress(serverHost, serverPort)
+            NettyChannelBuilder.forAddress(serverHost, serverPort, channelCredentials)
-                .flowControlWindow(AbstractInteropTest.TEST_FLOW_CONTROL_WINDOW)
+                .flowControlWindow(AbstractInteropTest.TEST_FLOW_CONTROL_WINDOW);
-                .negotiationType(useTls ? NegotiationType.TLS :
-                  (useH2cUpgrade ? NegotiationType.PLAINTEXT_UPGRADE : NegotiationType.PLAINTEXT))
-                .sslContext(sslContext);
         if (serverHostOverride != null) {
           nettyBuilder.overrideAuthority(serverHostOverride);
         }
@@ -431,25 +457,13 @@ public class TestServiceClient {
         return nettyBuilder.intercept(createCensusStatsClientInterceptor());
       }
 
-      OkHttpChannelBuilder okBuilder = OkHttpChannelBuilder.forAddress(serverHost, serverPort);
+      OkHttpChannelBuilder okBuilder =
+          OkHttpChannelBuilder.forAddress(serverHost, serverPort, channelCredentials);
       if (serverHostOverride != null) {
         // Force the hostname to match the cert the server uses.
         okBuilder.overrideAuthority(
             GrpcUtil.authorityFromHostAndPort(serverHostOverride, serverPort));
       }
-      if (useTls) {
-        if (useTestCa) {
-          try {
-            SSLSocketFactory factory = TestUtils.newSslSocketFactoryForCa(
-                Platform.get().getProvider(), TestUtils.loadCert("ca.pem"));
-            okBuilder.sslSocketFactory(factory);
-          } catch (Exception e) {
-            throw new RuntimeException(e);
-          }
-        }
-      } else {
-        okBuilder.usePlaintext();
-      }
       if (fullStreamDecompression) {
         okBuilder.enableFullStreamDecompression();
       }

interop-testing/src/test/java/io/grpc/testing/integration/CompressionTest.java

@@ -35,8 +35,9 @@ import io.grpc.CompressorRegistry;
 import io.grpc.DecompressorRegistry;
 import io.grpc.ForwardingClientCall.SimpleForwardingClientCall;
 import io.grpc.ForwardingClientCallListener.SimpleForwardingClientCallListener;
+import io.grpc.Grpc;
+import io.grpc.InsecureChannelCredentials;
 import io.grpc.ManagedChannel;
-import io.grpc.ManagedChannelBuilder;
 import io.grpc.Metadata;
 import io.grpc.MethodDescriptor;
 import io.grpc.Server;
@@ -189,11 +190,11 @@ public class CompressionTest {
         .build()
         .start();
 
-    channel = ManagedChannelBuilder.forAddress("localhost", server.getPort())
+    channel = Grpc.newChannelBuilder(
+            "localhost:" + server.getPort(), InsecureChannelCredentials.create())
         .decompressorRegistry(clientDecompressors)
         .compressorRegistry(clientCompressors)
         .intercept(new ClientCompressorInterceptor())
-        .usePlaintext()
         .build();
     stub = TestServiceGrpc.newBlockingStub(channel);
 

interop-testing/src/test/java/io/grpc/testing/integration/ManagedChannelBuilderSpiTest.java

@@ -0,0 +1,36 @@
+/*
+ * Copyright 2020 The gRPC Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.grpc.testing.integration;
+
+import io.grpc.ManagedChannelBuilder;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+/** Tests for integration between {@link ManagedChannelBuilder} and providers. */
+@RunWith(JUnit4.class)
+public final class ManagedChannelBuilderSpiTest {
+  @Test
+  public void forAddress_isntObviouslyBroken() {
+    ManagedChannelBuilder.forAddress("localhost", 443).build().shutdownNow();
+  }
+
+  @Test
+  public void forTarget_isntObviouslyBroken() {
+    ManagedChannelBuilder.forTarget("localhost:443").build().shutdownNow();
+  }
+}

interop-testing/src/test/java/io/grpc/testing/integration/StressTestClientTest.java

@@ -22,8 +22,9 @@ import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
 
 import com.google.common.collect.ImmutableList;
+import io.grpc.Grpc;
+import io.grpc.InsecureChannelCredentials;
 import io.grpc.ManagedChannel;
-import io.grpc.ManagedChannelBuilder;
 import io.grpc.testing.integration.Metrics.EmptyMessage;
 import io.grpc.testing.integration.Metrics.GaugeResponse;
 import io.grpc.testing.integration.StressTestClient.TestCaseWeightPair;
@@ -128,8 +129,8 @@ public class StressTestClientTest {
     client.runStressTest();
 
     // Connect to the metrics service
-    ManagedChannel ch = ManagedChannelBuilder.forAddress("localhost", client.getMetricServerPort())
+    ManagedChannel ch = Grpc.newChannelBuilder(
-        .usePlaintext()
+          "localhost:" + client.getMetricServerPort(), InsecureChannelCredentials.create())
         .build();
 
     MetricsServiceGrpc.MetricsServiceBlockingStub stub = MetricsServiceGrpc.newBlockingStub(ch);

xds/src/main/java/io/grpc/xds/XdsChannelFactory.java

@@ -17,9 +17,12 @@
 package io.grpc.xds;
 
 import com.google.common.annotations.VisibleForTesting;
+import io.grpc.ChannelCredentials;
+import io.grpc.Grpc;
+import io.grpc.InsecureChannelCredentials;
 import io.grpc.ManagedChannel;
-import io.grpc.ManagedChannelBuilder;
+import io.grpc.TlsChannelCredentials;
-import io.grpc.alts.GoogleDefaultChannelBuilder;
+import io.grpc.alts.GoogleDefaultChannelCredentials;
 import io.grpc.xds.Bootstrapper.ChannelCreds;
 import io.grpc.xds.Bootstrapper.ServerInfo;
 import io.grpc.xds.XdsClient.XdsChannel;
@@ -50,33 +53,33 @@ abstract class XdsChannelFactory {
       String serverUri = serverInfo.getServerUri();
       logger.log(XdsLogLevel.INFO, "Creating channel to {0}", serverUri);
       List<ChannelCreds> channelCredsList = serverInfo.getChannelCredentials();
-      ManagedChannelBuilder<?> channelBuilder = null;
+      ChannelCredentials channelCreds = null;
       // Use the first supported channel credentials configuration.
       for (ChannelCreds creds : channelCredsList) {
         switch (creds.getType()) {
           case "google_default":
             logger.log(XdsLogLevel.INFO, "Using channel credentials: google_default");
-            channelBuilder = GoogleDefaultChannelBuilder.forTarget(serverUri);
+            channelCreds = GoogleDefaultChannelCredentials.create();
             break;
           case "insecure":
             logger.log(XdsLogLevel.INFO, "Using channel credentials: insecure");
-            channelBuilder = ManagedChannelBuilder.forTarget(serverUri).usePlaintext();
+            channelCreds = InsecureChannelCredentials.create();
             break;
           case "tls":
             logger.log(XdsLogLevel.INFO, "Using channel credentials: tls");
-            channelBuilder = ManagedChannelBuilder.forTarget(serverUri);
+            channelCreds = TlsChannelCredentials.create();
             break;
           default:
         }
-        if (channelBuilder != null) {
+        if (channelCreds != null) {
           break;
         }
       }
-      if (channelBuilder == null) {
+      if (channelCreds == null) {
         throw new XdsInitializationException("No server with supported channel creds found");
       }
 
-      ManagedChannel channel = channelBuilder
+      ManagedChannel channel = Grpc.newChannelBuilder(serverUri, channelCreds)
           .keepAliveTime(5, TimeUnit.MINUTES)
           .build();
       boolean useProtocolV3 = experimentalV3SupportEnvVar

xds/src/main/java/io/grpc/xds/internal/certprovider/MeshCaCertificateProvider.java

@@ -39,13 +39,14 @@ import io.grpc.Channel;
 import io.grpc.ClientCall;
 import io.grpc.ClientInterceptor;
 import io.grpc.ForwardingClientCall;
+import io.grpc.Grpc;
 import io.grpc.InternalLogId;
 import io.grpc.ManagedChannel;
-import io.grpc.ManagedChannelBuilder;
 import io.grpc.Metadata;
 import io.grpc.MethodDescriptor;
 import io.grpc.Status;
 import io.grpc.SynchronizationContext;
+import io.grpc.TlsChannelCredentials;
 import io.grpc.auth.MoreCallCredentials;
 import io.grpc.internal.BackoffPolicy;
 import io.grpc.internal.TimeProvider;
@@ -361,8 +362,9 @@ final class MeshCaCertificateProvider extends CertificateProvider {
             checkArgument(serverUri != null && !serverUri.isEmpty(), "serverUri is null/empty!");
             logger.log(Level.INFO, "Creating channel to {0}", serverUri);
 
-            ManagedChannelBuilder<?> channelBuilder = ManagedChannelBuilder.forTarget(serverUri);
+            return Grpc.newChannelBuilder(serverUri, TlsChannelCredentials.create())
-            return channelBuilder.keepAliveTime(1, TimeUnit.MINUTES).build();
+                .keepAliveTime(1, TimeUnit.MINUTES)
+                .build();
           }
         };