s2a: Combine MtlsToS2ChannelCredentials and S2AChannelCredentials. (#11544)

* Combine MtlsToS2ChannelCredentials and S2AChannelCredentials.

* Check if file exists.

* S2AChannelCredentials API requires credentials used for client-s2a channel.

* remove MtlsToS2A library in BUILD.

* Don't check state twice.

* Don't check for file existence in tests.

Author: rmehta19

s2a/BUILD.bazel

@@ -117,19 +117,6 @@ java_library(
     ],
 )
 
-java_library(
-    name = "mtls_to_s2av2_credentials",
-    srcs = ["src/main/java/io/grpc/s2a/MtlsToS2AChannelCredentials.java"],
-    visibility = ["//visibility:public"],
-    deps = [
-        ":s2a_channel_pool",
-        ":s2av2_credentials",
-        "//api",
-        "//util",
-        artifact("com.google.guava:guava"),
-    ],
-)
-
 # bazel only accepts proto import with absolute path.
 genrule(
     name = "protobuf_imports",

s2a/src/main/java/io/grpc/s2a/MtlsToS2AChannelCredentials.java

@@ -18,21 +18,20 @@
 
 import static com.google.common.base.Preconditions.checkArgument;
 import static com.google.common.base.Preconditions.checkNotNull;
-import static com.google.common.base.Preconditions.checkState;
 import static com.google.common.base.Strings.isNullOrEmpty;
 
 import com.google.errorprone.annotations.CanIgnoreReturnValue;
 import io.grpc.Channel;
 import io.grpc.ChannelCredentials;
 import io.grpc.ExperimentalApi;
-import io.grpc.InsecureChannelCredentials;
 import io.grpc.internal.ObjectPool;
 import io.grpc.internal.SharedResourcePool;
 import io.grpc.netty.InternalNettyChannelCredentials;
 import io.grpc.netty.InternalProtocolNegotiator;
 import io.grpc.s2a.channel.S2AHandshakerServiceChannel;
 import io.grpc.s2a.handshaker.S2AIdentity;
 import io.grpc.s2a.handshaker.S2AProtocolNegotiatorFactory;
+import java.io.IOException;
 import javax.annotation.concurrent.NotThreadSafe;
 import org.checkerframework.checker.nullness.qual.Nullable;
 
@@ -46,25 +45,27 @@ public final class S2AChannelCredentials {
    * Creates a channel credentials builder for establishing an S2A-secured connection.
    *
    * @param s2aAddress the address of the S2A server used to secure the connection.
+   * @param s2aChannelCredentials the credentials to be used when connecting to the S2A.
    * @return a {@code S2AChannelCredentials.Builder} instance.
    */
-  public static Builder newBuilder(String s2aAddress) {
+  public static Builder newBuilder(String s2aAddress, ChannelCredentials s2aChannelCredentials) {
     checkArgument(!isNullOrEmpty(s2aAddress), "S2A address must not be null or empty.");
-    return new Builder(s2aAddress);
+    checkNotNull(s2aChannelCredentials, "S2A channel credentials must not be null");
+    return new Builder(s2aAddress, s2aChannelCredentials);
   }
 
   /** Builds an {@code S2AChannelCredentials} instance. */
   @NotThreadSafe
   public static final class Builder {
     private final String s2aAddress;
+    private final ChannelCredentials s2aChannelCredentials;
     private ObjectPool<Channel> s2aChannelPool;
-    private ChannelCredentials s2aChannelCredentials;
     private @Nullable S2AIdentity localIdentity = null;
 
-    Builder(String s2aAddress) {
+    Builder(String s2aAddress, ChannelCredentials s2aChannelCredentials) {
       this.s2aAddress = s2aAddress;
+      this.s2aChannelCredentials = s2aChannelCredentials;
       this.s2aChannelPool = null;
-      this.s2aChannelCredentials = InsecureChannelCredentials.create();
     }
 
     /**
@@ -106,15 +107,7 @@ public Builder setLocalUid(String localUid) {
       return this;
     }
 
-    /** Sets the credentials to be used when connecting to the S2A. */
-    @CanIgnoreReturnValue
-    public Builder setS2AChannelCredentials(ChannelCredentials s2aChannelCredentials) {
-      this.s2aChannelCredentials = s2aChannelCredentials;
-      return this;
-    }
-
-    public ChannelCredentials build() {
-      checkState(!isNullOrEmpty(s2aAddress), "S2A address must not be null or empty.");
+    public ChannelCredentials build() throws IOException {
       ObjectPool<Channel> s2aChannelPool =
           SharedResourcePool.forResource(
               S2AHandshakerServiceChannel.getChannelResource(s2aAddress, s2aChannelCredentials));