credentials, transport, grpc : add a call option to override the :authority header on a per-RPC basis

[eshitachandwani]

Fixes: #5361

RELEASE NOTES:

• Added a CallAuthority callOption that can be used to overwrite the http :authority header on per-RPC basis.
• Introduces an option AuthorityValidator interface which needs to be implemented by credentials that want to allow authority overwrite.
• Adds implementations of AuthorityValidator interface for Insecure and TLS credentials.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 82.36%. Comparing base (0003b4f) to head (b1583a6).

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #8068      +/-   ##
==========================================
+ Coverage   82.32%   82.36%   +0.04%     
==========================================
  Files         387      387              
  Lines       39064    39091      +27     
==========================================
+ Hits        32159    32197      +38     
+ Misses       5593     5584       -9     
+ Partials     1312     1310       -2     

Files with missing lines	Coverage Δ
credentials/credentials.go	87.87% <ø> (ø)
credentials/insecure/insecure.go	83.33% <100.00%> (+1.51%)	⬆️
credentials/tls.go	88.46% <100.00%> (+1.88%)	⬆️
internal/transport/http2_client.go	91.77% <100.00%> (+0.06%)	⬆️
internal/transport/transport.go	91.56% <ø> (ø)
rpc_util.go	80.97% <100.00%> (+0.29%)	⬆️
stream.go	81.54% <100.00%> (-0.24%)	⬇️

... and 19 files with indirect coverage changes

[purnesh42H]

Overall lgtm. Just few minor comments. I think we can combine some individual into t-tests.

[purnesh42H]

no need to mention "defines an interface". Can just say "AuthorityValidator validates the authority....."

[eshitachandwani]

Done.

[purnesh42H]

typo: either

[eshitachandwani]

Done.

[purnesh42H]

can combine this with if

[eshitachandwani]

Done.

[purnesh42H]

should we call it PerRPCAuthority? Similar to PerRPCCredentials?

[easwars]

We went through this in the design doc. We had consensus on CallAuthority.

[purnesh42H]

If we name above PerRPCAuthority, AuthorityOverrideCallOption can change to PerRPCAuthorityCallOption

[purnesh42H]

s/expect/want

[eshitachandwani]

done.

[purnesh42H]

the tests tls_ext_test.go should already be testing this right? Does this need to be here? or it should just be another test case in the above TestAuthorityCallOptionsWithTLSCreds

[purnesh42H]

nix new line

[purnesh42H]

the FakeCreds can be at the top

[easwars]

Please rename this testCreds. We use the term fake when we use a test double that actually provides a fake implementation of something that the code under test depends on.

Also, the AuthInfo types need to be named such that it is clear from their names that they either implement the AuthorityValidator interface or not.

[purnesh42H]

Same. This can be another test case in test with CustomCreds

[eshitachandwani]

done.

[purnesh42H]

Also, don't feel strongly but may be we can utilize the setup in tls_ext_test or move the tls tests to tls_ext_test.go

[easwars]

Nit: Can get rid of the _ variable name as this method contains only one parameter.

[easwars]

The err variable will only contain the last error here. Should we instead include all errors?

[easwars]

Nit: Also, the error message could be something like
fmt.Errorf(credentials: invalid authority %q: %s", authority, err)

[easwars]

s/A struct implementing AuthInfo should/Implementations of AuthInfo should/

[easwars]

Please document what this authority means and what the return value indicates.

[easwars]

Also, I think we should focus on documenting a couple of things here:

• that this is an option interface
• will be invoked only when the appropriate call option is specified by the application

Something to this effect could work (might need some cleanup)

// AuthorityValidator validates  `:authority` header overrides. This is an
// optional interface for transport credentials to implement.
type AuthorityValidator interface {
	// ValidateAuthority validates the authority used to override the
	// `:authority` header. If implemented by the AuthInfo type returned by the
	// transport credentials, this method will be invoked if the client
	// application attempts to override the `:authority` header by using the
	// CallAuthority call option.
	ValidateAuthority(authority string) error
}

[easwars]

Nit: Also, the error message could be something like
fmt.Errorf(credentials: invalid authority %q: %s", authority, err)

[easwars]

We went through this in the design doc. We had consensus on CallAuthority.

[easwars]

Nit: s/auth/authority/

Please note that this is part of our public API. Parameter names also serve as documentation. So using good parameter names is critical.

[easwars]

This is the only place where we use the term pseudoheader. Either use it everywhere (like in the dosctrings of the AuthorityValidator interface), or don't use it here. Thanks.

[easwars]

How about something more simpler and direct

"CallAuthority creates a CallOption that sets the HTTP/2 :authority header of an RPC to the specified value."

[easwars]

Please rename this testCreds. We use the term fake when we use a test double that actually provides a fake implementation of something that the code under test depends on.

Also, the AuthInfo types need to be named such that it is clear from their names that they either implement the AuthorityValidator interface or not.

[easwars]

Nit: The definition of this type is sandwiched between the implementation of the test creds type. Please move it to be separate.

[easwars]

Does this have to be exported?

[easwars]

Basically, we can have a single testCreds type that contains a boolean field that indicates whether or not it should return an AuthInfo that implements AuthorityValidator or not. We don't need two test credentials types here.

[easwars]

Same here. You can directly use the status that you want the RPC to return.