From b99872eee7e2a39f8345f01431376f0813885783 Mon Sep 17 00:00:00 2001
From: Michael Lumish <mlumish@google.com>
Date: Thu, 10 Sep 2020 14:50:18 -0700
Subject: [PATCH] grpc-js: xDS: handle insecure and google_default bootstrap
 creds

---
 packages/grpc-js/src/xds-client.ts | 27 ++++++++++++++++++++++++---
 1 file changed, 24 insertions(+), 3 deletions(-)

diff --git a/packages/grpc-js/src/xds-client.ts b/packages/grpc-js/src/xds-client.ts
index 0b1fa7b9..8ca4cfa2 100644
--- a/packages/grpc-js/src/xds-client.ts
+++ b/packages/grpc-js/src/xds-client.ts
@@ -19,7 +19,7 @@ import * as protoLoader from '@grpc/proto-loader';
 import { loadPackageDefinition } from './make-client';
 import * as adsTypes from './generated/ads';
 import * as lrsTypes from './generated/lrs';
-import { createGoogleDefaultCredentials } from './channel-credentials';
+import { createGoogleDefaultCredentials, ChannelCredentials } from './channel-credentials';
 import { loadBootstrapInfo } from './xds-bootstrap';
 import { ClientDuplexStream, ServiceError } from './call';
 import { StatusObject } from './call-stream';
@@ -805,17 +805,38 @@ export class XdsClient {
           ...node,
           client_features: ['envoy.lrs.supports_send_all_clusters'],
         };
+        const credentialsConfigs = bootstrapInfo.xdsServers[0].channelCreds;
+        let channelCreds: ChannelCredentials | null = null;
+        for (const config of credentialsConfigs) {
+          if (config.type === 'google_default') {
+            channelCreds = createGoogleDefaultCredentials();
+            break;
+          } else if (config.type === 'insecure') {
+            channelCreds = ChannelCredentials.createInsecure();
+            break;
+          }
+        }
+        if (channelCreds === null) {
+          trace('Failed to initialize xDS Client. No valid credentials types found.');
+          // Bubble this error up to any listeners
+          this.reportStreamError({
+            code: Status.INTERNAL,
+            details: 'Failed to initialize xDS Client. No valid credentials types found.',
+            metadata: new Metadata(),
+          });
+          return;
+        }
         trace('Starting xDS client connected to server URI ' + bootstrapInfo.xdsServers[0].serverUri);
         this.adsClient = new protoDefinitions.envoy.service.discovery.v2.AggregatedDiscoveryService(
           bootstrapInfo.xdsServers[0].serverUri,
-          createGoogleDefaultCredentials(),
+          channelCreds,
           channelArgs
         );
         this.maybeStartAdsStream();
 
         this.lrsClient = new protoDefinitions.envoy.service.load_stats.v2.LoadReportingService(
           bootstrapInfo.xdsServers[0].serverUri,
-          createGoogleDefaultCredentials(),
+          channelCreds,
           {channelOverride: this.adsClient.getChannel()}
         );
         this.maybeStartLrsStream();