Add Call & Channel Credentials, and accompanying tests (#7)

* Add ChannelCredential tests

* Work on channel credentials

* Remove context.context checks

* Make call credentials an interface

* Write comments for call credentials

* fixtures comment in test-channel-credentials

* small changes

* Address name change comment

* define metadata interface

* Call credentials

* Reorganize channel-credentials file

* Composed call credentials tests

* Simplified CallCredentials composition

* Use async.parallel in call-credentials

package.json

@@ -45,5 +45,9 @@
     "format": "clang-format -i -style=\"{Language: JavaScript, BasedOnStyle: Google, ColumnLimit: 80}\" src/*.ts test/*.ts",
     "lint": "tslint -c node_modules/google-ts-style/tslint.json -p . -t codeFrame --type-check",
     "test": "gulp test"
+  },
+  "dependencies": {
+    "@types/async": "^2.0.41",
+    "async": "^2.5.0"
   }
 }

src/call-credentials.ts

@@ -1,15 +1,90 @@
-import { Metadata } from './metadata'
+import { Metadata } from './metadata';
+import * as async from 'async';
 
-export class CallCredentials {
-  static createFromMetadataGenerator(metadataGenerator: (options: Object, cb: (err: Error, metadata: Metadata) => void) => void): CallCredentials {
-    throw new Error();
+export type CallMetadataGenerator = (
+  options: Object,
+  cb: (err: Error | null, metadata?: Metadata) => void
+) => void
+
+/**
+ * A class that represents a generic method of adding authentication-related
+ * metadata on a per-request basis.
+ */
+export interface CallCredentials {
+  /**
+   * Asynchronously generates a new Metadata object.
+   * @param options Options used in generating the Metadata object.
+   * @param cb A callback of the form (err, metadata) which will be called with
+   * either the generated metadata, or an error if one occurred.
+   */
+  generateMetadata: CallMetadataGenerator;
+  /**
+   * Creates a new CallCredentials object from properties of both this and
+   * another CallCredentials object. This object's metadata generator will be
+   * called first.
+   * @param callCredentials The other CallCredentials object.
+   */
+  compose: (callCredentials: CallCredentials) => CallCredentials;
+}
+
+export namespace CallCredentials {
+  /**
+   * Creates a new CallCredentials object from a given function that generates
+   * Metadata objects.
+   * @param metadataGenerator A function that accepts a set of options, and
+   * generates a Metadata object based on these options, which is passed back
+   * to the caller via a supplied (err, metadata) callback.
+   */
+  export function createFromMetadataGenerator(
+    metadataGenerator: CallMetadataGenerator
+  ): CallCredentials {
+    return new CallCredentialsImpl([metadataGenerator]);
   }
+}
 
-  call(options: Object, cb: (err: Error, metadata: Metadata) => void): void {
-    throw new Error();
+
+class CallCredentialsImpl {
+  constructor(private metadataGenerators: Array<CallMetadataGenerator>) {}
+
+  generateMetadata(
+    options: Object,
+    cb: (err: Error | null, metadata?: Metadata) => void
+  ): void {
+    if (this.metadataGenerators.length === 1) {
+      this.metadataGenerators[0](options, cb);
+      return;
+    }
+
+    const tasks: Array<AsyncFunction<Metadata, Error>> =
+      this.metadataGenerators.map(fn => fn.bind(null, options));
+    const callback: AsyncResultArrayCallback<Metadata, Error> =
+      (err, metadataArray) => {
+        if (err || !metadataArray) {
+          cb(err || new Error('Unknown error'));
+          return;
+        } else {
+          const result = Metadata.createMetadata();
+          metadataArray.forEach((metadata) => {
+            if (metadata) {
+              const metadataObj = metadata.getMap();
+              Object.keys(metadataObj).forEach((key) => {
+                metadataObj[key].forEach((value) => {
+                  result.add(key, value);
+                });
+              });
+            }
+          });
+          cb(null, result);
+        }
+      };
+    async.parallel(tasks, callback);
   }
 
   compose(callCredentials: CallCredentials): CallCredentials {
-    throw new Error();
+    if (!(callCredentials instanceof CallCredentialsImpl)) {
+      throw new Error('Unknown CallCredentials implementation provided');
+    }
+    return new CallCredentialsImpl(this.metadataGenerators.concat(
+      (callCredentials as CallCredentialsImpl).metadataGenerators));
   }
 }

src/channel-credentials.ts

@@ -1,29 +1,119 @@
 import { CallCredentials } from './call-credentials';
-import { SecureContext } from 'tls'; // or whatever it's actually called
+import { createSecureContext, SecureContext } from 'tls';
 
 /**
- * A class that contains credentials for communicating over a channel.
+ * A class that contains credentials for communicating over a channel, as well
+ * as a set of per-call credentials, which are applied to every method call made
+ * over a channel initialized with an instance of this class.
  */
-export class ChannelCredentials {
-  private constructor() {}
+export interface ChannelCredentials {
+  /**
+   * Returns a copy of this object with the included set of per-call credentials
+   * expanded to include callCredentials.
+   * @param callCredentials A CallCredentials object to associate with this
+   * instance.
+   */
+  compose(callCredentials: CallCredentials) : ChannelCredentials;
 
-  static createSsl(rootCerts?: Buffer, privateKey?: Buffer, certChain?: Buffer) : ChannelCredentials {
-    throw new Error();
+  /**
+   * Gets the set of per-call credentials associated with this instance.
+   */
+  getCallCredentials() : CallCredentials | null;
+  
+  /**
+   * Gets a SecureContext object generated from input parameters if this
+   * instance was created with createSsl, or null if this instance was created
+   * with createInsecure.
+   */
+  getSecureContext() : SecureContext | null;
+}
+
+export namespace ChannelCredentials {
+  /**
+   * Return a new ChannelCredentials instance with a given set of credentials.
+   * The resulting instance can be used to construct a Channel that communicates
+   * over TLS.
+   * @param rootCerts The root certificate data.
+   * @param privateKey The client certificate private key, if available.
+   * @param certChain The client certificate key chain, if available.
+   */
+  export function createSsl(rootCerts?: Buffer | null, privateKey?: Buffer | null, certChain?: Buffer | null) : ChannelCredentials {
+    if (privateKey && !certChain) {
+      throw new Error('Private key must be given with accompanying certificate chain');
+    }
+    if (!privateKey && certChain) {
+      throw new Error('Certificate chain must be given with accompanying private key');
+    }
+    const secureContext = createSecureContext({
+      ca: rootCerts || undefined,
+      key: privateKey || undefined,
+      cert: certChain || undefined
+    });
+    return new SecureChannelCredentialsImpl(secureContext);
   }
 
-  static createInsecure() : ChannelCredentials {
-    throw new Error();
-  }
-
-  compose(callCredentials: CallCredentials) : ChannelCredentials {
-    throw new Error();
-  }
-
-  getCallCredentials() : CallCredentials {
-    throw new Error();
-  }
-
-  getSecureContext() : SecureContext {
-    throw new Error();
+  /**
+   * Return a new ChannelCredentials instance with no credentials.
+   */
+  export function createInsecure() : ChannelCredentials {
+    return new InsecureChannelCredentialsImpl();
+  }
+}
+
+
+abstract class ChannelCredentialsImpl implements ChannelCredentials {
+  protected callCredentials: CallCredentials | null;
+
+  protected constructor(callCredentials?: CallCredentials) {
+    this.callCredentials = callCredentials || null;
+  }
+
+  abstract compose(callCredentials: CallCredentials) : ChannelCredentialsImpl;
+
+  getCallCredentials() : CallCredentials | null {
+    return this.callCredentials;
+  }
+
+  abstract getSecureContext() : SecureContext | null;
+}
+
+class InsecureChannelCredentialsImpl extends ChannelCredentialsImpl {
+  constructor(callCredentials?: CallCredentials) {
+    super(callCredentials);
+  }
+
+  compose(callCredentials: CallCredentials) : ChannelCredentialsImpl {
+    const combinedCallCredentials = this.callCredentials ?
+      this.callCredentials.compose(callCredentials) :
+      callCredentials;
+    return new InsecureChannelCredentialsImpl(combinedCallCredentials);
+  }
+
+  getSecureContext() : SecureContext | null {
+    return null;
+  }
+}
+
+class SecureChannelCredentialsImpl extends ChannelCredentialsImpl {
+  secureContext: SecureContext;
+
+  constructor(
+    secureContext: SecureContext,
+    callCredentials?: CallCredentials
+  ) {
+    super(callCredentials);
+    this.secureContext = secureContext;
+  }
+
+  compose(callCredentials: CallCredentials) : ChannelCredentialsImpl {
+    const combinedCallCredentials = this.callCredentials ?
+      this.callCredentials.compose(callCredentials) :
+      callCredentials;
+    return new SecureChannelCredentialsImpl(this.secureContext,
+      combinedCallCredentials);
+  }
+
+  getSecureContext() : SecureContext | null {
+    return this.secureContext;
   }
 }

src/metadata.ts

@@ -1,3 +1,35 @@
-export class Metadata {
-  
+export type MetadataValue = string | Buffer;
+
+export interface MetadataObject {
+  [propName: string]: Array<MetadataValue>;
+}
+
+export class Metadata {
+  static createMetadata(): Metadata {
+    return new Metadata();
+  }
+
+  set(_key: string, _value: MetadataValue): void {
+    throw new Error('Not implemented');
+  }
+
+  add(_key: string, _value: MetadataValue): void {
+    throw new Error('Not implemented');
+  }
+
+  remove(_key: string): void {
+    throw new Error('Not implemented');
+  }
+
+  get(_key: string): Array<MetadataValue> {
+    throw new Error('Not implemented');
+  }
+  
+  getMap(): MetadataObject {
+    throw new Error('Not implemented');
+  }
+
+  clone(): Metadata {
+    throw new Error('Not implemented');
+  }
 }

test/common.ts

@@ -0,0 +1,16 @@
+import * as assert from 'assert';
+
+export function mockFunction(): never {
+  throw new Error('Not implemented');
+}
+
+export namespace assert2 {
+  export function noThrowAndReturn<T>(fn: () => T): T {
+    try {
+      return fn();
+    } catch (e) {
+      assert.throws(() => { throw e });
+      throw e; // for type safety only
+    }
+  }
+}

test/fixtures/README

@@ -0,0 +1 @@
+CONFIRMEDTESTKEY

test/fixtures/ca.pem

@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICSjCCAbOgAwIBAgIJAJHGGR4dGioHMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxDzANBgNVBAMTBnRlc3RjYTAeFw0xNDExMTEyMjMxMjla
+Fw0yNDExMDgyMjMxMjlaMFYxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0
+YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDzANBgNVBAMT
+BnRlc3RjYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwEDfBV5MYdlHVHJ7
++L4nxrZy7mBfAVXpOc5vMYztssUI7mL2/iYujiIXM+weZYNTEpLdjyJdu7R5gGUu
+g1jSVK/EPHfc74O7AyZU34PNIP4Sh33N+/A5YexrNgJlPY+E3GdVYi4ldWJjgkAd
+Qah2PH5ACLrIIC6tRka9hcaBlIECAwEAAaMgMB4wDAYDVR0TBAUwAwEB/zAOBgNV
+HQ8BAf8EBAMCAgQwDQYJKoZIhvcNAQELBQADgYEAHzC7jdYlzAVmddi/gdAeKPau
+sPBG/C2HCWqHzpCUHcKuvMzDVkY/MP2o6JIW2DBbY64bO/FceExhjcykgaYtCH/m
+oIU63+CFOTtR7otyQAWHqXa7q4SbCDlG7DyRFxqG0txPtGvy12lgldA2+RgcigQG
+Dfcog5wrJytaQ6UA0wE=
+-----END CERTIFICATE-----

test/fixtures/server1.key

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAOHDFScoLCVJpYDD
+M4HYtIdV6Ake/sMNaaKdODjDMsux/4tDydlumN+fm+AjPEK5GHhGn1BgzkWF+slf
+3BxhrA/8dNsnunstVA7ZBgA/5qQxMfGAq4wHNVX77fBZOgp9VlSMVfyd9N8YwbBY
+AckOeUQadTi2X1S6OgJXgQ0m3MWhAgMBAAECgYAn7qGnM2vbjJNBm0VZCkOkTIWm
+V10okw7EPJrdL2mkre9NasghNXbE1y5zDshx5Nt3KsazKOxTT8d0Jwh/3KbaN+YY
+tTCbKGW0pXDRBhwUHRcuRzScjli8Rih5UOCiZkhefUTcRb6xIhZJuQy71tjaSy0p
+dHZRmYyBYO2YEQ8xoQJBAPrJPhMBkzmEYFtyIEqAxQ/o/A6E+E4w8i+KM7nQCK7q
+K4JXzyXVAjLfyBZWHGM2uro/fjqPggGD6QH1qXCkI4MCQQDmdKeb2TrKRh5BY1LR
+81aJGKcJ2XbcDu6wMZK4oqWbTX2KiYn9GB0woM6nSr/Y6iy1u145YzYxEV/iMwff
+DJULAkB8B2MnyzOg0pNFJqBJuH29bKCcHa8gHJzqXhNO5lAlEbMK95p/P2Wi+4Hd
+aiEIAF1BF326QJcvYKmwSmrORp85AkAlSNxRJ50OWrfMZnBgzVjDx3xG6KsFQVk2
+ol6VhqL6dFgKUORFUWBvnKSyhjJxurlPEahV6oo6+A+mPhFY8eUvAkAZQyTdupP3
+XEFQKctGz+9+gKkemDp7LBBMEMBXrGTLPhpEfcjv/7KPdnFHYmhYeBTBnuVmTVWe
+F98XJ7tIFfJq
+-----END PRIVATE KEY-----

test/fixtures/server1.pem

@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICnDCCAgWgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJBVTET
+MBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQ
+dHkgTHRkMQ8wDQYDVQQDEwZ0ZXN0Y2EwHhcNMTUxMTA0MDIyMDI0WhcNMjUxMTAx
+MDIyMDI0WjBlMQswCQYDVQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNV
+BAcTB0NoaWNhZ28xFTATBgNVBAoTDEV4YW1wbGUsIENvLjEaMBgGA1UEAxQRKi50
+ZXN0Lmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOHDFSco
+LCVJpYDDM4HYtIdV6Ake/sMNaaKdODjDMsux/4tDydlumN+fm+AjPEK5GHhGn1Bg
+zkWF+slf3BxhrA/8dNsnunstVA7ZBgA/5qQxMfGAq4wHNVX77fBZOgp9VlSMVfyd
+9N8YwbBYAckOeUQadTi2X1S6OgJXgQ0m3MWhAgMBAAGjazBpMAkGA1UdEwQCMAAw
+CwYDVR0PBAQDAgXgME8GA1UdEQRIMEaCECoudGVzdC5nb29nbGUuZnKCGHdhdGVy
+em9vaS50ZXN0Lmdvb2dsZS5iZYISKi50ZXN0LnlvdXR1YmUuY29thwTAqAEDMA0G
+CSqGSIb3DQEBCwUAA4GBAJFXVifQNub1LUP4JlnX5lXNlo8FxZ2a12AFQs+bzoJ6
+hM044EDjqyxUqSbVePK0ni3w1fHQB5rY9yYC5f8G7aqqTY1QOhoUk8ZTSTRpnkTh
+y4jjdvTZeLDVBlueZUTDRmy2feY5aZIU18vFDK08dTG0A87pppuv1LNIR3loveU8
+-----END CERTIFICATE-----

test/test-call-credentials.ts

@@ -0,0 +1,163 @@
+import { Metadata } from '../src/metadata';
+import { CallCredentials, CallMetadataGenerator } from '../src/call-credentials';
+import { mockFunction } from './common';
+import * as assert from 'assert';
+
+class MetadataMock extends Metadata {
+  constructor(private obj: { [propName: string]: Array<string> } = {}) {
+    super();
+  }
+
+  add(key: string, value: string) {
+    if (!this.obj[key]) {
+      this.obj[key] = [value];
+    } else {
+      this.obj[key].push(value);
+    }
+  }
+  clone() { return new MetadataMock(Object.create(this.obj)); };
+  get(key: string) { return this.obj[key]; }
+  getMap() { return this.obj; }
+  set() { mockFunction() }
+  remove() { mockFunction() }
+}
+Metadata.createMetadata = () => new MetadataMock();
+
+// Returns a Promise that resolves to an object containing either an error or
+// metadata
+function generateMetadata(
+  callCredentials: CallCredentials,
+  options: Object
+): Promise<{ err?: Error, metadata?: Metadata }> {
+  return new Promise((resolve) => {
+    callCredentials.generateMetadata(options, (err, metadata) => {
+      resolve({ err: err || undefined, metadata: metadata || undefined });
+    });
+  });
+}
+
+// Metadata generators
+
+function makeGenerator(props: Array<string>): CallMetadataGenerator {
+  return (options: { [propName: string]: string }, cb) => {
+    const metadata: Metadata = new MetadataMock();
+    props.forEach((prop) => {
+      if (options[prop]) {
+        metadata.add(prop, options[prop]);
+      }
+    });
+    cb(null, metadata);
+  }
+}
+
+function makeAfterMsElapsedGenerator(ms: number): CallMetadataGenerator {
+  return (_options, cb) => {
+    const metadata = new MetadataMock();
+    metadata.add('msElapsed', `${ms}`);
+    setTimeout(() => cb(null, metadata), ms);
+  };
+};
+
+const generateFromName: CallMetadataGenerator = makeGenerator(['name']);
+const generateWithError: CallMetadataGenerator = (_options, cb) =>
+  cb(new Error());
+
+// Tests
+
+describe('CallCredentials', () => {
+  describe('createFromMetadataGenerator', () => {
+    it('should accept a metadata generator', () => {
+      assert.doesNotThrow(() =>
+        CallCredentials.createFromMetadataGenerator(generateFromName));
+    });
+  });
+
+  describe('compose', () => {
+    it('should accept a CallCredentials object and return a new object', () => {
+      const callCredentials1 = CallCredentials.createFromMetadataGenerator(generateFromName);
+      const callCredentials2 = CallCredentials.createFromMetadataGenerator(generateFromName);
+      const combinedCredentials = callCredentials1.compose(callCredentials2);
+      assert.notEqual(combinedCredentials, callCredentials1);
+      assert.notEqual(combinedCredentials, callCredentials2);
+    });
+
+    it('should be chainable', () => {
+      const callCredentials1 = CallCredentials.createFromMetadataGenerator(generateFromName);
+      const callCredentials2 = CallCredentials.createFromMetadataGenerator(generateFromName);
+      assert.doesNotThrow(() => {
+        callCredentials1.compose(callCredentials2)
+          .compose(callCredentials2)
+          .compose(callCredentials2);
+      });
+    });
+  });
+
+  describe('generateMetadata', () => {
+    it('should call the function passed to createFromMetadataGenerator',
+      async () => {
+        const callCredentials = CallCredentials.createFromMetadataGenerator(generateFromName);
+        const { err, metadata } = await generateMetadata(callCredentials,
+          { name: 'foo' });
+        assert.ok(!err);
+        assert.ok(metadata);
+        if (metadata) {
+          assert.deepEqual(metadata.getMap(), {
+            name: ['foo']
+          });
+        }
+      }
+    );
+
+    it('should emit an error if the associated metadataGenerator does',
+      async () => {
+        const callCredentials = CallCredentials.createFromMetadataGenerator(
+          generateWithError);
+        const { err, metadata } = await generateMetadata(callCredentials, {});
+        assert.ok(err instanceof Error);
+        assert.ok(!metadata);
+      }
+    );
+
+    it('should combine metadata from multiple generators', async () => {
+      const [callCreds1, callCreds2, callCreds3, callCreds4] =
+        [50, 100, 150, 200].map((ms) => {
+          const generator: CallMetadataGenerator =
+            makeAfterMsElapsedGenerator(ms);
+          return CallCredentials.createFromMetadataGenerator(generator);
+        });
+      const testCases = [{
+          credentials: callCreds1
+            .compose(callCreds2)
+            .compose(callCreds3)
+            .compose(callCreds4),
+          expected: ['50', '100', '150', '200']
+        }, {
+          credentials: callCreds4
+            .compose(callCreds3
+              .compose(callCreds2
+                .compose(callCreds1))),
+          expected: ['200', '150', '100', '50']
+        }, {
+          credentials: callCreds3
+            .compose(callCreds4
+              .compose(callCreds1)
+              .compose(callCreds2)),
+          expected: ['150', '200', '50', '100']
+        }
+      ];
+      const options = {};
+      // Try each test case and make sure the msElapsed field is as expected
+      await Promise.all(testCases.map(async (testCase) => {
+        const { credentials, expected } = testCase;
+        const { err, metadata } = await generateMetadata(credentials, options);
+        assert.ok(!err);
+        assert.ok(metadata);
+        if (metadata) {
+          assert.deepEqual(metadata.getMap(), {
+            msElapsed: expected
+          });
+        }
+      }));
+    });
+  });
+});

test/test-channel-credentials.ts

@@ -0,0 +1,120 @@
+import * as assert from 'assert';
+import { CallCredentials } from '../src/call-credentials';
+import { ChannelCredentials } from '../src/channel-credentials';
+import { mockFunction, assert2 } from './common';
+import * as fs from 'fs';
+import { promisify } from 'util';
+
+class CallCredentialsMock implements CallCredentials {
+  child: CallCredentialsMock;
+  constructor(child?: CallCredentialsMock) {
+    if (child) {
+      this.child = child;
+    }
+  }
+
+  generateMetadata = mockFunction;
+
+  compose(callCredentials: CallCredentialsMock): CallCredentialsMock {
+    return new CallCredentialsMock(callCredentials);
+  }
+
+  isEqual(other: CallCredentialsMock): boolean {
+    if (!this.child) {
+      return this === other;
+    } else if (!other || !other.child) {
+      return false;
+    } else {
+      return this.child.isEqual(other.child);
+    }
+  }
+}
+
+const readFile: (...args: any[]) => Promise<Buffer> = promisify(fs.readFile);
+// A promise which resolves to loaded files in the form { ca, key, cert }
+const pFixtures = Promise.all([
+    'ca.pem',
+    'server1.key',
+    'server1.pem'
+  ].map((file) => readFile(`test/fixtures/${file}`))
+).then((result) => {
+  return {
+    ca: result[0],
+    key: result[1],
+    cert: result[2]
+  };
+});
+
+describe('ChannelCredentials Implementation', () => {
+  describe('createInsecure', () => {
+    it('should return a ChannelCredentials object with no associated secure context', () => {
+      const creds = assert2.noThrowAndReturn(
+        () => ChannelCredentials.createInsecure());
+      assert.ok(!creds.getSecureContext());
+    });
+  });
+
+  describe('createSsl', () => {
+    it('should work when given no arguments', () => {
+      const creds: ChannelCredentials = assert2.noThrowAndReturn(
+        () => ChannelCredentials.createSsl());
+      assert.ok(!!creds.getSecureContext());
+    });
+
+    it('should work with just a CA override', async () => {
+      const { ca } = await pFixtures;
+      const creds = assert2.noThrowAndReturn(
+        () => ChannelCredentials.createSsl(ca));
+      assert.ok(!!creds.getSecureContext());
+    });
+
+    it('should work with just a private key and cert chain', async () => {
+      const { key, cert } = await pFixtures;
+      const creds = assert2.noThrowAndReturn(
+        () => ChannelCredentials.createSsl(null, key, cert));
+      assert.ok(!!creds.getSecureContext());
+    });
+
+    it('should work with all three parameters specified', async () => {
+      const { ca, key, cert } = await pFixtures;
+      const creds = assert2.noThrowAndReturn(
+        () => ChannelCredentials.createSsl(ca, key, cert));
+      assert.ok(!!creds.getSecureContext());
+    });
+
+    it('should throw if just one of private key and cert chain are missing',
+      async () => {
+        const { ca, key, cert } = await pFixtures;
+        assert.throws(() => ChannelCredentials.createSsl(ca, key));
+        assert.throws(() => ChannelCredentials.createSsl(ca, key, null));
+        assert.throws(() => ChannelCredentials.createSsl(ca, null, cert));
+        assert.throws(() => ChannelCredentials.createSsl(null, key));
+        assert.throws(() => ChannelCredentials.createSsl(null, key, null));
+        assert.throws(() => ChannelCredentials.createSsl(null, null, cert));
+      });
+  });
+
+  describe('compose', () => {
+    it('should return a ChannelCredentials object', () => {
+      const channelCreds = ChannelCredentials.createInsecure();
+      const callCreds = new CallCredentialsMock();
+      const composedChannelCreds = channelCreds.compose(callCreds);
+      assert.ok(!channelCreds.getCallCredentials());
+      assert.strictEqual(composedChannelCreds.getCallCredentials(),
+        callCreds);
+    });
+
+    it('should be chainable', () => {
+      const callCreds1 = new CallCredentialsMock();
+      const callCreds2 = new CallCredentialsMock();
+      // Associate both call credentials with channelCreds
+      const composedChannelCreds = ChannelCredentials.createInsecure()
+        .compose(callCreds1)
+        .compose(callCreds2);
+      // Build a mock object that should be an identical copy
+      const composedCallCreds = callCreds1.compose(callCreds2);
+      assert.ok(composedCallCreds.isEqual(
+        composedChannelCreds.getCallCredentials() as CallCredentialsMock));
+    });
+  });
+});

test/test.ts

@@ -1,8 +0,0 @@
-import { ChannelCredentials } from '../src/channel-credentials';
-import * as assert from 'assert';
-
-describe('Channel Credentials', function() {
-  it('should be an object', function() {
-    assert.ok(ChannelCredentials);
-  });
-});

tsconfig.json

@@ -1,9 +1,10 @@
 {
   "extends": "./node_modules/google-ts-style/tsconfig-google.json",
+  "compilerOptions": {
+    "lib": [ "es6" ]
+  },
   "include": [
-    "src/*.ts",
     "src/**/*.ts",
-    "test/*.ts",
     "test/**/*.ts"
   ],
   "exclude": [