auth: fix builder invocation for converting Google service account to…

… Jwt access credential (#6106) (#6124)

* Fixed mistaken method invocation for privateKeyId getter/setter.

* Added test coverage to verify jwt credentials are applied to request metadata correctly.

* No need to expose serviceUri method for testing.

auth/src/main/java/io/grpc/auth/GoogleAuthLibraryCallCredentials.java

@@ -296,8 +296,8 @@ public JwtHelper(Class<?> rawServiceAccountClass, ClassLoader loader)
         methodPairs.add(new MethodPair(getter, setter));
       }
       {
-        Method getter = serviceAccountClass.getMethod("getPrivateKey");
-        Method setter = builderClass.getMethod("setPrivateKey", getter.getReturnType());
+        Method getter = serviceAccountClass.getMethod("getPrivateKeyId");
+        Method setter = builderClass.getMethod("setPrivateKeyId", getter.getReturnType());
         methodPairs.add(new MethodPair(getter, setter));
       }
     }

auth/src/test/java/io/grpc/auth/GoogleAuthLibraryCallCredentialsTest.java

@@ -34,13 +34,15 @@
 import com.google.auth.oauth2.GoogleCredentials;
 import com.google.auth.oauth2.OAuth2Credentials;
 import com.google.auth.oauth2.ServiceAccountCredentials;
+import com.google.auth.oauth2.ServiceAccountJwtAccessCredentials;
 import com.google.common.collect.Iterables;
 import com.google.common.collect.LinkedListMultimap;
 import com.google.common.collect.ListMultimap;
 import com.google.common.collect.Multimaps;
 import io.grpc.Attributes;
 import io.grpc.CallCredentials;
 import io.grpc.CallCredentials.MetadataApplier;
+import io.grpc.CallCredentials.RequestInfo;
 import io.grpc.Metadata;
 import io.grpc.MethodDescriptor;
 import io.grpc.SecurityLevel;
@@ -388,6 +390,38 @@ public void oauthClassesNotInClassPath() throws Exception {
         Iterables.toArray(authorization, String.class));
   }
 
+  @Test
+  public void jwtAccessCredentialsInRequestMetadata() throws Exception {
+    KeyPair pair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
+    RequestInfo requestInfo = new RequestInfoImpl("example.com:123");
+
+    ServiceAccountJwtAccessCredentials jwtCreds =
+        ServiceAccountJwtAccessCredentials.newBuilder()
+            .setClientId("test-client")
+            .setClientEmail("test-email@example.com")
+            .setPrivateKey(pair.getPrivate())
+            .setPrivateKeyId("test-private-key-id")
+            .build();
+    List<String> expectedAuthMetadata = jwtCreds
+        .getRequestMetadata(new URI("https://example.com:123/a.service")).get("Authorization");
+
+    ServiceAccountCredentials credentials =
+        ServiceAccountCredentials.newBuilder()
+            .setClientId("test-client")
+            .setClientEmail("test-email@example.com")
+            .setPrivateKey(pair.getPrivate())
+            .setPrivateKeyId("test-private-key-id")
+            .build();
+    GoogleAuthLibraryCallCredentials callCredentials =
+        new GoogleAuthLibraryCallCredentials(credentials);
+    callCredentials.applyRequestMetadata(requestInfo, executor, applier);
+
+    verify(applier).apply(headersCaptor.capture());
+    Metadata headers = headersCaptor.getValue();
+    assertArrayEquals(Iterables.toArray(expectedAuthMetadata, String.class),
+        Iterables.toArray(headers.getAll(AUTHORIZATION), String.class));
+  }
+
   private int runPendingRunnables() {
     ArrayList<Runnable> savedPendingRunnables = pendingRunnables;
     pendingRunnables = new ArrayList<>();