Merge branch 'credentials_naming_and_cleanup' of github.com:jboeuf/grpc into credentials_naming_and_cleanup

10 years ago · fe4bacb641
parent 2cf9cd3703 cbdffa4227
commit fe4bacb641
16 changed files with 110 additions and 408 deletions
--- a/include/grpc++/credentials.h
+++ b/include/grpc++/credentials.h
@ -94,17 +94,7 @@ std::shared_ptr<Credentials> SslCredentials(
    const SslCredentialsOptions& options);

 // Builds credentials for use when running in GCE
-std::shared_ptr<Credentials> ComputeEngineCredentials();
-
-// Builds service account credentials.
-// json_key is the JSON key string containing the client's private key.
-// scope is a space-delimited list of the requested permissions.
-// token_lifetime_seconds is the lifetime in seconds of each token acquired
-// through this service account credentials. It should be positive and should
-// not exceed grpc_max_auth_token_lifetime or will be cropped to this value.
-std::shared_ptr<Credentials> ServiceAccountCredentials(
-    const grpc::string& json_key, const grpc::string& scope,
-    long token_lifetime_seconds);
+std::shared_ptr<Credentials> GoogleComputeEngineCredentials();

 // Builds Service Account JWT Access credentials.
 // json_key is the JSON key string containing the client's private key.
@ -117,7 +107,7 @@ std::shared_ptr<Credentials> ServiceAccountJWTAccessCredentials(
 // Builds refresh token credentials.
 // json_refresh_token is the JSON string containing the refresh token along
 // with a client_id and client_secret.
-std::shared_ptr<Credentials> RefreshTokenCredentials(
+std::shared_ptr<Credentials> GoogleRefreshTokenCredentials(
    const grpc::string& json_refresh_token);

 // Builds access token credentials.
@ -127,7 +117,7 @@ std::shared_ptr<Credentials> AccessTokenCredentials(
    const grpc::string& access_token);

 // Builds IAM credentials.
-std::shared_ptr<Credentials> IAMCredentials(
+std::shared_ptr<Credentials> GoogleIAMCredentials(
    const grpc::string& authorization_token,
    const grpc::string& authority_selector);

--- a/include/grpc/grpc_security.h
+++ b/include/grpc/grpc_security.h
@ -97,26 +97,13 @@ grpc_credentials *grpc_composite_credentials_create(grpc_credentials *creds1,
                                                    grpc_credentials *creds2,
                                                    void *reserved);

-/* Creates a compute engine credentials object.
+/* Creates a compute engine credentials object for connecting to Google.
   WARNING: Do NOT use this credentials to connect to a non-google service as
   this could result in an oauth2 token leak. */
-grpc_credentials *grpc_compute_engine_credentials_create(void *reserved);
+grpc_credentials *grpc_google_compute_engine_credentials_create(void *reserved);

 extern const gpr_timespec grpc_max_auth_token_lifetime;

-/* Creates a service account credentials object. May return NULL if the input is
-   invalid.
-   WARNING: Do NOT use this credentials to connect to a non-google service as
-   this could result in an oauth2 token leak.
-   - json_key is the JSON key string containing the client's private key.
-   - scope is a space-delimited list of the requested permissions.
-   - token_lifetime is the lifetime of each token acquired through this service
-     account credentials.  It should not exceed grpc_max_auth_token_lifetime
-     or will be cropped to this value.  */
-grpc_credentials *grpc_service_account_credentials_create(
-    const char *json_key, const char *scope, gpr_timespec token_lifetime,
-    void *reserved);
-
 /* Creates a JWT credentials object. May return NULL if the input is invalid.
   - json_key is the JSON key string containing the client's private key.
   - token_lifetime is the lifetime of each Json Web Token (JWT) created with
@ -125,13 +112,13 @@ grpc_credentials *grpc_service_account_credentials_create(
 grpc_credentials *grpc_service_account_jwt_access_credentials_create(
    const char *json_key, gpr_timespec token_lifetime, void *reserved);

-/* Creates an Oauth2 Refresh Token credentials object. May return NULL if the
-   input is invalid.
+/* Creates an Oauth2 Refresh Token credentials object for connecting to Google.
+   May return NULL if the input is invalid.
   WARNING: Do NOT use this credentials to connect to a non-google service as
   this could result in an oauth2 token leak.
   - json_refresh_token is the JSON string containing the refresh token itself
     along with a client_id and client_secret. */
-grpc_credentials *grpc_refresh_token_credentials_create(
+grpc_credentials *grpc_google_refresh_token_credentials_create(
    const char *json_refresh_token, void *reserved);

 /* Creates an Oauth2 Access Token credentials with an access token that was
@ -139,10 +126,10 @@ grpc_credentials *grpc_refresh_token_credentials_create(
 grpc_credentials *grpc_access_token_credentials_create(
    const char *access_token, void *reserved);

-/* Creates an IAM credentials object. */
-grpc_credentials *grpc_iam_credentials_create(const char *authorization_token,
-                                              const char *authority_selector,
-                                              void *reserved);
+/* Creates an IAM credentials object for connecting to Google. */
+grpc_credentials *grpc_google_iam_credentials_create(
+    const char *authorization_token, const char *authority_selector,
+    void *reserved);

 /* --- Secure channel creation. --- */

--- a/src/core/security/credentials.c
+++ b/src/core/security/credentials.c
@ -618,7 +618,7 @@ static void init_oauth2_token_fetcher(grpc_oauth2_token_fetcher_credentials *c,
  grpc_httpcli_context_init(&c->httpcli_context);
 }

-/* -- ComputeEngine credentials. -- */
+/* -- GoogleComputeEngine credentials. -- */

 static grpc_credentials_vtable compute_engine_vtable = {
    oauth2_token_fetcher_destroy, oauth2_token_fetcher_has_request_metadata,
@ -640,7 +640,8 @@ static void compute_engine_fetch_oauth2(
                   metadata_req);
 }

-grpc_credentials *grpc_compute_engine_credentials_create(void *reserved) {
+grpc_credentials *grpc_google_compute_engine_credentials_create(
+    void *reserved) {
  grpc_oauth2_token_fetcher_credentials *c =
      gpr_malloc(sizeof(grpc_oauth2_token_fetcher_credentials));
  GPR_ASSERT(reserved == NULL);
@ -649,81 +650,11 @@ grpc_credentials *grpc_compute_engine_credentials_create(void *reserved) {
  return &c->base;
 }

-/* -- ServiceAccount credentials. -- */
-
-static void service_account_destroy(grpc_credentials *creds) {
-  grpc_service_account_credentials *c =
-      (grpc_service_account_credentials *)creds;
-  if (c->scope != NULL) gpr_free(c->scope);
-  grpc_auth_json_key_destruct(&c->key);
-  oauth2_token_fetcher_destroy(&c->base.base);
-}
-
-static grpc_credentials_vtable service_account_vtable = {
-    service_account_destroy, oauth2_token_fetcher_has_request_metadata,
-    oauth2_token_fetcher_has_request_metadata_only,
-    oauth2_token_fetcher_get_request_metadata, NULL};
-
-static void service_account_fetch_oauth2(
-    grpc_credentials_metadata_request *metadata_req,
-    grpc_httpcli_context *httpcli_context, grpc_pollset *pollset,
-    grpc_httpcli_response_cb response_cb, gpr_timespec deadline) {
-  grpc_service_account_credentials *c =
-      (grpc_service_account_credentials *)metadata_req->creds;
-  grpc_httpcli_header header = {"Content-Type",
-                                "application/x-www-form-urlencoded"};
-  grpc_httpcli_request request;
-  char *body = NULL;
-  char *jwt = grpc_jwt_encode_and_sign(&c->key, GRPC_JWT_OAUTH2_AUDIENCE,
-                                       c->token_lifetime, c->scope);
-  if (jwt == NULL) {
-    grpc_httpcli_response response;
-    memset(&response, 0, sizeof(grpc_httpcli_response));
-    response.status = 400; /* Invalid request. */
-    gpr_log(GPR_ERROR, "Could not create signed jwt.");
-    /* Do not even send the request, just call the response callback. */
-    response_cb(metadata_req, &response);
-    return;
-  }
-  gpr_asprintf(&body, "%s%s", GRPC_SERVICE_ACCOUNT_POST_BODY_PREFIX, jwt);
-  memset(&request, 0, sizeof(grpc_httpcli_request));
-  request.host = GRPC_GOOGLE_OAUTH2_SERVICE_HOST;
-  request.path = GRPC_GOOGLE_OAUTH2_SERVICE_TOKEN_PATH;
-  request.hdr_count = 1;
-  request.hdrs = &header;
-  request.handshaker = &grpc_httpcli_ssl;
-  grpc_httpcli_post(httpcli_context, pollset, &request, body, strlen(body),
-                    deadline, response_cb, metadata_req);
-  gpr_free(body);
-  gpr_free(jwt);
-}
-
-grpc_credentials *grpc_service_account_credentials_create(
-    const char *json_key, const char *scope, gpr_timespec token_lifetime,
-    void *reserved) {
-  grpc_service_account_credentials *c;
-  grpc_auth_json_key key = grpc_auth_json_key_create_from_string(json_key);
-  GPR_ASSERT(reserved == NULL);
-  if (scope == NULL || (strlen(scope) == 0) ||
-      !grpc_auth_json_key_is_valid(&key)) {
-    gpr_log(GPR_ERROR,
-            "Invalid input for service account credentials creation");
-    return NULL;
-  }
-  c = gpr_malloc(sizeof(grpc_service_account_credentials));
-  memset(c, 0, sizeof(grpc_service_account_credentials));
-  init_oauth2_token_fetcher(&c->base, service_account_fetch_oauth2);
-  c->base.base.vtable = &service_account_vtable;
-  c->scope = gpr_strdup(scope);
-  c->key = key;
-  c->token_lifetime = token_lifetime;
-  return &c->base.base;
-}
-
-/* -- RefreshToken credentials. -- */
+/* -- GoogleRefreshToken credentials. -- */

 static void refresh_token_destroy(grpc_credentials *creds) {
-  grpc_refresh_token_credentials *c = (grpc_refresh_token_credentials *)creds;
+  grpc_google_refresh_token_credentials *c =
+      (grpc_google_refresh_token_credentials *)creds;
  grpc_auth_refresh_token_destruct(&c->refresh_token);
  oauth2_token_fetcher_destroy(&c->base.base);
 }
@ -737,8 +668,8 @@ static void refresh_token_fetch_oauth2(
    grpc_credentials_metadata_request *metadata_req,
    grpc_httpcli_context *httpcli_context, grpc_pollset *pollset,
    grpc_httpcli_response_cb response_cb, gpr_timespec deadline) {
-  grpc_refresh_token_credentials *c =
-      (grpc_refresh_token_credentials *)metadata_req->creds;
+  grpc_google_refresh_token_credentials *c =
+      (grpc_google_refresh_token_credentials *)metadata_req->creds;
  grpc_httpcli_header header = {"Content-Type",
                                "application/x-www-form-urlencoded"};
  grpc_httpcli_request request;
@ -757,22 +688,23 @@ static void refresh_token_fetch_oauth2(
  gpr_free(body);
 }

-grpc_credentials *grpc_refresh_token_credentials_create_from_auth_refresh_token(
+grpc_credentials *
+grpc_refresh_token_credentials_create_from_auth_refresh_token(
    grpc_auth_refresh_token refresh_token) {
-  grpc_refresh_token_credentials *c;
+  grpc_google_refresh_token_credentials *c;
  if (!grpc_auth_refresh_token_is_valid(&refresh_token)) {
    gpr_log(GPR_ERROR, "Invalid input for refresh token credentials creation");
    return NULL;
  }
-  c = gpr_malloc(sizeof(grpc_refresh_token_credentials));
-  memset(c, 0, sizeof(grpc_refresh_token_credentials));
+  c = gpr_malloc(sizeof(grpc_google_refresh_token_credentials));
+  memset(c, 0, sizeof(grpc_google_refresh_token_credentials));
  init_oauth2_token_fetcher(&c->base, refresh_token_fetch_oauth2);
  c->base.base.vtable = &refresh_token_vtable;
  c->refresh_token = refresh_token;
  return &c->base.base;
 }

-grpc_credentials *grpc_refresh_token_credentials_create(
+grpc_credentials *grpc_google_refresh_token_credentials_create(
    const char *json_refresh_token, void *reserved) {
  GPR_ASSERT(reserved == NULL);
  return grpc_refresh_token_credentials_create_from_auth_refresh_token(
@ -1194,7 +1126,7 @@ grpc_credentials *grpc_credentials_contains_type(
 /* -- IAM credentials. -- */

 static void iam_destroy(grpc_credentials *creds) {
-  grpc_iam_credentials *c = (grpc_iam_credentials *)creds;
+  grpc_google_iam_credentials *c = (grpc_google_iam_credentials *)creds;
  grpc_credentials_md_store_unref(c->iam_md);
  gpr_free(c);
 }
@ -1210,7 +1142,7 @@ static void iam_get_request_metadata(grpc_credentials *creds,
                                     const char *service_url,
                                     grpc_credentials_metadata_cb cb,
                                     void *user_data) {
-  grpc_iam_credentials *c = (grpc_iam_credentials *)creds;
+  grpc_google_iam_credentials *c = (grpc_google_iam_credentials *)creds;
  cb(user_data, c->iam_md->entries, c->iam_md->num_entries,
     GRPC_CREDENTIALS_OK);
 }
@ -1219,15 +1151,14 @@ static grpc_credentials_vtable iam_vtable = {
    iam_destroy, iam_has_request_metadata, iam_has_request_metadata_only,
    iam_get_request_metadata, NULL};

-grpc_credentials *grpc_iam_credentials_create(const char *token,
-                                              const char *authority_selector,
-                                              void *reserved) {
-  grpc_iam_credentials *c;
+grpc_credentials *grpc_google_iam_credentials_create(
+    const char *token, const char *authority_selector, void *reserved) {
+  grpc_google_iam_credentials *c;
  GPR_ASSERT(reserved == NULL);
  GPR_ASSERT(token != NULL);
  GPR_ASSERT(authority_selector != NULL);
-  c = gpr_malloc(sizeof(grpc_iam_credentials));
-  memset(c, 0, sizeof(grpc_iam_credentials));
+  c = gpr_malloc(sizeof(grpc_google_iam_credentials));
+  memset(c, 0, sizeof(grpc_google_iam_credentials));
  c->base.type = GRPC_CREDENTIALS_TYPE_IAM;
  c->base.vtable = &iam_vtable;
  gpr_ref_init(&c->base.refcount, 1);
--- a/src/core/security/credentials.h
+++ b/src/core/security/credentials.h
@ -277,21 +277,12 @@ typedef struct {
  grpc_fetch_oauth2_func fetch_func;
 } grpc_oauth2_token_fetcher_credentials;

-/* -- ServiceAccount credentials. -- */
-
-typedef struct {
-  grpc_oauth2_token_fetcher_credentials base;
-  grpc_auth_json_key key;
-  char *scope;
-  gpr_timespec token_lifetime;
-} grpc_service_account_credentials;
-
-/* -- RefreshToken credentials. -- */
+/* -- GoogleRefreshToken credentials. -- */

 typedef struct {
  grpc_oauth2_token_fetcher_credentials base;
  grpc_auth_refresh_token refresh_token;
-} grpc_refresh_token_credentials;
+} grpc_google_refresh_token_credentials;

 /* -- Oauth2 Access Token credentials. -- */

@ -308,12 +299,12 @@ typedef struct {
  int is_async;
 } grpc_md_only_test_credentials;

-/* -- IAM credentials. -- */
+/* -- GoogleIAM credentials. -- */

 typedef struct {
  grpc_credentials base;
  grpc_credentials_md_store *iam_md;
-} grpc_iam_credentials;
+} grpc_google_iam_credentials;

 /* -- Composite credentials. -- */

--- a/src/core/security/google_default_credentials.c
+++ b/src/core/security/google_default_credentials.c
@ -194,7 +194,7 @@ grpc_credentials *grpc_google_default_credentials_create(void) {
    int need_compute_engine_creds = is_stack_running_on_compute_engine();
    compute_engine_detection_done = 1;
    if (need_compute_engine_creds) {
-      result = grpc_compute_engine_credentials_create(NULL);
+      result = grpc_google_compute_engine_credentials_create(NULL);
    }
  }

--- a/src/cpp/client/secure_credentials.cc
+++ b/src/cpp/client/secure_credentials.cc
@ -81,26 +81,10 @@ std::shared_ptr<Credentials> SslCredentials(
 }

 // Builds credentials for use when running in GCE
-std::shared_ptr<Credentials> ComputeEngineCredentials() {
+std::shared_ptr<Credentials> GoogleComputeEngineCredentials() {
  GrpcLibrary init;  // To call grpc_init().
-  return WrapCredentials(grpc_compute_engine_credentials_create(nullptr));
-}
-
-// Builds service account credentials.
-std::shared_ptr<Credentials> ServiceAccountCredentials(
-    const grpc::string& json_key, const grpc::string& scope,
-    long token_lifetime_seconds) {
-  GrpcLibrary init;  // To call grpc_init().
-  if (token_lifetime_seconds <= 0) {
-    gpr_log(GPR_ERROR,
-            "Trying to create ServiceAccountCredentials "
-            "with non-positive lifetime");
-    return WrapCredentials(nullptr);
-  }
-  gpr_timespec lifetime =
-      gpr_time_from_seconds(token_lifetime_seconds, GPR_TIMESPAN);
-  return WrapCredentials(grpc_service_account_credentials_create(
-      json_key.c_str(), scope.c_str(), lifetime, nullptr));
+  return WrapCredentials(
+      grpc_google_compute_engine_credentials_create(nullptr));
 }

 // Builds JWT credentials.
@ -119,10 +103,10 @@ std::shared_ptr<Credentials> ServiceAccountJWTAccessCredentials(
 }

 // Builds refresh token credentials.
-std::shared_ptr<Credentials> RefreshTokenCredentials(
+std::shared_ptr<Credentials> GoogleRefreshTokenCredentials(
    const grpc::string& json_refresh_token) {
  GrpcLibrary init;  // To call grpc_init().
-  return WrapCredentials(grpc_refresh_token_credentials_create(
+  return WrapCredentials(grpc_google_refresh_token_credentials_create(
      json_refresh_token.c_str(), nullptr));
 }

@ -135,11 +119,11 @@ std::shared_ptr<Credentials> AccessTokenCredentials(
 }

 // Builds IAM credentials.
-std::shared_ptr<Credentials> IAMCredentials(
+std::shared_ptr<Credentials> GoogleIAMCredentials(
    const grpc::string& authorization_token,
    const grpc::string& authority_selector) {
  GrpcLibrary init;  // To call grpc_init().
-  return WrapCredentials(grpc_iam_credentials_create(
+  return WrapCredentials(grpc_google_iam_credentials_create(
      authorization_token.c_str(), authority_selector.c_str(), nullptr));
 }

--- a/src/node/ext/credentials.cc
+++ b/src/node/ext/credentials.cc
@ -186,7 +186,7 @@ NAN_METHOD(Credentials::CreateComposite) {

 NAN_METHOD(Credentials::CreateGce) {
  NanScope();
-  grpc_credentials *creds = grpc_compute_engine_credentials_create(NULL);
+  grpc_credentials *creds = grpc_google_compute_engine_credentials_create(NULL);
  if (creds == NULL) {
    NanReturnNull();
  }
@ -204,7 +204,7 @@ NAN_METHOD(Credentials::CreateIam) {
  NanUtf8String auth_token(args[0]);
  NanUtf8String auth_selector(args[1]);
  grpc_credentials *creds =
-      grpc_iam_credentials_create(*auth_token, *auth_selector, NULL);
+      grpc_google_iam_credentials_create(*auth_token, *auth_selector, NULL);
  if (creds == NULL) {
    NanReturnNull();
  }
--- a/src/php/ext/grpc/credentials.c
+++ b/src/php/ext/grpc/credentials.c
@ -170,7 +170,7 @@ PHP_METHOD(Credentials, createComposite) {
 * @return Credentials The new GCE credentials object
 */
 PHP_METHOD(Credentials, createGce) {
-  grpc_credentials *creds = grpc_compute_engine_credentials_create(NULL);
+  grpc_credentials *creds = grpc_google_compute_engine_credentials_create(NULL);
  zval *creds_object = grpc_php_wrap_credentials(creds);
  RETURN_DESTROY_ZVAL(creds_object);
 }
--- a/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c
+++ b/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c
@ -173,7 +173,7 @@ ClientCredentials *pygrpc_ClientCredentials_composite(
 ClientCredentials *pygrpc_ClientCredentials_compute_engine(
    PyTypeObject *type, PyObject *ignored) {
  ClientCredentials *self = (ClientCredentials *)type->tp_alloc(type, 0);
-  self->c_creds = grpc_compute_engine_credentials_create(NULL);
+  self->c_creds = grpc_google_compute_engine_credentials_create(NULL);
  if (!self->c_creds) {
    Py_DECREF(self);
    PyErr_SetString(PyExc_RuntimeError,
@ -183,29 +183,6 @@ ClientCredentials *pygrpc_ClientCredentials_compute_engine(
  return self;
 }

-ClientCredentials *pygrpc_ClientCredentials_service_account(
-    PyTypeObject *type, PyObject *args, PyObject *kwargs) {
-  ClientCredentials *self;
-  const char *json_key;
-  const char *scope;
-  double lifetime;
-  static char *keywords[] = {"json_key", "scope", "token_lifetime", NULL};
-  if (!PyArg_ParseTupleAndKeywords(args, kwargs, "ssd:service_account", keywords,
-        &json_key, &scope, &lifetime)) {
-    return NULL;
-  }
-  self = (ClientCredentials *)type->tp_alloc(type, 0);
-  self->c_creds = grpc_service_account_credentials_create(
-      json_key, scope, pygrpc_cast_double_to_gpr_timespec(lifetime), NULL);
-  if (!self->c_creds) {
-    Py_DECREF(self);
-    PyErr_SetString(PyExc_RuntimeError,
-                    "couldn't create service account credentials");
-    return NULL;
-  }
-  return self;
-}
-
 /* TODO: Rename this credentials to something like service_account_jwt_access */
 ClientCredentials *pygrpc_ClientCredentials_jwt(
    PyTypeObject *type, PyObject *args, PyObject *kwargs) {
@ -239,7 +216,7 @@ ClientCredentials *pygrpc_ClientCredentials_refresh_token(
  }
  self = (ClientCredentials *)type->tp_alloc(type, 0);
  self->c_creds =
-      grpc_refresh_token_credentials_create(json_refresh_token, NULL);
+      grpc_google_refresh_token_credentials_create(json_refresh_token, NULL);
  if (!self->c_creds) {
    Py_DECREF(self);
    PyErr_SetString(PyExc_RuntimeError,
@ -260,8 +237,8 @@ ClientCredentials *pygrpc_ClientCredentials_iam(
    return NULL;
  }
  self = (ClientCredentials *)type->tp_alloc(type, 0);
-  self->c_creds = grpc_iam_credentials_create(authorization_token,
-                                              authority_selector, NULL);
+  self->c_creds = grpc_google_iam_credentials_create(authorization_token,
+                                                     authority_selector, NULL);
  if (!self->c_creds) {
    Py_DECREF(self);
    PyErr_SetString(PyExc_RuntimeError, "couldn't create IAM credentials");
--- a/src/ruby/ext/grpc/rb_credentials.c
+++ b/src/ruby/ext/grpc/rb_credentials.c
@ -154,7 +154,7 @@ static VALUE grpc_rb_default_credentials_create(VALUE cls) {
    Creates the default credential instances. */
 static VALUE grpc_rb_compute_engine_credentials_create(VALUE cls) {
  grpc_rb_credentials *wrapper = ALLOC(grpc_rb_credentials);
-  wrapper->wrapped = grpc_compute_engine_credentials_create(NULL);
+  wrapper->wrapped = grpc_google_compute_engine_credentials_create(NULL);
  if (wrapper->wrapped == NULL) {
    rb_raise(rb_eRuntimeError,
             "could not create composite engine credentials, not sure why");
--- a/test/core/end2end/tests/request_response_with_payload_and_call_creds.c
+++ b/test/core/end2end/tests/request_response_with_payload_and_call_creds.c
@ -190,7 +190,7 @@ static void request_response_with_payload_and_call_creds(
  c = grpc_channel_create_call(f.client, NULL, GRPC_PROPAGATE_DEFAULTS, f.cq,
                               "/foo", "foo.test.google.fr", deadline, NULL);
  GPR_ASSERT(c);
-  creds = grpc_iam_credentials_create(iam_token, iam_selector, NULL);
+  creds = grpc_google_iam_credentials_create(iam_token, iam_selector, NULL);
  GPR_ASSERT(creds != NULL);
  GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK);
  switch (mode) {
@ -198,8 +198,8 @@ static void request_response_with_payload_and_call_creds(
      break;
    case OVERRIDE:
      grpc_credentials_release(creds);
-      creds = grpc_iam_credentials_create(overridden_iam_token,
-                                          overridden_iam_selector, NULL);
+      creds = grpc_google_iam_credentials_create(overridden_iam_token,
+                                                 overridden_iam_selector, NULL);
      GPR_ASSERT(creds != NULL);
      GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK);
      break;
@ -421,7 +421,7 @@ static void test_request_with_server_rejecting_client_creds(
                               "/foo", "foo.test.google.fr", deadline, NULL);
  GPR_ASSERT(c);

-  creds = grpc_iam_credentials_create(iam_token, iam_selector, NULL);
+  creds = grpc_google_iam_credentials_create(iam_token, iam_selector, NULL);
  GPR_ASSERT(creds != NULL);
  GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK);
  grpc_credentials_release(creds);
--- a/test/core/security/credentials_test.c
+++ b/test/core/security/credentials_test.c
@ -50,8 +50,8 @@

 #include <openssl/rsa.h>

-static const char test_iam_authorization_token[] = "blahblahblhahb";
-static const char test_iam_authority_selector[] = "respectmyauthoritah";
+static const char test_google_iam_authorization_token[] = "blahblahblhahb";
+static const char test_google_iam_authority_selector[] = "respectmyauthoritah";
 static const char test_oauth2_bearer_token[] =
    "Bearer blaaslkdjfaslkdfasdsfasf";
 static const char test_root_cert[] = "I am the root!";
@ -315,25 +315,29 @@ static void check_metadata(expected_md *expected, grpc_credentials_md *md_elems,
  }
 }

-static void check_iam_metadata(void *user_data, grpc_credentials_md *md_elems,
-                               size_t num_md, grpc_credentials_status status) {
+static void check_google_iam_metadata(void *user_data,
+                                      grpc_credentials_md *md_elems,
+                                      size_t num_md,
+                                      grpc_credentials_status status) {
  grpc_credentials *c = (grpc_credentials *)user_data;
-  expected_md emd[] = {
-      {GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY, test_iam_authorization_token},
-      {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY, test_iam_authority_selector}};
+  expected_md emd[] = {{GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY,
+                        test_google_iam_authorization_token},
+                       {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY,
+                        test_google_iam_authority_selector}};
  GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
  GPR_ASSERT(num_md == 2);
  check_metadata(emd, md_elems, num_md);
  grpc_credentials_unref(c);
 }

-static void test_iam_creds(void) {
-  grpc_credentials *creds = grpc_iam_credentials_create(
-      test_iam_authorization_token, test_iam_authority_selector, NULL);
+static void test_google_iam_creds(void) {
+  grpc_credentials *creds = grpc_google_iam_credentials_create(
+      test_google_iam_authorization_token, test_google_iam_authority_selector,
+      NULL);
  GPR_ASSERT(grpc_credentials_has_request_metadata(creds));
  GPR_ASSERT(grpc_credentials_has_request_metadata_only(creds));
  grpc_credentials_get_request_metadata(creds, NULL, test_service_url,
-                                        check_iam_metadata, creds);
+                                        check_google_iam_metadata, creds);
 }

 static void check_access_token_metadata(void *user_data,
@ -406,21 +410,23 @@ void test_ssl_fake_transport_security_composite_creds_failure(void) {
  grpc_credentials_unref(fake_transport_security_creds);
 }

-static void check_ssl_oauth2_iam_composite_metadata(
+static void check_ssl_oauth2_google_iam_composite_metadata(
    void *user_data, grpc_credentials_md *md_elems, size_t num_md,
    grpc_credentials_status status) {
  grpc_credentials *c = (grpc_credentials *)user_data;
  expected_md emd[] = {
      {GRPC_AUTHORIZATION_METADATA_KEY, test_oauth2_bearer_token},
-      {GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY, test_iam_authorization_token},
-      {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY, test_iam_authority_selector}};
+      {GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY,
+       test_google_iam_authorization_token},
+      {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY,
+       test_google_iam_authority_selector}};
  GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
  GPR_ASSERT(num_md == 3);
  check_metadata(emd, md_elems, num_md);
  grpc_credentials_unref(c);
 }

-static void test_ssl_oauth2_iam_composite_creds(void) {
+static void test_ssl_oauth2_google_iam_composite_creds(void) {
  grpc_credentials *ssl_creds =
      grpc_ssl_credentials_create(test_root_cert, NULL, NULL);
  const grpc_credentials_array *creds_array;
@ -428,14 +434,15 @@ static void test_ssl_oauth2_iam_composite_creds(void) {
      "Authorization", test_oauth2_bearer_token, 0);
  grpc_credentials *aux_creds =
      grpc_composite_credentials_create(ssl_creds, oauth2_creds, NULL);
-  grpc_credentials *iam_creds = grpc_iam_credentials_create(
-      test_iam_authorization_token, test_iam_authority_selector, NULL);
+  grpc_credentials *google_iam_creds = grpc_google_iam_credentials_create(
+      test_google_iam_authorization_token, test_google_iam_authority_selector,
+      NULL);
  grpc_credentials *composite_creds =
-      grpc_composite_credentials_create(aux_creds, iam_creds, NULL);
+      grpc_composite_credentials_create(aux_creds, google_iam_creds, NULL);
  grpc_credentials_unref(ssl_creds);
  grpc_credentials_unref(oauth2_creds);
  grpc_credentials_unref(aux_creds);
-  grpc_credentials_unref(iam_creds);
+  grpc_credentials_unref(google_iam_creds);
  GPR_ASSERT(strcmp(composite_creds->type, GRPC_CREDENTIALS_TYPE_COMPOSITE) ==
             0);
  GPR_ASSERT(grpc_credentials_has_request_metadata(composite_creds));
@ -448,9 +455,9 @@ static void test_ssl_oauth2_iam_composite_creds(void) {
                    GRPC_CREDENTIALS_TYPE_OAUTH2) == 0);
  GPR_ASSERT(strcmp(creds_array->creds_array[2]->type,
                    GRPC_CREDENTIALS_TYPE_IAM) == 0);
-  grpc_credentials_get_request_metadata(composite_creds, NULL, test_service_url,
-                                        check_ssl_oauth2_iam_composite_metadata,
-                                        composite_creds);
+  grpc_credentials_get_request_metadata(
+      composite_creds, NULL, test_service_url,
+      check_ssl_oauth2_google_iam_composite_metadata, composite_creds);
 }

 static void on_oauth2_creds_get_metadata_success(
@ -524,7 +531,7 @@ static int httpcli_get_should_not_be_called(

 static void test_compute_engine_creds_success(void) {
  grpc_credentials *compute_engine_creds =
-      grpc_compute_engine_credentials_create(NULL);
+      grpc_google_compute_engine_credentials_create(NULL);
  GPR_ASSERT(grpc_credentials_has_request_metadata(compute_engine_creds));
  GPR_ASSERT(grpc_credentials_has_request_metadata_only(compute_engine_creds));

@ -548,7 +555,7 @@ static void test_compute_engine_creds_success(void) {

 static void test_compute_engine_creds_failure(void) {
  grpc_credentials *compute_engine_creds =
-      grpc_compute_engine_credentials_create(NULL);
+      grpc_google_compute_engine_credentials_create(NULL);
  grpc_httpcli_set_override(compute_engine_httpcli_get_failure_override,
                            httpcli_post_should_not_be_called);
  GPR_ASSERT(grpc_credentials_has_request_metadata(compute_engine_creds));
@ -605,7 +612,8 @@ static int refresh_token_httpcli_post_failure(

 static void test_refresh_token_creds_success(void) {
  grpc_credentials *refresh_token_creds =
-      grpc_refresh_token_credentials_create(test_refresh_token_str, NULL);
+      grpc_google_refresh_token_credentials_create(test_refresh_token_str,
+                                                   NULL);
  GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds));
  GPR_ASSERT(grpc_credentials_has_request_metadata_only(refresh_token_creds));

@ -629,7 +637,8 @@ static void test_refresh_token_creds_success(void) {

 static void test_refresh_token_creds_failure(void) {
  grpc_credentials *refresh_token_creds =
-      grpc_refresh_token_credentials_create(test_refresh_token_str, NULL);
+      grpc_google_refresh_token_credentials_create(test_refresh_token_str,
+                                                   NULL);
  grpc_httpcli_set_override(httpcli_get_should_not_be_called,
                            refresh_token_httpcli_post_failure);
  GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds));
@ -686,119 +695,6 @@ static char *encode_and_sign_jwt_should_not_be_called(
  GPR_ASSERT("grpc_jwt_encode_and_sign should not be called" == NULL);
 }

-static void validate_service_account_http_request(
-    const grpc_httpcli_request *request, const char *body, size_t body_size) {
-  /* The content of the assertion is tested extensively in json_token_test. */
-  char *expected_body = NULL;
-  GPR_ASSERT(body != NULL);
-  GPR_ASSERT(body_size != 0);
-  gpr_asprintf(&expected_body, "%s%s", GRPC_SERVICE_ACCOUNT_POST_BODY_PREFIX,
-               test_signed_jwt);
-  GPR_ASSERT(strlen(expected_body) == body_size);
-  GPR_ASSERT(memcmp(expected_body, body, body_size) == 0);
-  gpr_free(expected_body);
-  GPR_ASSERT(request->handshaker == &grpc_httpcli_ssl);
-  GPR_ASSERT(strcmp(request->host, GRPC_GOOGLE_OAUTH2_SERVICE_HOST) == 0);
-  GPR_ASSERT(strcmp(request->path, GRPC_GOOGLE_OAUTH2_SERVICE_TOKEN_PATH) == 0);
-  GPR_ASSERT(request->hdr_count == 1);
-  GPR_ASSERT(strcmp(request->hdrs[0].key, "Content-Type") == 0);
-  GPR_ASSERT(
-      strcmp(request->hdrs[0].value, "application/x-www-form-urlencoded") == 0);
-}
-
-static int service_account_httpcli_post_success(
-    const grpc_httpcli_request *request, const char *body, size_t body_size,
-    gpr_timespec deadline, grpc_httpcli_response_cb on_response,
-    void *user_data) {
-  grpc_httpcli_response response =
-      http_response(200, valid_oauth2_json_response);
-  validate_service_account_http_request(request, body, body_size);
-  on_response(user_data, &response);
-  return 1;
-}
-
-static int service_account_httpcli_post_failure(
-    const grpc_httpcli_request *request, const char *body, size_t body_size,
-    gpr_timespec deadline, grpc_httpcli_response_cb on_response,
-    void *user_data) {
-  grpc_httpcli_response response = http_response(403, "Not Authorized.");
-  validate_service_account_http_request(request, body, body_size);
-  on_response(user_data, &response);
-  return 1;
-}
-
-static void test_service_account_creds_success(void) {
-  char *json_key_string = test_json_key_str();
-  grpc_credentials *service_account_creds =
-      grpc_service_account_credentials_create(json_key_string, test_scope,
-                                              grpc_max_auth_token_lifetime, NULL);
-  GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds));
-  GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds));
-
-  /* First request: http get should be called. */
-  grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_success);
-  grpc_httpcli_set_override(httpcli_get_should_not_be_called,
-                            service_account_httpcli_post_success);
-  grpc_credentials_get_request_metadata(
-      service_account_creds, NULL, test_service_url,
-      on_oauth2_creds_get_metadata_success, (void *)test_user_data);
-
-  /* Second request: the cached token should be served directly. */
-  grpc_jwt_encode_and_sign_set_override(
-      encode_and_sign_jwt_should_not_be_called);
-  grpc_httpcli_set_override(httpcli_get_should_not_be_called,
-                            httpcli_post_should_not_be_called);
-  grpc_credentials_get_request_metadata(
-      service_account_creds, NULL, test_service_url,
-      on_oauth2_creds_get_metadata_success, (void *)test_user_data);
-
-  gpr_free(json_key_string);
-  grpc_credentials_unref(service_account_creds);
-  grpc_jwt_encode_and_sign_set_override(NULL);
-  grpc_httpcli_set_override(NULL, NULL);
-}
-
-static void test_service_account_creds_http_failure(void) {
-  char *json_key_string = test_json_key_str();
-  grpc_credentials *service_account_creds =
-      grpc_service_account_credentials_create(
-          json_key_string, test_scope, grpc_max_auth_token_lifetime, NULL);
-  GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds));
-  GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds));
-
-  grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_success);
-  grpc_httpcli_set_override(httpcli_get_should_not_be_called,
-                            service_account_httpcli_post_failure);
-  grpc_credentials_get_request_metadata(
-      service_account_creds, NULL, test_service_url,
-      on_oauth2_creds_get_metadata_failure, (void *)test_user_data);
-
-  gpr_free(json_key_string);
-  grpc_credentials_unref(service_account_creds);
-  grpc_httpcli_set_override(NULL, NULL);
-}
-
-static void test_service_account_creds_signing_failure(void) {
-  char *json_key_string = test_json_key_str();
-  grpc_credentials *service_account_creds =
-      grpc_service_account_credentials_create(
-          json_key_string, test_scope, grpc_max_auth_token_lifetime, NULL);
-  GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds));
-  GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds));
-
-  grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_failure);
-  grpc_httpcli_set_override(httpcli_get_should_not_be_called,
-                            httpcli_post_should_not_be_called);
-  grpc_credentials_get_request_metadata(
-      service_account_creds, NULL, test_service_url,
-      on_oauth2_creds_get_metadata_failure, (void *)test_user_data);
-
-  gpr_free(json_key_string);
-  grpc_credentials_unref(service_account_creds);
-  grpc_httpcli_set_override(NULL, NULL);
-  grpc_jwt_encode_and_sign_set_override(NULL);
-}
-
 static void on_jwt_creds_get_metadata_success(void *user_data,
                                              grpc_credentials_md *md_elems,
                                              size_t num_md,
@ -922,14 +818,14 @@ static void test_google_default_creds_auth_key(void) {
 }

 static void test_google_default_creds_access_token(void) {
-  grpc_refresh_token_credentials *refresh;
+  grpc_google_refresh_token_credentials *refresh;
  grpc_credentials *creds;
  grpc_flush_cached_google_default_credentials();
  set_google_default_creds_env_var_with_file_contents(
      "refresh_token_google_default_creds", test_refresh_token_str);
  creds = grpc_google_default_credentials_create();
  GPR_ASSERT(creds != NULL);
-  refresh = (grpc_refresh_token_credentials *)composite_inner_creds(
+  refresh = (grpc_google_refresh_token_credentials *)composite_inner_creds(
      creds, GRPC_CREDENTIALS_TYPE_OAUTH2);
  GPR_ASSERT(strcmp(refresh->refresh_token.client_id,
                    "32555999999.apps.googleusercontent.com") == 0);
@ -952,17 +848,14 @@ int main(int argc, char **argv) {
  test_oauth2_token_fetcher_creds_parsing_missing_token();
  test_oauth2_token_fetcher_creds_parsing_missing_token_type();
  test_oauth2_token_fetcher_creds_parsing_missing_token_lifetime();
-  test_iam_creds();
+  test_google_iam_creds();
  test_access_token_creds();
  test_ssl_oauth2_composite_creds();
-  test_ssl_oauth2_iam_composite_creds();
+  test_ssl_oauth2_google_iam_composite_creds();
  test_compute_engine_creds_success();
  test_compute_engine_creds_failure();
  test_refresh_token_creds_success();
  test_refresh_token_creds_failure();
-  test_service_account_creds_success();
-  test_service_account_creds_http_failure();
-  test_service_account_creds_signing_failure();
  test_jwt_creds_success();
  test_jwt_creds_signing_failure();
  test_google_default_creds_auth_key();
--- a/test/core/security/fetch_oauth2.c
+++ b/test/core/security/fetch_oauth2.c
@ -46,19 +46,6 @@
 #include "src/core/support/file.h"
 #include "test/core/security/oauth2_utils.h"

-static grpc_credentials *create_service_account_creds(
-    const char *json_key_file_path, const char *scope) {
-  int success;
-  gpr_slice json_key = gpr_load_file(json_key_file_path, 1, &success);
-  if (!success) {
-    gpr_log(GPR_ERROR, "Could not read file %s.", json_key_file_path);
-    exit(1);
-  }
-  return grpc_service_account_credentials_create(
-      (const char *)GPR_SLICE_START_PTR(json_key), scope,
-      grpc_max_auth_token_lifetime, NULL);
-}
-
 static grpc_credentials *create_refresh_token_creds(
    const char *json_refresh_token_file_path) {
  int success;
@ -68,7 +55,7 @@ static grpc_credentials *create_refresh_token_creds(
    gpr_log(GPR_ERROR, "Could not read file %s.", json_refresh_token_file_path);
    exit(1);
  }
-  return grpc_refresh_token_credentials_create(
+  return grpc_google_refresh_token_credentials_create(
      (const char *)GPR_SLICE_START_PTR(refresh_token), NULL);
 }

@ -80,18 +67,9 @@ int main(int argc, char **argv) {
  int use_gce = 0;
  char *scope = NULL;
  gpr_cmdline *cl = gpr_cmdline_create("fetch_oauth2");
-  gpr_cmdline_add_string(cl, "json_key",
-                         "File path of the json key. Mutually exclusive with "
-                         "--json_refresh_token.",
-                         &json_key_file_path);
  gpr_cmdline_add_string(cl, "json_refresh_token",
-                         "File path of the json refresh token. Mutually "
-                         "exclusive with --json_key.",
+                         "File path of the json refresh token.",
                         &json_refresh_token_file_path);
-  gpr_cmdline_add_string(cl, "scope",
-                         "Space delimited permissions. Only used for "
-                         "--json_key, ignored otherwise.",
-                         &scope);
  gpr_cmdline_add_flag(
      cl, "gce",
      "Get a token from the GCE metadata server (only works in GCE).",
@ -112,7 +90,7 @@ int main(int argc, char **argv) {
              "Ignoring json key and scope to get a token from the GCE "
              "metadata server.");
    }
-    creds = grpc_compute_engine_credentials_create(NULL);
+    creds = grpc_google_compute_engine_credentials_create(NULL);
    if (creds == NULL) {
      gpr_log(GPR_ERROR, "Could not create gce credentials.");
      exit(1);
@ -127,23 +105,8 @@ int main(int argc, char **argv) {
      exit(1);
    }
  } else {
-    if (json_key_file_path == NULL) {
-      gpr_log(GPR_ERROR, "Missing --json_key option.");
-      exit(1);
-    }
-    if (scope == NULL) {
-      gpr_log(GPR_ERROR, "Missing --scope option.");
-      exit(1);
-    }
-
-    creds = create_service_account_creds(json_key_file_path, scope);
-    if (creds == NULL) {
-      gpr_log(GPR_ERROR,
-              "Could not create service account creds. %s does probably not "
-              "contain a valid json key.",
-              json_key_file_path);
-      exit(1);
-    }
+    gpr_log(GPR_ERROR, "Missing --gce or --json_refresh_token option.");
+    exit(1);
  }
  GPR_ASSERT(creds != NULL);

--- a/test/cpp/client/credentials_test.cc
+++ b/test/cpp/client/credentials_test.cc
@ -45,8 +45,8 @@ class CredentialsTest : public ::testing::Test {
 protected:
 };

-TEST_F(CredentialsTest, InvalidServiceAccountCreds) {
-  std::shared_ptr<Credentials> bad1 = ServiceAccountCredentials("", "", 1);
+TEST_F(CredentialsTest, InvalidGoogleRefreshToken) {
+  std::shared_ptr<Credentials> bad1 = GoogleRefreshTokenCredentials("");
  EXPECT_EQ(static_cast<Credentials*>(nullptr), bad1.get());
 }

--- a/test/cpp/end2end/end2end_test.cc
+++ b/test/cpp/end2end/end2end_test.cc
@ -563,7 +563,7 @@ TEST_F(End2endTest, DiffPackageServices) {

 // rpc and stream should fail on bad credentials.
 TEST_F(End2endTest, BadCredentials) {
-  std::shared_ptr<Credentials> bad_creds = ServiceAccountCredentials("", "", 1);
+  std::shared_ptr<Credentials> bad_creds = GoogleRefreshTokenCredentials("");
  EXPECT_EQ(static_cast<Credentials*>(nullptr), bad_creds.get());
  std::shared_ptr<Channel> channel =
      CreateChannel(server_address_.str(), bad_creds, ChannelArguments());
@ -744,7 +744,7 @@ TEST_F(End2endTest, SetPerCallCredentials) {
  EchoResponse response;
  ClientContext context;
  std::shared_ptr<Credentials> creds =
-      IAMCredentials("fake_token", "fake_selector");
+      GoogleIAMCredentials("fake_token", "fake_selector");
  context.set_credentials(creds);
  request.set_message("Hello");
  request.mutable_param()->set_echo_metadata(true);
@ -781,10 +781,10 @@ TEST_F(End2endTest, OverridePerCallCredentials) {
  EchoResponse response;
  ClientContext context;
  std::shared_ptr<Credentials> creds1 =
-      IAMCredentials("fake_token1", "fake_selector1");
+      GoogleIAMCredentials("fake_token1", "fake_selector1");
  context.set_credentials(creds1);
  std::shared_ptr<Credentials> creds2 =
-      IAMCredentials("fake_token2", "fake_selector2");
+      GoogleIAMCredentials("fake_token2", "fake_selector2");
  context.set_credentials(creds2);
  request.set_message("Hello");
  request.mutable_param()->set_echo_metadata(true);
--- a/test/cpp/interop/client_helper.cc
+++ b/test/cpp/interop/client_helper.cc
@ -64,16 +64,6 @@ DECLARE_string(oauth_scope);
 namespace grpc {
 namespace testing {

-namespace {
-std::shared_ptr<Credentials> CreateServiceAccountCredentials() {
-  GPR_ASSERT(FLAGS_enable_ssl);
-  grpc::string json_key = GetServiceAccountJsonKey();
-  std::chrono::seconds token_lifetime = std::chrono::hours(1);
-  return ServiceAccountCredentials(json_key, FLAGS_oauth_scope,
-                                   token_lifetime.count());
-}
-}  // namespace
-
 grpc::string GetServiceAccountJsonKey() {
  static grpc::string json_key;
  if (json_key.empty()) {
@ -86,7 +76,7 @@ grpc::string GetServiceAccountJsonKey() {
 }

 grpc::string GetOauth2AccessToken() {
-  std::shared_ptr<Credentials> creds = CreateServiceAccountCredentials();
+  std::shared_ptr<Credentials> creds = GoogleComputeEngineCredentials();
  SecureCredentials* secure_creds =
      dynamic_cast<SecureCredentials*>(creds.get());
  GPR_ASSERT(secure_creds != nullptr);
@ -107,14 +97,10 @@ std::shared_ptr<Channel> CreateChannelForTestCase(
  snprintf(host_port, host_port_buf_size, "%s:%d", FLAGS_server_host.c_str(),
           FLAGS_server_port);

-  if (test_case == "service_account_creds") {
-    std::shared_ptr<Credentials> creds = CreateServiceAccountCredentials();
-    return CreateTestChannel(host_port, FLAGS_server_host_override,
-                             FLAGS_enable_ssl, FLAGS_use_prod_roots, creds);
-  } else if (test_case == "compute_engine_creds") {
+  if (test_case == "compute_engine_creds") {
    std::shared_ptr<Credentials> creds;
    GPR_ASSERT(FLAGS_enable_ssl);
-    creds = ComputeEngineCredentials();
+    creds = GoogleComputeEngineCredentials();
    return CreateTestChannel(host_port, FLAGS_server_host_override,
                             FLAGS_enable_ssl, FLAGS_use_prod_roots, creds);
  } else if (test_case == "jwt_token_creds") {