alts: change errr status to permission deny if alts context not found (#6562)

Author: Jiangtao Li

alts/src/main/java/io/grpc/alts/AuthorizationUtil.java

@@ -37,7 +37,7 @@ public static Status clientAuthorizationCheck(
     AltsAuthContext altsContext =
         (AltsAuthContext) call.getAttributes().get(AltsProtocolNegotiator.AUTH_CONTEXT_KEY);
     if (altsContext == null) {
-      return Status.NOT_FOUND.withDescription("Peer ALTS AuthContext not found");
+      return Status.PERMISSION_DENIED.withDescription("Peer ALTS AuthContext not found");
     }
     if (expectedServiceAccounts.contains(altsContext.getPeerServiceAccount())) {
       return Status.OK;

alts/src/test/java/io/grpc/alts/AuthorizationUtilTest.java

@@ -42,7 +42,7 @@ public void altsAuthorizationCheck() throws Exception {
     Status status =
         AuthorizationUtil.clientAuthorizationCheck(
             new FakeServerCall(null), Lists.newArrayList("Alice"));
-    assertThat(status.getCode()).isEqualTo(Status.Code.NOT_FOUND);
+    assertThat(status.getCode()).isEqualTo(Status.Code.PERMISSION_DENIED);
     assertThat(status.getDescription()).startsWith("Peer ALTS AuthContext not found");
     status =
         AuthorizationUtil.clientAuthorizationCheck(