Any 403 with AccessDenied message should be omitted (#245)

* Any 403 with AccessDenied message should be omitted

These errors appear to continue to bubble up to users. This changes our
error-handling to omit any 403 with the string "AccessDenied" in its
text when communicating with `federation.api.apollographql.com`

* Do not require XML

* Update changelog

Author: zionts

gateway-js/CHANGELOG.md

@@ -4,7 +4,7 @@
 
 > The changes noted within this `vNEXT` section have not been released yet.  New PRs and commits which introduce changes should include an entry in this `vNEXT` section as part of their development.  When a release is being prepared, a new header will be (manually) created below and the appropriate changes within that release will be moved into the new section.
 
-- _Nothing yet! Stay tuned!_
+- Whenever "AccessDenied" 403 error comes from Apollo, provide a useful error message indicating how to resolve the problem. [PR #245](https://github.com/apollographql/federation/pull/245)
 
 ## v0.21.0
 

gateway-js/src/loadServicesFromStorage.ts

@@ -81,10 +81,7 @@ function fetchApolloGcs(
       // conditions.  We'll special-case our known errors, and resort to
       // printing the body for others.
       if (
-        response.headers.get('content-type') === 'application/xml' &&
-        response.status === 403 &&
-        body.includes("<Error><Code>AccessDenied</Code>") &&
-        body.includes("Anonymous caller does not have storage.objects.get")
+          response.status === 403 && body.includes("AccessDenied")
       ) {
           throw new Error(
             "Unable to authenticate with Apollo storage " +