mirror of
https://github.com/pomerium/pomerium.git
synced 2025-08-04 01:09:36 +02:00
zero/grpc: use hostname for proxied grpc calls (#5520)
This commit is contained in:
Denis Mishin
GitHub
parent
ad183873f4
commit
9cd5160468
4 changed files with 18 additions and 11 deletions
|
|
@ -48,6 +48,7 @@ func New(
|
|||
func (c *client) getGRPCConn(ctx context.Context) (*grpc.ClientConn, error) {
|
||||
opts := append(
|
||||
c.config.GetDialOptions(),
|
||||
grpc.WithAuthority(c.config.GetAuthority()),
|
||||
grpc.WithPerRPCCredentials(c),
|
||||
grpc.WithDefaultCallOptions(
|
||||
grpc.UseCompressor("gzip"),
|
||||
|
|
@ -60,7 +61,7 @@ func (c *client) getGRPCConn(ctx context.Context) (*grpc.ClientConn, error) {
|
|||
),
|
||||
)
|
||||
|
||||
conn, err := grpc.DialContext(ctx, c.config.GetConnectionURI(), opts...)
|
||||
conn, err := grpc.NewClient(c.config.GetConnectionURI(), opts...)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("error dialing grpc server: %w", err)
|
||||
}
|
||||
|
|
@ -92,7 +93,7 @@ func (c *client) logConnectionState(ctx context.Context, conn *grpc.ClientConn)
|
|||
_ = conn.WaitForStateChange(ctx, state)
|
||||
state = conn.GetState()
|
||||
log.Ctx(ctx).Debug().
|
||||
Str("endpoint", c.config.connectionURI).
|
||||
Str("endpoint", c.config.GetConnectionURI()).
|
||||
Str("state", state.String()).
|
||||
Msg("grpc connection state")
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,7 +17,8 @@ import (
|
|||
|
||||
// config is the configuration for the gRPC client
|
||||
type config struct {
|
||||
connectionURI string
|
||||
// authority is a host:port string that will be used as the :authority pseudo-header
|
||||
authority string
|
||||
// requireTLS is whether TLS should be used or cleartext
|
||||
requireTLS bool
|
||||
// opts are additional options to pass to the gRPC client
|
||||
|
|
@ -41,9 +42,14 @@ func getConfig(
|
|||
return c, nil
|
||||
}
|
||||
|
||||
// GetAuthority returns the authority to use in the :authority pseudo-header
|
||||
func (c *config) GetAuthority() string {
|
||||
return c.authority
|
||||
}
|
||||
|
||||
// GetConnectionURI returns connection string conforming to https://github.com/grpc/grpc/blob/master/doc/naming.md
|
||||
func (c *config) GetConnectionURI() string {
|
||||
return c.connectionURI
|
||||
return "dns:" + c.authority
|
||||
}
|
||||
|
||||
// GetDialTimeout returns the timeout for the dial operation
|
||||
|
|
@ -101,7 +107,7 @@ func (c *config) parseEndpoint(endpoint string) error {
|
|||
return fmt.Errorf("unsupported url scheme: %s", u.Scheme)
|
||||
}
|
||||
|
||||
c.connectionURI = fmt.Sprintf("dns:%s:%s", host, port)
|
||||
c.authority = host + ":" + port
|
||||
c.requireTLS = requireTLS
|
||||
|
||||
return nil
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue