fmorency · August 22, 2025 17:39
diff --git a/proxy.go b/proxy.go
 package main

 import (
 	"context"
 	"crypto/tls"
 	"flag"
 	"log"
 	"net"

 	"github.com/mwitkow/grpc-proxy/proxy"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials"
 	"google.golang.org/grpc/metadata"
 )

 func main() {
 	listen := flag.String("listen", ":8080", "proxy listen address")
 	upstream := flag.String("upstream", "127.0.0.1:50051", "upstream gRPC target")
 	flag.Parse()

 	// Dial the upstream once and reuse the conn for all requests
 	cc, err := grpc.NewClient(*upstream,
 		grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{
 			MinVersion:         tls.VersionTLS12,
 			ClientSessionCache: tls.NewLRUClientSessionCache(1024),
 		})),
 	)
 	if err != nil {
 		log.Fatalf("dial upstream: %v", err)
 	}

 	director := func(ctx context.Context, fullMethodName string) (context.Context, grpc.ClientConnInterface, error) {
 		inMD, _ := metadata.FromIncomingContext(ctx)
 		outMD := inMD.Copy()

 		// Overwrite the authorization header with a static token.
 		outMD.Set("authorization", "Bearer TOKEN")

 		ctx = metadata.NewOutgoingContext(ctx, outMD)

 		return ctx, cc, nil
 	}

 	s := grpc.NewServer(
 		grpc.UnknownServiceHandler(proxy.TransparentHandler(director)),
 	)

 	l, err := net.Listen("tcp", *listen)
 	if err != nil {
 		log.Fatalf("listen: %v", err)
 	}
 	log.Printf("proxy listening on %s -> %s", *listen, *upstream)
 	if err := s.Serve(l); err != nil {
 		log.Fatal(err)
 	}
 }
	package main

	import (
	"context"
	"crypto/tls"
	"flag"
	"log"
	"net"

	"github.com/mwitkow/grpc-proxy/proxy"
	"google.golang.org/grpc"
	"google.golang.org/grpc/credentials"
	"google.golang.org/grpc/metadata"
	)

	func main() {
	listen := flag.String("listen", ":8080", "proxy listen address")
	upstream := flag.String("upstream", "127.0.0.1:50051", "upstream gRPC target")
	flag.Parse()

	// Dial the upstream once and reuse the conn for all requests
	cc, err := grpc.NewClient(*upstream,
	grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{
	MinVersion: tls.VersionTLS12,
	ClientSessionCache: tls.NewLRUClientSessionCache(1024),
	})),
	)
	if err != nil {
	log.Fatalf("dial upstream: %v", err)
	}

	director := func(ctx context.Context, fullMethodName string) (context.Context, grpc.ClientConnInterface, error) {
	inMD, _ := metadata.FromIncomingContext(ctx)
	outMD := inMD.Copy()

	// Overwrite the authorization header with a static token.
	outMD.Set("authorization", "Bearer TOKEN")

	ctx = metadata.NewOutgoingContext(ctx, outMD)

	return ctx, cc, nil
	}

	s := grpc.NewServer(
	grpc.UnknownServiceHandler(proxy.TransparentHandler(director)),
	)

	l, err := net.Listen("tcp", *listen)
	if err != nil {
	log.Fatalf("listen: %v", err)
	}
	log.Printf("proxy listening on %s -> %s", listen, upstream)
	if err := s.Serve(l); err != nil {
	log.Fatal(err)
	}
	}