From 15e25797a9a102697aef949fbf57c7a30325ef5a Mon Sep 17 00:00:00 2001
From: Jeff Mitchell <jeffrey.mitchell@gmail.com>
Date: Fri, 6 Oct 2023 19:04:52 -0400
Subject: [PATCH] Start migration to endpoint ports

---
 .../controller/handlers/targets/target_service.go    |  2 +-
 .../controller/api/resources/targets/v1/target.proto | 12 ++++++------
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/internal/daemon/controller/handlers/targets/target_service.go b/internal/daemon/controller/handlers/targets/target_service.go
index fb1679f8d45..411c64ee59b 100644
--- a/internal/daemon/controller/handlers/targets/target_service.go
+++ b/internal/daemon/controller/handlers/targets/target_service.go
@@ -1084,7 +1084,7 @@ func (s Service) AuthorizeSession(ctx context.Context, req *pbs.AuthorizeSession
 		Scope:             authResults.Scope,
 		CreatedTime:       sess.CreateTime.GetTimestamp(),
 		Expiration:        sess.ExpirationTime.GetTimestamp(),
-		EndpointPort:      t.GetDefaultPort(),
+		EndpointPorts:     []uint32{t.GetDefaultPort()},
 		Type:              t.GetType().String(),
 		Certificate:       sess.Certificate,
 		PrivateKey:        sess.CertificatePrivateKey,
diff --git a/internal/proto/controller/api/resources/targets/v1/target.proto b/internal/proto/controller/api/resources/targets/v1/target.proto
index f30ce4ac203..274b3d2be00 100644
--- a/internal/proto/controller/api/resources/targets/v1/target.proto
+++ b/internal/proto/controller/api/resources/targets/v1/target.proto
@@ -319,9 +319,9 @@ message SessionAuthorizationData {
   // Output only. The connection limit being applied to this session. -1 means unlimited. This is not actually enforced on the client side but it provides for better listener handling by including it.
   int32 connection_limit = 90 [json_name = "connection_limit"];
 
-  // Output only. The endpoint port that will be connected to, either from a
-  // port directly on the target or from a service definition.
-  uint32 endpoint_port = 102 [json_name = "endpoint_port"]; // @gotags: `class:"public" eventstream:"observation"`
+  // Output only. The endpoint ports that will be connected to, either from
+  // ports directly on the target or from a service definition.
+  uint32 endpoint_ports = 102 [json_name = "endpoint_ports"]; // @gotags: `class:"public" eventstream:"observation"`
 
   // Output only. The expiration time of the session.
   google.protobuf.Timestamp expiration = 105; // @gotags: `class:"public" eventstream:"observation"`
@@ -377,9 +377,9 @@ message SessionAuthorization {
   // Output only. The endpoint address that the worker will connect to, useful for setting TLS parameters.
   string endpoint = 100; // @gotags: `class:"public"`
 
-  // Output only. The endpoint port that will be connected to, either from a
-  // port directly on the target or from a service definition.
-  uint32 endpoint_port = 102 [json_name = "endpoint_port"]; // @gotags: `class:"public" eventstream:"observation"`
+  // Output only. The endpoint ports that will be connected to, either from
+  // ports directly on the target or from a service definition.
+  repeated uint32 endpoint_ports = 102 [json_name = "endpoint_ports"]; // @gotags: `class:"public" eventstream:"observation"`
 
   // Output only. The expiration time of the session.
   google.protobuf.Timestamp expiration = 105; // @gotags: `class:"public" eventstream:"observation"`