do not assue https for authorizer address

Author: gimmyxd

__tests__/integration/index.test.ts

@@ -1790,21 +1790,18 @@ types:
         const response = await authorizerClient.DecisionTree({
           identityContext: await AnonymousIdentityMapper(),
           policyInstance: policyInstance("todo", "todo"),
-          policyContext: policyContext(),
+          policyContext: policyContext("todoApp"),
         });
 
         const expectedResult = {
           path: {
-            "rebac.check": {
-              allowed: false,
-            },
             "todoApp.DELETE.todos.__id": { allowed: false },
             "todoApp.GET.todos": { allowed: true },
             "todoApp.GET.users.__userID": { allowed: true },
             "todoApp.POST.todos": { allowed: false },
             "todoApp.PUT.todos.__id": { allowed: false },
           },
-          pathRoot: "",
+          pathRoot: "todoApp",
         };
 
         expect(response).toEqual(expectedResult);
@@ -1830,6 +1827,7 @@ types:
     describe("Query", () => {
       it("returns the correct data structure", async () => {
         const response = await authorizerClient.Query({
+          identityContext: await AnonymousIdentityMapper(),
           query: "x=data",
           input: '{"foo": "bar"}',
         });

lib/authorizer/index.ts

@@ -30,6 +30,8 @@ import {
   QueryRequest,
 } from "./types";
 
+const ADDRESS_REGEX = /https?:\/\//;
+
 type AuthorizerConfig = {
   authorizerServiceUrl?: string;
   tenantId?: string;
@@ -62,8 +64,15 @@ export class Authorizer {
       interceptors.push(traceMessage);
     }
 
-    const baseServiceUrl =
-      config.authorizerServiceUrl || "authorizer.prod.aserto.com:8443";
+    const getServiceUrl = () => {
+      const baseServiceUrl =
+        config.authorizerServiceUrl || "authorizer.prod.aserto.com:8443";
+      const scheme = "https://";
+
+      const serviceUrlMatch = baseServiceUrl?.match(ADDRESS_REGEX);
+      return serviceUrlMatch ? baseServiceUrl : `${scheme}${baseServiceUrl}`;
+    };
+
     const caFilePath = config.authorizerCertFile || config.caFile;
     const baseCaFile = !!caFilePath ? readFileSync(caFilePath) : undefined;
 
@@ -75,7 +84,7 @@ export class Authorizer {
     };
 
     const baseGrpcTransport = createGrpcTransport({
-      baseUrl: `https://${baseServiceUrl}`,
+      baseUrl: getServiceUrl(),
       interceptors: interceptors,
       nodeOptions: baseNodeOptions,
     });

lib/processOptions.ts

@@ -34,14 +34,7 @@ export default (
   if (!authorizerServiceUrl && res) {
     return error(res, "must provide authorizerServiceUrl in option map");
   }
-  let authorizerUrl = `${authorizerServiceUrl}`;
-  // strip any https:// or http:// prefix since this is a gRPC address
-  if (authorizerUrl.startsWith("https://")) {
-    authorizerUrl = authorizerUrl.split("https://")[1]!;
-  }
-  if (authorizerUrl.startsWith("http://")) {
-    authorizerUrl = authorizerUrl.split("http://")[1]!;
-  }
+  const authorizerUrl = `${authorizerServiceUrl}`;
 
   // set the authorizer API key
   let authorizerApiKey = null;