test(headers): allow local HTTPS domain in Nock setup

wizzfi1 · wizzfi1 · commit e79f653a28e2 · 2025-10-16T23:20:41.000Z
diff --git a/credentials/credentials.ts b/credentials/credentials.ts
@@ -144,20 +144,44 @@ export class Credentials {
    */
   private async refreshAccessToken() {
     const clientCredentials = (this.authConfig as { method: CredentialsMethod.ClientCredentials; config: ClientCredentialsConfig })?.config;
-    const url = `https://${clientCredentials.apiTokenIssuer}/oauth/token`;
-    const credentialsPayload = await this.buildClientAuthenticationPayload();
+
+// Ensure scheme exists; default to https:// if missing
+const issuerWithScheme = clientCredentials.apiTokenIssuer.startsWith("http://") || clientCredentials.apiTokenIssuer.startsWith("https://")
+  ? clientCredentials.apiTokenIssuer
+  : `https://${clientCredentials.apiTokenIssuer}`;
+
+// Parse to detect if a path is present
+let tokenUrl: string;
+try {
+  const parsed = new URL(issuerWithScheme);
+
+  // If path is empty or just '/', append default /oauth/token
+  if (!parsed.pathname || parsed.pathname === "/") {
+    tokenUrl = `${parsed.origin}/oauth/token`;
+  } else {
+    // Use the provided path as-is (preserves /oauth/v2/token etc.)
+    tokenUrl = parsed.toString();
+  }
+} catch (e) {
+  // If for some reason URL parsing fails, fall back to previous behavior
+  tokenUrl = `https://${clientCredentials.apiTokenIssuer}/oauth/token`;
+}
+
+const credentialsPayload = await this.buildClientAuthenticationPayload();
+
 
     try {
-      const wrappedResponse = await attemptHttpRequest<ClientSecretRequest|ClientAssertionRequest, {
-        access_token: string,
-        expires_in: number,
-      }>({
-        url,
+      const wrappedResponse = await attemptHttpRequest<
+        ClientSecretRequest | ClientAssertionRequest,
+       { access_token: string; expires_in: number }
+      >({
+        url: tokenUrl,
         method: "POST",
         data: credentialsPayload,
         headers: {
-          "Content-Type": "application/x-www-form-urlencoded"
-        }
+          "Content-Type": "application/x-www-form-urlencoded",
+        },
+
       }, {
         maxRetry: 3,
         minWaitInMs: 100,
@@ -176,7 +200,7 @@ export class Credentials {
         attributes = TelemetryAttributes.fromRequest({
           userAgent: this.baseOptions?.headers["User-Agent"],
           fgaMethod: "TokenExchange",
-          url,
+          url: tokenUrl,
           resendCount: wrappedResponse?.retries,
           httpMethod: "POST",
           credentials: clientCredentials,
diff --git a/tests/helpers/default-config.ts b/tests/helpers/default-config.ts
@@ -14,6 +14,7 @@
 import { ClientConfiguration, UserClientConfigurationParams } from "../../client";
 import { CredentialsMethod } from "../../credentials";
 
+
 export const OPENFGA_STORE_ID = "01H0H015178Y2V4CX10C2KGHF4";
 export const OPENFGA_MODEL_ID = "01HWBBMZTT7F1M97DVXQK4Z7J3";
 export const OPENFGA_API_URL = "https://api.fga.example";
