feat: Allow to skip TLS when connecting to local instance

config/config.go

@@ -34,4 +34,5 @@ type Driver struct {
 
 	SkipSchemaValidation bool `json:"skip_schema_validation,omitempty"`
 	DisableSearch        bool `json:"disable_search,omitempty"`
+	SkipLocalTLS         bool `json:"skip_local_tls"`
 }

driver/config_test.go

@@ -20,6 +20,7 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	"github.com/tigrisdata/tigris-client-go/config"
 )
 
@@ -212,3 +213,33 @@ func TestDriverConfigProto(t *testing.T) {
 		})
 	}
 }
+
+func TestLocalURL(t *testing.T) {
+	// Test cases with local URLs that should return true
+	localURLs := []string{
+		"localhost:8080",
+		"127.0.0.1:8000",
+		"http://localhost:3000",
+		"http://127.0.0.1:5000",
+		"[::1]:8080",
+		"http://[::1]:8000",
+	}
+
+	for _, url := range localURLs {
+		require.True(t, localURL(url))
+	}
+
+	// Test cases with non-local URLs that should return false
+	nonLocalURLs := []string{
+		"example.com",
+		"http://example.com",
+		"www.google.com",
+		"http://www.google.com",
+		"127.0.0.1.5",
+		"localhost123",
+	}
+
+	for _, url := range nonLocalURLs {
+		require.False(t, localURL(url))
+	}
+}

driver/driver.go

@@ -511,7 +511,8 @@ func initConfig(lCfg *config.Driver) (*config.Driver, error) {
 	// Retain only host:port for connection
 	cfg.URL = u.Host
 
-	if cfg.TLS == nil && (cfg.ClientID != "" || cfg.ClientSecret != "" || cfg.Token != "" || u.Scheme == "https" || sec) {
+	if cfg.TLS == nil && (!cfg.SkipLocalTLS || !localURL(cfg.URL)) && (cfg.ClientID != "" || cfg.ClientSecret != "" ||
+		cfg.Token != "" || u.Scheme == "https" || sec) {
 		cfg.TLS = &tls.Config{MinVersion: tls.VersionTLS12}
 	}
 
@@ -594,3 +595,12 @@ func (c *driver) Close() error {
 
 	return c.driverWithOptions.Close()
 }
+
+func localURL(url string) bool {
+	return strings.HasPrefix(url, "localhost:") ||
+		strings.HasPrefix(url, "127.0.0.1:") ||
+		strings.HasPrefix(url, "http://localhost:") ||
+		strings.HasPrefix(url, "http://127.0.0.1:") ||
+		strings.HasPrefix(url, "[::1]") ||
+		strings.HasPrefix(url, "http://[::1]:")
+}

driver/grpc.go

@@ -86,14 +86,14 @@ func newGRPCClient(ctx context.Context, config *config.Driver) (driverWithOption
 		),
 	}
 
-	if config.TLS != nil || tokenSource != nil {
+	if (config.SkipLocalTLS && localURL(config.URL)) || (config.TLS == nil && tokenSource == nil) {
+		opts = append(opts, grpc.WithTransportCredentials(insecure.NewCredentials()))
+	} else {
 		opts = append(opts, grpc.WithTransportCredentials(credentials.NewTLS(config.TLS)))
 
 		if tokenSource != nil {
 			opts = append(opts, grpc.WithPerRPCCredentials(oauth.TokenSource{TokenSource: tokenSource}))
 		}
-	} else {
-		opts = append(opts, grpc.WithTransportCredentials(insecure.NewCredentials()))
 	}
 
 	conn, err := grpc.DialContext(ctx, config.URL, opts...)

driver/http.go

@@ -246,7 +246,8 @@ func newHTTPClient(_ context.Context, config *config.Driver) (driverWithOptions,
 		return nil
 	}
 
-	c, err := apiHTTP.NewClientWithResponses(config.URL, apiHTTP.WithHTTPClient(httpClient), apiHTTP.WithRequestEditorFn(hf))
+	c, err := apiHTTP.NewClientWithResponses(config.URL, apiHTTP.WithHTTPClient(httpClient),
+		apiHTTP.WithRequestEditorFn(hf))
 	if err != nil {
 		return nil, nil, nil, err
 	}