diff options
| author | mo khan <mo@mokhan.ca> | 2025-07-05 13:36:41 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-07-05 13:36:41 -0600 |
| commit | 63c5263087c9e282ced0e549b78c7ebd4353b273 (patch) | |
| tree | e408c3aed5e4edf723c72897094bdd2f49077a15 /src/authorization/server.rs | |
| parent | 33083559c6d43d266ca77fcd1beb94c6feb4b547 (diff) | |
| parent | c6ec4e63d797c5e6cc01a4f09e723ad781b1034e (diff) | |
Merge branch 'sparkle-policies' into 'main'
Add Cedar policy validation and improve authorization architecture
See merge request gitlab-org/software-supply-chain-security/authorization/authzd!4
Diffstat (limited to 'src/authorization/server.rs')
| -rw-r--r-- | src/authorization/server.rs | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/authorization/server.rs b/src/authorization/server.rs index 23b7720e..759a550d 100644 --- a/src/authorization/server.rs +++ b/src/authorization/server.rs @@ -8,13 +8,13 @@ pub struct Server { } impl Server { - pub fn new() -> Result<Server, Box<dyn std::error::Error>> { + pub fn new<T: super::Authorizer>(authorizer: T) -> Result<Server, Box<dyn std::error::Error>> { let (health_reporter, health_service) = tonic_health::server::health_reporter(); std::mem::drop( health_reporter.set_service_status("", tonic_health::ServingStatus::Serving), ); let authorization_service = - AuthorizationServer::new(CheckService::new(Arc::new(CedarAuthorizer::default()))); + AuthorizationServer::new(CheckService::new(Arc::new(authorizer))); let reflection_service = tonic_reflection::server::Builder::configure() .register_encoded_file_descriptor_set(tonic_health::pb::FILE_DESCRIPTOR_SET) @@ -40,9 +40,9 @@ impl Server { tracing::info!( method = %req.method(), path = %req.uri().path(), - content_type = ?req.headers().get("content-type").and_then(|v| v.to_str().ok()), - user_agent = ?req.headers().get("user-agent").and_then(|v| v.to_str().ok()), - x_request_id = ?req.headers().get("x-request-id").and_then(|v| v.to_str().ok()), + content_type = req.headers().get("content-type").map_or("unknown", |v| v.to_str().unwrap_or("unknown")), + user_agent = req.headers().get("user-agent").map_or("unknown", |v| v.to_str().unwrap_or("unknown")), + x_request_id = req.headers().get("x-request-id").map_or("none", |v| v.to_str().unwrap_or("none")), "gRPC request" ); @@ -64,6 +64,6 @@ impl Server { impl Default for Server { fn default() -> Self { - Self::new().unwrap() + Self::new(CedarAuthorizer::default()).unwrap() } } |