refactor: pass the PaC autorizer to the server to allow trying different ones

2 files changed, 4 insertions, 4 deletions

diff --git a/src/authorization/authorizer.rs b/src/authorization/authorizer.rs
index 14a7df27..62733585 100644
--- a/src/authorization/authorizer.rs
+++ b/src/authorization/authorizer.rs
@@ -1,5 +1,5 @@
 use envoy_types::ext_authz::v3::pb::CheckRequest;
 
-pub trait Authorizer: std::fmt::Debug {
+pub trait Authorizer: std::fmt::Debug + std::marker::Sync + std::marker::Send + 'static {
     fn authorize(&self, request: CheckRequest) -> bool;
 }
diff --git a/src/authorization/server.rs b/src/authorization/server.rs
index feb89d52..759a550d 100644
--- a/src/authorization/server.rs
+++ b/src/authorization/server.rs
@@ -8,13 +8,13 @@ pub struct Server {
 }
 
 impl Server {
-    pub fn new() -> Result<Server, Box<dyn std::error::Error>> {
+    pub fn new<T: super::Authorizer>(authorizer: T) -> Result<Server, Box<dyn std::error::Error>> {
         let (health_reporter, health_service) = tonic_health::server::health_reporter();
         std::mem::drop(
             health_reporter.set_service_status("", tonic_health::ServingStatus::Serving),
         );
         let authorization_service =
-            AuthorizationServer::new(CheckService::new(Arc::new(CedarAuthorizer::default())));
+            AuthorizationServer::new(CheckService::new(Arc::new(authorizer)));
 
         let reflection_service = tonic_reflection::server::Builder::configure()
             .register_encoded_file_descriptor_set(tonic_health::pb::FILE_DESCRIPTOR_SET)
@@ -64,6 +64,6 @@ impl Server {
 
 impl Default for Server {
     fn default() -> Self {
-        Self::new().unwrap()
+        Self::new(CedarAuthorizer::default()).unwrap()
     }
 }