test: move cedar_authorizer tests to integration test suite

author: mo khan <mo@mokhan.ca> 2025-06-25 14:20:33 -0600
committer: mo khan <mo@mokhan.ca> 2025-06-25 14:20:33 -0600
commit: d099e77eaa8e51eef14cd775234bfd4b12098a4c (patch)
tree: 5e85093c5730908ddc30a4ea003feac71346a111 /tests/authorization/cedar_authorizer_test.rs
parent: 654b31287617c56f8e148faabc63916e316f56c6 (diff)
1 files changed, 78 insertions, 0 deletions
diff --git a/tests/authorization/cedar_authorizer_test.rs b/tests/authorization/cedar_authorizer_test.rs
new file mode 100644
index 00000000..2ed3dd68
--- /dev/null
+++ b/tests/authorization/cedar_authorizer_test.rs
@@ -0,0 +1,78 @@
+#[cfg(test)]
+mod tests {
+    use crate::common::create_request;
+    use authzd::Authorizer;
+    use authzd::CedarAuthorizer;
+    use envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest;
+    use std::collections::HashMap;
+
+    #[test]
+    fn test_cedar_authorizer_allows_valid_token() {
+        let authorizer = CedarAuthorizer::new();
+        let mut headers = HashMap::new();
+        headers.insert(
+            "authorization".to_string(),
+            "Bearer valid-token".to_string(),
+        );
+        let request = create_request(|item: &mut HttpRequest| {
+            item.headers = headers;
+        });
+
+        let result = authorizer.authorize(request);
+        assert!(result);
+    }
+
+    #[test]
+    fn test_cedar_authorizer_denies_invalid_token() {
+        let authorizer = CedarAuthorizer::new();
+        let mut headers = HashMap::new();
+        headers.insert(
+            "authorization".to_string(),
+            "Bearer invalid-token".to_string(),
+        );
+        let request = create_request(|item: &mut HttpRequest| {
+            item.headers = headers;
+        });
+
+        let result = authorizer.authorize(request);
+        assert!(!result);
+    }
+
+    #[test]
+    fn test_cedar_authorizer_denies_missing_header() {
+        let authorizer = CedarAuthorizer::new();
+        let headers = HashMap::new();
+        let request = create_request(|item: &mut HttpRequest| {
+            item.headers = headers;
+        });
+
+        let result = authorizer.authorize(request);
+        assert!(!result);
+    }
+
+    #[test]
+    fn test_cedar_authorizer_allows_static_assets() {
+        let authorizer = CedarAuthorizer::new();
+        let mut headers = HashMap::new();
+        headers.insert(":path".to_string(), "/public/style.css".to_string());
+        let request = create_request(|item: &mut HttpRequest| {
+            item.headers = headers;
+        });
+
+        let result = authorizer.authorize(request);
+        assert!(result);
+    }
+
+    #[test]
+    fn test_cedar_authorizer_allows_js_assets() {
+        let authorizer = CedarAuthorizer::new();
+        let mut headers = HashMap::new();
+        headers.insert(":path".to_string(), "/app.js".to_string());
+        let request = create_request(|item: &mut HttpRequest| {
+            item.headers = headers;
+        });
+
+        let result = authorizer.authorize(request);
+        assert!(result);
+    }
+}
author	mo khan <mo@mokhan.ca>	2025-06-25 14:20:33 -0600
committer	mo khan <mo@mokhan.ca>	2025-06-25 14:20:33 -0600
commit	d099e77eaa8e51eef14cd775234bfd4b12098a4c (patch)
tree	5e85093c5730908ddc30a4ea003feac71346a111 /tests/authorization/cedar_authorizer_test.rs
parent	654b31287617c56f8e148faabc63916e316f56c6 (diff)