test: move unit tests to integration test suite to share code

author: mo khan <mo@mokhan.ca> 2025-06-25 14:24:19 -0600
committer: mo khan <mo@mokhan.ca> 2025-06-25 14:24:19 -0600
commit: 86c9564a82f56b7c5ee60f4bff9fb07ca3e4a6eb (patch)
tree: ecf9c5c3335b2f27fed2dbf3dcfded1eb2b0b68c /tests
parent: d099e77eaa8e51eef14cd775234bfd4b12098a4c (diff)
3 files changed, 53 insertions, 0 deletions
diff --git a/tests/authorization/check_service_test.rs b/tests/authorization/check_service_test.rs
new file mode 100644
index 00000000..23655ffb
--- /dev/null
+++ b/tests/authorization/check_service_test.rs
@@ -0,0 +1,48 @@
+#[cfg(test)]
+mod tests {
+    use crate::common::create_request;
+    use crate::common::create_token;
+    use authzd::CedarAuthorizer;
+    use authzd::CheckService;
+    use envoy_types::ext_authz::v3::pb::Authorization;
+    use envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest;
+    use std::collections::HashMap;
+    use std::sync::Arc;
+
+    #[tokio::test]
+    async fn test_check_allows_valid_bearer_token() {
+        let token = create_token();
+        let server = CheckService::new(Arc::new(CedarAuthorizer::new()));
+
+        let mut headers = HashMap::new();
+        headers.insert("authorization".to_string(), format!("Bearer {}", token));
+        let request = tonic::Request::new(create_request(|item: &mut HttpRequest| {
+            item.headers = headers;
+        }));
+
+        let response = server.check(request).await;
+
+        assert!(response.is_ok());
+        let check_response = response.unwrap().into_inner();
+        assert!(check_response.status.is_some());
+        let status = check_response.status.unwrap();
+        assert_eq!(status.code, tonic::Code::Ok as i32);
+    }
+
+    #[tokio::test]
+    async fn test_check_denies_invalid_bearer_token() {
+        let authorizer = Arc::new(CedarAuthorizer::new());
+        let server = CheckService::new(authorizer);
+        let request = tonic::Request::new(create_request(|item: &mut HttpRequest| {
+            item.headers = HashMap::new();
+        }));
+
+        let response = server.check(request).await;
+
+        assert!(response.is_ok());
+        let check_response = response.unwrap().into_inner();
+        assert!(check_response.status.is_some());
+        let status = check_response.status.unwrap();
+        assert_eq!(status.code, tonic::Code::Unauthenticated as i32);
+    }
+}
diff --git a/tests/authorization/mod.rs b/tests/authorization/mod.rs
index a8aab73a..a4ece924 100644
--- a/tests/authorization/mod.rs
+++ b/tests/authorization/mod.rs
@@ -1 +1,2 @@
 mod cedar_authorizer_test;
+mod check_service_test;
diff --git a/tests/common/mod.rs b/tests/common/mod.rs
index 9b2370cb..4e879b6f 100644
--- a/tests/common/mod.rs
+++ b/tests/common/mod.rs
@@ -26,3 +26,7 @@ pub fn create_headers_with_auth(auth_value: &str) -> HashMap<String, String> {
     headers.insert("authorization".to_string(), auth_value.to_string());
     headers
 }
+
+pub fn create_token() -> String {
+    return String::from("valid-token");
+}
author	mo khan <mo@mokhan.ca>	2025-06-25 14:24:19 -0600
committer	mo khan <mo@mokhan.ca>	2025-06-25 14:24:19 -0600
commit	86c9564a82f56b7c5ee60f4bff9fb07ca3e4a6eb (patch)
tree	ecf9c5c3335b2f27fed2dbf3dcfded1eb2b0b68c /tests
parent	d099e77eaa8e51eef14cd775234bfd4b12098a4c (diff)