4 files changed, 53 insertions, 62 deletions

diff --git a/src/authorization/check_service.rs b/src/authorization/check_service.rs
index c0a05e21..6c6bd9c6 100644
--- a/src/authorization/check_service.rs
+++ b/src/authorization/check_service.rs
@@ -33,65 +33,3 @@ impl envoy_types::ext_authz::v3::pb::Authorization for CheckService {
         }
     }
 }
-
-#[cfg(test)]
-mod tests {
-    use super::super::cedar_authorizer::CedarAuthorizer;
-    use super::*;
-    use envoy_types::ext_authz::v3::pb::{Authorization, CheckRequest};
-    use envoy_types::pb::envoy::service::auth::v3::AttributeContext;
-    use envoy_types::pb::envoy::service::auth::v3::attribute_context::{HttpRequest, Request};
-    use std::collections::HashMap;
-    use std::sync::Arc;
-
-    pub fn create_request(f: impl std::ops::FnOnce(&mut HttpRequest)) -> CheckRequest {
-        please::build_with(|item: &mut CheckRequest| {
-            item.attributes = Some(please::build_with(|item: &mut AttributeContext| {
-                item.request = Some(please::build_with(|item: &mut Request| {
-                    item.http = Some(please::build_with(|item: &mut HttpRequest| f(item)));
-                }));
-            }));
-        })
-    }
-
-    pub fn create_token() -> String {
-        return String::from("valid-token");
-    }
-
-    #[tokio::test]
-    async fn test_check_allows_valid_bearer_token() {
-        let token = create_token();
-        let server = CheckService::new(Arc::new(CedarAuthorizer::new()));
-
-        let mut headers = HashMap::new();
-        headers.insert("authorization".to_string(), format!("Bearer {}", token));
-        let request = tonic::Request::new(create_request(|item: &mut HttpRequest| {
-            item.headers = headers;
-        }));
-
-        let response = server.check(request).await;
-
-        assert!(response.is_ok());
-        let check_response = response.unwrap().into_inner();
-        assert!(check_response.status.is_some());
-        let status = check_response.status.unwrap();
-        assert_eq!(status.code, tonic::Code::Ok as i32);
-    }
-
-    #[tokio::test]
-    async fn test_check_denies_invalid_bearer_token() {
-        let authorizer = Arc::new(CedarAuthorizer::new());
-        let server = CheckService::new(authorizer);
-        let request = tonic::Request::new(create_request(|item: &mut HttpRequest| {
-            item.headers = HashMap::new();
-        }));
-
-        let response = server.check(request).await;
-
-        assert!(response.is_ok());
-        let check_response = response.unwrap().into_inner();
-        assert!(check_response.status.is_some());
-        let status = check_response.status.unwrap();
-        assert_eq!(status.code, tonic::Code::Unauthenticated as i32);
-    }
-}
diff --git a/tests/authorization/check_service_test.rs b/tests/authorization/check_service_test.rs
new file mode 100644
index 00000000..23655ffb
--- /dev/null
+++ b/tests/authorization/check_service_test.rs
@@ -0,0 +1,48 @@
+#[cfg(test)]
+mod tests {
+    use crate::common::create_request;
+    use crate::common::create_token;
+    use authzd::CedarAuthorizer;
+    use authzd::CheckService;
+    use envoy_types::ext_authz::v3::pb::Authorization;
+    use envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest;
+    use std::collections::HashMap;
+    use std::sync::Arc;
+
+    #[tokio::test]
+    async fn test_check_allows_valid_bearer_token() {
+        let token = create_token();
+        let server = CheckService::new(Arc::new(CedarAuthorizer::new()));
+
+        let mut headers = HashMap::new();
+        headers.insert("authorization".to_string(), format!("Bearer {}", token));
+        let request = tonic::Request::new(create_request(|item: &mut HttpRequest| {
+            item.headers = headers;
+        }));
+
+        let response = server.check(request).await;
+
+        assert!(response.is_ok());
+        let check_response = response.unwrap().into_inner();
+        assert!(check_response.status.is_some());
+        let status = check_response.status.unwrap();
+        assert_eq!(status.code, tonic::Code::Ok as i32);
+    }
+
+    #[tokio::test]
+    async fn test_check_denies_invalid_bearer_token() {
+        let authorizer = Arc::new(CedarAuthorizer::new());
+        let server = CheckService::new(authorizer);
+        let request = tonic::Request::new(create_request(|item: &mut HttpRequest| {
+            item.headers = HashMap::new();
+        }));
+
+        let response = server.check(request).await;
+
+        assert!(response.is_ok());
+        let check_response = response.unwrap().into_inner();
+        assert!(check_response.status.is_some());
+        let status = check_response.status.unwrap();
+        assert_eq!(status.code, tonic::Code::Unauthenticated as i32);
+    }
+}
diff --git a/tests/authorization/mod.rs b/tests/authorization/mod.rs
index a8aab73a..a4ece924 100644
--- a/tests/authorization/mod.rs
+++ b/tests/authorization/mod.rs
@@ -1 +1,2 @@
 mod cedar_authorizer_test;
+mod check_service_test;
diff --git a/tests/common/mod.rs b/tests/common/mod.rs
index 9b2370cb..4e879b6f 100644
--- a/tests/common/mod.rs
+++ b/tests/common/mod.rs
@@ -26,3 +26,7 @@ pub fn create_headers_with_auth(auth_value: &str) -> HashMap<String, String> {
     headers.insert("authorization".to_string(), auth_value.to_string());
     headers
 }
+
+pub fn create_token() -> String {
+    return String::from("valid-token");
+}