1 files changed, 20 insertions, 14 deletions

diff --git a/src/authorization/cedar_authorizer.rs b/src/authorization/cedar_authorizer.rs
index 6f5b8e63..f90e8d8b 100644
--- a/src/authorization/cedar_authorizer.rs
+++ b/src/authorization/cedar_authorizer.rs
@@ -127,13 +127,9 @@ impl CedarAuthorizer {
     ) -> Result<CedarRequest, Box<dyn std::error::Error>> {
         let principal = self.principal_from(&http_request)?;
         let permission = self.permission_from(&http_request)?;
-
-        // Create resource entity
-        let resource_id = EntityId::from_str("resource")?;
-        let resource_type = EntityTypeName::from_str("Resource")?;
-        let resource = EntityUid::from_type_name_and_id(resource_type, resource_id);
-
+        let resource = self.resource_from(&http_request)?;
         let context = self.context_from(http_request);
+
         CedarRequest::new(principal, permission, resource, context?, None)
             .map_err(|e| Box::new(e) as Box<dyn std::error::Error>)
     }
@@ -142,20 +138,30 @@ impl CedarAuthorizer {
         &self,
         _http_request: &envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest,
     ) -> Result<cedar_policy::EntityUid, Box<dyn std::error::Error>> {
-        let principal_id = EntityId::from_str("client")?;
-        let principal_type = EntityTypeName::from_str("User")?;
-        let principal = EntityUid::from_type_name_and_id(principal_type, principal_id);
-        Ok(principal)
+        Ok(EntityUid::from_type_name_and_id(
+            EntityTypeName::from_str("User")?,
+            EntityId::from_str("client")?,
+        ))
     }
 
     fn permission_from(
         &self,
         _http_request: &envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest,
     ) -> Result<cedar_policy::EntityUid, Box<dyn std::error::Error>> {
-        let action_id = EntityId::from_str("check")?;
-        let action_type = EntityTypeName::from_str("Action")?;
-        let action = EntityUid::from_type_name_and_id(action_type, action_id);
-        Ok(action)
+        Ok(EntityUid::from_type_name_and_id(
+            EntityTypeName::from_str("Action")?,
+            EntityId::from_str("check")?,
+        ))
+    }
+
+    fn resource_from(
+        &self,
+        _http_request: &envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest,
+    ) -> Result<cedar_policy::EntityUid, Box<dyn std::error::Error>> {
+        Ok(EntityUid::from_type_name_and_id(
+            EntityTypeName::from_str("Resource")?,
+            EntityId::from_str("resource")?,
+        ))
     }
 
     fn context_from(