diff options
Diffstat (limited to 'tests/authorization')
| -rw-r--r-- | tests/authorization/cedar_authorizer_test.rs | 21 | ||||
| -rw-r--r-- | tests/authorization/check_service_test.rs | 11 |
2 files changed, 19 insertions, 13 deletions
diff --git a/tests/authorization/cedar_authorizer_test.rs b/tests/authorization/cedar_authorizer_test.rs index d6742995..3073417d 100644 --- a/tests/authorization/cedar_authorizer_test.rs +++ b/tests/authorization/cedar_authorizer_test.rs @@ -6,9 +6,14 @@ mod tests { use envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest; use std::collections::HashMap; + fn authorizer() -> CedarAuthorizer { + CedarAuthorizer::new_from( + "/home/mokhax/src/gitlab.com/gitlab-org/software-supply-chain-security/authorization/authzd/etc/authzd", + ) + } + #[test] fn test_cedar_authorizer_allows_valid_token() { - let authorizer = CedarAuthorizer::default(); let request = create_request(|item: &mut HttpRequest| { item.headers = build_with(|item: &mut HashMap<String, String>| { item.insert( @@ -18,12 +23,11 @@ mod tests { }); }); - assert!(authorizer.authorize(request)); + assert!(authorizer().authorize(request)); } #[test] fn test_cedar_authorizer_denies_invalid_token() { - let authorizer = CedarAuthorizer::default(); let request = create_request(|item: &mut HttpRequest| { item.headers = build_with(|item: &mut HashMap<String, String>| { item.insert( @@ -33,40 +37,37 @@ mod tests { }); }); - assert!(!authorizer.authorize(request)); + assert!(!authorizer().authorize(request)); } #[test] fn test_cedar_authorizer_denies_missing_header() { - let authorizer = CedarAuthorizer::default(); let request = create_request(|item: &mut HttpRequest| { item.headers = HashMap::new(); }); - assert!(!authorizer.authorize(request)); + assert!(!authorizer().authorize(request)); } #[test] fn test_cedar_authorizer_allows_static_assets() { - let authorizer = CedarAuthorizer::default(); let request = create_request(|item: &mut HttpRequest| { item.headers = build_with(|item: &mut HashMap<String, String>| { item.insert(String::from(":path"), String::from("/public/style.css")); }); }); - assert!(authorizer.authorize(request)); + assert!(authorizer().authorize(request)); } #[test] fn test_cedar_authorizer_allows_js_assets() { - let authorizer = CedarAuthorizer::default(); let mut headers = HashMap::new(); headers.insert(":path".to_string(), "/app.js".to_string()); let request = create_request(|item: &mut HttpRequest| { item.headers = headers; }); - assert!(authorizer.authorize(request)); + assert!(authorizer().authorize(request)); } } diff --git a/tests/authorization/check_service_test.rs b/tests/authorization/check_service_test.rs index a739b16a..c101850c 100644 --- a/tests/authorization/check_service_test.rs +++ b/tests/authorization/check_service_test.rs @@ -8,10 +8,16 @@ mod tests { use std::collections::HashMap; use std::sync::Arc; + fn authorizer() -> Arc<dyn authzd::Authorizer + Send + Sync> { + Arc::new(CedarAuthorizer::new_from( + "/home/mokhax/src/gitlab.com/gitlab-org/software-supply-chain-security/authorization/authzd/etc/authzd", + )) + } + #[tokio::test] async fn test_check_allows_valid_bearer_token() { let token = create_token(); - let server = CheckService::new(Arc::new(CedarAuthorizer::default())); + let server = CheckService::new(authorizer()); let mut headers = HashMap::new(); headers.insert("authorization".to_string(), format!("Bearer {}", token)); @@ -30,8 +36,7 @@ mod tests { #[tokio::test] async fn test_check_denies_invalid_bearer_token() { - let authorizer = Arc::new(CedarAuthorizer::default()); - let server = CheckService::new(authorizer); + let server = CheckService::new(authorizer()); let request = tonic::Request::new(create_request(|item: &mut HttpRequest| { item.headers = HashMap::new(); })); |