1 files changed, 43 insertions, 11 deletions

diff --git a/tests/authorization/check_service_test.rs b/tests/authorization/check_service_test.rs
index 65b2d120..4a8f1426 100644
--- a/tests/authorization/check_service_test.rs
+++ b/tests/authorization/check_service_test.rs
@@ -11,39 +11,71 @@ mod tests {
         Arc::new(build_cedar_authorizer())
     }
 
+    fn subject() -> CheckService {
+        CheckService::new(authorizer())
+    }
+
     #[tokio::test]
     async fn test_check_allows_valid_bearer_token() {
-        let token = String::from("valid-token");
-        let server = CheckService::new(authorizer());
-
-        let mut headers = HashMap::new();
-        headers.insert("authorization".to_string(), format!("Bearer {}", token));
         let request = tonic::Request::new(build_request(|item: &mut HttpRequest| {
-            item.headers = headers;
+            item.headers = build_headers(vec![(
+                "authorization".to_string(),
+                format!("Bearer {}", String::from("valid-token")),
+            )])
         }));
 
-        let response = server.check(request).await;
-
+        let response = subject().check(request).await;
         assert!(response.is_ok());
+
         let check_response = response.unwrap().into_inner();
         assert!(check_response.status.is_some());
+
         let status = check_response.status.unwrap();
         assert_eq!(status.code, tonic::Code::Ok as i32);
     }
 
     #[tokio::test]
     async fn test_check_denies_invalid_bearer_token() {
-        let server = CheckService::new(authorizer());
         let request = tonic::Request::new(build_request(|item: &mut HttpRequest| {
             item.headers = HashMap::new();
         }));
 
-        let response = server.check(request).await;
-
+        let response = subject().check(request).await;
         assert!(response.is_ok());
+
         let check_response = response.unwrap().into_inner();
         assert!(check_response.status.is_some());
+
         let status = check_response.status.unwrap();
         assert_eq!(status.code, tonic::Code::Unauthenticated as i32);
     }
+
+    #[tokio::test]
+    async fn test_table() {
+        let test_cases = vec![
+            ("Bearer valid-token", true),
+            ("Bearer invalid-token", false),
+            ("Basic valid-token", false),
+            ("", false),
+        ];
+
+        for (auth_value, should_succeed) in test_cases {
+            let request = tonic::Request::new(build_request(|item: &mut HttpRequest| {
+                item.headers =
+                    build_headers(vec![("authorization".to_string(), auth_value.to_string())]);
+            }));
+
+            let response = subject().check(request).await;
+            assert!(response.is_ok());
+
+            let check_response = response.unwrap().into_inner();
+            let status = check_response.status.unwrap();
+
+            if should_succeed {
+                assert_eq!(status.code, tonic::Code::Ok as i32);
+            } else {
+                assert_eq!(status.code, tonic::Code::Unauthenticated as i32);
+            }
+        }
+    }
 }