1 files changed, 50 insertions, 0 deletions

diff --git a/tests/integration_tests.rs b/tests/integration_tests.rs
new file mode 100644
index 00000000..28cdf959
--- /dev/null
+++ b/tests/integration_tests.rs
@@ -0,0 +1,50 @@
+use authzd::PolicyServer;
+use envoy_types::ext_authz::v3::pb::Authorization;
+
+mod common;
+
+#[tokio::test]
+async fn test_success_response() {
+    let server = PolicyServer::default();
+
+    let headers = common::create_headers_with_auth("Bearer valid-token");
+    let request = common::create_test_request_with_headers(headers);
+
+    let response = server.check(request).await;
+    assert!(response.is_ok());
+
+    let check_response = response.unwrap().into_inner();
+    assert!(check_response.status.is_some());
+
+    let status = check_response.status.unwrap();
+    assert_eq!(status.code, tonic::Code::Ok.into());
+}
+
+#[tokio::test]
+async fn test_multiple() {
+    let server = PolicyServer::default();
+
+    let test_cases = vec![
+        ("Bearer valid-token", true),
+        ("Bearer invalid-token", false),
+        ("Basic valid-token", false),
+        ("", false),
+    ];
+
+    for (auth_value, should_succeed) in test_cases {
+        let headers = common::create_headers_with_auth(auth_value);
+        let request = common::create_test_request_with_headers(headers);
+
+        let response = server.check(request).await;
+        assert!(response.is_ok());
+
+        let check_response = response.unwrap().into_inner();
+        let status = check_response.status.unwrap();
+
+        if should_succeed {
+            assert_eq!(status.code, tonic::Code::Ok.into());
+        } else {
+            assert_eq!(status.code, tonic::Code::Unauthenticated.into());
+        }
+    }
+}