2 files changed, 48 insertions, 4 deletions

diff --git a/tests/authorization/cedar_authorizer_test.rs b/tests/authorization/cedar_authorizer_test.rs
index 490a0107..50fdd7a5 100644
--- a/tests/authorization/cedar_authorizer_test.rs
+++ b/tests/authorization/cedar_authorizer_test.rs
@@ -75,4 +75,52 @@ mod tests {
             ]);
         })));
     }
+
+    #[test]
+    fn test_public_sparkle_endpoints() {
+        let hosts = vec![
+            "localhost:10000",
+            "sparkle.runway.gitlab.net",
+            "sparkle.staging.runway.gitlab.net",
+        ];
+
+        let routes = vec![
+            ("GET", "/", true),
+            ("GET", "/application.js", true),
+            ("GET", "/callback", true),
+            ("GET", "/dashboard/nav", true),
+            ("GET", "/favicon.ico", true),
+            ("GET", "/favicon.png", true),
+            ("GET", "/health", true),
+            ("GET", "/htmx.js", true),
+            ("GET", "/index.html", true),
+            ("GET", "/logo.png", true),
+            ("GET", "/pico.min.css", true),
+            ("GET", "/signout", true),
+            ("GET", "/sparkles", true),
+            ("GET", "/vue.global.js", true),
+            ("POST", "/sparkles/restore", true),
+            ("GET", "/dashboard", false),
+            ("POST", "/sparkles", false),
+        ];
+
+        let authorizer = subject();
+
+        for host in hosts {
+            for (method, path, expected) in &routes {
+                let request = build_request(|item: &mut HttpRequest| {
+                    item.method = method.to_string();
+                    item.path = path.to_string();
+                    item.host = host.to_string();
+                    item.headers = build_headers(vec![
+                        (String::from(":path"), path.to_string()),
+                        (String::from(":method"), method.to_string()),
+                        (String::from(":authority"), host.to_string()),
+                    ]);
+                });
+
+                assert_eq!(authorizer.authorize(request), *expected);
+            }
+        }
+    }
 }
diff --git a/tests/authorization/check_service_test.rs b/tests/authorization/check_service_test.rs
index c5c824fc..60cbc11c 100644
--- a/tests/authorization/check_service_test.rs
+++ b/tests/authorization/check_service_test.rs
@@ -131,10 +131,6 @@ mod tests {
 
     #[tokio::test]
     async fn test_public_sparkle_endpoints() {
-        // {status: tonic::Code::Ok, http: &HTTPRequest{Method: "GET", Path: "/dashboard", Headers: loggedInHeaders}},
-        // {status: tonic::Code::Ok, http: &HTTPRequest{Method: "POST", Path: "/sparkles", Headers: loggedInHeaders}},
-        // {status: tonic::Code::PermissionDenied, http: &HTTPRequest{Method: "GET", Path: "/dashboard", Headers: invalidHeaders}},
-
         let hosts = vec![
             "localhost:10000",
             "sparkle.runway.gitlab.net",