2 files changed, 85 insertions, 0 deletions

diff --git a/tests/common/mod.rs b/tests/common/mod.rs
new file mode 100644
index 00000000..e2137146
--- /dev/null
+++ b/tests/common/mod.rs
@@ -0,0 +1,35 @@
+use envoy_types::ext_authz::v3::pb::CheckRequest;
+use std::collections::HashMap;
+use tonic::Request;
+
+pub fn create_test_request_with_headers(headers: HashMap<String, String>) -> Request<CheckRequest> {
+    use envoy_types::pb::envoy::service::auth::v3::{AttributeContext, attribute_context};
+
+    let http_request = attribute_context::HttpRequest {
+        headers,
+        ..Default::default()
+    };
+
+    let request_context = attribute_context::Request {
+        http: Some(http_request),
+        ..Default::default()
+    };
+
+    let attributes = AttributeContext {
+        request: Some(request_context),
+        ..Default::default()
+    };
+
+    let check_request = CheckRequest {
+        attributes: Some(attributes),
+        ..Default::default()
+    };
+
+    Request::new(check_request)
+}
+
+pub fn create_headers_with_auth(auth_value: &str) -> HashMap<String, String> {
+    let mut headers = HashMap::new();
+    headers.insert("authorization".to_string(), auth_value.to_string());
+    headers
+}
diff --git a/tests/integration_tests.rs b/tests/integration_tests.rs
new file mode 100644
index 00000000..28cdf959
--- /dev/null
+++ b/tests/integration_tests.rs
@@ -0,0 +1,50 @@
+use authzd::PolicyServer;
+use envoy_types::ext_authz::v3::pb::Authorization;
+
+mod common;
+
+#[tokio::test]
+async fn test_success_response() {
+    let server = PolicyServer::default();
+
+    let headers = common::create_headers_with_auth("Bearer valid-token");
+    let request = common::create_test_request_with_headers(headers);
+
+    let response = server.check(request).await;
+    assert!(response.is_ok());
+
+    let check_response = response.unwrap().into_inner();
+    assert!(check_response.status.is_some());
+
+    let status = check_response.status.unwrap();
+    assert_eq!(status.code, tonic::Code::Ok.into());
+}
+
+#[tokio::test]
+async fn test_multiple() {
+    let server = PolicyServer::default();
+
+    let test_cases = vec![
+        ("Bearer valid-token", true),
+        ("Bearer invalid-token", false),
+        ("Basic valid-token", false),
+        ("", false),
+    ];
+
+    for (auth_value, should_succeed) in test_cases {
+        let headers = common::create_headers_with_auth(auth_value);
+        let request = common::create_test_request_with_headers(headers);
+
+        let response = server.check(request).await;
+        assert!(response.is_ok());
+
+        let check_response = response.unwrap().into_inner();
+        let status = check_response.status.unwrap();
+
+        if should_succeed {
+            assert_eq!(status.code, tonic::Code::Ok.into());
+        } else {
+            assert_eq!(status.code, tonic::Code::Unauthenticated.into());
+        }
+    }
+}