From cce3e0f170dfacb6b626a8777255c3183c5c5eb3 Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Fri, 27 Jun 2025 16:45:17 -0600
Subject: refactor: extract authorization::Server type

---
 src/authorization/cedar_authorizer.rs |  1 +
 src/authorization/mod.rs              |  2 ++
 src/authorization/server.rs           | 41 +++++++++++++++++++++++++++++++++++
 3 files changed, 44 insertions(+)
 create mode 100644 src/authorization/server.rs

(limited to 'src/authorization')

diff --git a/src/authorization/cedar_authorizer.rs b/src/authorization/cedar_authorizer.rs
index 658de7a6..a877cf87 100644
--- a/src/authorization/cedar_authorizer.rs
+++ b/src/authorization/cedar_authorizer.rs
@@ -51,6 +51,7 @@ impl CedarAuthorizer {
         Ok(policies)
     }
 }
+
 impl Default for CedarAuthorizer {
     fn default() -> Self {
         Self::new_from(std::path::Path::new("/etc/authzd"))
diff --git a/src/authorization/mod.rs b/src/authorization/mod.rs
index 7d3856a5..d664815b 100644
--- a/src/authorization/mod.rs
+++ b/src/authorization/mod.rs
@@ -1,7 +1,9 @@
 pub mod authorizer;
 pub mod cedar_authorizer;
 pub mod check_service;
+pub mod server;
 
 pub use authorizer::Authorizer;
 pub use cedar_authorizer::CedarAuthorizer;
 pub use check_service::CheckService;
+pub use server::Server;
diff --git a/src/authorization/server.rs b/src/authorization/server.rs
new file mode 100644
index 00000000..f11d0465
--- /dev/null
+++ b/src/authorization/server.rs
@@ -0,0 +1,41 @@
+use super::cedar_authorizer::CedarAuthorizer;
+use super::check_service::CheckService;
+use envoy_types::ext_authz::v3::pb::AuthorizationServer;
+use std::sync::Arc;
+
+pub fn create_router() -> Result<tonic::transport::server::Router, Box<dyn std::error::Error>> {
+    let (_health_reporter, health_service) = tonic_health::server::health_reporter();
+    let authorizer = Arc::new(CedarAuthorizer::default());
+    let check_service = CheckService::new(authorizer);
+    let server = tonic::transport::Server::builder()
+        .add_service(AuthorizationServer::new(check_service))
+        .add_service(health_service)
+        .add_service(
+            tonic_reflection::server::Builder::configure()
+                .register_encoded_file_descriptor_set(tonic_health::pb::FILE_DESCRIPTOR_SET)
+                .build_v1()
+                .unwrap(),
+        );
+    Ok(server)
+}
+
+pub struct Server {
+    router: tonic::transport::server::Router,
+}
+
+impl Server {
+    pub fn new() -> Result<Server, Box<dyn std::error::Error>> {
+        let router = create_router()?;
+        Ok(Server { router: router })
+    }
+
+    pub async fn serve(self, addr: std::net::SocketAddr) -> Result<(), tonic::transport::Error> {
+        self.router.serve(addr).await
+    }
+}
+
+impl Default for Server {
+    fn default() -> Self {
+        Self::new().unwrap()
+    }
+}
-- 
cgit v1.2.3