From e821b395783f2494f48ad941c606bec615e3b44e Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Fri, 4 Jul 2025 17:44:34 -0600
Subject: refactor: extract method to convert http request to cedar context

---
 src/authorization/cedar_authorizer.rs | 26 ++++++++++++++++----------
 1 file changed, 16 insertions(+), 10 deletions(-)

(limited to 'src')

diff --git a/src/authorization/cedar_authorizer.rs b/src/authorization/cedar_authorizer.rs
index 4eeaf645..e56640f9 100644
--- a/src/authorization/cedar_authorizer.rs
+++ b/src/authorization/cedar_authorizer.rs
@@ -111,12 +111,6 @@ impl CedarAuthorizer {
         &self,
         http_request: envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest,
     ) -> Result<CedarRequest, Box<dyn std::error::Error>> {
-        let headers = &http_request.headers;
-        let bearer_token = headers
-            .get("authorization")
-            .and_then(|auth| auth.strip_prefix("Bearer "))
-            .unwrap_or("");
-
         // Create principal entity
         let principal_id = EntityId::from_str("client")?;
         let principal_type = EntityTypeName::from_str("User")?;
@@ -132,7 +126,22 @@ impl CedarAuthorizer {
         let resource_type = EntityTypeName::from_str("Resource")?;
         let resource = EntityUid::from_type_name_and_id(resource_type, resource_id);
 
+        let context = self.context_from(http_request);
+        CedarRequest::new(principal, action, resource, context?, None)
+            .map_err(|e| Box::new(e) as Box<dyn std::error::Error>)
+    }
+
+    fn context_from(
+        &self,
+        http_request: envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest,
+    ) -> Result<cedar_policy::Context, cedar_policy::ContextCreationError> {
         let mut context_map = std::collections::HashMap::new();
+
+        let headers = &http_request.headers;
+        let bearer_token = headers
+            .get("authorization")
+            .and_then(|auth| auth.strip_prefix("Bearer "))
+            .unwrap_or("");
         if !bearer_token.is_empty() {
             context_map.insert(
                 "bearer_token".to_string(),
@@ -146,9 +155,6 @@ impl CedarAuthorizer {
             );
         }
 
-        let context = Context::from_pairs(context_map.into_iter().collect::<Vec<_>>())?;
-
-        CedarRequest::new(principal, action, resource, context, None)
-            .map_err(|e| Box::new(e) as Box<dyn std::error::Error>)
+        Context::from_pairs(context_map.into_iter().collect::<Vec<_>>())
     }
 }
-- 
cgit v1.2.3