From e970d1e29aa9a4e1a4ac6419079928b803536825 Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Fri, 27 Jun 2025 13:15:47 -0600
Subject: test: refactor duplicate tests and start to build test harness for
 rpc server

---
 tests/authorization/check_service_test.rs | 54 +++++++++++++++++++------
 tests/integration_tests.rs                | 65 -------------------------------
 tests/main_test.rs                        |  2 +
 3 files changed, 45 insertions(+), 76 deletions(-)
 delete mode 100644 tests/integration_tests.rs
 create mode 100644 tests/main_test.rs

(limited to 'tests')

diff --git a/tests/authorization/check_service_test.rs b/tests/authorization/check_service_test.rs
index 65b2d120..4a8f1426 100644
--- a/tests/authorization/check_service_test.rs
+++ b/tests/authorization/check_service_test.rs
@@ -11,39 +11,71 @@ mod tests {
         Arc::new(build_cedar_authorizer())
     }
 
+    fn subject() -> CheckService {
+        CheckService::new(authorizer())
+    }
+
     #[tokio::test]
     async fn test_check_allows_valid_bearer_token() {
-        let token = String::from("valid-token");
-        let server = CheckService::new(authorizer());
-
-        let mut headers = HashMap::new();
-        headers.insert("authorization".to_string(), format!("Bearer {}", token));
         let request = tonic::Request::new(build_request(|item: &mut HttpRequest| {
-            item.headers = headers;
+            item.headers = build_headers(vec![(
+                "authorization".to_string(),
+                format!("Bearer {}", String::from("valid-token")),
+            )])
         }));
 
-        let response = server.check(request).await;
-
+        let response = subject().check(request).await;
         assert!(response.is_ok());
+
         let check_response = response.unwrap().into_inner();
         assert!(check_response.status.is_some());
+
         let status = check_response.status.unwrap();
         assert_eq!(status.code, tonic::Code::Ok as i32);
     }
 
     #[tokio::test]
     async fn test_check_denies_invalid_bearer_token() {
-        let server = CheckService::new(authorizer());
         let request = tonic::Request::new(build_request(|item: &mut HttpRequest| {
             item.headers = HashMap::new();
         }));
 
-        let response = server.check(request).await;
-
+        let response = subject().check(request).await;
         assert!(response.is_ok());
+
         let check_response = response.unwrap().into_inner();
         assert!(check_response.status.is_some());
+
         let status = check_response.status.unwrap();
         assert_eq!(status.code, tonic::Code::Unauthenticated as i32);
     }
+
+    #[tokio::test]
+    async fn test_table() {
+        let test_cases = vec![
+            ("Bearer valid-token", true),
+            ("Bearer invalid-token", false),
+            ("Basic valid-token", false),
+            ("", false),
+        ];
+
+        for (auth_value, should_succeed) in test_cases {
+            let request = tonic::Request::new(build_request(|item: &mut HttpRequest| {
+                item.headers =
+                    build_headers(vec![("authorization".to_string(), auth_value.to_string())]);
+            }));
+
+            let response = subject().check(request).await;
+            assert!(response.is_ok());
+
+            let check_response = response.unwrap().into_inner();
+            let status = check_response.status.unwrap();
+
+            if should_succeed {
+                assert_eq!(status.code, tonic::Code::Ok as i32);
+            } else {
+                assert_eq!(status.code, tonic::Code::Unauthenticated as i32);
+            }
+        }
+    }
 }
diff --git a/tests/integration_tests.rs b/tests/integration_tests.rs
deleted file mode 100644
index f7093600..00000000
--- a/tests/integration_tests.rs
+++ /dev/null
@@ -1,65 +0,0 @@
-use authzd::CheckService;
-use common::*;
-use envoy_types::ext_authz::v3::pb::Authorization;
-use envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest;
-use std::sync::Arc;
-
-mod authorization;
-mod common;
-
-fn authorizer() -> Arc<dyn authzd::Authorizer + Send + Sync> {
-    Arc::new(factory_bot::build_cedar_authorizer())
-}
-
-#[tokio::test]
-async fn test_success_response() {
-    let server = CheckService::new(authorizer());
-    let request = tonic::Request::new(factory_bot::build_request(|item: &mut HttpRequest| {
-        item.headers = factory_bot::build_headers(vec![(
-            "authorization".to_string(),
-            "Bearer valid-token".to_string(),
-        )])
-    }));
-
-    let response = server.check(request).await;
-    assert!(response.is_ok());
-
-    let check_response = response.unwrap().into_inner();
-    assert!(check_response.status.is_some());
-
-    let status = check_response.status.unwrap();
-    assert_eq!(status.code, tonic::Code::Ok as i32);
-}
-
-#[tokio::test]
-async fn test_multiple() {
-    let server = CheckService::new(authorizer());
-
-    let test_cases = vec![
-        ("Bearer valid-token", true),
-        ("Bearer invalid-token", false),
-        ("Basic valid-token", false),
-        ("", false),
-    ];
-
-    for (auth_value, should_succeed) in test_cases {
-        let request = tonic::Request::new(factory_bot::build_request(|item: &mut HttpRequest| {
-            item.headers = factory_bot::build_headers(vec![(
-                "authorization".to_string(),
-                auth_value.to_string(),
-            )]);
-        }));
-
-        let response = server.check(request).await;
-        assert!(response.is_ok());
-
-        let check_response = response.unwrap().into_inner();
-        let status = check_response.status.unwrap();
-
-        if should_succeed {
-            assert_eq!(status.code, tonic::Code::Ok as i32);
-        } else {
-            assert_eq!(status.code, tonic::Code::Unauthenticated as i32);
-        }
-    }
-}
diff --git a/tests/main_test.rs b/tests/main_test.rs
new file mode 100644
index 00000000..5c6016f6
--- /dev/null
+++ b/tests/main_test.rs
@@ -0,0 +1,2 @@
+#[cfg(test)]
+mod tests {}
-- 
cgit v1.2.3