1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
use envoy_types::pb::envoy::service::auth::v3::{CheckRequest, CheckResponse};
use std::sync::Arc;
use tonic::{Request, Response, Status};
use super::authorizer::Authorizer;
#[derive(Debug)]
pub struct CheckService {
authorizer: Arc<dyn Authorizer + Send + Sync>,
}
impl CheckService {
pub fn new(authorizer: Arc<dyn Authorizer + Send + Sync>) -> Self {
Self { authorizer }
}
}
#[tonic::async_trait]
impl envoy_types::pb::envoy::service::auth::v3::authorization_server::Authorization for CheckService {
async fn check(
&self,
request: Request<CheckRequest>,
) -> Result<Response<CheckResponse>, Status> {
if self.authorizer.authorize(request.into_inner()) {
Ok(Response::new(CheckResponse {
status: Some(envoy_types::pb::google::rpc::Status {
code: 0,
message: "OK".to_string(),
details: vec![],
}),
dynamic_metadata: None,
http_response: None,
}))
} else {
Ok(Response::new(CheckResponse {
status: Some(envoy_types::pb::google::rpc::Status {
code: 7,
message: "Unauthorized".to_string(),
details: vec![],
}),
dynamic_metadata: None,
http_response: None,
}))
}
}
}
|
