src/authorization/check_service.rs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

use envoy_types::ext_authz::v3::CheckResponseExt;
use envoy_types::ext_authz::v3::pb::{CheckRequest, CheckResponse};
use std::sync::Arc;
use tonic::{Request, Response, Status};

use super::authorizer::Authorizer;

#[derive(Debug)]
pub struct CheckService {
    authorizer: Arc<dyn Authorizer + Send + Sync>,
}

impl CheckService {
    pub fn new(authorizer: Arc<dyn Authorizer + Send + Sync>) -> Self {
        Self { authorizer }
    }
}

#[tonic::async_trait]
impl envoy_types::ext_authz::v3::pb::Authorization for CheckService {
    async fn check(
        &self,
        request: Request<CheckRequest>,
    ) -> Result<Response<CheckResponse>, Status> {
        if self.authorizer.authorize(request.into_inner()) {
            log::info!("OK");
            Ok(Response::new(CheckResponse::with_status(Status::ok("OK"))))
        } else {
            log::info!("Unauthorized");
            Ok(Response::new(CheckResponse::with_status(
                Status::unauthenticated("Unauthorized"),
            )))
        }
    }
}