blob: 9bbeaea581fd07242b9a5e0d4060e1976061bf11 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
use authzd::{CedarAuthorizer, CheckService};
use envoy_types::ext_authz::v3::pb::Authorization;
use std::sync::Arc;
mod common;
#[tokio::test]
async fn test_success_response() {
let authorizer = Arc::new(CedarAuthorizer::new());
let server = CheckService::new(authorizer);
let headers = common::create_headers_with_auth("Bearer valid-token");
let request = common::create_test_request_with_headers(headers);
let response = server.check(request).await;
assert!(response.is_ok());
let check_response = response.unwrap().into_inner();
assert!(check_response.status.is_some());
let status = check_response.status.unwrap();
assert_eq!(status.code, tonic::Code::Ok as i32);
}
#[tokio::test]
async fn test_multiple() {
let authorizer = Arc::new(CedarAuthorizer::new());
let server = CheckService::new(authorizer);
let test_cases = vec![
("Bearer valid-token", true),
("Bearer invalid-token", false),
("Basic valid-token", false),
("", false),
];
for (auth_value, should_succeed) in test_cases {
let headers = common::create_headers_with_auth(auth_value);
let request = common::create_test_request_with_headers(headers);
let response = server.check(request).await;
assert!(response.is_ok());
let check_response = response.unwrap().into_inner();
let status = check_response.status.unwrap();
if should_succeed {
assert_eq!(status.code, tonic::Code::Ok as i32);
} else {
assert_eq!(status.code, tonic::Code::Unauthenticated as i32);
}
}
}
|
