1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
use authzd::{CedarAuthorizer, CheckService};
use common::*;
use envoy_types::ext_authz::v3::pb::Authorization;
use envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest;
use std::sync::Arc;
mod authorization;
mod common;
#[tokio::test]
async fn test_success_response() {
let authorizer = Arc::new(CedarAuthorizer::new());
let server = CheckService::new(authorizer);
let request = tonic::Request::new(factory_bot::create_request(|item: &mut HttpRequest| {
item.headers = factory_bot::build_headers(vec![(
"authorization".to_string(),
"Bearer valid-token".to_string(),
)])
}));
let response = server.check(request).await;
assert!(response.is_ok());
let check_response = response.unwrap().into_inner();
assert!(check_response.status.is_some());
let status = check_response.status.unwrap();
assert_eq!(status.code, tonic::Code::Ok as i32);
}
#[tokio::test]
async fn test_multiple() {
let authorizer = Arc::new(CedarAuthorizer::new());
let server = CheckService::new(authorizer);
let test_cases = vec![
("Bearer valid-token", true),
("Bearer invalid-token", false),
("Basic valid-token", false),
("", false),
];
for (auth_value, should_succeed) in test_cases {
let request = tonic::Request::new(factory_bot::create_request(|item: &mut HttpRequest| {
item.headers = factory_bot::build_headers(vec![(
"authorization".to_string(),
auth_value.to_string(),
)]);
}));
let response = server.check(request).await;
assert!(response.is_ok());
let check_response = response.unwrap().into_inner();
let status = check_response.status.unwrap();
if should_succeed {
assert_eq!(status.code, tonic::Code::Ok as i32);
} else {
assert_eq!(status.code, tonic::Code::Unauthenticated as i32);
}
}
}
|
