feat: connect to the remove authorization daemon

author: mo khan <mo@mokhan.ca> 2025-06-26 14:36:34 -0600
committer: mo khan <mo@mokhan.ca> 2025-06-26 14:36:34 -0600
commit: feca0a2a1680a0071e8223adcc861d8c0cc8aea9 (patch)
tree: 436f5830b803223da24ee9e3ea0d1f011cfb6435 /pkg/authz/check_service.go
parent: 0275f5dca7c66640587294b95ce396dd6d6a02c8 (diff)
1 files changed, 17 insertions, 3 deletions
diff --git a/pkg/authz/check_service.go b/pkg/authz/check_service.go
index 7057558..48f6d88 100644
--- a/pkg/authz/check_service.go
+++ b/pkg/authz/check_service.go
@@ -35,18 +35,32 @@ var public map[string]bool = map[string]bool{
 }
 
 type CheckService struct {
+	client auth.AuthorizationClient
 	auth.UnimplementedAuthorizationServer
 }
 
-func NewCheckService() *CheckService {
-	return &CheckService{}
+func NewCheckService(client auth.AuthorizationClient) *CheckService {
+	return &CheckService{
+		client: client,
+	}
 }
 
 func (svc *CheckService) Check(ctx context.Context, request *auth.CheckRequest) (*auth.CheckResponse, error) {
 	if svc.isAllowed(ctx, request) {
 		return svc.OK(ctx), nil
 	}
-	return svc.Denied(ctx), nil
+
+	if x.IsZero(svc.client) {
+		return svc.Denied(ctx), nil
+	}
+
+	response, err := svc.client.Check(ctx, request)
+	if err != nil {
+		pls.LogError(ctx, err)
+		return svc.Denied(ctx), nil
+	}
+	log.WithFields(ctx, log.Fields{"authzd": response})
+	return response, err
 }
 
 func (svc *CheckService) isPublic(ctx context.Context, r *auth.CheckRequest) bool {
author	mo khan <mo@mokhan.ca>	2025-06-26 14:36:34 -0600
committer	mo khan <mo@mokhan.ca>	2025-06-26 14:36:34 -0600
commit	feca0a2a1680a0071e8223adcc861d8c0cc8aea9 (patch)
tree	436f5830b803223da24ee9e3ea0d1f011cfb6435 /pkg/authz/check_service.go
parent	0275f5dca7c66640587294b95ce396dd6d6a02c8 (diff)