added another test

Signed-off-by: tjons <tyler.schade@solo.io>

internal/internal_test.go

@@ -1263,6 +1263,60 @@ func TestConfigWithProtoDescriptor(t *testing.T) {
 	}
 }
 
+func TestCheckAllowObjectDecisionDynamicMetadata(t *testing.T) {
+	var req ext_authz.CheckRequest
+	if err := util.Unmarshal([]byte(exampleAllowedRequestParsedPath), &req); err != nil {
+		panic(err)
+	}
+
+	module := `
+		package envoy.authz
+	
+		default allow = false
+
+		allow {
+			input.parsed_path = ["my", "test", "path"]
+		}
+
+		dynamic_metadata["foo"] = "bar"
+		dynamic_metadata["bar"] = "baz"
+
+		result["allowed"] = allow
+		result["dynamic_metadata"] = dynamic_metadata
+	`
+
+	server := testAuthzServerWithModule(module, "envoy/authz/result", nil, withCustomLogger(&testPlugin{}))
+	ctx := context.Background()
+	output, err := server.Check(ctx, &req)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if output.Status.Code != int32(code.Code_OK) {
+		t.Fatalf("Expected request to be allowed but got: %v", output)
+	}
+
+	response := output.GetOkResponse()
+	if response == nil {
+		t.Fatal("Expected OkHttpResponse struct but got nil")
+	}
+
+	assertDynamicMetadata(t, &_structpb.Struct{
+		Fields: map[string]*_structpb.Value{
+			"foo": {
+				Kind: &_structpb.Value_StringValue{
+					StringValue: "bar",
+				},
+			},
+			"bar": {
+				Kind: &_structpb.Value_StringValue{
+					StringValue: "baz",
+				},
+			},
+		},
+	}, output.GetDynamicMetadata())
+}
+
 func TestCheckAllowObjectDecisionReqHeadersToRemove(t *testing.T) {
 	var req ext_authz.CheckRequest
 	if err := util.Unmarshal([]byte(exampleAllowedRequestParsedPath), &req); err != nil {