From ac2a55ef7c28d80db57290a59385ca62ede8ebda Mon Sep 17 00:00:00 2001
From: Geoffroy Couprie <contact@geoffroycouprie.com>
Date: Sun, 26 May 2024 12:08:21 +0200
Subject: [PATCH 1/5] use codspeed to report benchmarks

---
 .github/workflows/codspeed.yml | 32 ++++++++++++++++++++++++++++++++
 biscuit-auth/Cargo.toml        |  1 +
 biscuit-auth/benches/token.rs  |  5 +----
 3 files changed, 34 insertions(+), 4 deletions(-)
 create mode 100644 .github/workflows/codspeed.yml

diff --git a/.github/workflows/codspeed.yml b/.github/workflows/codspeed.yml
new file mode 100644
index 00000000..bc73f081
--- /dev/null
+++ b/.github/workflows/codspeed.yml
@@ -0,0 +1,32 @@
+name: codspeed-benchmarks
+
+on:
+  push:
+    branches:
+      - "main"
+  pull_request:
+  # `workflow_dispatch` allows CodSpeed to trigger backtest
+  # performance analysis in order to generate initial data.
+  workflow_dispatch:
+
+jobs:
+  benchmarks:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Setup rust toolchain, cache and cargo-codspeed binary
+        uses: moonrepo/setup-rust@v0
+        with:
+          channel: stable
+          cache-target: release
+          bins: cargo-codspeed
+
+      - name: Build the benchmark target(s)
+        run: cargo codspeed build -p biscuit-auth
+
+      - name: Run the benchmarks
+        uses: CodSpeedHQ/action@v2
+        with:
+          run: cargo codspeed run -p biscuit-auth
+          token: ${{ secrets.CODSPEED_TOKEN }}
\ No newline at end of file
diff --git a/biscuit-auth/Cargo.toml b/biscuit-auth/Cargo.toml
index 8e6b0148..4e100841 100644
--- a/biscuit-auth/Cargo.toml
+++ b/biscuit-auth/Cargo.toml
@@ -59,6 +59,7 @@ colored-diff = "0.2.3"
 prost-build = "0.10"
 serde = { version = "1.0.130", features = ["derive"] }
 serde_json = "1.0.67"
+codspeed-bencher-compat = "2.6.0"
 
 #[build-dependencies]
 #prost-build = "0.10"
diff --git a/biscuit-auth/benches/token.rs b/biscuit-auth/benches/token.rs
index 814b6e79..635ae7cf 100644
--- a/biscuit-auth/benches/token.rs
+++ b/biscuit-auth/benches/token.rs
@@ -1,12 +1,9 @@
-#[macro_use]
-extern crate bencher;
-
 extern crate biscuit_auth as biscuit;
 
-use bencher::Bencher;
 use biscuit::{
     builder::*, builder_ext::BuilderExt, datalog::SymbolTable, Biscuit, KeyPair, UnverifiedBiscuit,
 };
+use codspeed_bencher_compat::{benchmark_group, benchmark_main, Bencher};
 use rand::rngs::OsRng;
 
 fn create_block_1(b: &mut Bencher) {

From 723558dafdb590e77463f3e63fe675c7763db96d Mon Sep 17 00:00:00 2001
From: Geoffroy Couprie <contact@geoffroycouprie.com>
Date: Sun, 26 May 2024 12:35:17 +0200
Subject: [PATCH 2/5] fix

---
 biscuit-auth/benches/token.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/biscuit-auth/benches/token.rs b/biscuit-auth/benches/token.rs
index 635ae7cf..4c2ed873 100644
--- a/biscuit-auth/benches/token.rs
+++ b/biscuit-auth/benches/token.rs
@@ -242,7 +242,7 @@ fn verify_block_2(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
+    let _ = verifier.authorize();
 
     b.bytes = data.len() as u64;
     b.iter(|| {
@@ -251,7 +251,7 @@ fn verify_block_2(b: &mut Bencher) {
         verifier.add_fact("resource(\"file1\")");
         verifier.add_fact("operation(\"read\")");
         verifier.allow();
-        verifier.authorize().unwrap();
+        let _ = verifier.authorize();
     });
 }
 

From 89c57158e9a1f8c94c67241b0b44fc2c83f1fde4 Mon Sep 17 00:00:00 2001
From: Geoffroy Couprie <contact@geoffroycouprie.com>
Date: Sun, 26 May 2024 13:25:17 +0200
Subject: [PATCH 3/5] fix

---
 biscuit-auth/benches/token.rs | 32 ++++++++++++++++++++++++++------
 1 file changed, 26 insertions(+), 6 deletions(-)

diff --git a/biscuit-auth/benches/token.rs b/biscuit-auth/benches/token.rs
index 4c2ed873..7e6cec98 100644
--- a/biscuit-auth/benches/token.rs
+++ b/biscuit-auth/benches/token.rs
@@ -1,7 +1,8 @@
 extern crate biscuit_auth as biscuit;
 
 use biscuit::{
-    builder::*, builder_ext::BuilderExt, datalog::SymbolTable, Biscuit, KeyPair, UnverifiedBiscuit,
+    builder::*, builder_ext::BuilderExt, datalog::SymbolTable, AuthorizerLimits, Biscuit, KeyPair,
+    UnverifiedBiscuit,
 };
 use codspeed_bencher_compat::{benchmark_group, benchmark_main, Bencher};
 use rand::rngs::OsRng;
@@ -242,8 +243,12 @@ fn verify_block_2(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    let _ = verifier.authorize();
-
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
     b.bytes = data.len() as u64;
     b.iter(|| {
         let token = Biscuit::from(&data, &root.public()).unwrap();
@@ -251,7 +256,12 @@ fn verify_block_2(b: &mut Bencher) {
         verifier.add_fact("resource(\"file1\")");
         verifier.add_fact("operation(\"read\")");
         verifier.allow();
-        let _ = verifier.authorize();
+        verifier
+            .authorize_with_limits(AuthorizerLimits {
+                max_time: Duration::from_secs(10),
+                ..Default::default()
+            })
+            .unwrap();
     });
 }
 
@@ -311,7 +321,12 @@ fn verify_block_5(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
 
     b.bytes = data.len() as u64;
     b.iter(|| {
@@ -320,7 +335,12 @@ fn verify_block_5(b: &mut Bencher) {
         verifier.add_fact("resource(\"file1\")");
         verifier.add_fact("operation(\"read\")");
         verifier.allow();
-        verifier.authorize().unwrap();
+        verifier
+            .authorize_with_limits(AuthorizerLimits {
+                max_time: Duration::from_secs(10),
+                ..Default::default()
+            })
+            .unwrap();
     });
 }
 

From b00ec8e5352dc3692b2d228e23a7325f1d7f2402 Mon Sep 17 00:00:00 2001
From: Geoffroy Couprie <contact@geoffroycouprie.com>
Date: Sun, 26 May 2024 13:52:24 +0200
Subject: [PATCH 4/5] missing import

---
 biscuit-auth/benches/token.rs | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/biscuit-auth/benches/token.rs b/biscuit-auth/benches/token.rs
index 7e6cec98..07c95c6a 100644
--- a/biscuit-auth/benches/token.rs
+++ b/biscuit-auth/benches/token.rs
@@ -1,5 +1,7 @@
 extern crate biscuit_auth as biscuit;
 
+use std::time::Duration;
+
 use biscuit::{
     builder::*, builder_ext::BuilderExt, datalog::SymbolTable, AuthorizerLimits, Biscuit, KeyPair,
     UnverifiedBiscuit,

From 0e83d97a879f6031cc5ffd5939b36f05d83ef9fa Mon Sep 17 00:00:00 2001
From: Geoffroy Couprie <contact@geoffroycouprie.com>
Date: Sun, 26 May 2024 14:36:31 +0200
Subject: [PATCH 5/5] more fixes

---
 biscuit-auth/benches/token.rs | 49 ++++++++++++++++++++++++++++++-----
 1 file changed, 42 insertions(+), 7 deletions(-)

diff --git a/biscuit-auth/benches/token.rs b/biscuit-auth/benches/token.rs
index 07c95c6a..e68279dd 100644
--- a/biscuit-auth/benches/token.rs
+++ b/biscuit-auth/benches/token.rs
@@ -375,7 +375,12 @@ fn check_signature_2(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
 
     b.bytes = data.len() as u64;
     b.iter(|| {
@@ -438,7 +443,12 @@ fn check_signature_5(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
 
     b.bytes = data.len() as u64;
     b.iter(|| {
@@ -475,7 +485,12 @@ fn checks_block_2(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
 
     let token = Biscuit::from(&data, &root.public()).unwrap();
     b.bytes = data.len() as u64;
@@ -484,7 +499,12 @@ fn checks_block_2(b: &mut Bencher) {
         verifier.add_fact("resource(\"file1\")");
         verifier.add_fact("operation(\"read\")");
         verifier.allow();
-        verifier.authorize().unwrap();
+        verifier
+            .authorize_with_limits(AuthorizerLimits {
+                max_time: Duration::from_secs(10),
+                ..Default::default()
+            })
+            .unwrap();
     });
 }
 
@@ -517,7 +537,12 @@ fn checks_block_create_verifier2(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
 
     let token = Biscuit::from(&data, &root.public()).unwrap();
     b.bytes = data.len() as u64;
@@ -555,7 +580,12 @@ fn checks_block_verify_only2(b: &mut Bencher) {
     verifier.add_fact("resource(\"file1\")");
     verifier.add_fact("operation(\"read\")");
     verifier.allow();
-    verifier.authorize().unwrap();
+    verifier
+        .authorize_with_limits(AuthorizerLimits {
+            max_time: Duration::from_secs(10),
+            ..Default::default()
+        })
+        .unwrap();
 
     let token = Biscuit::from(&data, &root.public()).unwrap();
     b.iter(|| {
@@ -563,7 +593,12 @@ fn checks_block_verify_only2(b: &mut Bencher) {
         verifier.add_fact("resource(\"file1\")");
         verifier.add_fact("operation(\"read\")");
         verifier.allow();
-        verifier.authorize().unwrap();
+        verifier
+            .authorize_with_limits(AuthorizerLimits {
+                max_time: Duration::from_secs(10),
+                ..Default::default()
+            })
+            .unwrap();
     });
 }