refactor: verify the id token on every request

author: mo khan <mo@mokhan.ca> 2025-04-16 17:01:39 -0600
committer: mo khan <mo@mokhan.ca> 2025-04-16 17:01:39 -0600
commit: 0b29a5a4ca71870ab138687e2fc71d6bce2754db (patch)
tree: 0c8897d6efd734b620eab22e8f86e7e9b4d202ea /app/app.go
parent: 9e83b4b2e95254ba51c66ed15f400d3bec5712f1 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/app/app.go b/app/app.go
index f76f4a7..51979a4 100644
--- a/app/app.go
+++ b/app/app.go
@@ -10,6 +10,7 @@ import (
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/health"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/sessions"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/sparkles"
+	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web/middleware"
 )
@@ -30,5 +31,6 @@ func New() http.Handler {
 	mux.Handle("GET /", http.FileServer(http.Dir("public")))
 
 	logger := ioc.MustResolve[*zerolog.Logger](ioc.Default)
-	return log.HTTP(logger)(middleware.UnpackToken()(mux))
+	oidc := ioc.MustResolve[*oidc.OpenID](ioc.Default)
+	return log.HTTP(logger)(middleware.UnpackToken(oidc)(mux))
 }
author	mo khan <mo@mokhan.ca>	2025-04-16 17:01:39 -0600
committer	mo khan <mo@mokhan.ca>	2025-04-16 17:01:39 -0600
commit	0b29a5a4ca71870ab138687e2fc71d6bce2754db (patch)
tree	0c8897d6efd734b620eab22e8f86e7e9b4d202ea /app/app.go
parent	9e83b4b2e95254ba51c66ed15f400d3bec5712f1 (diff)