1 files changed, 22 insertions, 2 deletions

diff --git a/pkg/web/middleware/user_test.go b/pkg/web/middleware/user_test.go
index 7119b41..cde7dec 100644
--- a/pkg/web/middleware/user_test.go
+++ b/pkg/web/middleware/user_test.go
@@ -6,16 +6,36 @@ import (
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/db"
+	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/domain"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/key"
+	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/test"
 )
 
 func TestUser(t *testing.T) {
-	middleware := User()
+	repository := db.NewRepository[*domain.User]()
+	middleware := User(repository)
+
+	knownUser := &domain.User{ID: "1"}
+	require.NoError(t, repository.Save(knownUser))
 
 	t.Run("when an ID Token is found in the context", func(t *testing.T) {
-		t.Run("When the user is found in the db", func(t *testing.T) {
+		t.Run("when the user is found in the db", func(t *testing.T) {
+			server := middleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				user := key.CurrentUser.From(r.Context())
+				require.NotNil(t, user)
+
+				w.WriteHeader(http.StatusTeapot)
+			}))
+
+			idToken := &oidc.IDToken{Subject: knownUser.ID}
+			ctx := key.IDToken.With(t.Context(), idToken)
+
+			r, w := test.RequestResponse("GET", "/example", test.WithContext(ctx))
+			server.ServeHTTP(w, r)
 
+			assert.Equal(t, http.StatusTeapot, w.Code)
 		})
 
 		t.Run("when the user is not found in the db", func(t *testing.T) {