func WithAuth()

in service/middleware/middleware.go [60:79]

• 15 lines of code
• 3 McCabe index (conditional complexity)

func WithAuth(h http.Handler) http.HandlerFunc {
	return func(resp http.ResponseWriter, req *http.Request) {
	  if strings.HasSuffix(req.URL.Path, "/_prout") {
	    // https://github.com/guardian/prout needs no auth, so we skip it for **/_prout
	    h.ServeHTTP(resp, req)
	    return
	  }

		// See https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html#user-claims-encoding
		tokenString := req.Header.Get("x-amzn-oidc-data")
		err := auth(tokenString, keyFunc, []string{"ES256"})

		if err != nil {
			statusForbidden(resp, err)
			return
		}

		h.ServeHTTP(resp, req)
	}
}