add authentication with zitadel

lib/policy_service_web/router.ex

@@ -8,6 +8,18 @@ defmodule PolicyServiceWeb.Router do
     plug OpenApiSpex.Plug.PutApiSpec, module: PolicyServiceWeb.ApiSpec
   end
 
+  pipeline :authenticated do
+    plug PolicyServiceWeb.Plugs.AuthenticationPlug,
+      provider: PolicyService.ZitadelProvider,
+      client_id: {__MODULE__, :get_zitadel_config, [:client_id]},
+      client_secret: {__MODULE__, :get_zitadel_config, [:client_secret]},
+      required_scopes: {__MODULE__, :get_zitadel_config, [:required_scopes]}
+  end
+
+  pipeline :authorized do
+    plug PolicyServiceWeb.Plugs.AuthorizationPlug
+  end
+
   get "/health", HealthController, :health
   get "/health/ready", HealthController, :ready
 
@@ -17,6 +29,8 @@ defmodule PolicyServiceWeb.Router do
     get "/openapi", OpenApiSpex.Plug.RenderSpec, []
 
     scope "/v1" do
+      pipe_through [:authenticated, :authorized]
+
       get "/policies", PolicyController, :index
       get "/policies/:application_id", PolicyController, :show
       post "/policies", PolicyController, :create
@@ -27,4 +41,8 @@ defmodule PolicyServiceWeb.Router do
   scope "/swaggerui" do
     get "/", OpenApiSpex.Plug.SwaggerUI, path: "/api/openapi"
   end
+
+  def get_zitadel_config(key) do
+    Application.get_env(:policy_service, :zitadel)[key]
+  end
 end