docs: add missing code comments in the middlewares

services/collaboration/pkg/middleware/proofkeys.go

@@ -10,6 +10,16 @@ import (
 	"github.com/rs/zerolog"
 )
 
+// ProofKeysMiddleware will verify the proof keys of the requests.
+// This is a middleware that could be disabled / not set.
+//
+// Requests will fail with a 500 HTTP status if the verification fails.
+// As said, this can be disabled (via configuration) if you want to skip
+// the verification.
+// The middleware requires hitting the "/hosting/discovery" endpoint of the
+// WOPI app in order to get the keys. The keys will be cached in memory for
+// 12 hours (or the configured value) before hitting the endpoint again to
+// request new / updated keys.
 func ProofKeysMiddleware(cfg *config.Config, next http.Handler) http.Handler {
 	wopiDiscovery := cfg.App.Addr + "/hosting/discovery"
 	insecure := cfg.App.Insecure

services/collaboration/pkg/middleware/tracing.go

@@ -7,6 +7,13 @@ import (
 	"go.opentelemetry.io/otel/trace"
 )
 
+// CollaborationTracingMiddleware adds a new middleware in order to include
+// more attributes in the traced span.
+//
+// In order not to mess with the expected responses, this middleware won't do
+// anything if there is no available WOPI context set in the request (there is
+// nothing to report). This means that the WopiContextAuthMiddleware should be
+// set before this middleware.
 func CollaborationTracingMiddleware(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		wopiContext, err := WopiContextFromCtx(r.Context())