fix: bearer token encryption (#1524)

* fix: bearer token encryption

* remove some todos

internal/authz/repository/eventsourcing/eventstore/token_verifier.go

@@ -26,7 +26,7 @@ import (
 )
 
 type TokenVerifierRepo struct {
-	TokenVerificationKey [32]byte
+	TokenVerificationKey crypto.EncryptionAlgorithm
 	IAMID                string
 	Eventstore           v1.Eventstore
 	View                 *view.View
@@ -68,8 +68,7 @@ func (repo *TokenVerifierRepo) TokenByID(ctx context.Context, tokenID, userID st
 func (repo *TokenVerifierRepo) VerifyAccessToken(ctx context.Context, tokenString, clientID string) (userID string, agentID string, prefLang, resourceOwner string, err error) {
 	ctx, span := tracing.NewSpan(ctx)
 	defer func() { span.EndWithError(err) }()
-	//TODO: use real key
-	tokenIDSubject, err := crypto.DecryptAESString(tokenString, string(repo.TokenVerificationKey[:32]))
+	tokenIDSubject, err := repo.TokenVerificationKey.DecryptString([]byte(tokenString), repo.TokenVerificationKey.EncryptionKeyID())
 	if err != nil {
 		return "", "", "", "", caos_errs.ThrowUnauthenticated(nil, "APP-8EF0zZ", "invalid token")
 	}