2 files changed, 21 insertions, 2 deletions

diff --git a/lib/gitlab/middleware/multipart.rb b/lib/gitlab/middleware/multipart.rb
index a047015e54f..0b7b5e23b75 100644
--- a/lib/gitlab/middleware/multipart.rb
+++ b/lib/gitlab/middleware/multipart.rb
@@ -116,7 +116,7 @@ module Gitlab
           jwt_token = params[param_key]
           raise "Empty JWT param: #{param_key}" if jwt_token.blank?
 
-          payload = Gitlab::Workhorse.decode_jwt(jwt_token).first
+          payload = Gitlab::Workhorse.decode_jwt_with_issuer(jwt_token).first
           raise "Invalid JWT payload: not a Hash" unless payload.is_a?(Hash)
 
           upload_params = payload.fetch(JWT_PARAM_FIXED_KEY, {})
@@ -172,7 +172,7 @@ module Gitlab
         encoded_message = env.delete(RACK_ENV_KEY)
         return @app.call(env) if encoded_message.blank?
 
-        message = ::Gitlab::Workhorse.decode_jwt(encoded_message)[0]
+        message = ::Gitlab::Workhorse.decode_jwt_with_issuer(encoded_message)[0]
 
         ::Gitlab::Middleware::Multipart::Handler.new(env, message).with_open_files do
           @app.call(env)
diff --git a/lib/gitlab/middleware/webhook_recursion_detection.rb b/lib/gitlab/middleware/webhook_recursion_detection.rb
new file mode 100644
index 00000000000..2677445852c
--- /dev/null
+++ b/lib/gitlab/middleware/webhook_recursion_detection.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Middleware
+    class WebhookRecursionDetection
+      def initialize(app)
+        @app = app
+      end
+
+      def call(env)
+        headers = ActionDispatch::Request.new(env).headers
+
+        ::Gitlab::WebHooks::RecursionDetection.set_from_headers(headers)
+
+        @app.call(env)
+      end
+    end
+  end
+end