fail basic auth also when no authorize header present

Signed-off-by: Ivan Porto Carrero <ivan@flanders.co.nz>

Author: casualjim

middleware/router_test.go

@@ -50,7 +50,7 @@ func TestRouterMiddleware(t *testing.T) {
 	assert.Equal(t, http.StatusMethodNotAllowed, recorder.Code)
 
 	methods := strings.Split(recorder.Header().Get("Allow"), ",")
-	sort.Sort(sort.StringSlice(methods))
+	sort.Strings(methods)
 	assert.Equal(t, "GET,POST", strings.Join(methods, ","))
 
 	recorder = httptest.NewRecorder()
@@ -82,7 +82,7 @@ func TestRouterMiddleware(t *testing.T) {
 	assert.Equal(t, http.StatusMethodNotAllowed, recorder.Code)
 
 	methods = strings.Split(recorder.Header().Get("Allow"), ",")
-	sort.Sort(sort.StringSlice(methods))
+	sort.Strings(methods)
 	assert.Equal(t, "GET,POST", strings.Join(methods, ","))
 
 	recorder = httptest.NewRecorder()
@@ -232,11 +232,11 @@ func TestPathConverter(t *testing.T) {
 func TestExtractCompositParameters(t *testing.T) {
 	// name is the composite parameter's name, value is the value of this composit parameter, pattern is the pattern to be matched
 	cases := []struct {
-		name string
-		value string
+		name    string
+		value   string
 		pattern string
-		names []string
-		values []string
+		names   []string
+		values  []string
 	}{
 		{name: "fragment", value: "gie", pattern: "e", names: []string{"fragment"}, values: []string{"gi"}},
 		{name: "fragment", value: "t.simpson", pattern: ".{subfragment}", names: []string{"fragment", "subfragment"}, values: []string{"t", "simpson"}},

middleware/spec.go

@@ -34,7 +34,7 @@ func Spec(basePath string, b []byte, next http.Handler) http.Handler {
 			rw.Header().Set("Content-Type", "application/json")
 			rw.WriteHeader(http.StatusOK)
 			//#nosec
-			rw.Write(b)
+			_, _ = rw.Write(b)
 			return
 		}
 

middleware/untyped/api.go

@@ -245,8 +245,8 @@ func (d *API) validate() error {
 
 func (d *API) verify(name string, registrations []string, expectations []string) error {
 
-	sort.Sort(sort.StringSlice(registrations))
-	sort.Sort(sort.StringSlice(expectations))
+	sort.Strings(registrations)
+	sort.Strings(expectations)
 
 	expected := map[string]struct{}{}
 	seen := map[string]struct{}{}
@@ -271,8 +271,8 @@ func (d *API) verify(name string, registrations []string, expectations []string)
 	for k := range expected {
 		unregistered = append(unregistered, k)
 	}
-	sort.Sort(sort.StringSlice(unspecified))
-	sort.Sort(sort.StringSlice(unregistered))
+	sort.Strings(unspecified)
+	sort.Strings(unregistered)
 
 	if len(unregistered) > 0 || len(unspecified) > 0 {
 		return &errors.APIVerificationFailed{

middleware/untyped/api_test.go

@@ -247,15 +247,15 @@ func TestUntypedAppValidation(t *testing.T) {
 	api2.RegisterProducer("application/x-yaml", new(stubProducer))
 
 	expected := []string{"application/x-yaml"}
-	sort.Sort(sort.StringSlice(expected))
+	sort.Strings(expected)
 	consumes := analyzed.ConsumesFor(analyzed.AllPaths()["/"].Get)
-	sort.Sort(sort.StringSlice(consumes))
+	sort.Strings(consumes)
 	assert.Equal(t, expected, consumes)
 	consumers := api1.ConsumersFor(consumes)
 	assert.Len(t, consumers, 1)
 
 	produces := analyzed.ProducesFor(analyzed.AllPaths()["/"].Get)
-	sort.Sort(sort.StringSlice(produces))
+	sort.Strings(produces)
 	assert.Equal(t, expected, produces)
 	producers := api1.ProducersFor(produces)
 	assert.Len(t, producers, 1)

security/authenticator.go

@@ -96,18 +96,19 @@ func BasicAuth(authenticate UserPassAuthentication) runtime.Authenticator {
 
 // BasicAuthBasicAuthRealm creates a basic auth authenticator with the provided authentication function and realm name
 func BasicAuthRealm(realm string, authenticate UserPassAuthentication) runtime.Authenticator {
+	if realm == "" {
+		realm = DefaultRealmName
+	}
+
 	return HttpAuthenticator(func(r *http.Request) (bool, interface{}, error) {
 		if usr, pass, ok := r.BasicAuth(); ok {
 			p, err := authenticate(usr, pass)
 			if err != nil {
-				if realm == "" {
-					realm = DefaultRealmName
-				}
 				*r = *r.WithContext(context.WithValue(r.Context(), failedBasicAuth, realm))
 			}
 			return true, p, err
 		}
-
+		*r = *r.WithContext(context.WithValue(r.Context(), failedBasicAuth, realm))
 		return false, nil, nil
 	})
 }
@@ -132,7 +133,7 @@ func BasicAuthRealmCtx(realm string, authenticate UserPassAuthenticationCtx) run
 			*r = *r.WithContext(ctx)
 			return true, p, err
 		}
-
+		*r = *r.WithContext(context.WithValue(r.Context(), failedBasicAuth, realm))
 		return false, nil, nil
 	})
 }