middleware: equalize lengths of input (#1934)

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

internal/middleware/middleware_test.go

@@ -155,3 +155,46 @@ func TestValidateSignature(t *testing.T) {
 		})
 	}
 }
+
+func TestRequireBasicAuth(t *testing.T) {
+	t.Parallel()
+
+	fn := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		fmt.Fprint(w, http.StatusText(http.StatusOK))
+		w.WriteHeader(http.StatusOK)
+	})
+
+	tests := []struct {
+		name       string
+		givenUser  string
+		givenPass  string
+		wantUser   string
+		wantPass   string
+		wantStatus int
+	}{
+		{"good", "foo", "bar", "foo", "bar", 200},
+		{"bad pass", "foo", "bar", "foo", "buzz", 401},
+		{"bad user", "foo", "bar", "buzz", "bar", 401},
+		{"empty", "", "", "", "", 401}, // don't add auth
+		{"empty user", "", "bar", "", "bar", 200},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			req, err := http.NewRequest(http.MethodGet, "/", nil)
+			if err != nil {
+				t.Fatal(err)
+			}
+			if tt.givenUser != "" || tt.givenPass != "" {
+				req.SetBasicAuth(tt.givenUser, tt.givenPass)
+			}
+
+			rr := httptest.NewRecorder()
+			handler := RequireBasicAuth(tt.wantUser, tt.wantPass)(fn)
+			handler.ServeHTTP(rr, req)
+			if status := rr.Code; status != tt.wantStatus {
+				t.Errorf("RequireBasicAuth() error = %v, wantErr %v\n%v", rr.Result().StatusCode, tt.wantStatus, rr.Body.String())
+			}
+		})
+	}
+}