fix: fix up tests and linting

3 files changed, 23 insertions, 11 deletions

diff --git a/internal/authz/middleware.go b/internal/authz/middleware.go
index a35b6b4..6763323 100644
--- a/internal/authz/middleware.go
+++ b/internal/authz/middleware.go
@@ -1,3 +1,4 @@
+// authentication and authorization module
 package authz
 
 import (
@@ -11,6 +12,13 @@ import (
 	"golang.org/x/crypto/bcrypt"
 )
 
+// AuthzContextKey key used to store urn of user in context
+type AuthzContextKey string
+
+var (
+	AuthzUrnKey AuthzContextKey = "goGitAuthzUrn"
+)
+
 func Authentication(authMap TokenMap, next http.Handler) http.Handler {
 	return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
 		u, p, ok := req.BasicAuth()
@@ -34,7 +42,7 @@ func Authentication(authMap TokenMap, next http.Handler) http.Handler {
 			http.Error(rw, "Bad Request", http.StatusForbidden)
 			return
 		}
-		ctx := context.WithValue(req.Context(), "urn", urn)
+		ctx := context.WithValue(req.Context(), AuthzUrnKey, urn)
 		next.ServeHTTP(rw, req.WithContext(ctx))
 	})
 }
@@ -43,7 +51,10 @@ func Authentication(authMap TokenMap, next http.Handler) http.Handler {
 func Authorization(adminSvc *admin.Servicer, next http.Handler) http.Handler {
 	return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
 		ctx := req.Context()
-		urn := ctx.Value("urn").(string)
+		urn, ok := ctx.Value(AuthzUrnKey).(string)
+		if !ok || urn == "" {
+			http.Error(rw, "Bad Request", http.StatusBadRequest)
+		}
 		repo := req.URL.Path
 		action := req.Method
 		ok, err := adminSvc.Enforce(urn, repo, action)
diff --git a/internal/authz/middleware_test.go b/internal/authz/middleware_test.go
index cc3f6d1..9ed9081 100644
--- a/internal/authz/middleware_test.go
+++ b/internal/authz/middleware_test.go
@@ -40,11 +40,10 @@ func TestAuthentication(t *testing.T) {
 			description: "Good Login",
 			handler: func(rw http.ResponseWriter, req *http.Request) {
 				ctx := req.Context()
-				uid := ctx.Value("urn")
+				uid := ctx.Value(AuthzUrnKey)
 				if uid != fmt.Sprintf("uid:%s", okUserName) {
 					t.Fatal("Context UID not set")
 				}
-
 			},
 		},
 		{
@@ -72,6 +71,7 @@ func TestAuthentication(t *testing.T) {
 		recorder := httptest.NewRecorder()
 		authHandler.ServeHTTP(recorder, req)
 		result := recorder.Result()
+		defer result.Body.Close()
 		if result.StatusCode != tc.statusCode {
 			t.Fatalf("Test Case %s failed Expected: %d Found: %d",
 				tc.description, tc.statusCode, result.StatusCode)
@@ -94,13 +94,13 @@ func TestAuthorization(t *testing.T) {
 			url:            fmt.Sprintf("%s/%s", baseURL, "repo/url"),
 			user:           "uid:jack",
 			expectedStatus: 200,
-			description:    "an autorized action should yield a 200",
+			description:    "an authorized action should yield a 200",
 		},
 		{
 			url:            fmt.Sprintf("%s/%s", baseURL, "repo/url/bar"),
 			user:           "uid:chumba",
 			expectedStatus: 403,
-			description:    "an unautorized action should yield a 403",
+			description:    "an unauthorized action should yield a 403",
 		},
 	}
 	svcr := admin.NewService(
@@ -115,12 +115,13 @@ func TestAuthorization(t *testing.T) {
 		recorder := httptest.NewRecorder()
 		req := httptest.NewRequest(http.MethodGet, tc.url, nil)
 		ctx := req.Context()
-		ctx = context.WithValue(ctx, "urn", tc.user)
+		ctx = context.WithValue(ctx, AuthzUrnKey, tc.user)
 		req = req.WithContext(ctx)
 		authHandler.ServeHTTP(recorder, req)
 		result := recorder.Result()
+		defer result.Body.Close()
 		if result.StatusCode != tc.expectedStatus {
-			t.Fatalf("Test Case failed Expected: %d Found: %d", tc.expectedStatus, result.StatusCode)
+			t.Fatalf("Test Case %s failed Expected: %d Found: %d", tc.description, tc.expectedStatus, result.StatusCode)
 		}
 	}
 }
diff --git a/internal/authz/model.go b/internal/authz/model.go
index cf9c952..efa78f7 100644
--- a/internal/authz/model.go
+++ b/internal/authz/model.go
@@ -19,7 +19,7 @@ func NewTokenMap() TokenMap {
 // TokenMap a map of username,hash
 type TokenMap map[string]string
 
-// LoadTokens load tokens from a csv into a map
+// LoadTokensFromFile load tokens from a csv into a map
 func (tm TokenMap) LoadTokensFromFile(path string) error {
 	// TODO this should be configurable
 	contents, err := os.Open(path)
@@ -45,8 +45,8 @@ func (tm TokenMap) LoadTokensFromFile(path string) error {
 func GenerateNewToken() (string, string, error) {
 	tokenBytes := make([]byte, 28)
 	for i := range tokenBytes {
-		max := big.NewInt(int64(255))
-		randInt, err := rand.Int(rand.Reader, max)
+		maxInt := big.NewInt(int64(255))
+		randInt, err := rand.Int(rand.Reader, maxInt)
 		if err != nil {
 			return "", "", err
 		}