source formatting

Signed-off-by: Ciro S. Costa <utxobr@protonmail.com>

pkg/http/client.go

@@ -93,9 +93,7 @@ func NewClient(cfg ClientConfig) (*http.Client, error) {
 		return nil, fmt.Errorf("validate: %w", err)
 	}
 
-	tlsConfig := &tls.Config{
-		MinVersion: tls.VersionTLS12,
-	}
+	tlsConfig := &tls.Config{MinVersion: tls.VersionTLS12}
 	if cfg.TLSCACert != "" {
 		if err := WithCACert(cfg.TLSCACert)(tlsConfig); err != nil {
 			return nil, fmt.Errorf("with tls ca cert: %w", err)
@@ -125,14 +123,14 @@ func NewClient(cfg ClientConfig) (*http.Client, error) {
 	}
 
 	if cfg.Verbose {
-		WithTransport(NewDumpTransport(client.Transport))(client)
+		client.Transport = NewDumpTransport(client.Transport)
 	}
 
 	if cfg.Username != "" {
-		WithTransport(NewDigestAuthTransport(
+		client.Transport = NewDigestAuthTransport(
 			cfg.Username, cfg.Password,
 			client.Transport,
-		))(client)
+		)
 	}
 
 	return client, nil

pkg/http/digest_auth.go

@@ -22,9 +22,9 @@ import (
 // care of http digest authentication.
 //
 type DigestAuthTransport struct {
-	Username  string
-	Password  string
-	transport http.RoundTripper
+	Username string
+	Password string
+	rt       http.RoundTripper
 }
 
 // NewDigestAuthTransport creates a new digest transport using the
@@ -34,9 +34,9 @@ func NewDigestAuthTransport(
 	username, password string, rt http.RoundTripper,
 ) *DigestAuthTransport {
 	return &DigestAuthTransport{
-		Username:  username,
-		Password:  password,
-		transport: rt,
+		Username: username,
+		Password: password,
+		rt:       rt,
 	}
 }
 
@@ -65,55 +65,46 @@ func (t *DigestAuthTransport) newCredentials(
 func (t *DigestAuthTransport) RoundTrip(
 	req *http.Request,
 ) (*http.Response, error) {
-	// copy the request so we don't modify the input.
-	req2 := new(http.Request)
-	*req2 = *req
-	req2.Header = make(http.Header)
-	for k, s := range req.Header {
-		req2.Header[k] = s
-	}
+	finalRequest := req.Clone(req.Context())
 
-	// we need two readers for the body.
 	if req.Body != nil {
-		tmp, err := ioutil.ReadAll(req.Body)
+		bodyContents, err := ioutil.ReadAll(req.Body)
 		if err != nil {
 			return nil, fmt.Errorf("read all body: %w", err)
 		}
 
-		reqBody01 := ioutil.NopCloser(bytes.NewBuffer(tmp))
-		reqBody02 := ioutil.NopCloser(bytes.NewBuffer(tmp))
+		reqBody01 := io.NopCloser(bytes.NewBuffer(bodyContents))
+		reqBody02 := io.NopCloser(bytes.NewBuffer(bodyContents))
 
 		req.Body = reqBody01
-		req2.Body = reqBody02
+		finalRequest.Body = reqBody02
 	}
 
 	// make a request to get the 401 that contains the challenge.
-	resp, err := t.transport.RoundTrip(req)
+	resp, err := t.rt.RoundTrip(req)
 	if err != nil {
 		return nil, fmt.Errorf("round trip err: %w", err)
 	}
-	if resp.StatusCode != 401 {
+	if resp.StatusCode != 401 { // cool, reached what we needed
 		return resp, nil
 	}
 
-	chal := resp.Header.Get("WWW-Authenticate")
-	c, err := parseChallenge(chal)
+	chal, err := parseChallenge(resp.Header.Get("WWW-Authenticate"))
 	if err != nil {
 		return nil, fmt.Errorf("parse challange: %w", err)
 	}
 
 	// form credentials based on the challenge.
-	cr := t.newCredentials(req2, c)
+	cr := t.newCredentials(finalRequest, chal)
 	auth, err := cr.authorize()
 	if err != nil {
 		return nil, fmt.Errorf("authorize: %w", err)
 	}
 
-	// we'll no longer use the initial response, so close it
-	resp.Body.Close()
-	// Make authenticated request.
-	req2.Header.Set("Authorization", auth)
-	return t.transport.RoundTrip(req2)
+	// resp.Body.Close()
+	finalRequest.Header.Set("Authorization", auth)
+	resp2, err := t.rt.RoundTrip(finalRequest)
+	return resp2, err
 }
 
 type challenge struct {
@@ -207,7 +198,11 @@ func (c *credentials) resp() (string, error) {
 	}
 
 	b := make([]byte, 8)
-	io.ReadFull(rand.Reader, b)
+	_, err := io.ReadFull(rand.Reader, b)
+	if err != nil {
+		return "", fmt.Errorf("read full: %w", err)
+	}
+
 	c.Cnonce = fmt.Sprintf("%x", b)[:16]
 
 	data := fmt.Sprintf("%s:%08x:%s:%s:%s",