From a4cd839b8a53e2e3c789e67756ad71250eed7be3 Mon Sep 17 00:00:00 2001
From: Christoph Polcin <coco@miconoco.de>
Date: Wed, 7 Jun 2023 17:57:15 +0200
Subject: [PATCH] Adds len checks to negoAuth

---
 auth.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/auth.go b/auth.go
index b705fdc..b57511b 100644
--- a/auth.go
+++ b/auth.go
@@ -285,11 +285,17 @@ func (s *authShim) String() string {
 
 // Authorize authorizes the current request with the top most Authorizer
 func (n *negoAuth) Authorize(c *http.Client, rq *http.Request, path string) error {
+	if len(n.auths) == 0 {
+		return NewPathError("NoAuthenticator", path, 400)
+	}
 	return n.auths[0].Authorize(c, rq, path)
 }
 
 // Verify verifies the authentication and selects the next one based on the result
 func (n *negoAuth) Verify(c *http.Client, rs *http.Response, path string) (redo bool, err error) {
+	if len(n.auths) == 0 {
+		return false, NewPathError("NoAuthenticator", path, 400)
+	}
 	redo, err = n.auths[0].Verify(c, rs, path)
 	if err != nil {
 		if len(n.auths) > 1 {