diff --git a/auth.go b/auth.go
index 78ce8b9..b705fdc 100644
--- a/auth.go
+++ b/auth.go
@@ -108,10 +108,10 @@ type noAuth struct{}
 // First In, First Out.
 func NewAutoAuth(login string, secret string) Authorizer {
 	fmap := make([]authfactory, 0)
-	az := &authorizer{fmap, sync.Mutex{}, &nullAuth{}}
+	az := &authorizer{factories: fmap, defAuthMux: sync.Mutex{}, defAuth: &nullAuth{}}
 
 	az.AddAuthenticator("basic", func(c *http.Client, rs *http.Response, path string) (auth Authenticator, err error) {
-		return &BasicAuth{login, secret}, nil
+		return &BasicAuth{user: login, pw: secret}, nil
 	})
 
 	az.AddAuthenticator("digest", func(c *http.Client, rs *http.Response, path string) (auth Authenticator, err error) {
@@ -127,7 +127,7 @@ func NewAutoAuth(login string, secret string) Authorizer {
 // It offers the `NewAutoAuth` features.
 func NewEmptyAuth() Authorizer {
 	fmap := make([]authfactory, 0)
-	az := &authorizer{fmap, sync.Mutex{}, &nullAuth{}}
+	az := &authorizer{factories: fmap, defAuthMux: sync.Mutex{}, defAuth: &nullAuth{}}
 	return az
 }
 
@@ -142,7 +142,7 @@ func NewEmptyAuth() Authorizer {
 // without any synchronisation!!
 // Still applicable with `BasicAuth` within go routines.
 func NewPreemptiveAuth(auth Authenticator) Authorizer {
-	return &preemptiveAuthorizer{auth}
+	return &preemptiveAuthorizer{auth: auth}
 }
 
 // NewAuthenticator creates an Authenticator (Shim) per request
@@ -167,7 +167,7 @@ func (a *authorizer) NewAuthenticator(body io.Reader) (Authenticator, io.Reader)
 	defAuth := a.defAuth.Clone()
 	a.defAuthMux.Unlock()
 
-	return &authShim{a.factory, retryBuf, defAuth}, body
+	return &authShim{factory: a.factory, body: retryBuf, auth: defAuth}, body
 }
 
 // AddAuthenticator appends the AuthFactory to our factories.
@@ -206,7 +206,7 @@ func (a *authorizer) factory(c *http.Client, rs *http.Response, path string) (au
 		case 1:
 			auth = auths[0]
 		default:
-			auth = &negoAuth{auths, a.setDefaultAuthenticator}
+			auth = &negoAuth{auths: auths, setDefaultAuthenticator: a.setDefaultAuthenticator}
 		}
 	} else {
 		auth = &noAuth{}
@@ -324,7 +324,7 @@ func (n *negoAuth) Clone() Authenticator {
 	for i, e := range n.auths {
 		auths[i] = e.Clone()
 	}
-	return &negoAuth{auths, n.setDefaultAuthenticator}
+	return &negoAuth{auths: auths, setDefaultAuthenticator: n.setDefaultAuthenticator}
 }
 
 func (n *negoAuth) String() string {
diff --git a/basicAuth_test.go b/basicAuth_test.go
index a899e2d..53d4046 100644
--- a/basicAuth_test.go
+++ b/basicAuth_test.go
@@ -6,7 +6,7 @@ import (
 )
 
 func TestNewBasicAuth(t *testing.T) {
-	a := &BasicAuth{"user", "password"}
+	a := &BasicAuth{user: "user", pw: "password"}
 
 	ex := "BasicAuth login: user"
 	if a.String() != ex {
@@ -23,7 +23,7 @@ func TestNewBasicAuth(t *testing.T) {
 }
 
 func TestBasicAuthAuthorize(t *testing.T) {
-	a := &BasicAuth{"user", "password"}
+	a := &BasicAuth{user: "user", pw: "password"}
 	rq, _ := http.NewRequest("GET", "http://localhost/", nil)
 	a.Authorize(nil, rq, "/")
 	if rq.Header.Get("Authorization") != "Basic dXNlcjpwYXNzd29yZA==" {
@@ -32,7 +32,7 @@ func TestBasicAuthAuthorize(t *testing.T) {
 }
 
 func TestPreemtiveBasicAuth(t *testing.T) {
-	a := &BasicAuth{"user", "password"}
+	a := &BasicAuth{user: "user", pw: "password"}
 	auth := NewPreemptiveAuth(a)
 	n, b := auth.NewAuthenticator(nil)
 	if b != nil {
diff --git a/client.go b/client.go
index 6c044dc..d0fbaa1 100644
--- a/client.go
+++ b/client.go
@@ -42,7 +42,7 @@ func NewAuthClient(uri string, auth Authorizer) *Client {
 			return nil
 		},
 	}
-	return &Client{FixSlash(uri), make(http.Header), nil, c, auth}
+	return &Client{root: FixSlash(uri), headers: make(http.Header), interceptor: nil, c: c, auth: auth}
 }
 
 // SetHeader lets us set arbitrary headers for a given client
@@ -378,7 +378,7 @@ func (c *Client) ReadStreamRange(path string, offset, length int64) (io.ReadClos
 		}
 
 		// return a io.ReadCloser that is limited to `length` bytes.
-		return &limitedReadCloser{rs.Body, int(length)}, nil
+		return &limitedReadCloser{rc: rs.Body, remaining: int(length)}, nil
 	}
 
 	rs.Body.Close()
diff --git a/digestAuth.go b/digestAuth.go
index 856d280..1bcc1de 100644
--- a/digestAuth.go
+++ b/digestAuth.go
@@ -19,7 +19,7 @@ type DigestAuth struct {
 
 // NewDigestAuth creates a new instance of our Digest Authenticator
 func NewDigestAuth(login, secret string, rs *http.Response) (Authenticator, error) {
-	return &DigestAuth{login, secret, digestParts(rs)}, nil
+	return &DigestAuth{user: login, pw: secret, digestParts: digestParts(rs)}, nil
 }
 
 // Authorize the current request
@@ -51,7 +51,7 @@ func (d *DigestAuth) Clone() Authenticator {
 	for k, v := range d.digestParts {
 		parts[k] = v
 	}
-	return &DigestAuth{d.user, d.pw, parts}
+	return &DigestAuth{user: d.user, pw: d.pw, digestParts: parts}
 }
 
 // String toString
diff --git a/digestAuth_test.go b/digestAuth_test.go
index 6755151..bb30117 100644
--- a/digestAuth_test.go
+++ b/digestAuth_test.go
@@ -7,7 +7,7 @@ import (
 )
 
 func TestNewDigestAuth(t *testing.T) {
-	a := &DigestAuth{"user", "password", make(map[string]string, 0)}
+	a := &DigestAuth{user: "user", pw: "password", digestParts: make(map[string]string, 0)}
 
 	ex := "DigestAuth login: user"
 	if a.String() != ex {
@@ -24,7 +24,7 @@ func TestNewDigestAuth(t *testing.T) {
 }
 
 func TestDigestAuthAuthorize(t *testing.T) {
-	a := &DigestAuth{"user", "password", make(map[string]string, 0)}
+	a := &DigestAuth{user: "user", pw: "password", digestParts: make(map[string]string, 0)}
 	rq, _ := http.NewRequest("GET", "http://localhost/", nil)
 	a.Authorize(nil, rq, "/")
 	// TODO this is a very lazy test it cuts of cnonce