fixup! fixup NXD blob/auth: Teach it to handle HTTP Basic Auth too

internal/api/auth.go

 // API calls related to authentication
 package api
 
+//"gitlab.com/gitlab-org/gitlab-workhorse/internal/badgateway"
 import (
-	"gitlab.com/gitlab-org/gitlab-workhorse/internal/badgateway"
 	"gitlab.com/gitlab-org/gitlab-workhorse/internal/helper"
 	proxypkg "gitlab.com/gitlab-org/gitlab-workhorse/internal/proxy"
 	"gitlab.com/gitlab-org/gitlab-workhorse/internal/senddata"
 	"gitlab.com/gitlab-org/gitlab-workhorse/internal/sendfile"
+        "gitlab.com/gitlab-org/gitaly-proto/go/gitalypb"
 	"fmt"
 	"net/http"
 	"net/http/httptest"
@@ -249,7 +250,8 @@ func (aok *testDownloadOkViaSendArchive) Inject(w http.ResponseWriter, r *http.R
 
 	// if we ever get to this point - auth handler approved
 	// access and thus it is ok to download
-	aok.authReply.RepoPath = param.RepoPath
+	//aok.authReply.RepoPath = param.RepoPath
+	aok.authReply.Repository = gitalypb.Repository{RelativePath: param.RepoPath}
 }
 
 // Ask auth backend about whether download is ok for a project.
@@ -303,7 +305,7 @@ func (a *API) verifyDownloadAccess(project string, user *url.Userinfo, query str
 		sendfile.SendFile(proxypkg.NewProxy(
 			a.URL,
 			a.Version,
-			a.Client.Transport.(*badgateway.RoundTripper),
+			a.Client.Transport.(http.RoundTripper),
 		)),
 		aok,
 	)
@@ -315,7 +317,8 @@ func (a *API) verifyDownloadAccess(project string, user *url.Userinfo, query str
 	// The reason we want to do this second try is that HTTP auth is
 	// handled by upstream auth backend for git requests only, and we might
 	// want to use e.g. https://gitlab-ci-token:token@/.../raw/...
-	if authReply.RepoPath != "" || query != "" || len(header) != 0 {
+	//if authReply.RepoPath != "" || query != "" || len(header) != 0 {
+	if authReply.Repository.RelativePath != "" || query != "" || len(header) != 0 {
 		return authReply
 	}
 	if user == nil {