From c8fd291e7109cb9e90c01fbf620b2056eeba2a31 Mon Sep 17 00:00:00 2001
From: dencoded <33698537+dencoded@users.noreply.github.com>
Date: Thu, 6 Dec 2018 23:25:30 -0500
Subject: [PATCH] special case for basic auth added

---
 api.go      |  4 ++++
 api_test.go | 26 ++++++++++++++++++++++++++
 2 files changed, 30 insertions(+)

diff --git a/api.go b/api.go
index f3ab817e2d2..f4f5bcfa0a5 100644
--- a/api.go
+++ b/api.go
@@ -324,6 +324,10 @@ func handleGetDetail(sessionKey, apiID string, byHash bool) (interface{}, int) {
 	spec := getApiSpec(apiID)
 	if spec != nil {
 		sessionManager = spec.SessionManager
+		// special case for basic auth with custom hashing algo
+		if spec.UseBasicAuth && strings.HasPrefix(sessionKey, spec.OrgID) {
+			sessionKey = generateToken(spec.OrgID, sessionKey)
+		}
 	}
 
 	var session user.SessionState
diff --git a/api_test.go b/api_test.go
index b3d90613247..ead17e56544 100644
--- a/api_test.go
+++ b/api_test.go
@@ -299,6 +299,9 @@ func TestHashKeyHandler(t *testing.T) {
 		t.Run(fmt.Sprintf("%sHash fn: %s", tc.desc, tc.hashFunction), func(t *testing.T) {
 			testHashKeyHandlerHelper(t, tc.expectedHashSize)
 		})
+		t.Run(fmt.Sprintf("%sHash fn: %s and Basic Auth", tc.desc, tc.hashFunction), func(t *testing.T) {
+			testHashFuncAndBAHelper(t)
+		})
 	}
 }
 
@@ -419,6 +422,29 @@ func testHashKeyHandlerHelper(t *testing.T, expectedHashSize int) {
 	})
 }
 
+func testHashFuncAndBAHelper(t *testing.T) {
+	ts := newTykTestServer()
+	defer ts.Close()
+
+	session := testPrepareBasicAuth(false)
+
+	ts.Run(t, []test.TestCase{
+		{
+			Method:    "POST",
+			Path:      "/tyk/keys/defaultuser",
+			Data:      session,
+			AdminAuth: true,
+			Code:      200,
+		},
+		{
+			Method:    "GET",
+			Path:      "/tyk/keys/defaultuser?api_id=test",
+			AdminAuth: true,
+			Code:      200,
+		},
+	}...)
+}
+
 func TestHashKeyListingDisabled(t *testing.T) {
 	globalConf := config.Global()
 	// make it to use hashes for Redis keys