Handle MissingPersonalAccessTokenError on Go middleware

The user authentication performed by the Go middleware may throw a
Gitlab::Auth::MissingPersonalAccessTokenError. Respond to this error
with 401 Unauthorized instead of letting it bubble up and end up as a
500 Internal Server Error response.

Changelog: changed

lib/gitlab/middleware/go.rb

@@ -27,6 +27,8 @@ module Gitlab
           path: request.fullpath
         )
         Rack::Response.new('', 403).finish
+      rescue Gitlab::Auth::MissingPersonalAccessTokenError
+        Rack::Response.new('', 401).finish
       end
 
       private

spec/lib/gitlab/middleware/go_spec.rb

@@ -147,6 +147,22 @@ RSpec.describe Gitlab::Middleware::Go do
                       end
                     end
                   end
+
+                  context 'when a personal access token is missing' do
+                    before do
+                      env['REMOTE_ADDR'] = '192.168.0.1'
+                      env['HTTP_AUTHORIZATION'] = ActionController::HttpAuthentication::Basic.encode_credentials(current_user.username, 'dummy_password')
+                    end
+
+                    it 'returns unauthorized' do
+                      expect(Gitlab::Auth).to receive(:find_for_git_client).and_raise(Gitlab::Auth::MissingPersonalAccessTokenError)
+                      response = go
+
+                      expect(response[0]).to eq(401)
+                      expect(response[1]['Content-Length']).to be_nil
+                      expect(response[2]).to eq([''])
+                    end
+                  end
                 end
               end
             end