Pass fewer arguments to KerberosHelper

app/controllers/projects/git_http_controller.rb

@@ -47,7 +47,7 @@ class Projects::GitHttpController < Projects::ApplicationController
       return # Allow access
     end
 
-    if allow_basic_auth? && has_basic_credentials?(request)
+    if allow_basic_auth? && basic_auth_provided?
       login, password = user_name_and_password(request)
       auth_result = Gitlab::Auth.find_for_git_client(login, password, project: project, ip: request.ip)
 
@@ -62,10 +62,9 @@ class Projects::GitHttpController < Projects::ApplicationController
       if ci? || user
         return # Allow access
       end
-    elsif allow_kerberos_spnego_auth? && has_spnego_credentials?(request)
-      spnego_token = Base64.strict_decode64(auth_param(request))
-      @user = find_kerberos_user(spnego_token)
-    
+    elsif allow_kerberos_spnego_auth? && spnego_provided?
+      @user = find_kerberos_user
+
       if user
         send_final_spnego_response
         return # Allow access
@@ -77,6 +76,10 @@ class Projects::GitHttpController < Projects::ApplicationController
     render plain: "HTTP Basic: Access denied\n", status: 401
   end
 
+  def basic_auth_provided?
+    has_basic_credentials?(request)
+  end
+
   def send_challenges
     challenges = []
     challenges << 'Basic realm="GitLab"' if allow_basic_auth?

app/helpers/kerberos_spnego_helper.rb

 module KerberosSpnegoHelper
+  include ActionController::HttpAuthentication::Basic
+
   attr_reader :spnego_response_token
 
   def allow_basic_auth?
@@ -31,7 +33,7 @@ module KerberosSpnegoHelper
     end
   end
 
-  def has_spnego_credentials?(request)
+  def spnego_provided?
     request.authorization.present? && (auth_scheme(request) == 'Negotiate')
   end
 
@@ -40,6 +42,7 @@ module KerberosSpnegoHelper
   end
 
   def find_kerberos_user(spnego_token)
+    spnego_token = Base64.strict_decode64(auth_param(request))
     krb_principal = spnego_credentials!(spnego_token)
     return unless krb_principal