Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2025-03-12 14:39:06 +01:00
Code Issues Projects Releases Wiki Activity

Remove raw token from header in token review reuqest

Browse Source 
The server to handle token-review may have a limitation for the size of
the header.  When the token is huge the token review may fail.
This commit remove the necessary header to harden the flow.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
This commit is contained in:
Daniel Jiang 2021-01-14 17:17:04 +08:00
parent ac80a832df
commit 4d23dd3f03
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/pkg/authproxy/http.go
View File

@ -26,7 +26,6 @@ func TokenReview(rawToken string, authProxyConfig *models.HTTPAuthProxy) (k8s_ap
GroupVersion: &schema.GroupVersion{}, GroupVersion: &schema.GroupVersion{},
NegotiatedSerializer: serializer.DirectCodecFactory{CodecFactory: scheme.Codecs}, NegotiatedSerializer: serializer.DirectCodecFactory{CodecFactory: scheme.Codecs},
}, },
BearerToken: rawToken,
TLSClientConfig: getTLSConfig(authProxyConfig), TLSClientConfig: getTLSConfig(authProxyConfig),
} }
authClient, err := rest.RESTClientFor(authClientCfg) authClient, err := rest.RESTClientFor(authClientCfg)