From dc95792ee00f1167deee529f6baaf9f35be13549 Mon Sep 17 00:00:00 2001
From: Daniel Jiang <jiangd@vmware.com>
Date: Thu, 14 Jan 2021 17:17:04 +0800
Subject: [PATCH] Remove raw token from header in token review reuqest

The server to handle token-review may have a limitation for the size of
the header.  When the token is huge the token review may fail.
This commit remove the necessary header to harden the flow.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
---
 src/pkg/authproxy/http.go | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/pkg/authproxy/http.go b/src/pkg/authproxy/http.go
index fd0a5d156..1c503deb9 100644
--- a/src/pkg/authproxy/http.go
+++ b/src/pkg/authproxy/http.go
@@ -26,7 +26,6 @@ func TokenReview(rawToken string, authProxyConfig *models.HTTPAuthProxy) (k8s_ap
 			GroupVersion:         &schema.GroupVersion{},
 			NegotiatedSerializer: serializer.WithoutConversionCodecFactory{CodecFactory: scheme.Codecs},
 		},
-		BearerToken:     rawToken,
 		TLSClientConfig: getTLSConfig(authProxyConfig),
 	}
 	authClient, err := rest.RESTClientFor(authClientCfg)