Merge pull request #49698 from m1093782566/validate-tokenreview

Automatic merge from submit-queue Validate token length of TokenReview **What this PR does / why we need it**: I find API Resource TokenReview has no validation yet. Without validation, client may post unexpected data to API Server. I think we need to validate it before processing it. This PR Validate TokenReview Resource. Fixes #50588 **Special notes for your reviewer**: **Release note**: ```release-note NONE ```
2025-07-29 14:37:00 +00:00 · 2017-08-13 23:59:11 -07:00 · 2017-08-13 23:59:11 -07:00 · 58c85e278b
commit 58c85e278b
parent b32639f9e7 86eb95b0a8
1 changed files with 4 additions and 0 deletions
--- a/pkg/registry/authentication/tokenreview/storage.go
+++ b/pkg/registry/authentication/tokenreview/storage.go
@ -49,6 +49,10 @@ func (r *REST) Create(ctx genericapirequest.Context, obj runtime.Object, include
 		return nil, apierrors.NewBadRequest(fmt.Sprintf("namespace is not allowed on this type: %v", namespace))
 	}

+	if len(tokenReview.Spec.Token) == 0 {
+		return nil, apierrors.NewBadRequest(fmt.Sprintf("token is required for TokenReview in authentication"))
+	}
+
 	if r.tokenAuthenticator == nil {
 		return tokenReview, nil
 	}