From 86eb95b0a870c187e09a9692390ccc1424e74a7f Mon Sep 17 00:00:00 2001
From: m1093782566 <dujun5@huawei.com>
Date: Fri, 4 Aug 2017 12:13:11 +0800
Subject: [PATCH] validate token length in tokenReview

---
 pkg/registry/authentication/tokenreview/storage.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkg/registry/authentication/tokenreview/storage.go b/pkg/registry/authentication/tokenreview/storage.go
index 0f3d73ac35f..f512907e6e5 100644
--- a/pkg/registry/authentication/tokenreview/storage.go
+++ b/pkg/registry/authentication/tokenreview/storage.go
@@ -49,6 +49,10 @@ func (r *REST) Create(ctx genericapirequest.Context, obj runtime.Object, include
 		return nil, apierrors.NewBadRequest(fmt.Sprintf("namespace is not allowed on this type: %v", namespace))
 	}
 
+	if len(tokenReview.Spec.Token) == 0 {
+		return nil, apierrors.NewBadRequest(fmt.Sprintf("token is required for TokenReview in authentication"))
+	}
+
 	if r.tokenAuthenticator == nil {
 		return tokenReview, nil
 	}