From f1e511d3f6e80e8afcd4a2c82e60b1ad91d31835 Mon Sep 17 00:00:00 2001
From: Jason Parraga <Sovietaced@gmail.com>
Date: Tue, 25 Jun 2024 01:12:52 -0700
Subject: [PATCH] Don't log auth tokens in debug mode (#5497)

Signed-off-by: Jason Parraga <sovietaced@gmail.com>
---
 flyteadmin/auth/handlers.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/flyteadmin/auth/handlers.go b/flyteadmin/auth/handlers.go
index 0416245f8c..a6220db6e3 100644
--- a/flyteadmin/auth/handlers.go
+++ b/flyteadmin/auth/handlers.go
@@ -260,9 +260,10 @@ func GetAuthenticationCustomMetadataInterceptor(authCtx interfaces.Authenticatio
 		if authCtx.Options().GrpcAuthorizationHeader != DefaultAuthorizationHeader {
 			md, ok := metadata.FromIncomingContext(ctx)
 			if ok {
-				existingHeader := md.Get(authCtx.Options().GrpcAuthorizationHeader)
+				grpcAuthzHeader := authCtx.Options().GrpcAuthorizationHeader
+				existingHeader := md.Get(grpcAuthzHeader)
 				if len(existingHeader) > 0 {
-					logger.Debugf(ctx, "Found existing metadata %s", existingHeader[0])
+					logger.Debugf(ctx, "Found existing metadata header %s", grpcAuthzHeader)
 					newAuthorizationMetadata := metadata.Pairs(DefaultAuthorizationHeader, existingHeader[0])
 					joinedMetadata := metadata.Join(md, newAuthorizationMetadata)
 					newCtx := metadata.NewIncomingContext(ctx, joinedMetadata)