X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/0e077171d332434bf727a018691165a6b0621b68..e9f7d73dc0d84ee7127b8f83a4955521e8091708:/lib/controller/railsproxy/railsproxy.go

diff --git a/lib/controller/railsproxy/railsproxy.go b/lib/controller/railsproxy/railsproxy.go
index fe070b48cc..515dd5df0f 100644
--- a/lib/controller/railsproxy/railsproxy.go
+++ b/lib/controller/railsproxy/railsproxy.go
@@ -7,20 +7,15 @@
 package railsproxy
 
 import (
-	"context"
-	"errors"
 	"fmt"
-	"net/http"
 	"net/url"
 	"strings"
 
-	"git.curoverse.com/arvados.git/lib/controller/rpc"
-	"git.curoverse.com/arvados.git/sdk/go/arvados"
-	"git.curoverse.com/arvados.git/sdk/go/auth"
+	"git.arvados.org/arvados.git/lib/controller/rpc"
+	"git.arvados.org/arvados.git/sdk/go/arvados"
 )
 
-// For now, FindRailsAPI always uses the rails API running on this
-// node.
+// FindRailsAPI always uses the rails API running on this node, for now.
 func FindRailsAPI(cluster *arvados.Cluster) (*url.URL, bool, error) {
 	var best *url.URL
 	for target := range cluster.Services.RailsAPI.InternalURLs {
@@ -41,18 +36,5 @@ func NewConn(cluster *arvados.Cluster) *rpc.Conn {
 	if err != nil {
 		panic(err)
 	}
-	conn := rpc.NewConn(cluster.ClusterID, url, insecure, provideIncomingToken)
-	// If Rails is running with force_ssl=true, this
-	// "X-Forwarded-Proto: https" header prevents it from
-	// redirecting our internal request to an invalid https URL.
-	conn.SendHeader = http.Header{"X-Forwarded-Proto": []string{"https"}}
-	return conn
-}
-
-func provideIncomingToken(ctx context.Context) ([]string, error) {
-	incoming, ok := auth.FromContext(ctx)
-	if !ok {
-		return nil, errors.New("no token provided")
-	}
-	return incoming.Tokens, nil
+	return rpc.NewConn(cluster.ClusterID, url, insecure, rpc.PassthroughTokenProvider)
 }