forward current cluster context in TokenReviews

[xrstf]

What type of PR is this?

/kind feature

What this PR does / why we need it:

With the introduction of per-workspace authentication in kcp, the handler for TokenReviews needs to ensure that the current cluster context (the cluster in which the TokenReview is created) is included in the fake request, so that the authenticator can find the auth configuration.

This fix alone will not make TokenReviews work in kcp (with the WorkspaceAuthentication feature gate enabled). kcp still needs to be patched to provide a suitable authenticator to the storage provider which does not rely on other handlers in the handler mux chain to provide stuff to it. PR for that is in the works.

Which issue(s) this PR is related to:

kcp-dev/kcp#3614

Special notes for your reviewer:

Does this PR introduce a user-facing change?

NONE

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

[mjudeikis]

/lgtm
/approve

[kcp-ci-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: mjudeikis
Once this PR has been reviewed and has the lgtm label, please assign mikedanese for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• pkg/registry/authentication/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment