fix: No static key fallback; reject non-OIDC tokens

This commit is contained in:
2026-06-29 16:43:09 +02:00
parent ffe0a1cf18
commit c0bfa85688
+1 -3
View File
@@ -73,9 +73,7 @@ class AuthHeaders(BaseModel):
# First check if it's a valid OIDC token # First check if it's a valid OIDC token
if self.validate_oidc_token(): if self.validate_oidc_token():
return True return True
# Fallback to the old static key for compatibility # No static key fallback; reject non-OIDC tokens
if token == "abc":
return True
return False return False
def validate_oidc_token(self) -> bool: def validate_oidc_token(self) -> bool: