fix: No static key fallback; reject non-OIDC tokens
This commit is contained in:
+1
-3
@@ -73,9 +73,7 @@ class AuthHeaders(BaseModel):
|
|||||||
# First check if it's a valid OIDC token
|
# First check if it's a valid OIDC token
|
||||||
if self.validate_oidc_token():
|
if self.validate_oidc_token():
|
||||||
return True
|
return True
|
||||||
# Fallback to the old static key for compatibility
|
# No static key fallback; reject non-OIDC tokens
|
||||||
if token == "abc":
|
|
||||||
return True
|
|
||||||
return False
|
return False
|
||||||
|
|
||||||
def validate_oidc_token(self) -> bool:
|
def validate_oidc_token(self) -> bool:
|
||||||
|
|||||||
Reference in New Issue
Block a user