From 6bd6cefaa6dc571a319a6a1c2b2facc2404eadd3 Mon Sep 17 00:00:00 2001 From: Elias Schneider Date: Sat, 3 May 2025 22:53:55 +0200 Subject: [PATCH] fix: non admin users weren't able to call the end session endpoint --- backend/internal/controller/oidc_controller.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/internal/controller/oidc_controller.go b/backend/internal/controller/oidc_controller.go index 6f984c04..ea45acfb 100644 --- a/backend/internal/controller/oidc_controller.go +++ b/backend/internal/controller/oidc_controller.go @@ -30,8 +30,8 @@ func NewOidcController(group *gin.RouterGroup, authMiddleware *middleware.AuthMi group.POST("/oidc/token", oc.createTokensHandler) group.GET("/oidc/userinfo", oc.userInfoHandler) group.POST("/oidc/userinfo", oc.userInfoHandler) - group.POST("/oidc/end-session", authMiddleware.WithSuccessOptional().Add(), oc.EndSessionHandler) - group.GET("/oidc/end-session", authMiddleware.WithSuccessOptional().Add(), oc.EndSessionHandler) + group.POST("/oidc/end-session", authMiddleware.WithAdminNotRequired().WithSuccessOptional().Add(), oc.EndSessionHandler) + group.GET("/oidc/end-session", authMiddleware.WithAdminNotRequired().WithSuccessOptional().Add(), oc.EndSessionHandler) group.POST("/oidc/introspect", oc.introspectTokenHandler) group.GET("/oidc/clients", authMiddleware.Add(), oc.listClientsHandler)