From a265e9df41b6b56485d89c87dcb3fd85d4f9f691 Mon Sep 17 00:00:00 2001
From: Jesse Wierzbinski <contact@cpluspatch.com>
Date: Fri, 11 Oct 2024 17:16:03 +0200
Subject: [PATCH] fix(plugin): :bug: Add missing plugin middleware to some OIDC
 plugin routes

---
 plugins/openid/routes/jwks.ts           | 1 +
 plugins/openid/routes/oauth/callback.ts | 1 +
 plugins/openid/routes/oauth/revoke.ts   | 2 +-
 plugins/openid/routes/oauth/sso.ts      | 1 +
 plugins/openid/routes/oauth/token.ts    | 2 +-
 plugins/openid/routes/sso/index.ts      | 1 +
 6 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/plugins/openid/routes/jwks.ts b/plugins/openid/routes/jwks.ts
index d9703895..7f51d619 100644
--- a/plugins/openid/routes/jwks.ts
+++ b/plugins/openid/routes/jwks.ts
@@ -36,6 +36,7 @@ export default (plugin: PluginType) => {
                     auth({
                         required: false,
                     }),
+                    plugin.middleware,
                 ],
             }),
             async (context) => {
diff --git a/plugins/openid/routes/oauth/callback.ts b/plugins/openid/routes/oauth/callback.ts
index 461b5378..97f571a7 100644
--- a/plugins/openid/routes/oauth/callback.ts
+++ b/plugins/openid/routes/oauth/callback.ts
@@ -38,6 +38,7 @@ export default (plugin: PluginType) => {
                 summary: "SSO callback",
                 description:
                     "After the user has authenticated to an external OpenID provider, they are redirected here to complete the OAuth flow and get a code",
+                middleware: [plugin.middleware],
                 request: {
                     query: schemas.query,
                     params: schemas.param,
diff --git a/plugins/openid/routes/oauth/revoke.ts b/plugins/openid/routes/oauth/revoke.ts
index 3cc41e99..8d26cb71 100644
--- a/plugins/openid/routes/oauth/revoke.ts
+++ b/plugins/openid/routes/oauth/revoke.ts
@@ -20,7 +20,7 @@ export default (plugin: PluginType) => {
                 method: "post",
                 path: "/oauth/revoke",
                 summary: "Revoke token",
-                middleware: [jsonOrForm()],
+                middleware: [jsonOrForm(), plugin.middleware],
                 request: {
                     body: {
                         content: {
diff --git a/plugins/openid/routes/oauth/sso.ts b/plugins/openid/routes/oauth/sso.ts
index c2abe9b0..5ea9600c 100644
--- a/plugins/openid/routes/oauth/sso.ts
+++ b/plugins/openid/routes/oauth/sso.ts
@@ -30,6 +30,7 @@ export default (plugin: PluginType) => {
                 request: {
                     query: schemas.query,
                 },
+                middleware: [plugin.middleware],
                 responses: {
                     302: {
                         description:
diff --git a/plugins/openid/routes/oauth/token.ts b/plugins/openid/routes/oauth/token.ts
index 9bf96fe0..486b26f9 100644
--- a/plugins/openid/routes/oauth/token.ts
+++ b/plugins/openid/routes/oauth/token.ts
@@ -45,7 +45,7 @@ export default (plugin: PluginType) => {
                 method: "post",
                 path: "/oauth/token",
                 summary: "Get token",
-                middleware: [jsonOrForm()],
+                middleware: [jsonOrForm(), plugin.middleware],
                 request: {
                     body: {
                         content: {
diff --git a/plugins/openid/routes/sso/index.ts b/plugins/openid/routes/sso/index.ts
index 1e6c95ea..fd7e39cc 100644
--- a/plugins/openid/routes/sso/index.ts
+++ b/plugins/openid/routes/sso/index.ts
@@ -98,6 +98,7 @@ export default (plugin: PluginType) => {
                             required: [RolePermissions.OAuth],
                         },
                     ),
+                    plugin.middleware,
                 ],
                 request: {
                     body: {