From f4dae8b41ce8d3f4f33b5496c3394dbbb942e19b Mon Sep 17 00:00:00 2001
From: yu-i-i <kla9555@gmail.com>
Date: Sat, 22 Feb 2025 03:26:25 +0100
Subject: [PATCH] Whitelist /oidc/login endpoint, fixes #21

---
 .../web/modules/authentication/oidc/app/src/OIDCRouter.mjs     | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/services/web/modules/authentication/oidc/app/src/OIDCRouter.mjs b/services/web/modules/authentication/oidc/app/src/OIDCRouter.mjs
index 519fa5043a..0857e41889 100644
--- a/services/web/modules/authentication/oidc/app/src/OIDCRouter.mjs
+++ b/services/web/modules/authentication/oidc/app/src/OIDCRouter.mjs
@@ -1,5 +1,6 @@
 import logger from '@overleaf/logger'
 import UserController from '../../../../../app/src/Features/User/UserController.js'
+import AuthenticationController from '../../../../../app/src/Features/Authentication/AuthenticationController.js'
 import OIDCAuthenticationController from './OIDCAuthenticationController.mjs'
 import logout from '../../../logout.mjs'
 
@@ -7,7 +8,9 @@ export default {
   apply(webRouter) {
     logger.debug({}, 'Init OIDC router')
     webRouter.get('/oidc/login', OIDCAuthenticationController.passportLogin)
+    AuthenticationController.addEndpointToLoginWhitelist('/oidc/login')
     webRouter.get('/oidc/login/callback', OIDCAuthenticationController.passportLoginCallback)
+    AuthenticationController.addEndpointToLoginWhitelist('/oidc/login/callback')
     webRouter.get('/oidc/logout/callback', OIDCAuthenticationController.passportLogoutCallback)
     webRouter.post('/user/oauth-unlink', OIDCAuthenticationController.unlinkAccount)
     webRouter.post('/logout', logout, UserController.logout)