Replace custom HTTP method 'REDEEM' with something commonly compatible

Description

I'm working on https://github.com/appuio/cloud-portal/issues/460, specifically the Accept part where the REDEEM request (see https://kb.vshn.ch/appuio-cloud/references/architecture/control-api-invitation.html) is supposed to happen.

The problem is: A custom HTTP method is prone to incompatibilities in various places.

I'm sure there are reasons for choosing a custom method like REDEEM as opposed to something like PUT or POST, but there has to be a better solution.

Additional Context

While a custom HTTP method may work fine for most browsers, things start to break when there are Proxies between the API and browser. Starting with the Proxy that we're using while developing the Portal itself. After debugging for an hour I noticed that the Proxy automatically turned the REDEEM request to a GET request but returned a 400 Bad Request... I could spend more time to get a proxy working with REDEEM, but that is just fighting symptoms and still not resolving the bigger problem:

Corporate Proxies for sure won't allow custom methods.

I imagine that APPUiO Cloud has some users who are using the Portal from behind a Proxy or WAF. There's a very high chance that the feature to redeem invitations will not work in those conditions.

Logs

No response

Expected Behavior

The request is using a method that is commonly allowed, e.g. HEAD (preferred) or OPTIONS, if POST or PUT are unacceptable for some reason.

Alternatively, it may be worth thinking about a small server running on Kubernetes with its own Endpoint that can accept PUT or POST on invitations without K8s RBAC inbetween, but translates the request into something Kubernetes understands, or attempts to update the invitation accordingly for the requesting user.

Steps To Reproduce

curl -X REDEEM "http://localhost:8001/apis/user.appuio.io/v1/invitations/...?token=...

Version used

v0.19.2

Version of OpenShift

K8s v1.25

appuio / control-api