[BUG] API `patch` rejected by security plugin, possible regression

[bobfrankly]

What is the bug?
According to #46 we should be able to issue a PATCH API call to update a user, but on 1.3.4 I'm attempting to do this and getting:
{"statusCode":400,"error":"Bad Request","message":"[request query.method]: Method must be one of, case insensitive ['HEAD', 'GET', 'POST', 'PUT', 'DELETE']. Received 'PATCH'."}

How can one reproduce the bug?
Steps to reproduce the behavior:

1. Be on version 1.3.4
2. Login to Opensearch Dashboard
3. navigate to Management > Devtools
4. Attempt to issue a PATCH _plugins/_security/api/internalusers/admin
5. See error

What is the expected behavior?
I expect to either see a success, OR to see an error that is NOT [request query.method]

What is your host/environment?

• OS: Docker on Ubuntu
• Version Ubuntu 20.10
• Plugin version 1.3.4
• OpenSearch version 1.3.4

Do you have any screenshots?

Do you have any additional context?
Not at this time.