Dear Jörn,
Thanks for sharing your OAuth2 implementation, very appreciated.
While working on this, I realized that BaseX' permission attributes unfortunately lack a small feature that would be quite useful: The "perm" parameter to the checking function provides the method and the path, but unfortunately not any URL parameters.
Indeed it has been suggested multiple times that $perm should be enhanced. In the latest snapshot, we have finally added the query parameters [1], and we may add some more properties. Your feedback is welcome; if it works as expected, we will revise the documentation. BaseX 11.6 will be released this week or in December.
With older versions of BaseX, you can use the request:parameter function to access query parameters [2].
Best, Christian
[1] https://files.basex.org/releases/latest/ [2] https://docs.basex.org/12/Request_Functions#request:parameter
In my case, I would like to remember the URL (including parameters) the user called before I redirect him to the authorization server to login, so I can afterward redirect him to the page he actually wanted. But in a more general context, I can imagine it would also be useful to do permission checks on the parameters, too. Or maybe I missed something?
Kind regards Jörn Willhöft