Hi all,
I recently implemented a small OAuth2 / OpenID permission check library in
XQuery, complete with a small example page and a docker compose setup,
including an identity provider (FusionAuth in this case). I saw this popped up
once or twice on the mailing list, but I could not make much use of the
provided code, so I hope this might be of interest to anybody.
The example project is available on Github:
https://github.com/willhoeft-it/basex-oauth2
I would be glad to hear about any opinions or get some feedback.
While working on this, I realized that BaseX' permission attributes
unfortunately lack a small feature that would be quite useful: The "perm"
parameter to the checking function provides the method and the path, but
unfortunately not any URL parameters. In my case, I would like to remember the
URL (including parameters) the user called before I redirect him to the
authorization server to login, so I can afterward redirect him to the page he
actually wanted.
But in a more general context, I can imagine it would also be useful to do
permission checks on the parameters, too. Or maybe I missed something?
Kind regards
Jörn Willhöft
