feat: As a user, I want to enable authz-keycloak to omit querystring, so that keycloak authorization works

[dwalker-sabiogroup]

Description

Keycloak does not support authorization with dynamic patterns where the URL contains a query string (https://github.com/keycloak/keycloak/issues/28772) and causes 403 issues using the authz-keycloak plugin as the full request URL including any querystring is passed to keycloak when using lazy_load_paths

ctx.var.request_uri is used in the plugin to check for permissions which

full original request URI (with arguments)

An option to solve would be to add a configuration item include_query_string = {type = "boolean", default = true}, which toggle between ctx.var.request_uri and ctx.var.uri (which is the normalised URI and does not include the querystring)

[dwalker-sabiogroup]

I have tested using a custom plugin that replaces ctx.var.request_uri with ctx.var.uri in authz-keycloak.lua and works perfectly with keycloak resource authorization (where query string value is not needed for authorization purposes).