Home > mailing lists

OAuth client code doesn't work with Google OAuth - Mailing list pgsql-hackers

From	Zsolt Parragi
Subject	OAuth client code doesn't work with Google OAuth
Date	September 7 22:02:56
Msg-id	CAN4CZFN8ZqwcYWE8+Ur=OVTkS9_y44LH+AJCVc_c69UxrRD-ZA@mail.gmail.com Whole thread Raw
Responses	Re: OAuth client code doesn't work with Google OAuth Re: OAuth client code doesn't work with Google OAuth
List	pgsql-hackers

Tree view

Hello Hackers,

While working on an OAuth validator for PG18  I noticed that currently
the client code doesn't work when using Google as the OAuth provider.
It requires two small changes:

* The device code request only includes the OAuth Client ID in the
request body if the user doesn't specify a client secret (if the
secret is specified, the client ID is only sent as part of the basic
auth header), but Google OAuth always expects it in the body
* The wait loop for the authorization only expects HTTP 400 and 401,
but the Google endpoint responds with HTTP 428 (Precondition required)

Both issues are testable/verifiable without a properly working
validator, as they happen on the client side, before invoking the
validator logic.

I  attached a small patch which fixes both.

Attachment

google_oidc.patch

pgsql-hackers by date:

From: Sergey Fukanchik
Date: 07 September, 17:00:56
Subject: Re: [PATCH] Perform check for oversized WAL record before calculating record CRC

From: Tom Lane
Date: 08 September, 00:36:32
Subject: Re: Conflict detection for update_deleted in logical replication

OAuth client code doesn't work with Google OAuth - Mailing list pgsql-hackers

Attachment

Previous

Next