In the previous email I attached a git diff not a proper patch file, I
added the correct attachment to this email.
On Sun, Sep 7, 2025 at 8:02 PM Zsolt Parragi <zsolt(dot)parragi(at)percona(dot)com> wrote:
>
> Hello Hackers,
>
> While working on an OAuth validator for PG18 I noticed that currently
> the client code doesn't work when using Google as the OAuth provider.
> It requires two small changes:
>
> * The device code request only includes the OAuth Client ID in the
> request body if the user doesn't specify a client secret (if the
> secret is specified, the client ID is only sent as part of the basic
> auth header), but Google OAuth always expects it in the body
> * The wait loop for the authorization only expects HTTP 400 and 401,
> but the Google endpoint responds with HTTP 428 (Precondition required)
>
> Both issues are testable/verifiable without a properly working
> validator, as they happen on the client side, before invoking the
> validator logic.
>
> I attached a small patch which fixes both.