| From: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
|---|---|
| To: | Álvaro Herrera <alvherre(at)kurilemu(dot)de> |
| Cc: | Pg Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Zsolt Parragi <zsolt(dot)parragi(at)percona(dot)com> |
| Subject: | Re: unclear OAuth error message |
| Date: | 2026-03-18 16:47:14 |
| Message-ID: | CAOYmi+naxE5os6dSPpVp-=ip=xv_dfmtypOOjzEfreA2KgVPTA@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Jan 26, 2026 at 2:17 PM Jacob Champion
<jacob(dot)champion(at)enterprisedb(dot)com> wrote:
> For that code path I suspect we could get rid of the entire message,
> because of what you mentioned later: auth_failed() is already going to
> give us that. The validator can log what's important if needed, or
> not. We could add some DEBUGs, maybe, so that you can still figure out
> what's going on if a validator fails silently?
I only just remembered that this is exactly what logdetail is designed
to do. It's passed in from CheckSASLAuth, but OAuth doesn't make use
of it. (My original patchset carried a TODO for this for a long time,
but I lost it at some point...)
I have a parallel patchset that also needs logdetail, so this fix can
piggyback on some of that work.
--Jacob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Artur Zakirov | 2026-03-18 16:55:25 | Re: Order of InvokeObjectPostAlterHook within ATExecSetNotNull |
| Previous Message | Masahiko Sawada | 2026-03-18 16:44:46 | Re: Initial COPY of Logical Replication is too slow |