| From: | Daniel Gustafsson <dgustafsson(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: doc: Clarify OAuth validator authn_id logging |
| Date: | 2026-06-05 22:22:05 |
| Message-ID: | E1wVcvV-001Fkp-2Z@gemulon.postgresql.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers pgsql-hackers |
doc: Clarify OAuth validator authn_id logging
Document that OAuth validators can return an authenticated identity
in the authn_id member. The server records the identity value before
checking if the connection is authorized, so it may appear in
connection-authentication logs (even if the connection later fails
authorization).
Also remove outdated wording saying that all result parameters are
ignored when a validator returns false since validators may provide
error_detail.
Patch by Chao Li with some additional wordsmithing by me.
Author: Chao Li <lic(at)highgo(dot)com>
Reviewed-by: Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>
Reported-by: Daniel Gustafsson <daniel(at)yesql(dot)se>
Discussion: https://postgr.es/m/0281836A-F5FF-41A5-9EE1-656C1FAAC6B2@gmail.com
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/4cb2e2fe0aa8251bef8c2e2351cd5a062c105c0a
Modified Files
--------------
doc/src/sgml/oauth-validators.sgml | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2026-06-05 23:17:27 | pgsql: pg_surgery: Fix off-by-one bug with heap offset |
| Previous Message | Daniel Gustafsson | 2026-06-05 20:18:13 | pgsql: doc: Use groups instead of curves in TLS documentation |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2026-06-05 22:22:38 | Re: Fix OAuth validator docs for error_detail on internal errors |
| Previous Message | Tom Lane | 2026-06-05 22:09:47 | Re: Remove the refint contrib module (for v20) |