Re: Improve OAuth discovery logging

Zsolt Parragi <zsolt.parragi@percona.com>

From: Zsolt Parragi <zsolt.parragi@percona.com>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: PostgreSQL Hackers <pgsql-hackers@postgresql.org>, Jacob Champion <jacob.champion@enterprisedb.com>
Date: 2026-02-12T18:51:33Z
Lists: pgsql-hackers

Attachments

Thank you for the quick review!

> Is this valuable to administrators in production, or should this perhaps be a
> DEBUGx level logging?

No, I was even thinking about removing that completely, and then
forgot about it before sending my email.
I changed it to DEBUG1, it's definitely not needed outside of
debugging oauth issues.

Commits

  1. oauth: Don't log discovery connections by default

  2. sasl: Allow backend mechanisms to "abandon" exchanges

  3. Add FATAL_CLIENT_ONLY to ereport/elog

  4. oauth_validator: Avoid races in log_check()