Re: Improve OAuth discovery logging
Zsolt Parragi <zsolt.parragi@percona.com>
From: Zsolt Parragi <zsolt.parragi@percona.com>
To: Jacob Champion <jacob.champion@enterprisedb.com>
Cc: Andrey Borodin <x4mmm@yandex-team.ru>, Chao Li <li.evan.chao@gmail.com>, Daniel Gustafsson <daniel@yesql.se>,
PostgreSQL Hackers <pgsql-hackers@postgresql.org>, Michael Paquier <michael@paquier.xyz>, Tom Lane <tgl@sss.pgh.pa.us>
Date: 2026-03-05T20:11:23Z
Lists: pgsql-hackers
Attachments
- v6-0001-Improve-OAuth-discovery-logging.patch (application/octet-stream) patch v6-0001
Attached v6 with the problematic log expectation removed. > Easier said than done, I think. I've wanted to teach the server how to > bracket logs of interest for testing purposes for a while now; I don't > mind using this as a catalyst. But I don't think it should be done as > part of this thread. Yes, I want to look at how to make connect_ok/connect_fails more reliable for oidc scenarios, but let's not make this dependent on that, my first idea to do it wasn't 100% reliable based on some targeted testing.
Commits
-
oauth: Don't log discovery connections by default
- e020a897efea 19 (unreleased) landed
-
sasl: Allow backend mechanisms to "abandon" exchanges
- c4ff16339f07 19 (unreleased) landed
-
Add FATAL_CLIENT_ONLY to ereport/elog
- c2bca7cc9621 19 (unreleased) landed
-
oauth_validator: Avoid races in log_check()
- ab8af1db4303 19 (unreleased) cited