Re: Periodic authorization expiration checks using GoAway message

Jacob Champion <jacob.champion@enterprisedb.com>

From: Jacob Champion <jacob.champion@enterprisedb.com>
To: Ajit Awekar <ajitpostgres@gmail.com>
Cc: Zsolt Parragi <zsolt.parragi@percona.com>, Jelte Fennema-Nio <postgres@jeltef.nl>, Hannu Krosing <hannuk@google.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>, Dave Cramer <davecramer@gmail.com>, Heikki Linnakangas <hlinnaka@iki.fi>
Date: 2025-12-16T20:22:11Z
Lists: pgsql-hackers
On Tue, Dec 16, 2025 at 1:15 AM Ajit Awekar <ajitpostgres@gmail.com> wrote:
> >What I meant that we can already implement a background process that
> >watches active (oauth) connections, and either:
>
> >Revalidates tokens periodically using introspection APIs
>
> +1 as this will  offload validation logic to a dedicated background process.

Is the hope that batching validation will make things more efficient,
or is there another goal to using a background process? You still have
to communicate back to each backend.

--Jacob