As Dave mentioned, we use the user's password as an encryption key for saving Postgres passwords, and we do so by maintaining KeyManager. As for OAuth implementation, you do not have a password, you need to bypass this step ( and that is the reason you are being redirected to the login page because of no secret key). Check the code at line no 713 in https://github.com/FlorianJSa/pgadmin4/blob/OAuth2/web/pgadmin/__init__.py which is causing logout for you.
Thanks,
Khushboo
On Mon, Mar 29, 2021 at 1:57 PM Dave Page <dpage@pgadmin.org> wrote:
Hi
On Mon, Mar 29, 2021 at 9:21 AM Florian Sabonchi <sabonchi@posteo.de> wrote:
Hello I would like to integrate OAuth in PG-Admin. Unfortunately I have the error that I am redirected back to the home page. Unfortunately I could not find this error, what surprises me is that current_user.is_authenticated is set to True. For this reason I just wanted to ask maybe someone knows what the problem is. You can find my source code here:
I would be very happy if someone could help me with this problem. Because I unfortunately have no idea what this could be for an issue
Khushboo (CC'd) is most familiar with this code as she wrote the plugin auth system - hopefully she can help point you in the right direction.
However; we have discussed OAuth briefly in the past and never quite figured out what to do about saving Postgres passwords. Have you thought about that? The issue is that we won't have anything secret to use in an encryption key as pgAdmin won't see the user's password. We have the same issue with Kerberos, however the solution we came up with there was to simply disable password saving which is fine because in most environments the user will use Kerberos to authenticate to Postgres anyway (which Khushboo is working on right now).
