Home > mailing lists

Re: [PoC] Federated Authn/z with OAUTHBEARER - Mailing list pgsql-hackers

From	Jacob Champion
Subject	Re: [PoC] Federated Authn/z with OAUTHBEARER
Date	April 8 22:22:55
Msg-id	CAOYmi+=k23JU3wk0jo5KDwDGLBdthPvAXZJ+YJw7aFEX7YvqcQ@mail.gmail.com Whole thread Raw
In response to	Re: [PoC] Federated Authn/z with OAUTHBEARER (Bruce Momjian <bruce@momjian.us>)
List	pgsql-hackers

Tree view

On Tue, Apr 8, 2025 at 11:25 AM Bruce Momjian <bruce@momjian.us> wrote:
> However, is this
> true for libpq libraries or database server libraries.  Does it matter?

The dependency on Curl is through libpq. We have some server-side
features that pull in libpq and would transitively depend on Curl. But
for Curl to be initialized server-side, the two peers still have to
agree on the use of OAuth.

It seems unlikely that users would opt into that for, say,
postgres_fdw in PG18, because the Device Authorization flow is the
only one we currently ship, and it's intended for end users. A flow
that prints a code to stderr is not very helpful for your proxy.

--Jacob

pgsql-hackers by date:

From: Jacob Champion
Date: 08 April, 22:07:51
Subject: Re: [PoC] Federated Authn/z with OAUTHBEARER

From: "Euler Taveira"
Date: 08 April, 22:26:52
Subject: Re: Feature freeze

Re: [PoC] Federated Authn/z with OAUTHBEARER - Mailing list pgsql-hackers

Previous

Next