public inbox for [email protected]help / color / mirror / Atom feed
OAuth error when logging in 3+ messages / 3 participants [nested] [flat]
* OAuth error when logging in @ 2021-03-28 15:42 Florian Sabonchi <[email protected]> 0 siblings, 1 reply; 3+ messages in thread From: Florian Sabonchi @ 2021-03-28 15:42 UTC (permalink / raw) To: pgadmin-hackers Hello I would like to integrate OAuth in PG-Admin. Unfortunately I have the error that I am redirected back to the home page. Unfortunately I could not find this error, what surprises me is that current_user.is_authenticated is set to True. For this reason I just wanted to ask maybe someone knows what the problem is. You can find my source code here: https://github.com/FlorianJSa/pgadmin4/blob/OAuth2/web/pgadmin/authenticate/__init__.py I would be very happy if someone could help me with this problem. Because I unfortunately have no idea what this could be for an issue ^ permalink raw reply [nested|flat] 3+ messages in thread
* Re: OAuth error when logging in @ 2021-03-29 08:27 Dave Page <[email protected]> parent: Florian Sabonchi <[email protected]> 0 siblings, 1 reply; 3+ messages in thread From: Dave Page @ 2021-03-29 08:27 UTC (permalink / raw) To: Florian Sabonchi <[email protected]>; +Cc: pgadmin-hackers; Khushboo Vashi <[email protected]> Hi On Mon, Mar 29, 2021 at 9:21 AM Florian Sabonchi <[email protected]> wrote: > Hello I would like to integrate OAuth in PG-Admin. Unfortunately I have > the error that I am redirected back to the home page. Unfortunately I > could not find this error, what surprises me is that > current_user.is_authenticated is set to True. For this reason I just > wanted to ask maybe someone knows what the problem is. You can find my > source code here: > > > https://github.com/FlorianJSa/pgadmin4/blob/OAuth2/web/pgadmin/authenticate/__init__.py > > > I would be very happy if someone could help me with this problem. > Because I unfortunately have no idea what this could be for an issue > Khushboo (CC'd) is most familiar with this code as she wrote the plugin auth system - hopefully she can help point you in the right direction. However; we have discussed OAuth briefly in the past and never quite figured out what to do about saving Postgres passwords. Have you thought about that? The issue is that we won't have anything secret to use in an encryption key as pgAdmin won't see the user's password. We have the same issue with Kerberos, however the solution we came up with there was to simply disable password saving which is fine because in most environments the user will use Kerberos to authenticate to Postgres anyway (which Khushboo is working on right now). -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EDB: http://www.enterprisedb.com ^ permalink raw reply [nested|flat] 3+ messages in thread
* Re: OAuth error when logging in @ 2021-03-29 09:46 Khushboo Vashi <[email protected]> parent: Dave Page <[email protected]> 0 siblings, 0 replies; 3+ messages in thread From: Khushboo Vashi @ 2021-03-29 09:46 UTC (permalink / raw) To: Dave Page <[email protected]>; +Cc: Florian Sabonchi <[email protected]>; pgadmin-hackers Hi Florian, As Dave mentioned, we use the user's password as an encryption key for saving Postgres passwords, and we do so by maintaining KeyManager. As for OAuth implementation, you do not have a password, you need to bypass this step ( and that is the reason you are being redirected to the login page because of no secret key). Check the code at line no 713 in https://github.com/FlorianJSa/pgadmin4/blob/OAuth2/web/pgadmin/__init__.py which is causing logout for you. Thanks, Khushboo On Mon, Mar 29, 2021 at 1:57 PM Dave Page <[email protected]> wrote: > Hi > > On Mon, Mar 29, 2021 at 9:21 AM Florian Sabonchi <[email protected]> > wrote: > >> Hello I would like to integrate OAuth in PG-Admin. Unfortunately I have >> the error that I am redirected back to the home page. Unfortunately I >> could not find this error, what surprises me is that >> current_user.is_authenticated is set to True. For this reason I just >> wanted to ask maybe someone knows what the problem is. You can find my >> source code here: >> >> >> https://github.com/FlorianJSa/pgadmin4/blob/OAuth2/web/pgadmin/authenticate/__init__.py >> >> >> I would be very happy if someone could help me with this problem. >> Because I unfortunately have no idea what this could be for an issue >> > > Khushboo (CC'd) is most familiar with this code as she wrote the plugin > auth system - hopefully she can help point you in the right direction. > > However; we have discussed OAuth briefly in the past and never quite > figured out what to do about saving Postgres passwords. Have you thought > about that? The issue is that we won't have anything secret to use in an > encryption key as pgAdmin won't see the user's password. We have the same > issue with Kerberos, however the solution we came up with there was to > simply disable password saving which is fine because in most environments > the user will use Kerberos to authenticate to Postgres anyway (which > Khushboo is working on right now). > > -- > Dave Page > Blog: http://pgsnake.blogspot.com > Twitter: @pgsnake > > EDB: http://www.enterprisedb.com > > ^ permalink raw reply [nested|flat] 3+ messages in thread
end of thread, other threads:[~2021-03-29 09:46 UTC | newest] Thread overview: 3+ messages (download: mbox mbox.gz follow: Atom feed) -- links below jump to the message on this page -- 2021-03-28 15:42 OAuth error when logging in Florian Sabonchi <[email protected]> 2021-03-29 08:27 ` Dave Page <[email protected]> 2021-03-29 09:46 ` Khushboo Vashi <[email protected]>
This inbox is served by agora; see mirroring instructions for how to clone and mirror all data and code used for this inbox