Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1llPw0-00040i-7O for pgadmin-hackers@arkaria.postgresql.org; Tue, 25 May 2021 05:48:56 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1llPvz-0003Ea-4W for pgadmin-hackers@arkaria.postgresql.org; Tue, 25 May 2021 05:48:55 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1llPvy-0003ES-RG for pgadmin-hackers@lists.postgresql.org; Tue, 25 May 2021 05:48:54 +0000 Received: from mail-lj1-x233.google.com ([2a00:1450:4864:20::233]) by makus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1llPvu-00015f-H1 for pgadmin-hackers@postgresql.org; Tue, 25 May 2021 05:48:53 +0000 Received: by mail-lj1-x233.google.com with SMTP id p20so36566303ljj.8 for ; Mon, 24 May 2021 22:48:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=enterprisedb-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=vy99C+xPSCGSUA5WwC3T01wX7w5687DrXwO7jkOjpwU=; b=wRGjzANYbhrkYF0JTTkXsQVigMiug8uurmsPL/gAUCaceSlHk0A6y6NmkIdpTlay8z dzHgci1PUfq5GnRyzj9PXuz5917ukSjc1MU8U6W0Zgb4SJemwRgdvtSDCNL1vMm62NFU DNqSh2FQEKio29uFx3MFCZbyZu/WkMmLulvVpjDc20RcOBLZ91kL2FCeYx3PLUX6PQf0 Yzryxmm1hzu12HpG0wBYlCq0Db72wQMc/XCg+8G+DG5pF77jkSnqEOcFK+BO3pQqXLMt 5w71QmiChGx4s6BaSAqcMdhwv2f5K8FYiaoYVnC3lTUVozC6cWsfwzAUKLr2J1JTkC8W mWNg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vy99C+xPSCGSUA5WwC3T01wX7w5687DrXwO7jkOjpwU=; b=stkSVMYPaLCtiH0d9aCCp1F6ovwTtsrFfH98O+SLQLPThHgYmCrsDDQm9vPsSed5Ce RLi6XQGnsZjrDE2zNhfgdE+Pz/iDpzgGkAlKcODAyPNwGaeU/FbI9EXCd1f3oDer8h6l /+lkHLQNtRwb6lzF+/J46fUmZwppjFkslyzVyc7gyXi9Af7WjXPn+Md18ZWGjfmGOiLz NDMlWCwJc3sIlxm2Dt6se5Vx6HwXMKoXDLDiNnXiguZJn5NYokcGs5RwEBXY7YEyJM1B CSAI2WWajsVhhy4DIeKkZTr37/yYIl9IMjwRrA0uGzZWYVCr8P82eufKOiE3D0hJWWhR BHhQ== X-Gm-Message-State: AOAM532XIPzjEqQDOvOcNtnP9KzhC/1de8MfiIclw4MA27C+QLkweCNw i1s8qJoHsleHqpB4tb5yedMX40zHJc/FWMiyckFNtoxZiMMw3OzN9LH9vRPdXl84q7dAmXadTcy WKjeHfZtl+mupMDN/jzigYjB47vf6t2nmb36GptMj6uT4hrc9LMUUS4d2A2iOxypesWfOnO9BbT Cs1xKi5Zyxym0KZHABHNHZOoHAKXFyINi5vyPtlX/Gqv/X11FQMTQUFjvcUg== X-Google-Smtp-Source: ABdhPJzb3zTasPHHAVZnTgNGjt+vOz+cHNWQpRc7gxtuunGUHuXd5TlqZMmBjmG9/6OXVPpDAT8im7dxUNWDbwgdkJQ= X-Received: by 2002:a2e:2a02:: with SMTP id q2mr18946905ljq.73.1621921727250; Mon, 24 May 2021 22:48:47 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Khushboo Vashi Date: Tue, 25 May 2021 11:18:22 +0530 Message-ID: Subject: Re: oauth2 patch To: Florian Sabonchi Cc: pgadmin-hackers Content-Type: multipart/alternative; boundary="000000000000683bf405c32114e5" X-CLOUD-SEC-AV-Info: enterprisedb,google_mail,monitor X-CLOUD-SEC-AV-Sent: true X-Gm-Spam: 0 X-Gm-Phishy: 0 List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --000000000000683bf405c32114e5 Content-Type: text/plain; charset="UTF-8" Hi Florian, I have reviewed your patch, some modifications are required as below. I have started working on top of your patch to accommodate the required changes. - Proper handling of Master Password in Server Mode as it was introduced only in Desktop mode. - Encryption/Decryption of the server password if Master Password is disabled, currently if I disable the master password, I could not connect the server with your patch. - Proper documentation, comments. - Minor UI modifications, like introducing a configurable icon with the Oauth login button etc. You can track the progress, ref https://redmine.postgresql.org/issues/5940, I have attached your initial patch in the RM itself. Thanks, Khushboo On Mon, May 10, 2021 at 4:02 PM Khushboo Vashi < khushboo.vashi@enterprisedb.com> wrote: > > > On Mon, May 10, 2021 at 10:59 AM Akshay Joshi < > akshay.joshi@enterprisedb.com> wrote: > >> Hi Khushboo >> >> Can you please review the patch? >> > On it. > >> >> On Sun, May 9, 2021 at 12:53 AM Florian Sabonchi >> wrote: >> >>> Hello in this patch I have implemented OAuth2. Unfortunately I wasn't >>> sure how the test should look like, because I couldn't find anything in >>> the developer documentation, so I decided not to write one for now. >>> >>> The configuration has to look like this here is an example for github: >>> >>> OAUTH2_NAME = 'github' >>> OAUTH2_CLIENT_ID = 'secret' >>> OAUTH2_CLIENT_SECRET = 'secret' >>> OAUTH2_TOKEN_URL = 'https://github.com/login/oauth/access_token' >>> OAUTH2_AUTHORIZATION_URL = 'https://github.com/login/oauth/authorize' >>> OAUTH2_API_BASE_URL = 'https://api.github.com/' >>> OAUTH2_USERINFO_ENDPOINT = 'https://api.github.com/user' >>> OAUTH_ENDPOINT_NAME = 'user' >>> >>> >>> >> >> -- >> *Thanks & Regards* >> *Akshay Joshi* >> *pgAdmin Hacker | Principal Software Architect* >> *EDB Postgres * >> >> *Mobile: +91 976-788-8246* >> > --000000000000683bf405c32114e5 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi Florian,

I have reviewed your patch,= some modifications are required as below. I have started working on top of= your patch to accommodate=C2=A0the required changes.

<= div>- Proper handling of Master Password in Server Mode as it was introduce= d=C2=A0only in Desktop mode.
- Encryption/Decryption of the serve= r password if Master Password is disabled, currently if I disable the maste= r password, I could not connect the server with your patch.
- Pro= per documentation, comments.
- Minor UI modifications, like intro= ducing a configurable icon with the Oauth login button etc.

<= /div>
You can track the progress, ref https://redmine.postgresql.org/issues/5940, I hav= e attached your initial patch in the RM itself.

Th= anks,
Khushboo



=





On Mon, May 10,= 2021 at 4:02 PM Khushboo Vashi <khushboo.vashi@enterprisedb.com> wrote:


On Mon, May 10, 2021 at 10:59 AM Akshay Joshi <akshay.joshi@enterprisedb.c= om> wrote:
Hi Khushboo

Can you please review the= patch?
On it.=C2=A0

On Sun, May 9, 2021 at 12:53 AM Florian Sabonchi &l= t;sabonchi@posteo.d= e> wrote:
Hello in this patch I have implemented OAuth2. Unfortunately I wasn't =
sure how the test should look like, because I couldn't find anything in=
the developer documentation, so I decided not to write one for now.

The configuration has to look like this here is an example for github:

OAUTH2_NAME =3D 'github'
OAUTH2_CLIENT_ID =3D 'secret'
OAUTH2_CLIENT_SECRET =3D 'secret'
OAUTH2_TOKEN_URL =3D 'https://github.com/login/oauth/= access_token'
OAUTH2_AUTHORIZATION_URL =3D 'https://github.com/login/o= auth/authorize'
OAUTH2_API_BASE_URL =3D 'https://api.github.com/'
OAUTH2_USERINFO_ENDPOINT =3D 'https://api.github.com/user' OAUTH_ENDPOINT_NAME =3D 'user'




--
Thank= s & Regards
Akshay Joshi
pgAdmin Hacker | Principal Softw= are Architect
EDB Po= stgres
Mobile: +91 976-788-8246

--000000000000683bf405c32114e5--