Message-ID: From: "davecramer (@davecramer)" To: "pgjdbc/pgjdbc" Date: Tue, 05 May 2026 09:59:40 +0000 Subject: Re: [pgjdbc/pgjdbc] issue #3816: Implement OAUTHBEARER to support PostgreSQL 18 OAuth flow In-Reply-To: References: List-Id: X-GitHub-Author-Login: davecramer X-GitHub-Comment-Id: 4378244912 X-GitHub-Comment-Type: issue_comment X-GitHub-Issue: 3816 X-GitHub-Repo: pgjdbc/pgjdbc X-GitHub-Type: comment X-GitHub-Url: https://github.com/pgjdbc/pgjdbc/issues/3816#issuecomment-4378244912 Content-Type: text/plain; charset=utf-8 > Hi [@vlsi](https://github.com/vlsi) , I would like to work on this and I need some help to plan implementation. I have couple of questions and will appreciate any help: > > 1. I got response from ongres/scram maintainer that OAUTH support is out of scope for them. So I plan to implement the support completely within this project. Is it fine? > 2. OAUTH uses JSON for request/response. Can I add some library to handle serialization? If yes do you have any preference? > 3. There are two scenarios: > a) User already has token and just passes it during initialization. In fact it should be lambda func that returns token as app may want to refresh it. > b) User don't have any token, makes empty auth request and PG returns info from obtaining token. Here libpq has injection point where custom logic can be added while by default it just logs this information. Does pgjdbc need injection point as well and what should be the default behavior? I think we want b) which will allow us to call out to functions to get input Dave