Message-ID: From: "artemgavrilov (@artemgavrilov)" To: "pgjdbc/pgjdbc" Date: Tue, 05 May 2026 14:09:30 +0000 Subject: Re: [pgjdbc/pgjdbc] issue #3816: Implement OAUTHBEARER to support PostgreSQL 18 OAuth flow In-Reply-To: References: List-Id: X-GitHub-Author-Login: artemgavrilov X-GitHub-Comment-Id: 4380072881 X-GitHub-Comment-Type: issue_comment X-GitHub-Edited-At: 2026-05-05T14:10:32Z X-GitHub-Issue: 3816 X-GitHub-Repo: pgjdbc/pgjdbc X-GitHub-Type: comment X-GitHub-Url: https://github.com/pgjdbc/pgjdbc/issues/3816#issuecomment-4380072881 Content-Type: text/plain; charset=utf-8 > Don't we already have something like this via AuthenticationPlugin? > > https://github.com/pgjdbc/pgjdbc/blob/master/pgjdbc/src/main/java/org/postgresql/plugin/AuthenticationPlugin.java Yep, probably this interface can be extended with something like this: ``` // This differs from getPassword in the way were it's invoked. Password can be fetched when authenticator created because // it hasn't TTL, while token should be fetched right before connection creation. This method will cover case A, when user // knows how and where to obtain token. char @Nullable [] getToken(AuthenticationRequestType type) throws PSQLException; // This is for case B, when PG returns information how to obtain token. If this method is not implemented we may fallback to // just logging this info. char @Nullable [] getToken(AuthenticationRequestType type, Scope scope, URL url) throws PSQLException; ``` Please note that it's just a high level thoughts, I'm still digging sources to find a proper solution.