public inbox for [email protected]  
help / color / mirror / Atom feed
From: Tom Lane <[email protected]>
To: Bruce Momjian <[email protected]>
Cc: Jacob Champion <[email protected]>
Cc: PostgreSQL Hackers <[email protected]>
Cc: Daniel Gustafsson <[email protected]>
Cc: Thomas Munro <[email protected]>
Cc: Nazir Bilal Yavuz <[email protected]>
Cc: Andres Freund <[email protected]>
Cc: Peter Eisentraut <[email protected]>
Cc: Antonin Houska <[email protected]>
Subject: Re: [PoC] Federated Authn/z with OAUTHBEARER
Date: Thu, 20 Mar 2025 17:08:54 -0400
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <CAOYmi+n8jHAjKKk0oT+HaOdVt7fn2w==MGoFk348ih1j-L8TDg@mail.gmail.com>
	<CAN55FZ2K_aXC89mq3UfB8Z8Okj4Qq-FRxzdrH5me5J+ytY64pg@mail.gmail.com>
	<CAOYmi+kKjhOnwU1LmDksf6RSZtVe9QXnH+6HDuiR=Cv9Z+MnFw@mail.gmail.com>
	<CA+hUKG+dMm6FyQvXM2oD269u6BBnaDoPM4DEyYzZJK6SAFCEag@mail.gmail.com>
	<[email protected]>
	<CA+hUKGKCYRS34L+BUy!5qhMF55Zg-oCMxDhnSgqm0jWkP+6jYBA@mail.gmail.com>
	<[email protected]>
	<[email protected]>
	<[email protected]>
	<CAOYmi+kn+NYA=DNMZds8sPXonAFg3dJnTgQ+vsOMXsk1Yz+3Gg@mail.gmail.com>
	<[email protected]>

Bruce Momjian <[email protected]> writes:
> On Thu, Mar 20, 2025 at 01:33:26PM -0700, Jacob Champion wrote:
>> So one question for the collective is -- putting Curl itself aside --
>> is having a basic-but-usable OAuth flow, out of the box, worth the
>> costs of a generic HTTP client?

> One observation is that security scanning tools are going to see the
> curl dependency and look at any CSVs related to them and ask us, whether
> they are using OAUTH or not.

Yes.  Also, none of this has addressed my complaint about the extent
of the build and install dependencies.  Yes, simply not selecting
--with-libcurl removes the problem ... but most packagers are under
very heavy pressure to enable all features of a package.



view thread (244+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
  Subject: Re: [PoC] Federated Authn/z with OAUTHBEARER
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox