Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1vvUHe-004R5Q-31 for pgsql-hackers@arkaria.postgresql.org; Thu, 26 Feb 2026 05:51:35 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1vvUHd-009ut2-1b for pgsql-hackers@arkaria.postgresql.org; Thu, 26 Feb 2026 05:51:33 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1vvUHd-009ust-0D for pgsql-hackers@lists.postgresql.org; Thu, 26 Feb 2026 05:51:33 +0000 Received: from forwardcorp1a.mail.yandex.net ([2a02:6b8:c0e:500:1:45:d181:df01]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.98.2) (envelope-from ) id 1vvUHZ-00000001L1o-39rd for pgsql-hackers@postgresql.org; Thu, 26 Feb 2026 05:51:32 +0000 Received: from mail-nwsmtp-smtp-corp-main-66.iva.yp-c.yandex.net (mail-nwsmtp-smtp-corp-main-66.iva.yp-c.yandex.net [IPv6:2a02:6b8:c0c:bf1f:0:640:c739:0]) by forwardcorp1a.mail.yandex.net (Yandex) with ESMTPS id DAFEAC0211; Thu, 26 Feb 2026 08:51:28 +0300 (MSK) Received: from smtpclient.apple (unknown [2a02:6bf:8080:12f::1:30]) by mail-nwsmtp-smtp-corp-main-66.iva.yp-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id QpaIgR7AjCg0-LUHsUOGm; Thu, 26 Feb 2026 08:51:27 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1772085087; bh=qtOqh3AbzHzZw/pvSWr2v78HaazaGwNW8EOMBKYySOY=; h=Message-Id:To:Date:References:Cc:In-Reply-To:From:Subject; b=YzBt1EfQpQTFkfJamWIDPSh8wZlhkejFR+EMsoP/33CRG+kbB+JZ5/WuLdizMsjDA CI4IrZuT7bxFwJ9rR8uGb+6XMhtojNwZyCK4TGzz+SZtMxzyhMREWuMb66OmJuFLLa MN62WUw1/WyxbADAjzaRXUKMVuuDSHCZ5HrYvp3w= Authentication-Results: mail-nwsmtp-smtp-corp-main-66.iva.yp-c.yandex.net; dkim=pass header.i=@yandex-team.ru Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3864.300.41.1.7\)) Subject: Re: Improve OAuth discovery logging From: Andrey Borodin In-Reply-To: Date: Thu, 26 Feb 2026 10:51:16 +0500 Cc: Jacob Champion , Chao Li , Daniel Gustafsson , PostgreSQL Hackers , Michael Paquier Content-Transfer-Encoding: 7bit Message-Id: <15434512-B3FB-4AB3-B6B3-5D85ED0B4BBE@yandex-team.ru> References: <7DB528BA-C7A0-4B23-890C-5332FB35A16E@yesql.se> <7094F798-8DD1-4974-9A04-10E147B29581@gmail.com> To: Zsolt Parragi X-Mailer: Apple Mail (2.3864.300.41.1.7) List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk This looks like nice patch addressing real issue in log analyzing. Basic idea seems correct to me WRT OAuth, but I'm not a real expert in auth. > On 25 Feb 2026, at 18:14, Zsolt Parragi wrote: > > It can't, because the if is based on ctx->state. If I move it to > before the if, I have to save the previous value, which just makes the > code longer. Well, you can do something in a line with bool was_discovery = (ctx->state == OAUTH_STATE_ERROR_DISCOVERY); ctx->state = OAUTH_STATE_FINISHED; if (was_discovery) { } But it's a matter of taste. Your code is correct anyway. We can tweak comments a bit in sasl.h: /*--------- * exchange() * * Produces a server challenge to be sent to the client. The callback * must return one of the PG_SASL_EXCHANGE_* values, depending on * whether the exchange continues, has finished successfully, or has * failed. <---- , or was abandoned by the client. * a successful outcome). The callback should set this to * NULL if the exchange is over and no output should be sent, * which should correspond to either PG_SASL_EXCHANGE_FAILURE * or a PG_SASL_EXCHANGE_SUCCESS with no outcome data. <----- or ABANDONED * failure message.) Ignored if the exchange is completed * with PG_SASL_EXCHANGE_SUCCESS. <------ or ABANDONED That's all what I could grep. And thanks for your review in my thread! Best regards, Andrey Borodin.