Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1w3eMd-001QQ8-1w
	for pgsql-hackers@arkaria.postgresql.org;
	Fri, 20 Mar 2026 18:14:27 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.96)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1w3eMc-007jgD-0I
	for pgsql-hackers@arkaria.postgresql.org;
	Fri, 20 Mar 2026 18:14:26 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <jacob.champion@enterprisedb.com>)
	id 1w3eMb-007jg5-2E
	for pgsql-hackers@lists.postgresql.org;
	Fri, 20 Mar 2026 18:14:26 +0000
Received: from mail-qv1-xf33.google.com ([2607:f8b0:4864:20::f33])
	by makus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.98.2)
	(envelope-from <jacob.champion@enterprisedb.com>)
	id 1w3eMZ-00000000CzX-2p0Z
	for pgsql-hackers@postgresql.org;
	Fri, 20 Mar 2026 18:14:24 +0000
Received: by mail-qv1-xf33.google.com with SMTP id
 6a1803df08f44-89c4bc36053so13764596d6.2
        for <pgsql-hackers@postgresql.org>;
 Fri, 20 Mar 2026 11:14:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1774030463; cv=none;
        d=google.com; s=arc-20240605;
        b=DCb4pJskHmtC0nkcpeqbUxWIJUuXzq+A9UyByfkJX2lw5Bw3kLQlEI/EthE4OhXxzi
         cknrk9ltgHI9h7jUEn9/EjcJFaIfesWMODoUGLrI6stvSc55jGS8vJBK5zAqMGXiP5H3
         1uxOoqlUEW7gofTJvsmjzoV49uS9Vyg598/DAKe30YyhFIYxqxq49Zxru6iCx14HHVTA
         FfsM+skx2VTT7k/B1o7zqXLvRBJan6menyEYuEoTxq8But/H20L9m9voHRPtBlNmxond
         66TyXV9zUk1h5qSQtHgTD80A0HzhIudnJCQp7dVa/fzlpiXMHni+f/8vF18grFzhNC9+
         7QEQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=x5lZrgp3lJLuPc1Cl1p1plkO0JijnWVY/rR154KN7qo=;
        fh=xRt+XESAZCN0lHsPG3Pv/iSIq3AAWEki2QTw6oEvcoo=;
        b=OBT6760RzKAVQHn6zYR7BHl5DDu3p4hkKofJdOppe6vaoKD+Y2kRyYYCIFBjFyAE0a
         EbXuNqEDq655p8J56QZNqWQRg6uFJochJDTl5YSgt0xl8wbYCa2pD9VbfGmoLslDp9II
         jIx4lyE44C5BAR+kdtkS59A+TnPryHP6qhrb5d7l29YrKLgRWjReB3QUVek4NLEC/kvI
         xB0nA82fMmXYRU/fCkZedgnJXSo+0ul1qfSB56fhyvYnVX9cgY/l+VkAVgk4KyJB7pkF
         sZzeda+/60UummLfHQODYMFwVUO2rtyn5zCvgxQjC3Ek/6AdPqZp+4oNyVE9pdbnga9V
         GCSg==;
        darn=postgresql.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=enterprisedb.com; s=google; t=1774030463; x=1774635263;
 darn=postgresql.org;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=x5lZrgp3lJLuPc1Cl1p1plkO0JijnWVY/rR154KN7qo=;
        b=R2Hpbj9GDRHypwbnzRmur6TwlmaRCSWyHtHMagul4U/ELzsXPQqUHqMqrXttnCSt2w
         OKDoz2LnxqOoaviJetZkBAKUUN2eYMDbvFutNVjFKoM+EvLGPS4g2UGkksa3Zqi+Ild6
         J1pCwG9AV9UL/l5Gw43CAZoZSEQt7bluvXPtrUvNOtDovVM4EXHoJ++6kMqRdHwNbnD1
         m1biRIZMBFd0i3cxG+GDjldRkJBwbqF28lSngj7MdwIADKSK9FulvwcyNQIdahgHH9uR
         b0iv5RqZvjwzPmkiDCmaSXIpg0dhvQaJvCal0W7e0xW7fwqJgks44i4yRHWgrwY3a516
         af2Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1774030463; x=1774635263;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-gg:x-gm-message-state:from
         :to:cc:subject:date:message-id:reply-to;
        bh=x5lZrgp3lJLuPc1Cl1p1plkO0JijnWVY/rR154KN7qo=;
        b=ip2cC9PsSusIQvixhr3WixlXorWaK7TnqTdbdKgsgDtsdlXeyyCHL97VcBqriLxrYr
         QHkRO1l/PSODb9mv2Wr8APXK23Sn0bOcPk72pB2yWJMMexpjNNEJM9BPPAQy22PhY4c6
         WcrLwN7OIrfyQdvzNeMmvw723HrGdWOY5vaeJh6vzCrfPSRs6lGziLgOgIzYzNj0S191
         UMY+NEPszBFy11PF7um5EBKmWFZAZgwRzfjK38cdeZh8UtV0BuTg1z+CtU/56kPtnJ0c
         STi1a7AX5di0ngayQCQcHIBoXKRu2sCu+yWsRQ7P2IwRcnb2//BuBCT7LOv+aUrL3bxJ
         TYeA==
X-Forwarded-Encrypted: i=1;
 AJvYcCWMrwf4SFnRwAZNZWlePJt+RuLNUSnJomejf5g7LggWXuQeV1ktSk+EvYS2ROmfX5p1Oe//xqWoZa45X4s+@postgresql.org
X-Gm-Message-State: AOJu0YxwuGPQbat8lbgvQCq0EcOchWuQx1ZJ9OiXeJpie6NQ54ut5YSK
	uTJRvt/kKDRFPYEoE5csc1z5Vt51OumSxybsizN9lsPY/CEOBdZXcLbrZxyymeBChhU+m4Q4dmx
	ZsK0o9GUGxrDEwdlrq46DmZwPPss36rH3JL5lsMIW
X-Gm-Gg: ATEYQzxYCQ4j6aBsn7lAZ44TRkvKzlkCJXPlb8xcmHW2zgATR5Hj9TOoS+dmPEO6dp4
	WsZCn2q7G8UWL50NBhcxiJFlW25Ov2w53YQDqwdT29W2+VJxCjNdMYLXPjQf0zpqEafzQaPaCY+
	8PpwXXZg+Wu4RNulTYZ5wJyUR/xZNmQOv3xaXChX0OTZh5U8CZWcOtLAhHSzerbyI+9QqJDbasl
	lwgiBDh3C9JoCxWL8pXyzHH4AmBPD5ZRR0Z2w1XeMKAiDAQeBWcZK+C+XuMI99oXMLJL1FeRg0F
	yCbFe7ZnACWPXC4gcq41
X-Received: by 2002:a05:6214:4c45:b0:899:f0d6:98c6 with SMTP id
 6a1803df08f44-89c85a96018mr49764366d6.38.1774030462529; Fri, 20 Mar 2026
 11:14:22 -0700 (PDT)
MIME-Version: 1.0
References: 
 <CAN4CZFPim7hUiyb7daNKQPSZ8CvQRBGkVhbvED7yZi8VktSn4Q@mail.gmail.com>
 <7DB528BA-C7A0-4B23-890C-5332FB35A16E@yesql.se>
 <CAN4CZFNNfhFCQdFWui5HWbQR60eM-cyndZ7YgSv7b5SKxB9C2A@mail.gmail.com>
 <CAOYmi+mDSmh6RNizHRmMAwg4ZP2W=uai3Fr3-wm186NMypf_Pg@mail.gmail.com>
 <CAN4CZFNJftK8NaREYaLi-wqpEz3=crQ=1+3f_XUVji=aOrDSWA@mail.gmail.com>
 <7094F798-8DD1-4974-9A04-10E147B29581@gmail.com>
 <CAOYmi+kjtmRMBdBU3_bGKGDoRSK2AErXbGtHkAjFRapcQNmjhA@mail.gmail.com>
 <CAN4CZFNWBXtF-ML3yzdOvX3QEuUwVo5VrBzyWU3O=y-7SeDstA@mail.gmail.com>
 <15434512-B3FB-4AB3-B6B3-5D85ED0B4BBE@yandex-team.ru>
 <CAN4CZFNscs=hiOkRJYF39r7AD7ef9+MR+O2BQdEtE_2Ajdo5qw@mail.gmail.com>
 <CAOYmi+nVzkoLjzNk_58e0NnUPi9uVXwmurK2QP6CzC2WOpqwbg@mail.gmail.com>
 <CAN4CZFPjiUQbKo2q+ovs--AHkjvaE8OJyncB9xu5b+1gp=HHPQ@mail.gmail.com>
 <CAOYmi+=SR_nJJBh7UXZzK8Zbs21L2RUNkW3d9aPRkQOHj1bBPA@mail.gmail.com>
 <CAN4CZFO7ju7fjjv+qwObP8_V-Tdx463zV8F7u_s6wtg9ANVWVg@mail.gmail.com>
 <CAOYmi+kEYA0Tp2son-+Ti1wvSAPov87AVFf4qXATTOHRX1F2gg@mail.gmail.com>
 <CAN4CZFOmym1BaV_U2V56aOyRp2JMrw5nfn6kwcAEcu_RWK-F3Q@mail.gmail.com>
 <99C6E80B-8770-41C2-8084-BF3C7F389FFF@yandex-team.ru>
 <CAN4CZFN7u1kX3_0cfyVvtfiWpORxnvZo=xCr9Ag-F5Onp-hpbA@mail.gmail.com>
 <1B58D836-6B8F-4B9A-9B84-08965E5AA06B@yandex-team.ru>
 <CAOYmi+kxfGEKw7frQPxWYEA6Qe4BLc683UCNPTYCLdCCV0b4Jw@mail.gmail.com>
 <CAN4CZFP--Ec8hMgpu7JojgK9qS08bNnev0c6goA++T4Ozy8bOQ@mail.gmail.com>
 <CAOYmi+nsK1dSXaB+oicoyA6kM9ymygCLhSiKtkg1ph_P1uhYOQ@mail.gmail.com>
 <1AB529D5-6F5D-426D-AB99-12BB7DD394D3@gmail.com>
 <CAN4CZFOwmgyv1002=EZTSM__97gX-1fG0Q3Q4Zy=XviVtZPRxg@mail.gmail.com>
 <CAOYmi+=y=iAQ11E6jpUzOKsP8ARVK7g5=etaE3RsrtetFTN-+w@mail.gmail.com>
 <CAN4CZFO-asVDRLBXKZpbYeQh1dKKVHR6i_oHSrbuzfBu0v1Cyw@mail.gmail.com>
In-Reply-To: 
 <CAN4CZFO-asVDRLBXKZpbYeQh1dKKVHR6i_oHSrbuzfBu0v1Cyw@mail.gmail.com>
From: Jacob Champion <jacob.champion@enterprisedb.com>
Date: Fri, 20 Mar 2026 11:14:10 -0700
X-Gm-Features: AaiRm51n1lYLDgjBzJ1qMCD3XQh-UzTJlS2YOv1OrhVbcCItXd9FMVotE1VSaVc
Message-ID: 
 <CAOYmi+mw0ss04usMi-ShJPdAi9tmF=aO6SyM8qrtd8WfZsS7ag@mail.gmail.com>
Subject: Re: Improve OAuth discovery logging
To: Zsolt Parragi <zsolt.parragi@percona.com>
Cc: Chao Li <li.evan.chao@gmail.com>, Andrey Borodin <x4mmm@yandex-team.ru>,
	Daniel Gustafsson <daniel@yesql.se>,
 PostgreSQL Hackers <pgsql-hackers@postgresql.org>,
	Michael Paquier <michael@paquier.xyz>, Tom Lane <tgl@sss.pgh.pa.us>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: 
 <https://www.postgresql.org/message-id/CAOYmi%2Bmw0ss04usMi-ShJPdAi9tmF%3DaO6SyM8qrtd8WfZsS7ag%40mail.gmail.com>
Precedence: bulk

On Tue, Mar 17, 2026 at 2:19=E2=80=AFPM Zsolt Parragi <zsolt.parragi@percon=
a.com> wrote:
> > That's not really true, because the caller hardcodes the mechanism
> > descriptor.
>
> I meant that the caller shouldn't depend on the implementation details
> of the mechanism. The abandoned comment says that  '"Abandoned" is a
> SASL-specific state similar to STATUS_EOF ...', yet later it also
> depends on an implementation detail of which sasl mechanism actually
> use it.

I don't disagree, I'm just trying to point out that this coupling is
already part of CheckSASLAuth. See e.g. the handling of shadow_pass.

(I'm not very worried about this, because we're free to improve this
API at any time, and there are only two callers. Michael was very
receptive to prefactoring patches here prior to the addition of
OAUTHBEARER, and I expect we'll continue to refactor it if/when more
mechanisms show up. It's just hard to pull a general interface out of
two mechanisms as dissimilar as SCRAM and OAuth.)

> The patch is also good as-is, all these comments in the last few
> messages are just very minor details, I probably spent way too much
> time thinging about how to make this not oauth specific in the generic
> part of the code.

I appreciate the review!

I'm not in a rush to get this patch pushed, and I want to give Michael
ample time to weigh in. (Personally, I don't think anyone is likely to
argue against the behavior change here, only against how it's being
done. We have alternative implementations available if there are
strong opinions late in the cycle. So I feel pretty confident we can
land a fix for 19.)

Thanks,
--Jacob