Add per connection support for OAuth 2.0 with PostgreSQL 18#700
Open
larskanis wants to merge 8 commits intoged:masterfrom
Open
Add per connection support for OAuth 2.0 with PostgreSQL 18#700larskanis wants to merge 8 commits intoged:masterfrom
larskanis wants to merge 8 commits intoged:masterfrom
Conversation
Since the buitt-in OAuth hooks in libpq can return timerfd and not jsut a socket when you ask for the current file descriptor we are waiting on we need to make sure to use the right Ruby class to wrap the file descriptor, if it is not a valid socket we should use IO.
Async is not supported yet,
To avoid overly complicated or duplicated definitions.
This allows to pass the OAuth request to the related PG::Connection object. The intention of this change is to prepare for a connection local hook. Another option would be to wrap the PGconn address in the callback into a regular PG::Connection object. But this is difficult to combine with the garbage collector. In the end a wrapped object isn't needed, since the PG::Connection is already present after `PG::Connection.connect_start`. This is before the hook is called. So in the callback it's enough to compare the PGconn addresses.
The per connection hook works only in async mode, but sync API in ruby-pg is documented as for testing only and they have several flaws already. So I don't think there is any need to support them with the OAuth hook. Therefore on sync API the only supported option is non-hooked OAuth. This moves common code to helpers and hooked OAuth to async specs. Connecting with a OAuth hook within a Ractor is currently also not possible, but might be changed in future.
larskanis
force-pushed
the
oauth
branch
2 times, most recently
from
b4ac6df to
260c964
Compare
This doesn't expose the global function PQsetAuthDataHook to ruby, but only the one per connection. The conversion of "PGconn *" -> "PG::Connection object" is no longer done per WeakMap, but per st_table. That should make it easier to get Ractor compatible.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is based on #693, but changed it to a hook which is set as a connection parameter.
I plan to make it based on
st_tableinstead of handling in ruby.That should make it Ractor compatible.
Let's see what looks better...