Re: Making changes to PgAdmin for the OAuth flow PoC with Postgres

On Fri, 18 Nov 2022 at 10:39, Khushboo Vashi
<khushboo.vashi@enterprisedb.com> wrote:
>
> Hi,
>
> On Fri, Nov 18, 2022 at 9:47 AM mahendrakar s <mahendrakarforpg@gmail.com> wrote:
>>
>> Hi PgAdmin Hackers,
>>
>>  I am working on oauth poc with Postgres, here the flow is:
>> Authentication Code with pkce
>>
> As per my knowledge, Postgres doesn't support Oauth2 authentication to connect a database server directly, of course
theother way is you can configure PEM authentication and then use it.
 
>
I'm working with pg community for oauth support on postgres and this
is the PoC which I'm working on as mentioned earlier.

>> In this flow, I need to configure or make changes to PgAdmin to
>>
>> 1. Pass additional parameters in the connection string like below for psql:
>>    ./psql  -U mahendrakars@microsoft.com -d 'dbname=postgres
>> oauth_client_id=xxxx oauth_client_secret=xxx
>> oauth_flow_type=auth_code'
>
> Did this work?
Yes, with my PoC changes in postgres, it works.
>>
>>     I am not sure how to pass these params in PgAdmin or configure it
>> to pass them.
>>
>> 2. PgAdmin needs to listen on redirection url so that the user can
>> sign in and obtain the auth_code.
>> 3 . PgAdmin needs to send the auth_code to libpq  during the oauth flow.
>> 4. Libpq sends the  refresh_token  to PgAdmin ( and used in future to
>> get the access_token in which case PgAdmin sends it to libpq).
>>
>> Can you suggest what would be the best way to do this?
>>
> We have configured the Oauth2 authentication in pgAdmin only for login to the pgAdmin app, not for the database.
> You can check the Oauth module but my suggestion is that, first you try with a simple python script for your POC,
afterthat you can try with pgAdmin.
 
>
Okay.
>> Thanks,
>> Mahendrakar.
>>
>>