Обсуждение: Making changes to PgAdmin for the OAuth flow PoC with Postgres

Поиск
Список
Период
Сортировка

Making changes to PgAdmin for the OAuth flow PoC with Postgres

От
mahendrakar s
Дата:
Hi PgAdmin Hackers,

 I am working on oauth poc with Postgres, here the flow is:
Authentication Code with pkce

In this flow, I need to configure or make changes to PgAdmin to

1. Pass additional parameters in the connection string like below for psql:
   ./psql  -U mahendrakars@microsoft.com -d 'dbname=postgres
oauth_client_id=xxxx oauth_client_secret=xxx
oauth_flow_type=auth_code'
    I am not sure how to pass these params in PgAdmin or configure it
to pass them.
2. PgAdmin needs to listen on redirection url so that the user can
sign in and obtain the auth_code.
3 . PgAdmin needs to send the auth_code to libpq  during the oauth flow.
4. Libpq sends the  refresh_token  to PgAdmin ( and used in future to
get the access_token in which case PgAdmin sends it to libpq).

Can you suggest what would be the best way to do this?

Thanks,
Mahendrakar.

Re: Making changes to PgAdmin for the OAuth flow PoC with Postgres

От
Aditya Toshniwal
Дата:
Hi Mahendrakar,

pgAdmin is not an OAuth2 client/Middleware. It is a PostgreSQL management tool/client.
pgAdmin is not suited for your requirement.

On Fri, Nov 18, 2022 at 9:47 AM mahendrakar s <mahendrakarforpg@gmail.com> wrote:
Hi PgAdmin Hackers,

 I am working on oauth poc with Postgres, here the flow is:
Authentication Code with pkce

In this flow, I need to configure or make changes to PgAdmin to

1. Pass additional parameters in the connection string like below for psql:
   ./psql  -U mahendrakars@microsoft.com -d 'dbname=postgres
oauth_client_id=xxxx oauth_client_secret=xxx
oauth_flow_type=auth_code'
    I am not sure how to pass these params in PgAdmin or configure it
to pass them.
2. PgAdmin needs to listen on redirection url so that the user can
sign in and obtain the auth_code.
3 . PgAdmin needs to send the auth_code to libpq  during the oauth flow.
4. Libpq sends the  refresh_token  to PgAdmin ( and used in future to
get the access_token in which case PgAdmin sends it to libpq).

Can you suggest what would be the best way to do this?

Thanks,
Mahendrakar.




--
Thanks,
Aditya Toshniwal
pgAdmin Hacker | Software Architect | edbpostgres.com
"Don't Complain about Heat, Plant a TREE"

Re: Making changes to PgAdmin for the OAuth flow PoC with Postgres

От
Khushboo Vashi
Дата:
Hi,

On Fri, Nov 18, 2022 at 9:47 AM mahendrakar s <mahendrakarforpg@gmail.com> wrote:
Hi PgAdmin Hackers,

 I am working on oauth poc with Postgres, here the flow is:
Authentication Code with pkce

As per my knowledge, Postgres doesn't support Oauth2 authentication to connect a database server directly, of course the other way is you can configure PEM authentication and then use it. 

In this flow, I need to configure or make changes to PgAdmin to

1. Pass additional parameters in the connection string like below for psql:
   ./psql  -U mahendrakars@microsoft.com -d 'dbname=postgres
oauth_client_id=xxxx oauth_client_secret=xxx
oauth_flow_type=auth_code'
Did this work? 
    I am not sure how to pass these params in PgAdmin or configure it
to pass them.
2. PgAdmin needs to listen on redirection url so that the user can
sign in and obtain the auth_code.
3 . PgAdmin needs to send the auth_code to libpq  during the oauth flow.
4. Libpq sends the  refresh_token  to PgAdmin ( and used in future to
get the access_token in which case PgAdmin sends it to libpq).

Can you suggest what would be the best way to do this?

We have configured the Oauth2 authentication in pgAdmin only for login to the pgAdmin app, not for the database.
You can check the Oauth module but my suggestion is that, first you try with a simple python script for your POC, after that you can try with pgAdmin.

Thanks,
Mahendrakar.


Re: Making changes to PgAdmin for the OAuth flow PoC with Postgres

От
mahendrakar s
Дата:
On Fri, 18 Nov 2022 at 10:39, Khushboo Vashi
<khushboo.vashi@enterprisedb.com> wrote:
>
> Hi,
>
> On Fri, Nov 18, 2022 at 9:47 AM mahendrakar s <mahendrakarforpg@gmail.com> wrote:
>>
>> Hi PgAdmin Hackers,
>>
>>  I am working on oauth poc with Postgres, here the flow is:
>> Authentication Code with pkce
>>
> As per my knowledge, Postgres doesn't support Oauth2 authentication to connect a database server directly, of course
theother way is you can configure PEM authentication and then use it.
 
>
I'm working with pg community for oauth support on postgres and this
is the PoC which I'm working on as mentioned earlier.

>> In this flow, I need to configure or make changes to PgAdmin to
>>
>> 1. Pass additional parameters in the connection string like below for psql:
>>    ./psql  -U mahendrakars@microsoft.com -d 'dbname=postgres
>> oauth_client_id=xxxx oauth_client_secret=xxx
>> oauth_flow_type=auth_code'
>
> Did this work?
Yes, with my PoC changes in postgres, it works.
>>
>>     I am not sure how to pass these params in PgAdmin or configure it
>> to pass them.
>>
>> 2. PgAdmin needs to listen on redirection url so that the user can
>> sign in and obtain the auth_code.
>> 3 . PgAdmin needs to send the auth_code to libpq  during the oauth flow.
>> 4. Libpq sends the  refresh_token  to PgAdmin ( and used in future to
>> get the access_token in which case PgAdmin sends it to libpq).
>>
>> Can you suggest what would be the best way to do this?
>>
> We have configured the Oauth2 authentication in pgAdmin only for login to the pgAdmin app, not for the database.
> You can check the Oauth module but my suggestion is that, first you try with a simple python script for your POC,
afterthat you can try with pgAdmin.
 
>
Okay.
>> Thanks,
>> Mahendrakar.
>>
>>

Re: Making changes to PgAdmin for the OAuth flow PoC with Postgres

От
Khushboo Vashi
Дата:


On Fri, Nov 18, 2022 at 11:06 AM mahendrakar s <mahendrakarforpg@gmail.com> wrote:
On Fri, 18 Nov 2022 at 10:39, Khushboo Vashi
<khushboo.vashi@enterprisedb.com> wrote:
>
> Hi,
>
> On Fri, Nov 18, 2022 at 9:47 AM mahendrakar s <mahendrakarforpg@gmail.com> wrote:
>>
>> Hi PgAdmin Hackers,
>>
>>  I am working on oauth poc with Postgres, here the flow is:
>> Authentication Code with pkce
>>
> As per my knowledge, Postgres doesn't support Oauth2 authentication to connect a database server directly, of course the other way is you can configure PEM authentication and then use it.
>
I'm working with pg community for oauth support on postgres and this
is the PoC which I'm working on as mentioned earlier.

>> In this flow, I need to configure or make changes to PgAdmin to
>>
>> 1. Pass additional parameters in the connection string like below for psql:
>>    ./psql  -U mahendrakars@microsoft.com -d 'dbname=postgres
>> oauth_client_id=xxxx oauth_client_secret=xxx
>> oauth_flow_type=auth_code'
>
> Did this work?
Yes, with my PoC changes in postgres, it works.
Great.
It will take time to make changes for Oauth2 DB connection in pgAdmin, If you are willing to do it then let me know I will guide you.
>>
>>     I am not sure how to pass these params in PgAdmin or configure it
>> to pass them.
>>
>> 2. PgAdmin needs to listen on redirection url so that the user can
>> sign in and obtain the auth_code.
>> 3 . PgAdmin needs to send the auth_code to libpq  during the oauth flow.
>> 4. Libpq sends the  refresh_token  to PgAdmin ( and used in future to
>> get the access_token in which case PgAdmin sends it to libpq).
>>
>> Can you suggest what would be the best way to do this?
>>
> We have configured the Oauth2 authentication in pgAdmin only for login to the pgAdmin app, not for the database.
> You can check the Oauth module but my suggestion is that, first you try with a simple python script for your POC, after that you can try with pgAdmin.
>
Okay.
>> Thanks,
>> Mahendrakar.
>>
>>