oauth-curl.h File Reference

#include "libpq-fe.h"

Include dependency graph for oauth-curl.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Functions
PGDLLEXPORT int	pg_start_oauthbearer (PGconn *conn, PGoauthBearerRequestV2 *request)

Function Documentation

pg_start_oauthbearer()

PGDLLEXPORT int pg_start_oauthbearer ( PGconn *  conn, PGoauthBearerRequestV2 *  request  )

extern

Definition at line 3067 of file oauth-curl.c.

{
    struct async_ctx *actx;
    PQconninfoOption *conninfo = NULL;
 
    if (!initialize_curl(request))
        return -1;
 
    /*
     * Create our asynchronous state, and hook it into the upper-level OAuth
     * state immediately, so any failures below won't leak the context
     * allocation.
     */
    actx = calloc(1, sizeof(*actx));
    if (!actx)
        goto oom;
 
    actx->mux = PGINVALID_SOCKET;
    actx->timerfd = -1;
 
    /*
     * Now we have a valid (but still useless) actx, so we can fill in the
     * request object. From this point onward, failures will result in a call
     * to pg_fe_cleanup_oauth_flow(). Further cleanup logic belongs there.
     */
    request->v1.async = pg_fe_run_oauth_flow;
    request->v1.cleanup = pg_fe_cleanup_oauth_flow;
    request->v1.user = actx;
 
    /*
     * Now finish filling in the actx.
     */
 
    /* Should we enable unsafe features? */
    actx->debugging = oauth_unsafe_debugging_enabled();
 
    initPQExpBuffer(&actx->work_data);
    initPQExpBuffer(&actx->errbuf);
 
    /* Pull relevant connection options. */
    conninfo = PQconninfo(conn);
    if (!conninfo)
        goto oom;
 
    for (PQconninfoOption *opt = conninfo; opt->keyword; opt++)
    {
        if (!opt->val)
            continue;           /* simplifies the strdup logic below */
 
        if (strcmp(opt->keyword, "oauth_client_id") == 0)
        {
            actx->client_id = strdup(opt->val);
            if (!actx->client_id)
                goto oom;
        }
        else if (strcmp(opt->keyword, "oauth_client_secret") == 0)
        {
            actx->client_secret = strdup(opt->val);
            if (!actx->client_secret)
                goto oom;
        }
    }
 
    PQconninfoFree(conninfo);
    conninfo = NULL;            /* keeps `goto oom` safe */
 
    actx->discovery_uri = request->v1.openid_configuration;
    actx->issuer_id = request->issuer;
    actx->scope = request->v1.scope;
 
    Assert(actx->client_id);    /* ensured by setup_oauth_parameters() */
    Assert(actx->issuer_id);    /* ensured by setup_oauth_parameters() */
    Assert(actx->discovery_uri);    /* ensured by oauth_exchange() */
 
    if (!setup_multiplexer(actx))
    {
        append_actx_error(request, actx);
        return -1;
    }
 
    if (!setup_curl_handles(actx))
    {
        append_actx_error(request, actx);
        return -1;
    }
 
    return 0;
 
oom:
    if (conninfo)
        PQconninfoFree(conninfo);
 
    request->error = libpq_gettext("out of memory");
    return -1;
}

References append_actx_error(), Assert, calloc, conn, fb(), initialize_curl(), initPQExpBuffer(), _PQconninfoOption::keyword, libpq_gettext, oauth_unsafe_debugging_enabled(), pg_fe_cleanup_oauth_flow(), pg_fe_run_oauth_flow(), PGINVALID_SOCKET, PQconninfo(), PQconninfoFree(), setup_curl_handles(), and setup_multiplexer().