oauth__hook__client_8c_source.html

/*-------------------------------------------------------------------------

 *

 * oauth_hook_client.c

 *      Test driver for t/002_client.pl, which verifies OAuth hook

 *      functionality in libpq.

 *

 * Portions Copyright (c) 1996-2026, PostgreSQL Global Development Group

 * Portions Copyright (c) 1994, Regents of the University of California

 *

 *

 * IDENTIFICATION

 *      src/test/modules/oauth_validator/oauth_hook_client.c

 *

 *-------------------------------------------------------------------------

 */


#include "postgres_fe.h"


#include <sys/socket.h>


#include "getopt_long.h"

#include "libpq-fe.h"


static int  handle_auth_data(PGauthData type, PGconn *conn, void *data);

static PostgresPollingStatusType async_cb(PGconn *conn,

                                          PGoauthBearerRequest *req,

                                          pgsocket *altsock);

static PostgresPollingStatusType misbehave_cb(PGconn *conn,

                                              PGoauthBearerRequest *req,

                                              pgsocket *altsock);


static void


usage(char *argv[])

{

    printf("usage: %s [flags] CONNINFO\n\n", argv[0]);


    printf("recognized flags:\n");

    printf("  -h, --help              show this message\n");

    printf("  --expected-scope SCOPE  fail if received scopes do not match SCOPE\n");

    printf("  --expected-uri URI      fail if received configuration link does not match URI\n");

    printf("  --misbehave=MODE        have the hook fail required postconditions\n"

           "                          (MODEs: no-hook, fail-async, no-token, no-socket)\n");

    printf("  --no-hook               don't install OAuth hooks\n");

    printf("  --hang-forever          don't ever return a token (combine with connect_timeout)\n");

    printf("  --token TOKEN           use the provided TOKEN value\n");

    printf("  --stress-async          busy-loop on PQconnectPoll rather than polling\n");

}


/* --options */

static bool no_hook = false;

static bool hang_forever = false;

static bool stress_async = false;

static const char *expected_uri = NULL;

static const char *expected_scope = NULL;

static const char *misbehave_mode = NULL;

static char *token = NULL;


int


main(int argc, char *argv[])

{

    static const struct option long_options[] = {

        {"help", no_argument, NULL, 'h'},


        {"expected-scope", required_argument, NULL, 1000},

        {"expected-uri", required_argument, NULL, 1001},

        {"no-hook", no_argument, NULL, 1002},

        {"token", required_argument, NULL, 1003},

        {"hang-forever", no_argument, NULL, 1004},

        {"misbehave", required_argument, NULL, 1005},

        {"stress-async", no_argument, NULL, 1006},

        {0}

    };


    const char *conninfo;

    PGconn     *conn;

    int         c;


    while ((c = getopt_long(argc, argv, "h", long_options, NULL)) != -1)

    {

        switch (c)

        {

            case 'h':

                usage(argv);

                return 0;


            case 1000:          /* --expected-scope */

                expected_scope = optarg;

                break;


            case 1001:          /* --expected-uri */

                expected_uri = optarg;

                break;


            case 1002:          /* --no-hook */

                no_hook = true;

                break;


            case 1003:          /* --token */

                token = optarg;

                break;


            case 1004:          /* --hang-forever */

                hang_forever = true;

                break;


            case 1005:          /* --misbehave */

                misbehave_mode = optarg;

                break;


            case 1006:          /* --stress-async */

                stress_async = true;

                break;


            default:

                usage(argv);

                return 1;

        }

    }


    if (argc != optind + 1)

    {

        usage(argv);

        return 1;

    }


    conninfo = argv[optind];


    /* Set up our OAuth hooks. */

    PQsetAuthDataHook(handle_auth_data);


    /* Connect. (All the actual work is in the hook.) */

    if (stress_async)

    {

        /*

         * Perform an asynchronous connection, busy-looping on PQconnectPoll()

         * without actually waiting on socket events. This stresses code paths

         * that rely on asynchronous work to be done before continuing with

         * the next step in the flow.

         */

        PostgresPollingStatusType res;


        conn = PQconnectStart(conninfo);


        do

        {

            res = PQconnectPoll(conn);

        } while (res != PGRES_POLLING_FAILED && res != PGRES_POLLING_OK);

    }

    else

    {

        /* Perform a standard synchronous connection. */

        conn = PQconnectdb(conninfo);

    }


    if (PQstatus(conn) != CONNECTION_OK)

    {

        fprintf(stderr, "connection to database failed: %s\n",

                PQerrorMessage(conn));

        PQfinish(conn);

        return 1;

    }


    printf("connection succeeded\n");

    PQfinish(conn);

    return 0;

}


/*

 * PQauthDataHook implementation. Replaces the default client flow by handling

 * PQAUTHDATA_OAUTH_BEARER_TOKEN.

 */

static int


handle_auth_data(PGauthData type, PGconn *conn, void *data)

{

    PGoauthBearerRequest *req = data;


    if (no_hook || (type != PQAUTHDATA_OAUTH_BEARER_TOKEN))

        return 0;


    if (hang_forever)

    {

        /* Start asynchronous processing. */

        req->async = async_cb;

        return 1;

    }


    if (misbehave_mode)

    {

        if (strcmp(misbehave_mode, "no-hook") != 0)

            req->async = misbehave_cb;

        return 1;

    }


    if (expected_uri)

    {

        if (!req->openid_configuration)

        {

            fprintf(stderr, "expected URI \"%s\", got NULL\n", expected_uri);

            return -1;

        }


        if (strcmp(expected_uri, req->openid_configuration) != 0)

        {

            fprintf(stderr, "expected URI \"%s\", got \"%s\"\n", expected_uri, req->openid_configuration);

            return -1;

        }

    }


    if (expected_scope)

    {

        if (!req->scope)

        {

            fprintf(stderr, "expected scope \"%s\", got NULL\n", expected_scope);

            return -1;

        }


        if (strcmp(expected_scope, req->scope) != 0)

        {

            fprintf(stderr, "expected scope \"%s\", got \"%s\"\n", expected_scope, req->scope);

            return -1;

        }

    }


    req->token = token;

    return 1;

}


static PostgresPollingStatusType


async_cb(PGconn *conn, PGoauthBearerRequest *req, pgsocket *altsock)

{

    if (hang_forever)

    {

        /*

         * This code tests that nothing is interfering with libpq's handling

         * of connect_timeout.

         */

        static pgsocket sock = PGINVALID_SOCKET;


        if (sock == PGINVALID_SOCKET)

        {

            /* First call. Create an unbound socket to wait on. */

#ifdef WIN32

            WSADATA     wsaData;

            int         err;


            err = WSAStartup(MAKEWORD(2, 2), &wsaData);

            if (err)

            {

                perror("WSAStartup failed");

                return PGRES_POLLING_FAILED;

            }

#endif

            sock = socket(AF_INET, SOCK_DGRAM, 0);

            if (sock == PGINVALID_SOCKET)

            {

                perror("failed to create datagram socket");

                return PGRES_POLLING_FAILED;

            }

        }


        /* Make libpq wait on the (unreadable) socket. */

        *altsock = sock;

        return PGRES_POLLING_READING;

    }


    req->token = token;

    return PGRES_POLLING_OK;

}


static PostgresPollingStatusType


misbehave_cb(PGconn *conn, PGoauthBearerRequest *req, pgsocket *altsock)

{

    if (strcmp(misbehave_mode, "fail-async") == 0)

    {

        /* Just fail "normally". */

        return PGRES_POLLING_FAILED;

    }

    else if (strcmp(misbehave_mode, "no-token") == 0)

    {

        /* Callbacks must assign req->token before returning OK. */

        return PGRES_POLLING_OK;

    }

    else if (strcmp(misbehave_mode, "no-socket") == 0)

    {

        /* Callbacks must assign *altsock before asking for polling. */

        return PGRES_POLLING_READING;

    }

    else

    {

        fprintf(stderr, "unrecognized --misbehave mode: %s\n", misbehave_mode);

        exit(1);

    }

}


main
int main(void)
Definition compat_informix-charfuncs.c:16

fprintf
#define fprintf(file, fmt, msg)
Definition cubescan.l:21

err
void err(int eval, const char *fmt,...)
Definition err.c:43

PQsetAuthDataHook
void PQsetAuthDataHook(PQauthDataHook_type hook)
Definition fe-auth.c:1595

PQconnectdb
PGconn * PQconnectdb(const char *conninfo)
Definition fe-connect.c:825

PQconnectPoll
PostgresPollingStatusType PQconnectPoll(PGconn *conn)
Definition fe-connect.c:2922

PQstatus
ConnStatusType PQstatus(const PGconn *conn)
Definition fe-connect.c:7641

PQconnectStart
PGconn * PQconnectStart(const char *conninfo)
Definition fe-connect.c:953

PQfinish
void PQfinish(PGconn *conn)
Definition fe-connect.c:5316

PQerrorMessage
char * PQerrorMessage(const PGconn *conn)
Definition fe-connect.c:7704

getopt_long.h

getopt_long
int getopt_long(int argc, char *const argv[], const char *optstring, const struct option *longopts, int *longindex)
Definition getopt_long.c:60

no_argument
#define no_argument
Definition getopt_long.h:25

required_argument
#define required_argument
Definition getopt_long.h:26

libpq-fe.h

CONNECTION_OK
@ CONNECTION_OK
Definition libpq-fe.h:84

PostgresPollingStatusType
PostgresPollingStatusType
Definition libpq-fe.h:114

PGRES_POLLING_OK
@ PGRES_POLLING_OK
Definition libpq-fe.h:118

PGRES_POLLING_READING
@ PGRES_POLLING_READING
Definition libpq-fe.h:116

PGRES_POLLING_FAILED
@ PGRES_POLLING_FAILED
Definition libpq-fe.h:115

PGauthData
PGauthData
Definition libpq-fe.h:193

PQAUTHDATA_OAUTH_BEARER_TOKEN
@ PQAUTHDATA_OAUTH_BEARER_TOKEN
Definition libpq-fe.h:196

misbehave_cb
static PostgresPollingStatusType misbehave_cb(PGconn *conn, PGoauthBearerRequest *req, pgsocket *altsock)
Definition oauth_hook_client.c:271

token
static char * token
Definition oauth_hook_client.c:56

expected_scope
static const char * expected_scope
Definition oauth_hook_client.c:54

stress_async
static bool stress_async
Definition oauth_hook_client.c:52

expected_uri
static const char * expected_uri
Definition oauth_hook_client.c:53

misbehave_mode
static const char * misbehave_mode
Definition oauth_hook_client.c:55

async_cb
static PostgresPollingStatusType async_cb(PGconn *conn, PGoauthBearerRequest *req, pgsocket *altsock)
Definition oauth_hook_client.c:229

no_hook
static bool no_hook
Definition oauth_hook_client.c:50

handle_auth_data
static int handle_auth_data(PGauthData type, PGconn *conn, void *data)
Definition oauth_hook_client.c:173

hang_forever
static bool hang_forever
Definition oauth_hook_client.c:51

usage
static void usage(void)
Definition pg_archivecleanup.c:258

data
const void * data
Definition pg_crc32c_sse42.c:27

optind
PGDLLIMPORT int optind
Definition getopt.c:51

optarg
PGDLLIMPORT char * optarg
Definition getopt.c:53

pgsocket
int pgsocket
Definition port.h:29

PGINVALID_SOCKET
#define PGINVALID_SOCKET
Definition port.h:31

printf
#define printf(...)
Definition port.h:266

postgres_fe.h

c
char * c
Definition preproc-cursor.c:31

fb
static int fb(int x)
Definition preproc-init.c:92

socket.h

conn
PGconn * conn
Definition streamutil.c:52

PGoauthBearerRequest
Definition libpq-fe.h:753

PGoauthBearerRequest::async
PostgresPollingStatusType(* async)(PGconn *conn, struct PGoauthBearerRequest *request, PQ_SOCKTYPE *altsock)
Definition libpq-fe.h:779

option
Definition getopt_long.h:18

pg_conn
Definition libpq-int.h:372

token
Definition oauth-curl.c:192

type
const char * type
Definition wait_event_funcs.c:27

socket
#define socket(af, type, protocol)
Definition win32_port.h:495