PostgreSQL Source Code git master
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Pages
validator.c File Reference
#include "postgres.h"
#include "fmgr.h"
#include "libpq/oauth.h"
#include "miscadmin.h"
#include "utils/guc.h"
#include "utils/memutils.h"
Include dependency graph for validator.c:

Go to the source code of this file.

Macros

#define PRIVATE_COOKIE   ((void *) 13579)
 

Functions

static void validator_startup (ValidatorModuleState *state)
 
static void validator_shutdown (ValidatorModuleState *state)
 
static bool validate_token (const ValidatorModuleState *state, const char *token, const char *role, ValidatorModuleResult *result)
 
void _PG_init (void)
 
const OAuthValidatorCallbacks_PG_oauth_validator_module_init (void)
 

Variables

 PG_MODULE_MAGIC
 
static const OAuthValidatorCallbacks validator_callbacks
 
static char * authn_id = NULL
 
static bool authorize_tokens = true
 

Macro Definition Documentation

◆ PRIVATE_COOKIE

#define PRIVATE_COOKIE   ((void *) 13579)

Definition at line 87 of file validator.c.

Function Documentation

◆ _PG_init()

void _PG_init ( void  )

Definition at line 56 of file validator.c.

57{
58 DefineCustomStringVariable("oauth_validator.authn_id",
59 "Authenticated identity to use for future connections",
60 NULL,
61 &authn_id,
62 NULL,
64 0,
65 NULL, NULL, NULL);
66 DefineCustomBoolVariable("oauth_validator.authorize_tokens",
67 "Should tokens be marked valid?",
68 NULL,
70 true,
72 0,
73 NULL, NULL, NULL);
74
75 MarkGUCPrefixReserved("oauth_validator");
76}
void DefineCustomStringVariable(const char *name, const char *short_desc, const char *long_desc, char **valueAddr, const char *bootValue, GucContext context, int flags, GucStringCheckHook check_hook, GucStringAssignHook assign_hook, GucShowHook show_hook)
Definition: guc.c:5218
void DefineCustomBoolVariable(const char *name, const char *short_desc, const char *long_desc, bool *valueAddr, bool bootValue, GucContext context, int flags, GucBoolCheckHook check_hook, GucBoolAssignHook assign_hook, GucShowHook show_hook)
Definition: guc.c:5132
void MarkGUCPrefixReserved(const char *className)
Definition: guc.c:5279
@ PGC_SIGHUP
Definition: guc.h:75
static bool authorize_tokens
Definition: validator.c:42
static char * authn_id
Definition: validator.c:41

References authn_id, authorize_tokens, DefineCustomBoolVariable(), DefineCustomStringVariable(), MarkGUCPrefixReserved(), and PGC_SIGHUP.

◆ _PG_oauth_validator_module_init()

const OAuthValidatorCallbacks * _PG_oauth_validator_module_init ( void  )

Definition at line 82 of file validator.c.

83{
84 return &validator_callbacks;
85}
static const OAuthValidatorCallbacks validator_callbacks
Definition: validator.c:32

References validator_callbacks.

◆ validate_token()

static bool validate_token ( const ValidatorModuleState state,
const char *  token,
const char *  role,
ValidatorModuleResult result 
)
static

Definition at line 122 of file validator.c.

125{
126 /* Check to make sure our private state still exists. */
127 if (state->private_data != PRIVATE_COOKIE)
128 elog(ERROR, "oauth_validator: private state cookie changed to %p in validate",
129 state->private_data);
130
131 elog(LOG, "oauth_validator: token=\"%s\", role=\"%s\"", token, role);
132 elog(LOG, "oauth_validator: issuer=\"%s\", scope=\"%s\"",
135
136 res->authorized = authorize_tokens;
137 if (authn_id)
138 res->authn_id = pstrdup(authn_id);
139 else
140 res->authn_id = pstrdup(role);
141
142 return true;
143}
#define LOG
Definition: elog.h:31
#define ERROR
Definition: elog.h:39
#define elog(elevel,...)
Definition: elog.h:225
struct Port * MyProcPort
Definition: globals.c:50
char * pstrdup(const char *in)
Definition: mcxt.c:1699
char * oauth_issuer
Definition: hba.h:139
char * oauth_scope
Definition: hba.h:140
HbaLine * hba
Definition: libpq-be.h:168
Definition: regguts.h:323
#define PRIVATE_COOKIE
Definition: validator.c:87

References ValidatorModuleResult::authn_id, authn_id, authorize_tokens, ValidatorModuleResult::authorized, elog, ERROR, Port::hba, LOG, MyProcPort, HbaLine::oauth_issuer, HbaLine::oauth_scope, PRIVATE_COOKIE, and pstrdup().

◆ validator_shutdown()

static void validator_shutdown ( ValidatorModuleState state)
static

Definition at line 109 of file validator.c.

110{
111 /* Check to make sure our private state still exists. */
112 if (state->private_data != PRIVATE_COOKIE)
113 elog(PANIC, "oauth_validator: private state cookie changed to %p in shutdown",
114 state->private_data);
115}
#define PANIC
Definition: elog.h:42

References elog, PANIC, and PRIVATE_COOKIE.

◆ validator_startup()

static void validator_startup ( ValidatorModuleState state)
static

Definition at line 93 of file validator.c.

94{
95 /*
96 * Make sure the server is correctly setting sversion. (Real modules
97 * should not do this; it would defeat upgrade compatibility.)
98 */
99 if (state->sversion != PG_VERSION_NUM)
100 elog(ERROR, "oauth_validator: sversion set to %d", state->sversion);
101
102 state->private_data = PRIVATE_COOKIE;
103}

References elog, ERROR, and PRIVATE_COOKIE.

Variable Documentation

◆ authn_id

char* authn_id = NULL
static

◆ authorize_tokens

bool authorize_tokens = true
static

Definition at line 42 of file validator.c.

Referenced by _PG_init(), and validate_token().

◆ PG_MODULE_MAGIC

PG_MODULE_MAGIC

Definition at line 22 of file validator.c.

◆ validator_callbacks

const OAuthValidatorCallbacks validator_callbacks
static
Initial value:
= {
.startup_cb = validator_startup,
.shutdown_cb = validator_shutdown,
.validate_cb = validate_token
}
#define PG_OAUTH_VALIDATOR_MAGIC
Definition: oauth.h:74
static void validator_startup(ValidatorModuleState *state)
Definition: validator.c:93
static void validator_shutdown(ValidatorModuleState *state)
Definition: validator.c:109
static bool validate_token(const ValidatorModuleState *state, const char *token, const char *role, ValidatorModuleResult *result)
Definition: validator.c:122

Definition at line 32 of file validator.c.

Referenced by _PG_oauth_validator_module_init().