Hi Florian, As Dave mentioned, we use the user's password as an encryption key for saving Postgres passwords, and we do so by maintaining KeyManager. As for OAuth implementation, you do not have a password, you need to bypass this step ( and that is the reason you are being redirected to the login page because of no secret key). Check the code at line no 713 in https://github.com/FlorianJSa/pgadmin4/blob/OAuth2/web/pgadmin/__init__.py which is causing logout for you.
Thanks, Khushboo On Mon, Mar 29, 2021 at 1:57 PM Dave Page <dp...@pgadmin.org> wrote: > Hi > > On Mon, Mar 29, 2021 at 9:21 AM Florian Sabonchi <sabon...@posteo.de> > wrote: > >> Hello I would like to integrate OAuth in PG-Admin. Unfortunately I have >> the error that I am redirected back to the home page. Unfortunately I >> could not find this error, what surprises me is that >> current_user.is_authenticated is set to True. For this reason I just >> wanted to ask maybe someone knows what the problem is. You can find my >> source code here: >> >> >> https://github.com/FlorianJSa/pgadmin4/blob/OAuth2/web/pgadmin/authenticate/__init__.py >> >> >> I would be very happy if someone could help me with this problem. >> Because I unfortunately have no idea what this could be for an issue >> > > Khushboo (CC'd) is most familiar with this code as she wrote the plugin > auth system - hopefully she can help point you in the right direction. > > However; we have discussed OAuth briefly in the past and never quite > figured out what to do about saving Postgres passwords. Have you thought > about that? The issue is that we won't have anything secret to use in an > encryption key as pgAdmin won't see the user's password. We have the same > issue with Kerberos, however the solution we came up with there was to > simply disable password saving which is fine because in most environments > the user will use Kerberos to authenticate to Postgres anyway (which > Khushboo is working on right now). > > -- > Dave Page > Blog: http://pgsnake.blogspot.com > Twitter: @pgsnake > > EDB: http://www.enterprisedb.com > >
