This looks like nice patch addressing real issue in log analyzing. Basic idea seems correct to me WRT OAuth, but I'm not a real expert in auth.
> On 25 Feb 2026, at 18:14, Zsolt Parragi <[email protected]> wrote: > > It can't, because the if is based on ctx->state. If I move it to > before the if, I have to save the previous value, which just makes the > code longer. Well, you can do something in a line with bool was_discovery = (ctx->state == OAUTH_STATE_ERROR_DISCOVERY); ctx->state = OAUTH_STATE_FINISHED; if (was_discovery) { } But it's a matter of taste. Your code is correct anyway. We can tweak comments a bit in sasl.h: /*--------- * exchange() * * Produces a server challenge to be sent to the client. The callback * must return one of the PG_SASL_EXCHANGE_* values, depending on * whether the exchange continues, has finished successfully, or has * failed. <---- , or was abandoned by the client. * a successful outcome). The callback should set this to * NULL if the exchange is over and no output should be sent, * which should correspond to either PG_SASL_EXCHANGE_FAILURE * or a PG_SASL_EXCHANGE_SUCCESS with no outcome data. <----- or ABANDONED * failure message.) Ignored if the exchange is completed * with PG_SASL_EXCHANGE_SUCCESS. <------ or ABANDONED That's all what I could grep. And thanks for your review in my thread! Best regards, Andrey Borodin.
