SQL-65: Add password authentication to HTTP/WS server for OIDC#35185
Open
SangJunBak wants to merge 2 commits intoMaterializeInc:mainfrom
Open
SQL-65: Add password authentication to HTTP/WS server for OIDC#35185SangJunBak wants to merge 2 commits intoMaterializeInc:mainfrom
SangJunBak wants to merge 2 commits intoMaterializeInc:mainfrom
Conversation
|
Thanks for opening this PR! Here are a few tips to help make the review process smooth for everyone. PR title guidelines
Pre-merge checklist
|
SangJunBak
force-pushed
the
jun/implement-http-ws-oidc
branch
3 times, most recently
from
5d3b256 to
246b641
Compare
SangJunBak
requested review from
ggevay and
teskje
and removed request for
ggevay
SangJunBak
force-pushed
the
jun/implement-http-ws-oidc
branch
from
246b641 to
d4b5928
Compare
teskje
reviewed
Feb 26, 2026
src/environmentd/src/lib.rs
Outdated
| tls, | ||
| authenticator_kind, | ||
| authenticator_rx, | ||
| frontegg_rx: authenticator_frontegg_rx.clone(), |
Contributor
There was a problem hiding this comment.
Why do we need a channel here? Can't we just pass the frontegg authenticator directly?
Contributor
Author
There was a problem hiding this comment.
Good catch! I think I was simply focused on getting rid of the channels for the other authenticators that were small shims over adapter_client. Passed the frontegg authenticator directly in the latest commit
Replace the four per-kind oneshot channels (frontegg, password, oidc, none) with just two — frontegg (optional) and oidc — since Password, Sasl, and None authenticators don't require async initialization. Introduce `get_authenticator` in http.rs to select the authenticator at request time based on AuthenticatorKind and credentials, falling back to Authenticator::Password for OIDC when password credentials are presented.
SangJunBak
force-pushed
the
jun/implement-http-ws-oidc
branch
from
d4b5928 to
f8f754e
Compare
- The channel is redundant. Replaced with what we were sending - Changed from borrowing to ownership for WebSocket initialization state
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Stacked off #34891
Motivation
Closes sql-65
Description
Adds password authentication to HTTP/WS server for OIDC authentication
Verification
Created tests for fallback