On Mon, Jan 26, 2026 at 2:17 PM Jacob Champion <[email protected]> wrote: > For that code path I suspect we could get rid of the entire message, > because of what you mentioned later: auth_failed() is already going to > give us that. The validator can log what's important if needed, or > not. We could add some DEBUGs, maybe, so that you can still figure out > what's going on if a validator fails silently?
I only just remembered that this is exactly what logdetail is designed to do. It's passed in from CheckSASLAuth, but OAuth doesn't make use of it. (My original patchset carried a TODO for this for a long time, but I lost it at some point...) I have a parallel patchset that also needs logdetail, so this fix can piggyback on some of that work. --Jacob
