From 3bfaa25649e1cd3bb408a864bdeb18638f1c5cfb Mon Sep 17 00:00:00 2001
From: Thomas Munro <thomas.munro@enterprisedb.com>
Date: Wed, 4 Jul 2018 16:11:32 +1200
Subject: [PATCH] Call AcceptInvalidationMessages() after authenticating.

If the authentication module modified the system catalogs through a
separate database connection (say, to create a new role on the fly),
allow InitializeSessionUserId() to see the change.

Author: Thomas Munro
Reviewed-by: Andres Freund
Discussion: https://postgr.es/m/CAEepm%3D3_h0_cgmz5PMyab4xk_OFrg6G5VCN%3DnF4chFXM9iFOqA%40mail.gmail.com
---
 src/backend/utils/init/postinit.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/backend/utils/init/postinit.c b/src/backend/utils/init/postinit.c
index 09e0df290dd..e096455952e 100644
--- a/src/backend/utils/init/postinit.c
+++ b/src/backend/utils/init/postinit.c
@@ -53,6 +53,7 @@
 #include "utils/acl.h"
 #include "utils/fmgroids.h"
 #include "utils/guc.h"
+#include "utils/inval.h"
 #include "utils/memutils.h"
 #include "utils/pg_locale.h"
 #include "utils/portal.h"
@@ -745,6 +746,12 @@ InitPostgres(const char *in_dbname, Oid dboid, const char *username,
 		/* normal multiuser case */
 		Assert(MyProcPort != NULL);
 		PerformAuthentication(MyProcPort);
+		/*
+		 * An external authentication mechanism might have created a role on
+		 * the fly via another connection, so make sure we can see it in the
+		 * catalogs by handling any invalidation messages now.
+		 */
+		AcceptInvalidationMessages();
 		InitializeSessionUserId(username, useroid);
 		am_superuser = superuser();
 	}
-- 
2.17.0