forked from mystiq/dex
1.5 KiB
1.5 KiB
TODOs in no particular order
OpenID Connect / OAuth2
- Let clients require signing algorithms (see id_token_signed_response_alg)
- Support ECDSA keys
- Support client_secret_jwt client authentication
- Add a "NextSigningKey" to the storage.Keys type so clients can cache more aggressively
- Support grant_type=password
Connectors
- Port BitBucket connector
- Port UAA connector
- Simplify LDAP connector configuration
- Create proposal for a minimal "local" connector implementation
User self-management
- Implement the user object proposal
- Provide user profile page
- Let user's merge accounts when they have multiple remote identities
- Let user's revoke clients with refresh tokens
Documentation
- Describe motivation for a V2
- Add OpenID Connect client library suggestions
- Add getting started guide
- Add more connector documentation
- Include instructions for getting client credentials for upstream provider
- Improve Kubernetes documentation and include client auth provider docs
Storage
- Add SQL storage implementation
- Utilize fixes for third party resources in Kubernetes 1.4
UX
- Add 500 and 404 pages
- Add an OBB template
- Set an HTTP cookie so users aren't constantly reprompted for passwords
- Add proposal for letting others style existing HTML templates
- Support serving arbitrary static assets
Backend
- Improve logging, possibly switch to logrus
- Standardize OAuth2 error handling