dex/TODO.md
2016-10-04 00:30:30 -07:00

1.5 KiB

TODOs in no particular order

OpenID Connect / OAuth2

  • Let clients require signing algorithms (see id_token_signed_response_alg)
  • Support ECDSA keys
  • Support client_secret_jwt client authentication
  • Add a "NextSigningKey" to the storage.Keys type so clients can cache more aggressively
  • Support grant_type=password

Connectors

  • Port BitBucket connector
  • Port UAA connector
  • Simplify LDAP connector configuration
  • Create proposal for a minimal "local" connector implementation

User self-management

  • Implement the user object proposal
  • Provide user profile page
  • Let user's merge accounts when they have multiple remote identities
  • Let user's revoke clients with refresh tokens

Documentation

  • Describe motivation for a V2
  • Add OpenID Connect client library suggestions
  • Add getting started guide
  • Add more connector documentation
    • Include instructions for getting client credentials for upstream provider
  • Improve Kubernetes documentation and include client auth provider docs

Storage

  • Add SQL storage implementation
  • Utilize fixes for third party resources in Kubernetes 1.4

UX

  • Add 500 and 404 pages
  • Add an OBB template
  • Set an HTTP cookie so users aren't constantly reprompted for passwords
  • Add proposal for letting others style existing HTML templates
  • Support serving arbitrary static assets

Backend

  • Improve logging, possibly switch to logrus
  • Standardize OAuth2 error handling