From 2b20c4565f2f976f9c692579a43fcca151a0c48c Mon Sep 17 00:00:00 2001 From: Eric Chiang Date: Thu, 17 Nov 2016 10:53:11 -0800 Subject: [PATCH] *: remove TODO.md file This existed for when we were developing v2 but v1 was using the issue tracker. We've since moved these goals to the issue tracker. --- TODO.md | 50 -------------------------------------------------- 1 file changed, 50 deletions(-) delete mode 100644 TODO.md diff --git a/TODO.md b/TODO.md deleted file mode 100644 index e67bea30..00000000 --- a/TODO.md +++ /dev/null @@ -1,50 +0,0 @@ -TODOs in no particular order - -OpenID Connect / OAuth2 - -- [ ] Let clients require signing algorithms (see id_token_signed_response_alg) -- [ ] Support ECDSA keys -- [ ] Support client_secret_jwt client authentication -- [ ] Add a "NextSigningKey" to the storage.Keys type so clients can cache more aggressively -- [ ] Support grant_type=password - -Connectors - -- [ ] Port BitBucket connector -- [ ] Port UAA connector -- [ ] Simplify LDAP connector configuration -- [ ] Create proposal for a minimal "local" connector implementation - -User self-management - -- [ ] Implement the user object proposal -- [ ] Provide user profile page -- [ ] Let user's merge accounts when they have multiple remote identities -- [ ] Let user's revoke clients with refresh tokens - -Documentation - -- [ ] Describe motivation for a V2 -- [ ] Add OpenID Connect client library suggestions -- [ ] Add getting started guide -- [ ] Add more connector documentation - - [ ] Include instructions for getting client credentials for upstream provider -- [ ] Improve Kubernetes documentation and include client auth provider docs - -Storage - -- [x] Add SQL storage implementation -- [ ] Utilize fixes for third party resources in Kubernetes 1.4 - -UX - -- [ ] Add 500 and 404 pages -- [ ] Add an OBB template -- [ ] Set an HTTP cookie so users aren't constantly reprompted for passwords -- [ ] Add proposal for letting others style existing HTML templates -- [ ] Support serving arbitrary static assets - -Backend - -- [ ] Improve logging, possibly switch to logrus -- [ ] Standardize OAuth2 error handling