*: add TODO

While the issue tracker is being used for the master branch, add a TODO file to record work to do on this branch. Issues are currently unprioritized and do not indicate requirements for any particular milestone.

*: add TODO
While the issue tracker is being used for the master branch, add a TODO file to record work to do on this branch. Issues are currently unprioritized and do not indicate requirements for any particular milestone.
3b0e1074 · Eric Chiang · 6564c15d · 3b0e1074
Commit 3b0e1074 authored Aug 25, 2016 by Eric Chiang
Hide whitespace changes
Inline Side-by-side

Showing with 59 additions and 0 deletions

TODO.md TODO.md +59 -0

No files found.
--- a/TODO.md
+++ b/TODO.md
+TODOs in no particular order
+
+OpenID Connect / OAuth2
+
+- [ ] Let clients require signing algorithms (see id_token_signed_response_alg)
+- [ ] Support ECDSA keys
+- [ ] Support client_secret_jwt client authentication
+- [ ] Add a "NextSigningKey" to the storage.Keys type so clients can cache more aggressively
+- [ ] Support grant_type=password
+
+API
+
+- [ ] Determine best way to expose an API
+  - [ ] Use access tokens so we don't expose the underlying credentials implementation
+  - [ ] Support grant_type=client_credentials so clients can operate on their own
+  - [ ] Figure out a spec for the access tokens so other services can use them
+- [ ] Group API, ability to list groups, members, etc.
+- [ ] Expose capabilities of the server (implicit support, group API, etc.)
+
+Connectors
+
+- [ ] Port BitBucket connector
+- [ ] Port UAA connector
+- [ ] Simplify LDAP connector configuration
+- [ ] Create proposal for a minimal "local" connector implementation
+
+User self-management
+
+- [ ] Implement the user object proposal
+- [ ] Provide user profile page
+- [ ] Let user's merge accounts when they have multiple remote identities
+- [ ] Let user's revoke clients with refresh tokens
+
+Documentation
+
+- [ ] Describe motivation for a V2
+- [ ] Add OpenID Connect client library suggestions
+- [ ] Add getting started guide
+- [ ] Add more connector documentation
+  - [ ] Include instructions for getting client credentials for upstream provider
+- [ ] Improve Kubernetes documentation and include client auth provider docs
+
+Storage
+
+- [ ] Add SQL storage implementation
+- [ ] Utilize fixes for third party resources in Kubernetes 1.4 
+
+UX
+
+- [ ] Add 500 and 404 pages
+- [ ] Add an OBB template
+- [ ] Set an HTTP cookie so users aren't constantly reprompted for passwords
+- [ ] Add proposal for letting others style existing HTML templates
+- [ ] Support serving arbitrary static assets
+
+Backend
+
+- [ ] Improve logging, possibly switch to logrus
+- [ ] Standardize OAuth2 error handling