Improve OpenId Connect provider and authenticator
- Mentor(s)
- Details
It's possible to use XWiki as OpenId Connect provider and also make XWiki authenticate on OpenId Connect provider. See OpenId Connect project page.
It work well but has various limitation that it would be nice to fix. You can find various ideas on Jira but here are the main ones:
- both
- setup integration tests
- provider:
- UI to manage authorizations
- salt the stored token
- allow accessing any resource using access token
- add support for registering clients (only allow a set a clients with generated authorization key) and provide corresponding UI to manage them
- improve the UI (very basic right now)
- authenticator:
- support automatically authenticating a user who is coming back
- both
- Developer profile
- Java
- HTTP/Networking
- Year
2019
- Status
Proposed