minauthator/TODO.md
2024-11-22 17:57:22 +01:00

48 lines
1.3 KiB
Markdown

# TODO
- [x] Login form
- [x] Register form
- [x] Redirect to login form if unauthenticated
- [x] Upload picture
- OAuth2
- [x] Authorize form
- [x] Verify authorize
- [x] Get access token
- [x] Support OpenID to use with demo client [oauth2c](https://github.com/cloudentity/oauth2c)
- .well-known/openid-configuration
- [ ] i18n strings in the http website.
- [ ] App config
- Add app logo (URI?)
- [ ] Public endpoint to get user avatar by id
- [ ] Rework avatar upload to limit size and process the image?
- [ ] Authorize form
- Show details about permissions
- Show app logo
- [ ] Support error responses by https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1
- [x] UserWebGUI: Redirect to login when JWT expire
- [x] UserWebGUI: Show user authorizations.
- [ ] UserWebGUI: Allow to revoke an authorization
- [ ] UserWebGUI: Show available apps
- [ ] UserWebGUI: Direct user grant flow, User can login to the target app/client, event if it did not started here.
- all apps must have a `/oauth2/login` URL that redirect to the right minauth /authorize URL
- [ ] UserWebGUI: add TOTP
- [ ] send emails to users
- Architecture: do we have an admin API?
- [ ] AdminCLI: init
- [ ] AdminCLI: create invitation links
- [ ] Add admin panel via API
- [ ] AdminWebGUI: Ability to create invitation links
- [ ] Add admin CLI