/heimdall

Implicit OpenID Connect (OIDC) and OAuth 2.0 Provider with opinionated identity management

Primary LanguageJavaScriptMIT LicenseMIT

heimdall

Implicit OpenID Connect (OIDC) and OAuth 2.0 Provider with opinionated identity management.

heimdall is heavily focused on providing authentication and authorization mechanism to SPAs by generating id_token and access_token via implicit flow.

Roadmap

There are some missing functionality that should be implemented before v1.0.

  • Split handlers into multiple classes (or files)
  • Decision about custom scopes and claims
  • Implement todos written in comments
  • Extract account management code
  • Add mongodb store
  • Add memory store
  • Decision about configurable parameters
  • Pass configuration from YAML files
  • Convert parseAuthorization function to a middleware
  • Silent callback
  • Api resource scopes
  • Create sample app repository
  • Encrypt provider access_token in mongodb
  • Add logging
  • Add proper documentation and explain the decisions made (e.g. why there is no consent)