Image description

Google Summer of Code is back! Join us to tackle exciting challenges, focused on universal OIDC authentication. Let’s shape the future of open source!

Eligibility:

  • Must be 18+ (students/professionals welcome!)
  • Limited prior GSoC participation.

Rewards:

  • Certificate + stipend (per Google guidelines).

    • For Medium-scale Projects: The base stipend amount is $3,000 USD, adjusted based on each country’s PPP value. The stipend has a minimum limit of $1,500 USD and a maximum limit of $3,300 USD.
    • For Large-scale Projects: The base stipend amount is $6,000 USD, adjusted based on each country’s PPP value. The stipend has a minimum limit of $3,000 USD and a maximum limit of $6,600 USD.
    • For Small-Scale Projects: The base stipend amount is $1,500 USD, adjusted based on each country’s PPP value. The stipend has a minimum limit of $750 USD and a maximum limit of $1,650 USD.

Project: Enhance Universal OIDC Authentication

🔗 Jira: <https://issues.apache.org/jira/browse/GSOC-284>
🔗 GitHub: <https://github.com/apache/dolphinscheduler>

Background

Apache DolphinScheduler is a distributed and extensible workflow scheduler platform designed to orchestrate complex data processing tasks. It provides a user-friendly interface for defining, scheduling, and monitoring workflows, making it easier to manage and automate data pipelines. DolphinScheduler supports various types of tasks, including shell scripts, SQL queries, and custom scripts, and integrates seamlessly with popular big data ecosystems.

Currently, the Apache DolphinScheduler system supports user login via Password, LDAP, Casdoor SSO, and OAuth. However, as a data platform, it frequently needs to integrate with enterprise - internal user accounts to achieve unified identity authentication, which is crucial for ensuring system security and unified user account management. The existing implementation of Casdoor has a high degree of dependence on the Casdoor project, and the OAuth implementation lacks universality and flexibility.

Goals

Our objective is to implement a more generalized OIDC (OpenID Connect) login authentication mechanism. This will enable users to make better use of unified login authentication. Moreover, popular open source login authentication projects like Dexidp, Keycloak, and OAuthProxy all support OIDC. By supporting OIDC, users can integrate with both internal and third-party login authentication methods, such as Feishu Login and WeChat Work Login.

How to implement it

  1. Initiate and conduct experiments with Apache DolphinScheduler to comprehensively understand its current functionalities.
  2. Implement and support a more generalized OIDC (OpenID Connect) login authentication mechanism.
  3. Compose corresponding E2E test cases.
  4. Create corresponding documentation for third-party login integrations, covering Keycloak, Dexidp, OAuthProxy, as well as Feishu Login and WeChat Work Login.
  5. Optimize the UI of the Apache DolphinScheduler login page.
  6. Ensure compatibility with the existing functionalities of Apache DolphinScheduler during the process of focusing on enhancements.

Skills Needed

✅ Java/Spring Boot expertise.

✅ Frontend frameworks.

✅ Deep OAuth2/OIDC knowledge.

✅ Passion for open source!

Project Scale

  • Difficulty: Medium
  • Hours: ~150

Contact Mentors

📧 Gallardot (Committer): [email protected]

📧 SbloodyS (PMC Member): [email protected]

Resources

🔗 Docs: <https://dolphinscheduler.apache.org>
🔗 Spring OAuth: <https://docs.spring.io/spring-security/reference/reactive/oauth2/client/index.html>
🔗 OIDC Guide: <https://openid.net/developers/how-connect-works/>

Proposal Tips

1️⃣ Explore orgs/projects early.

2️⃣ Discuss ideas with mentors.

3️⃣ Submit drafts for feedback.

4️⃣ Avoid last-minute submissions!

Timeline (UTC)

All times are in Coordinated Universal Time (UTC):

  • Jan 27 - 18:00 UTC: Mentor organizations can start submitting applications to Google.
  • Feb 11 - 18:00 UTC: Mentor organization application deadline.
  • Feb 11–26: Google program administrators review organization applications.
  • Feb 27 - 18:00 UTC: List of accepted mentor organizations is published.
  • Feb 27–Mar 24: Potential GSoC contributors discuss project ideas with mentor organizations.
  • Mar 24 - 18:00 UTC: GSoC contributor application period opens.
  • Apr 8 - 18:00 UTC: GSoC contributor application submission closes.
  • Apr 29 - 18:00 UTC: Organization admins must finalize GSoC contributor proposal rankings.
  • May 8 - 18:00 UTC: Accepted GSoC contributor projects are announced.
  • May 8–Jun 1: Community bonding period. GSoC contributors connect with mentors, review docs, and prepare.
  • Jun 2: Coding officially begins!
  • Jul 14 - 18:00 UTC: Midterm evaluations open (for standard 12-week projects).
  • Jul 18 - 18:00 UTC: Midterm evaluation submission deadline (standard coding period).
  • Jul 14–Aug 25: Coding phase. GSoC contributors work under mentor guidance.
  • Aug 25–Sep 1 - 18:00 UTC: Final week. Contributors submit final work and evaluations (standard coding period).
  • Sep 1–8 - 18:00 UTC: Mentors submit final GSoC contributor evaluations (standard coding period).
  • Sep 1–Nov 9: Extended timeline for contributors with approved schedule extensions.
  • Nov 10 - 18:00 UTC: Final deadline for all contributors to submit work and evaluations.
  • Nov 17 - 18:00 UTC: Final mentor evaluations due for contributors with extended deadlines.