I'm starting a new side project: Yuck.

Yuck is an identity provider that allows end users to securely authenticate themselves to web sites and applications. Yuck also allows users to authorize applications to act on their behalf. Yuck supports the OAuth2 and OpenID Connect protocols, and has an API to allow storing and managing data about end users, applications, and other entities related to authentication.

A preliminary architecture document is at https://files.liw.fi/yuck-arch/ and feedback is welcome.