OAuth server in CAS currently requires that clients register themselves with service name as the key, description as the secret and theme name as the actual service name. Encapsulate this logic into OAuth specific components.
OAuth server in CAS currently requires that callback urls defined in the registry match the incoming request by checking to see if one string "begins with" another. Alter this behavior to support services that use regex as the service id.
Improve the L&F of the "Confirm" view, to match the default CAS UI skin. Animations, icons, etc.