src/main/java/org/apache/sling/auth/oauth_client/impl/OidcAuthenticationHandler.java (3 lines):
	- line 217: // TODO: find a better way to pass it?
	- line 366: JWSAlgorithm jwsAlg = JWSAlgorithm.RS256; //TODO: Read from config
	- line 440: // TODO: perform logout from Sling and redirect?


src/main/java/org/apache/sling/auth/oauth_client/impl/JcrUserHomeOAuthTokenStore.java (2 lines):
	- line 139: // TODO: need to remove refresh token as well?
	- line 151: // TODO: verify if removing the property is the intended behavior in case of null accessToken


src/main/java/org/apache/sling/auth/oauth_client/impl/OAuthConnectionImpl.java (1 line):
	- line 28: // TODO - bad name


src/main/java/org/apache/sling/auth/oauth_client/impl/TokenAccessImpl.java (1 line):
	- line 75: // FIXME: newTokens.accessToken() may return null -> NPE


src/main/java/org/apache/sling/auth/oauth_client/support/OAuthEnabledSlingServlet.java (1 line):
	- line 145: // TODO - do we need this as a protected method?


src/main/java/org/apache/sling/auth/oauth_client/impl/OidcConnectionImpl.java (1 line):
	- line 30: // TODO - bad name