PHPackages                             xima/xima-oauth2-extended - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. xima/xima-oauth2-extended

ActiveTypo3-cms-extension[Authentication &amp; Authorization](/categories/authentication)

xima/xima-oauth2-extended
=========================

Additional OAuth2 provider + on-the-fly user creation

3.1.1(2mo ago)531.2k↑15.4%3[3 issues](https://github.com/xima-media/xima-oauth2-extended/issues)[7 PRs](https://github.com/xima-media/xima-oauth2-extended/pulls)GPL-2.0-or-laterPHPPHP &gt;=8.2CI passing

Since May 5Pushed 2w ago5 watchersCompare

[ Source](https://github.com/xima-media/xima-oauth2-extended)[ Packagist](https://packagist.org/packages/xima/xima-oauth2-extended)[ RSS](/packages/xima-xima-oauth2-extended/feed)WikiDiscussions main Synced 3d ago

READMEChangelog (10)Dependencies (32)Versions (28)Used By (0)

XIMA OAuth2 Extended
====================

[](#xima-oauth2-extended)

TYPO3 extension that extends the functionality of [waldhacker/ext-oauth2-client](https://packagist.org/packages/co-stack/typo3-oauth2-client) for on-the-fly user creation.

New resource provider
---------------------

[](#new-resource-provider)

- `MicrosoftResourceProvider`
- `AuthentikResourceProvider`

TYPO3 user creation
-------------------

[](#typo3-user-creation)

To create frontend or backend users from OAuth2 authentication, you can create your own ResourceResolver by implementing the `ResourceResolverInterface` and register it in the extension configuration:

```
'EXTENSIONS' => [
    // your existing configuration of waldhacker/ext-oauth2-client
    'oauth2_client' => [
        'providers' => [
            'yourProviderId' => [
                'description' => 'Your provider',
                'implementationClassName' => 'Xima\XimaOauth2Extended\ResourceProvider\MicrosoftResourceProvider',
                ...
            ],
            'secondProviderId' => [
                'description' => 'Another provider'
                ...
            ]
        ]
    ],

    'xima_oauth2_extended' => [
        'oauth2_client_providers' => [
            // provider of waldhacker/ext-oauth2-client you want to extend
            'yourProviderId' => [
                'resolverClassName' => \Xima\XimaOauth2Extended\ResourceResolver\MicrosoftResourceResolver::class,
                'createBackendUser' => true,
                'createFrontendUser' => false,
                'defaultBackendUsergroup' => '1,3',
                'defaultFrontendUsergroup' => '',
                'imageStorageBackendIdentifier' => '1:/user_upload/oauth',
            ],
            'secondProviderId' => [
                'resolverClassName' => \Xima\XimaOauth2Extended\ResourceResolver\GenericResourceResolver::class,
                'createBackendUser' => true,
                'createFrontendUser' => true,
                'defaultBackendUsergroup' => '',
                'defaultFrontendUsergroup' => '',
            ],
        ],
    ],
]
```

Available resource resolver
---------------------------

[](#available-resource-resolver)

This TYPO3 extension provides a resource resolver to facilitate the creation and updating of TYPO3 users through OAuth2 login. The resource resolver serves as a mapping tool for data retrieval from various OAuth resources. While the default resolver, GenericResolver, covers most OAuth endpoints, each endpoint's unique API for extended user information might require specific handling, leading to variations in features.

ResolverUser CreationProfile pictureGroup CreationGenericResourceResolver✅🚫🚫MicrosoftResourceResolver✅✅ (BE only)✅ (BE only)AuthentikResourceResolver✅✅ (BE only)🚫GitlabResourceResolver✅🚫🚫Extended resource resolver options
----------------------------------

[](#extended-resource-resolver-options)

The extension provides customizable options to tailor the resolver's behavior:

OptionDescriptionDefault`resolverClassName`Class name of the resource resolver. See above for list of available resolver`GenericResourceResolver::class``createBackendUser`If set, create a new TYPO3 backend user if no existing user is authenticated`false``createFrontendUser`If set, create a new TYPO3 frontend user if no existing user is authenticated`false``defaultBackendUsergroup`List of be\_group UIDs the created user will be assigned to` ``defaultFrontendUsergroup`List of fe\_group UIDs the created user will be assigned to` ``createBackendUsergroups`If set, create backend user groups based on those of the remote user`false``createFrontendUsergroups`If set, create frontend user groups based on those of the remote user`false``requireBackendUsergroup`If set, require the remote user to be in at least one user group with matching `oauth2_id``false``requireFrontendUsergroup`If set, require the remote user to be in at least one user group with matching `oauth2_id``false``imageStorageBackendIdentifier`Storage identifier for downloaded backend user profile images`1:/user_upload/oauth``imageStorageFrontendIdentifier`Storage identifier for downloaded frontend user profile images`1:/user_upload/oauth``defaultBackendLanguage`Language identifier for created backend users`default``defaultBackendAdminGroups`Comma separated list of remote `oauth2_id`s that will become Admin during login. Special value `all`.` `FAQ
---

[](#faq)

Register Return-URLs For the backend login the return url looks like this:

```
https://domain.de/typo3/login?loginProvider=1616569531&oauth2-provider=yourProviderId&login_status=login&commandLI=attempt

```

Replace `domain.de` and `yourProviderId` with your data!

Login not working Make sure `cookieSameSite` is set to `lax`.

```
$GLOBALS['TYPO3_CONF_VARS']['BE']['cookieSameSite'] = 'lax';
$GLOBALS['TYPO3_CONF_VARS']['FE']['cookieSameSite'] = 'lax';
```

Order of login provider To change the order of provider displayed at the `/typo3` login page (OAuth login over classic username/password), use the following snippet:

```
$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['backend']['loginProviders']['1616569531']['sorting'] = 75;
```

###  Health Score

54

—

FairBetter than 96% of packages

Maintenance81

Actively maintained with recent releases

Popularity35

Limited adoption so far

Community16

Small or concentrated contributor base

Maturity68

Established project with proven stability

 Bus Factor1

Top contributor holds 97% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~73 days

Recently: every ~157 days

Total

16

Last Release

62d ago

Major Versions

v1.1.0 → v2.0.02024-01-07

2.1.0 → 3.0.02025-05-19

PHP version history (2 changes)v1.0.0PHP &gt;=8.1

2.1.0PHP &gt;=8.2

### Community

Maintainers

![](https://www.gravatar.com/avatar/04b105eb2ade5d364c2ae93a9a012d591594eaa3ad54d252db70856d1c293d5d?d=identicon)[m.schneider](/maintainers/m.schneider)

![](https://www.gravatar.com/avatar/847890ddab205b4421b159071ae9c72f113f3f7786e2393c6403406fc52dc5f5?d=identicon)[ximamedia](/maintainers/ximamedia)

---

Top Contributors

[![maikschneider](https://avatars.githubusercontent.com/u/696865?v=4)](https://github.com/maikschneider "maikschneider (129 commits)")[![hirnschmalz](https://avatars.githubusercontent.com/u/4834988?v=4)](https://github.com/hirnschmalz "hirnschmalz (2 commits)")[![renovate[bot]](https://avatars.githubusercontent.com/in/2740?v=4)](https://github.com/renovate[bot] "renovate[bot] (2 commits)")

---

Tags

typo3typo3-cms-extension

###  Code Quality

Code StylePHP CS Fixer

### Embed Badge

![Health badge](/badges/xima-xima-oauth2-extended/health.svg)

```
[![Health](https://phpackages.com/badges/xima-xima-oauth2-extended/health.svg)](https://phpackages.com/packages/xima-xima-oauth2-extended)
```

###  Alternatives

[tempest/framework

The PHP framework that gets out of your way.

2.2k34.4k15](/packages/tempest-framework)[thenetworg/oauth2-azure

Azure Active Directory OAuth 2.0 Client Provider for The PHP League OAuth2-Client

25310.7M83](/packages/thenetworg-oauth2-azure)[stevenmaguire/oauth2-keycloak

Keycloak OAuth 2.0 Client Provider for The PHP League OAuth2-Client

2306.4M45](/packages/stevenmaguire-oauth2-keycloak)[friendsoftypo3/content-blocks

TYPO3 CMS Content Blocks - Content Types API | Define reusable components via YAML

103519.9k53](/packages/friendsoftypo3-content-blocks)[mfc/oauth2

Generic OAuth2 authentication and authorization for TYPO3 CMS

11310.1k2](/packages/mfc-oauth2)[typo3/cms-felogin

TYPO3 CMS Frontend Login - A template-based plugin to log in website users in the TYPO3 frontend.

117.2M132](/packages/typo3-cms-felogin)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
