PHPackages xima/xima-oauth2-extended - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. xima/xima-oauth2-extended ActiveTypo3-cms-extension[Authentication & Authorization](/categories/authentication) xima/xima-oauth2-extended ========================= Additional OAuth2 provider + on-the-fly user creation 3.1.0(11mo ago)426.6k↑70.7%3[5 PRs](https://github.com/xima-media/xima-oauth2-extended/pulls)GPL-2.0-or-laterPHPPHP >=8.2CI passing Since May 5Pushed 3mo ago5 watchersCompare [ Source](https://github.com/xima-media/xima-oauth2-extended)[ Packagist](https://packagist.org/packages/xima/xima-oauth2-extended)[ RSS](/packages/xima-xima-oauth2-extended/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (10)Dependencies (16)Versions (24)Used By (0) XIMA OAuth2 Extended ==================== [](#xima-oauth2-extended) TYPO3 extension that extends the functionality of [waldhacker/ext-oauth2-client](https://packagist.org/packages/co-stack/typo3-oauth2-client) for on-the-fly user creation. New resource provider --------------------- [](#new-resource-provider) - `MicrosoftResourceProvider` - `AuthentikResourceProvider` TYPO3 user creation ------------------- [](#typo3-user-creation) To create frontend or backend users from OAuth2 authentication, you can create your own ResourceResolver by implementing the `ResourceResolverInterface` and register it in the extension configuration: ``` 'EXTENSIONS' => [ // your existing configuration of waldhacker/ext-oauth2-client 'oauth2_client' => [ 'providers' => [ 'yourProviderId' => [ 'description' => 'Your provider', 'implementationClassName' => 'Xima\XimaOauth2Extended\ResourceProvider\MicrosoftResourceProvider', ... ], 'secondProviderId' => [ 'description' => 'Another provider' ... ] ] ], 'xima_oauth2_extended' => [ 'oauth2_client_providers' => [ // provider of waldhacker/ext-oauth2-client you want to extend 'yourProviderId' => [ 'resolverClassName' => \Xima\XimaOauth2Extended\ResourceResolver\MicrosoftResourceResolver::class, 'createBackendUser' => true, 'createFrontendUser' => false, 'defaultBackendUsergroup' => '1,3', 'defaultFrontendUsergroup' => '', 'imageStorageBackendIdentifier' => '1:/user_upload/oauth', ], 'secondProviderId' => [ 'resolverClassName' => \Xima\XimaOauth2Extended\ResourceResolver\GenericResourceResolver::class, 'createBackendUser' => true, 'createFrontendUser' => true, 'defaultBackendUsergroup' => '', 'defaultFrontendUsergroup' => '', ], ], ], ] ``` Available resource resolver --------------------------- [](#available-resource-resolver) This TYPO3 extension provides a resource resolver to facilitate the creation and updating of TYPO3 users through OAuth2 login. The resource resolver serves as a mapping tool for data retrieval from various OAuth resources. While the default resolver, GenericResolver, covers most OAuth endpoints, each endpoint's unique API for extended user information might require specific handling, leading to variations in features. ResolverUser CreationProfile pictureGroup CreationGenericResourceResolver✅🚫🚫MicrosoftResourceResolver✅✅ (BE only)✅ (BE only)AuthentikResourceResolver✅✅ (BE only)🚫GitlabResourceResolver✅🚫🚫Extended resource resolver options ---------------------------------- [](#extended-resource-resolver-options) The extension provides customizable options to tailor the resolver's behavior: OptionDescriptionDefault`resolverClassName`Class name of the resource resolver. See above for list of available resolver`GenericResourceResolver::class``createBackendUser`If set, create a new TYPO3 backend user if no existing user is authenticated`false``createFrontendUser`If set, create a new TYPO3 frontend user if no existing user is authenticated`false``defaultBackendUsergroup`List of be\_group UIDs the created user will be assigned to` ``defaultFrontendUsergroup`List of fe\_group UIDs the created user will be assigned to` ``createBackendUsergroups`If set, create backend user groups based on those of the remote user`false``createFrontendUsergroups`If set, create frontend user groups based on those of the remote user`false``requireBackendUsergroup`If set, require the remote user to be in at least one user group with matching `oauth2_id``false``requireFrontendUsergroup`If set, require the remote user to be in at least one user group with matching `oauth2_id``false``imageStorageBackendIdentifier`Storage identifier for downloaded backend user profile images`1:/user_upload/oauth``imageStorageFrontendIdentifier`Storage identifier for downloaded frontend user profile images`1:/user_upload/oauth``defaultBackendLanguage`Language identifier for created backend users`default``defaultBackendAdminGroups`Comma separated list of remote `oauth2_id`s that will become Admin during login. Special value `all`.` `FAQ --- [](#faq) Register Return-URLs For the backend login the return url looks like this: ``` https://domain.de/typo3/login?loginProvider=1616569531&oauth2-provider=yourProviderId&login_status=login&commandLI=attempt ``` Replace `domain.de` and `yourProviderId` with your data! Login not working Make sure `cookieSameSite` is set to `lax`. ``` $GLOBALS['TYPO3_CONF_VARS']['BE']['cookieSameSite'] = 'lax'; $GLOBALS['TYPO3_CONF_VARS']['FE']['cookieSameSite'] = 'lax'; ``` Order of login provider To change the order of provider displayed at the `/typo3` login page (OAuth login over classic username/password), use the following snippet: ``` $GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['backend']['loginProviders']['1616569531']['sorting'] = 75; ``` ### Health Score 50 — FairBetter than 96% of packages Maintenance68 Regular maintenance activity Popularity34 Limited adoption so far Community16 Small or concentrated contributor base Maturity67 Established project with proven stability Bus Factor1 Top contributor holds 96.9% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~54 days Recently: every ~80 days Total 15 Last Release 342d ago Major Versions v1.1.0 → v2.0.02024-01-07 2.1.0 → 3.0.02025-05-19 PHP version history (2 changes)v1.0.0PHP >=8.1 2.1.0PHP >=8.2 ### Community Maintainers ![](https://www.gravatar.com/avatar/04b105eb2ade5d364c2ae93a9a012d591594eaa3ad54d252db70856d1c293d5d?d=identicon)[m.schneider](/maintainers/m.schneider) ![](https://www.gravatar.com/avatar/847890ddab205b4421b159071ae9c72f113f3f7786e2393c6403406fc52dc5f5?d=identicon)[ximamedia](/maintainers/ximamedia) --- Top Contributors [![maikschneider](https://avatars.githubusercontent.com/u/696865?v=4)](https://github.com/maikschneider "maikschneider (126 commits)")[![hirnschmalz](https://avatars.githubusercontent.com/u/4834988?v=4)](https://github.com/hirnschmalz "hirnschmalz (2 commits)")[![renovate[bot]](https://avatars.githubusercontent.com/in/2740?v=4)](https://github.com/renovate[bot] "renovate[bot] (2 commits)") --- Tags typo3typo3-cms-extension ### Code Quality Code StylePHP CS Fixer ### Embed Badge ![Health badge](/badges/xima-xima-oauth2-extended/health.svg) ``` [![Health](https://phpackages.com/badges/xima-xima-oauth2-extended/health.svg)](https://phpackages.com/packages/xima-xima-oauth2-extended) ``` ### Alternatives [thenetworg/oauth2-azure Azure Active Directory OAuth 2.0 Client Provider for The PHP League OAuth2-Client 2509.6M48](/packages/thenetworg-oauth2-azure)[stevenmaguire/oauth2-keycloak Keycloak OAuth 2.0 Client Provider for The PHP League OAuth2-Client 2275.9M27](/packages/stevenmaguire-oauth2-keycloak)[patrickbussmann/oauth2-apple Sign in with Apple OAuth 2.0 Client Provider for The PHP League OAuth2-Client 1132.5M6](/packages/patrickbussmann-oauth2-apple)[in2code/femanager Modern TYPO3 Frontend User Registration. 49745.4k6](/packages/in2code-femanager)[microsoft/kiota-authentication-phpleague Authentication provider for Kiota using the PHP League OAuth 2.0 client to authenticate against the Microsoft Identity platform 153.2M7](/packages/microsoft-kiota-authentication-phpleague)[thathoff/kirby-oauth Kirby OAuth 2 Plugin 3823.9k](/packages/thathoff-kirby-oauth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)