fgtclb / typo3-oauth2-server
OAuth2 server implementation for TYPO3 frontend users
Installs: 25
Dependents: 0
Suggesters: 0
Security: 0
Stars: 8
Watchers: 6
Forks: 4
Open Issues: 3
Type:typo3-cms-extension
Requires
- php: ^7.2
- league/oauth2-server: ^7.2
- psr/http-server-middleware: ^1.0
- typo3/cms-core: ^9.5
- typo3/cms-frontend: ^9.5
This package is auto-updated.
Last update: 2025-05-30 11:55:45 UTC
README
| URL | |
|---|---|
| Repository: | https://github.com/fgtclb/typo3-oauth2-server |
| TER: | - |
Description
This package implements OAuth2 for TYPO3 to enable 3rd party services to authenticate users using frontend users in TYPO3.
Compatibility
| Branch | Version | TYPO3 | PHP |
|---|---|---|---|
| main | 2.0.x-dev | ~v11, ~v12 | 7.4, 8.0, 8.1, 8.2, 8.3, 8.4 (depending on TYPO3) |
| 1 | 1.0.x-dev | ~v9 | 7.2, 7.3, 7.4 |
Installation
This package can be installed via Composer:
composer require 'fgtclb/typo3-oauth2-server':'^2'
For a fully working setup a RSA keypair needs to be generated and set in the extension configuration:
# Generate random private key openssl genrsa -out private.key 2048 # Extract public key from private key openssl rsa -in private.key -pubout -out public.key
This keypair must be stored safely which means outside of the TYPO3 web directory and should be readonly.
Important
2.x.x is still in development and not all academics extension are fully tested in v12 and v13,
but can be installed in composer instances to use/test them. Testing and reporting are welcome.
Testing 2.x.x extension version in projects (composer mode)
It is already possible to use and test the 2.x version in composer based instances,
which is encouraged and feedback of issues not detected by us (or pull-requests).
Your project should configure minimum-stabilty: dev and prefer-stable to allow
requiring each extension but still use stable versions over development versions:
composer config minimum-stability "dev" \ && composer config "prefer-stable" true
and installed with:
composer require 'fgtclb/typo3-oauth2-server':'2.*.*@dev'
Configuration
Extension settings
- Set the paths to your private and public key files.
- Set the page id where your login form is located. The middleware will redirect users to this page.
OAuth2 Client access
To register clients in the OAuth2 server you need to create OAuth2 Client records on the root page accordingly. Here you can set the identifier and secret as well as redirect URLs to be used in your client code.
Endpoints
After installation the following endpoints are available and should be set in the 3rd party services:
/oauth/authorize: endpoint for authorization code requests/oauth/token: endpoint for access token requests using a authorization code/oauth/identity: endpoint for retrieving a username using an access token
Currently only the authorization code grant is available.
Credits
This extension was created by FGTCLB GmbH.