TYPO3 version 10.4
Extension version 2.0.0

When executing the scheduler, some tasks (not related to this extension) may fail while throwing the following exception:

No valid attribute "applicationType" found in request object.

This is caused by the enforced query restriction \Waldhacker\Oauth2Client\Database\Query\Restriction\Oauth2FeUserProviderConfigurationRestriction on line 51 because at that point in the scheduler, there is no valid TYPO3 request:

if (
    ($GLOBALS['TYPO3_REQUEST'] ?? null) instanceof ServerRequestInterface
    && ApplicationType::fromRequest($GLOBALS['TYPO3_REQUEST'])->isBackend()
) {
    $this->isBackendUser = true;
}

Changing the condition to the following fixed the issue for me:

if (
    ($GLOBALS['TYPO3_REQUEST'] ?? null) instanceof ServerRequestInterface
    && $GLOBALS['TYPO3_REQUEST']->getAttribute('applicationType')
    && ApplicationType::fromRequest($GLOBALS['TYPO3_REQUEST'])->isBackend()
) {
    $this->isBackendUser = true;
}

I've installed Typo3 11.5.33 + oauth 2_client via composer and followed the documentation for Keycloak.

The following error is showing in the log:

Fri, 08 Dec 2023 10:16:06 +0000 [WARNING] request="f9ba586f6c809" component="Waldhacker.Oauth2Client.Service.Oauth2Service": Failed to parse JSON response: Syntax error
Fri, 08 Dec 2023 10:16:06 +0000 [WARNING] request="f9ba586f6c809" component="TYPO3.CMS.Core.Authentication.AuthenticationService": Login-attempt from 192.168.65.1, for username "" with an empty password! - {"ip":"192.168.65.1","username":""}

If i check the login to Keycloak using an OIDC dummy program dealing with the exactly the same configuration everything works fine.

Thank you very much vor the new 2.0 version!! It's a big improvement!

I'll currently try to migrate the fork to the new version for my AzureAd connection. Worked out for the backend quite fine.
In my case I need to create the connection with the existing fe/be users on first login. They don't have a normal login, so no way to the azureAd Oauth as a second connection.

As you mention in the docs, it's not yet fully implemented: https://docs.typo3.org/p/waldhacker/typo3-oauth2-client/2.0/en-us/Developers/Index.html#creating-backend-users
That's totally fine. But I would like to have some changes on the User repositories to simplify the user creation:

1. Use protected instead of private in BackendUserRepository/FrontendUserRepository for the Table constant, ConnectionPool and maybe for the other properties also. This way it's easy to extend the repository and use it in the PSR-14 event.
2. Add int $userId as param for persistIdentityForUser() methods. As the user is not logged in at the point of the PSR-14 event, it can't be fetched from the context. I'll fetch the uid from the DB with a query by matching the resourceOwners E-Mail <=> TYPO3 username.

What's your opinion? Do you have an other recommended way?

There seems to be no option for changing the page after successful login. It would be nice to make this possible the way the core / default fronend_login does.

I would love to make this configuration work:

config.typolinkLinkAccessRestrictedPages = 29
config.typolinkLinkAccessRestrictedPages_addParams = &return_url=###RETURN_URL###&pageId=###PAGE_ID###&logintype=login&oauth2-provider=my-provider-id

See TypoScript reference for more information.

Instead of calling removeOauth2ParametersFromUri to generate the redirect url, I would check the TypoScript settings + URL parameters first and use the removeOauth2ParametersFromUri as fallback.

I'll create a patch for myself and submit a PR soon. Would love to hear your thoughts about this.

Hi.

Maybe I found a problem or I do something wrong.

I installed the oauth-client Plugin directly the typo3 extension repo.

Environment:

Ubuntu 20.04
PHP 7.4.3-4ubuntu2.10
Typo3 11.5.10
pizpalue_distribution 3.3.1

Message from Typo3 log:

Core: Exception handler (WEB): Uncaught TYPO3 Exception: #1642867945: Registered class League\OAuth2\Client\Provider\GenericProvider does not exist or is not an implementation of League\OAuth2\Client\Provider\AbstractProvider | InvalidArgumentException thrown in file /var/www/html/typo3/typo3conf/ext/oauth2_client/Classes/Domain/Model/ProviderConfiguration.php in line 49. Requested URL: https://www-t3.ostfalia.de/favicon.ico |  

I think the autoload stuff is not working with this plugin.

I use the GenericProvider and added the the config at /var/www/html/typo3/typo3conf/AdditionalConfiguration.php

If I add the missing classes from

/var/www/html/typo3/typo3conf/ext/oauth2_client/Resources/Private/PHP/composer/autoload_classmap.php

into to the central autoload_classmap.php

/var/www/html/typo3/typo3conf/autoload/autoload_classmap.php

it seems to work better, but not complete. I get no Exceptions anymore, but in typo3 I cannot add the oauth2 login method to the users.

No OAuth2 configured

Only the classes from typo3conf/ext/oauth2_client/Classes are added automatically.

The classes from /var/www/html/typo3/typo3conf/ext/oauth2_client/Resources/Private/PHP are missing.

Kind regards,
D

... or is not an implementation of League\OAuth2\Client\Provider\AbstractProvider

After setting up everything by the tutorial (for google oauth https://docs.typo3.org/p/waldhacker/typo3-oauth2-client/2.0/en-us/Configuration/Google.html),
I get this message, when I switch to the backend user settings or try to call the callback URL

TYPO3: 10.4.34
oauth2_client: 2.0.1
Installation: classic/extensionmanager (no composer)

Does oauth2_client has an onboard GenericProvider?
Or is it necessary to install "league/oauth2-google:^4.0" ? - if so: How do I install "league/oauth2-google:^4.0" without composer ?

Hello @waldhacker1 ,
I'm using TYPO3 11.5.28 and login with Keycloak.

I'm using the feature "oauth2.frontend.login.afterOauth2RedirectUriFromQuery" since I want to redirect my user after login to a specific page into my website.

My problem is the following :

• My user authenticate himself : working fine
• TYPO3 authenticate the user : working fine
• The extension is doing a matching of url to redirect to a specific url : KO

My host url is https://url_website/en
But Uri from TYPO3 returns https://url_website/

Is it a problem from my configuration ?
My root level is https://url_website/
Language levels are :

• https://url_website/en
• https://url_website/fr
• https://url_website/es

I changed into the Class "RedirectRequestService" the function "isSameSite" to remove the language check this way it's working temporary on my website.

kind regards

I installed this extension from the TER and encountered the same error as in #14

After some digging I found, that in one of the last commits, this should have been fixed by providing an alternative ext_emconf for the TER build process. However the "new" emconf is not shipped with the version from the TER.

I deleted the original ext_emconf on my system and replaced it with the version from build/release/ext_emconf.php now everything is working as expected.

[Typo3 11.5.23] non-composer

• Currently on typo3 11.5
• the package was installed via composer
• there was not version 1 installed before
• the backend login works well
• the root site is not the main root site, is one level down
• I have iterated the docs more a million times
• Debugging the code, the problem seems to be that do not recognizes any of the configured providers as active providers db, even do is configured as in the documentation
• Waldhacker\Oauth2Client\Backend\Form\RenderType\Oauth2ProvidersElement::render() line 67, $this->data['parameterArray']['fieldConf']['children'] is empty

In TYPO3 v11 LTS with php8 the service chain crashes when passing empty loginData.

Get this error when i install oauth2_client from typo3 TER
Registered class League\OAuth2\Client\Provider\GenericProvider does not exist or is not an implementation of League\OAuth2\Client\Provider\AbstractProvider | InvalidArgumentException thrown in file /var/www/html/reservation.cyber.gouv.qc.ca/typo3conf/ext/oauth2_client/Classes/Domain/Model/ProviderConfiguration.php in line 49

TYPO3 [11.5.19]

I have an OAuth2 provider configured. After the OAuth provider redirects back to the TYPO3 back end, the following message is being logged:

Tue, 11 Apr 2023 12:08:08 +0000 [WARNING] request="5aaf2e1d4c04a" component="TYPO3.CMS.Core.Authentication.AuthenticationService": Login-attempt from MY_IP, for username "" with an empty password! - {"ip":"MY_IP","username":""}

The browser ends up at the following path: /typo3/login?loginProvider=1616569531&oauth2-provider=MY_PROVIDER&login_status=login&commandLI=attempt&state=MY_STATE&session_state=MY_SESSION_STATE&code=MY_CODE

As far as I can tell this is how it should be according to https://docs.typo3.org/p/waldhacker/typo3-oauth2-client/2.0/en-us/Configuration/Index.html#backend. I'm using TYPO3 v11. The IdP is Keycloak. I expect that there is something missing in the configuration. However, the log message does not provide any insight into what is wrong. An empty password should not be a thing for OAuth.

In my case the problem is that buildGetResourceOwnerProvider returns null (https://github.com/waldhacker/ext-oauth2-client/blob/develop/Classes/Service/Oauth2Service.php#L66) because $oauth2StateFromSession is null.

Hello,

is there currently a way to have different credentials/options for BE and FE?

The Oauth2LoginProvider template cannot be overridden since the path in is hardcoded.

When the authorization url is built up, the getAuthorizationUrl method expects the options to be passed on.
They are then passed on to getAuthorizationParameters to add the scope param to the url.
see https://github.com/thephpleague/oauth2-client/blob/master/src/Provider/AbstractProvider.php#L386

I'm trying to integrate a 3rd party provider for Azure that does not set the defaultScope in the constructor and thus requires this to be passed on

After setting up our project (TYPO3 11.5) with ext-oauth-client it turned out that copied content elements (in page module) can't be inserted any more. Copy & paste in the list module works fine. After removing the extension from the oroject copy & paste works too.
Due to to the logging file, a type error causes the exception:

Exception handler (WEB: BE): TypeError, code #0, file /var/www/html/public/typo3conf/ext/oauth2_client/Classes/DataHandling/DataHandlerHook.php, line 75: Argument 7 passed to Waldhacker\Oauth2Client\DataHandling\DataHandlerHook::processCmdmap() must be of the type bool, array given, called in /var/www/html/public/typo3/sysext/core/Classes/DataHandling/DataHandler.php on line 3132- TypeError: Argument 7 passed to Waldhacker\Oauth2Client\DataHandling\DataHandlerHook::processCmdmap() must be of the type bool, array given, called in /var/www/html/public/typo3/sysext/core/Classes/DataHandling/DataHandler.php on line 3132, in file /var/www/html/public/typo3conf/ext/oauth2_client/Classes/DataHandling/DataHandlerHook.php:75

After debugging and removing line 3116 $pasteUpdate = $value['update']; in typo3/sysext/core/Classes/DataHandling/DataHandler.php all copy & paste and move functions are working again.

Where's the difference between the page and the list module considering the way of copying content elements (while using th ext-oauth-client) ?

Hi guys,

are you working on or have any plans for TYPO3 12 LTS support?