- The callback URL changed from
/typo3conf/ext/oidc/Public/callback.phptoTYPO3_SITE_URL. (configurable with optionoidcRedirectUri) #116 - No PHP native session is needed anymore. A JWT-Cookie (named
oidc_context) is now used to store relevant information during an authentication process. #155 - A dedicated route is used to initiate the authorization flow with the identity provider. (configurable with option
authenticationUrlRoute) This avoids creating loads of authentication sessions with the identity provider (IdP), if the Login-button is placed on a Login-page for instance. Formerly a new auth-session was started with the IdP every time the page was rendered. #159 - All previous hooks have been replaced with PSR-14 events. More events were added.
- The extension is now wiring the underlying OAuth2 library with TYPO3's Guzzle wrapper (
GuzzleClientFactory). This means that requests done by the library now adhere to TYPO3 configuration. #167 - Added an event allowing to adjust the where-conditions for fetching the existing fe_users #164
- Enhanced events to include a reference to the AuthenticationService #136
- Added a user groups event to map groups by a different pattern than "Roles", e.g. "claims" #129