oliverkroener/ok-azure-login
Composer 安装命令:
composer require oliverkroener/ok-azure-login
包简介
Login and register frontend and backend users using Azure Entra
关键字:
README 文档
README
TYPO3 extension for frontend and backend login via Microsoft Entra ID (Azure AD) using the OAuth 2.0 authorization code flow and Microsoft Graph API.
| Extension key | ok_azure_login |
| Composer | oliverkroener/ok-azure-login |
| TYPO3 | 12.4, 13.4, 14.0 |
| PHP | ^8.1 |
Features
- Frontend login via "Sign in with Microsoft" content element
- Backend login via login provider on the TYPO3 backend login screen
- Per-site configuration with encrypted client secret storage
- Multi-tenant support with multiple backend login buttons
- OAuth 2.0 authorization code flow with HMAC-signed state parameter
- User lookup by email in
fe_users/be_users - Backend redirect URI auto-derived from route configuration
- Frontend logout with optional Microsoft sign-out redirect
- Translations: English, German, French
Quick start
- Register an app in Microsoft Entra ID (see Azure setup docs)
- Install the extension via Composer:
composer require oliverkroener/ok-azure-login
- Configure credentials in Web > Azure Login backend module
- Add the Azure Login content element to a frontend page
- Register the redirect URIs from the backend module in your Azure app
Configuration
Credentials are managed per TYPO3 site via the backend module. Each site stores:
- Tenant ID and Client ID from Azure App Registration
- Client Secret (encrypted at rest with PHP Sodium)
- Redirect URI (Frontend) -- manually configured, points to the login page
- Redirect URI (Backend) -- auto-generated from route config, shown as read-only with copy button
The backend redirect URI (/typo3/azure-login/callback) is derived from Configuration/Backend/Routes.php and cannot be misconfigured.
Global credentials via Extension Configuration serve as a fallback for single-site setups.
Documentation
Full documentation is in the Documentation/ directory:
Security
- Client secrets encrypted at rest (PHP Sodium
sodium_crypto_secretbox) - HMAC-signed OAuth state with 10-minute TTL
- Per-site credential isolation
- CSRF token handling for TYPO3 v13+
Requirements
microsoft/microsoft-graph^2microsoft/kiota-authentication-phpleague^1- TYPO3 encryption key must be configured
oliverkroener/ok-azure-login 适用场景与选型建议
oliverkroener/ok-azure-login 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 479 次下载、GitHub Stars 达 0, 最近一次更新时间为 2026 年 02 月 13 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「Authentication」 「oauth」 「login」 「SSO」 「azure」 「microsoft」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 oliverkroener/ok-azure-login 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 oliverkroener/ok-azure-login 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 oliverkroener/ok-azure-login 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
WeChat OAuth SDK
Automatically logs-in users if they are already authenticated by a remote source. (e.g. environment variable REMOTE_USER)
GraphQL authentication for your headless Craft CMS applications.
Ory-Hydra OAuth 2.0 Client Provider for The PHP League OAuth2-Client
Library for ORCID web services
Debugging a problem and need to login as one of your customers? This allows you to authenticate as any of your customers.
统计信息
- 总下载量: 479
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 20
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: GPL-2.0-or-later
- 更新时间: 2026-02-13