OpenID login: automatically create backend user accounts
I'd like to be able to configure the OpenID login extension so that certain OpenID logins get their backend user account created automatically.
"certain OpenID logins" is of course broad and need to be configurable, e.g. all from one OpenID server, or all from one OpenID server that match a certain email address regex.
It should also be configurable if the to-be-created user shall be admin or not, and which groups he will get.
This feature would benefit companies with many employees that support a large number of TYPO3 systems. Creating personal account for every single employee on every system is tedious, so not having to create them in the first place would be a big help.
Updated by Christian Weiske over 10 years ago
I've thought about that a bit: Goal is to let extensions handle unregistered openid users after they authenticated at their OpenID provider.
Every extension could be different in their requirements of data from the provider. Some only need the OpenID, others need the email, others might use the full name and timezone information. Thus they need to be able to modify the OpenID request to the provider, being able to change the required and optional attributes.
The next entry point needs to be the place at which OpenID authentication is finished, but we see that there is no user account with that claimed ID. At this time, the extension may want to create that user and tell the OpenID sysext that the user exists and return it, so that it can pass it further along in the login chain.