macopedia · soee · Aug 13, 2020 · Aug 21, 2020 · Oct 5, 2020 · Dec 2, 2020
diff --git a/.editorconfig b/.editorconfig
@@ -0,0 +1,60 @@
+# EditorConfig is awesome: http://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+charset = utf-8
+end_of_line = lf
+indent_style = space
+indent_size = 4
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+# TS/JS-Files
+[*.{ts,js}]
+indent_size = 2
+
+# JSON-Files
+[*.json]
+indent_style = tab
+
+# ReST-Files
+[*.{rst,rst.txt}]
+indent_size = 4
+max_line_length = 80
+
+# Markdown-Files
+[*.md]
+max_line_length = 80
+
+# YAML-Files
+[*.{yaml,yml}]
+indent_size = 2
+
+# NEON-Files
+[*.neon]
+indent_size = 2
+indent_style = tab
+
+# package.json
+[package.json]
+indent_size = 2
+
+# TypoScript
+[*.{typoscript,tsconfig}]
+indent_size = 2
+
+# XLF-Files
+[*.xlf]
+indent_style = tab
+
+# SQL-Files
+[*.sql]
+indent_style = tab
+indent_size = 2
+
+# .htaccess
+[{_.htaccess,.htaccess}]
+indent_style = tab
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,4 @@
 /.Build/*
 /composer.lock
-/typo3cms
-
 /Libraries/*
-
+/typo3cms
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,7 @@
+# TYPO3 OpenID Connect integration changelog
+
+## Version 2.x
+
+* Added an event allowing to adjust the where-conditions for fetching the existing fe_users [#164](https://github.com/xperseguers/t3ext-oidc/issues/164)
+* Enhanced events to include a reference to the AuthenticationService [#136](https://github.com/xperseguers/t3ext-oidc/issues/136)
+* Added a user groups event to map groups by a different pattern than "Roles", e.g. "claims" [#129](https://github.com/xperseguers/t3ext-oidc/pull/129)
diff --git a/Classes/AuthenticationContext.php b/Classes/AuthenticationContext.php
@@ -0,0 +1,67 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Causal\Oidc;
+
+use Causal\Oidc\Security\JwtTrait;
+
+class AuthenticationContext
+{
+    use JwtTrait;
+
+    protected string $requestId;
+    protected string $state;
+    protected string $loginUrl;
+    protected string $authorizationUrl;
+    public string $redirectUrl;
+    public ?string $codeVerifier;
+
+    public function __construct(
+        string $state,
+        string $loginUrl,
+        string $authorizationUrl,
+        string $requestId,
+        string $redirectUrl = '',
+        ?string $codeVerifier = null
+    ) {
+        $this->state = $state;
+        $this->loginUrl = $loginUrl;
+        $this->authorizationUrl = $authorizationUrl;
+        $this->requestId = $requestId;
+        $this->redirectUrl = $redirectUrl;
+        $this->codeVerifier = $codeVerifier;
+    }
+
+    public function getAuthorizationUrl(): string
+    {
+        return $this->authorizationUrl;
+    }
+
+    public function getLoginUrl(): string
+    {
+        return $this->loginUrl;
+    }
+
+    public function getState(): string
+    {
+        return $this->state;
+    }
+
+    public function getRequestId(): string
+    {
+        return $this->requestId;
+    }
+
+    public static function fromJwt(string $cookieValue): self
+    {
+        $payload = self::decodeJwt($cookieValue, self::createSigningKeyFromEncryptionKey(static::class), true);
+        return new self(...$payload);
+    }
+
+    public function toHashSignedJwt(): string
+    {
+        $payload = get_object_vars($this);
+        return self::encodeHashSignedJwt($payload, self::createSigningKeyFromEncryptionKey(static::class));
+    }
+}
diff --git a/Classes/Controller/AuthenticationController.php b/Classes/Controller/AuthenticationController.php