wp_login hook. WP_user vs. IDP's SAML values ($attrs)

[becchett]

Dear friends, I'm using this plugin to manage both authentication and authorization, about the last one @pitbulk suggested using _Trigger wplogin hook so I've changed the functions.php file of the active template and added my function:

_function wp_user_mail_check($user_login, $user) { $infndomain="@mydomain.it"; $mail="$user->user_email"; $username="$user->user_login"; $localusers[]="enrico"; $localusers[]="fabrizio"; $localuser_wp="false"; foreach ( $localusers as $localuser ) { if ( "$username" == "$localuser" ) { $localuser_wp = "true"; } } if ( $localuser_wp == "false" && !(preg_match("$infndomain",$mail)) ) { get_header(); echo "

"; echo "ERROR. User $username, $mail, is not authorized"; echo "

"; get_sidebar(); get_footer(); exit; } } add_action( 'wp_login', 'wp_user_mailcheck',10,2);

This function allows login to any users that belong to mydomain.it, besides other local users.

With this customization authorization works fine but I can check only values of WP_user object.

I think that is a kind of limit, I'd like the wp_login function to check the attributes received from IDP. If I understand onelogin_samlsso code these values exist in $attrs_ array, so the change that I suggest refers to the onelogin-saml-sso/php/functions.php :

orignal code, row number 468: _do_action( 'wp_login', $user->userlogin, $user );

replace with: _do_action( 'wp_login', $user->userlogin, $user , $attrs);

What do you think about it ? If it doesn't work is there a possible alternative ? Thanks a lot Best Regards Enrico