"Allowed email domains" configuration parameter not working

[gaborherman]

When you specify the "Allowed email domains" parameter for Authgoole it won't let anyone in, from any domain. The reason is: auth_plugin_authgoogle::_check_email_domain compares the entire email address with a domain (which is never equal). Fix: correct this: if ($email == $domain) return true; to this: $emaildomain = substr(strrchr($email, "@"), 1); if ($emaildomain == $domain) return true;

[shisterov-artyom]

try: "*" - filter all domains

"*@youdomain.com" - filter specific domain

"admin@youdomain.com" - filter specific email

it's working!

[vladaman]

I have the same issue as gaborherman. I made a chance to the code. I prefer config as alloweddomain: mydomain.com (without asterisk *)

and the code fix is at auth.php:

function endsWith($haystack, $needle) {
     // search forward starting from end minus needle length characters
      return $needle === "" || (($temp = strlen($haystack) - strlen($needle)) >= 0 && strpos($haystack, $needle, $temp) !== FALSE);
   }

foreach ($domains as $domain) {
  if ($this->endsWith($email, $domain)){
     return true;
  }

[InfernoZeus]

That forces you to allow all emails from a certain domain. The way it works currently let's you specify with more detail whether it should be the whole domain or just a subsection.

On Fri, 27 Nov 2015 09:47 vladaman notifications@github.com wrote:

I have the same issue as gaborherman. I made a chance to the code. I prefer config as alloweddomain: mydomain.com (without asterisk *)

and the code fix is at auth.php:

foreach ($domains as $domain) { if ($this->endsWith($email, $domain)){ return true; }

— Reply to this email directly or view it on GitHub https://github.com/kettari/authgoogle/issues/32#issuecomment-160073754.

[yuri-wisestamp]

Hace you guys sent a pull request with this?