refactor logic related to domain filtering for emails during external login

2023-12-21 15:54:46 -05:00 · 2023-12-21 15:54:46 -05:00 · 52069f35c5
commit 52069f35c5
parent e99df58bce
1 changed files with 24 additions and 12 deletions
--- a/Oqtane.Server/Extensions/OqtaneSiteAuthenticationBuilderExtensions.cs
+++ b/Oqtane.Server/Extensions/OqtaneSiteAuthenticationBuilderExtensions.cs
@ -205,6 +205,10 @@ namespace Oqtane.Extensions
                                {
                                    email = item[emailClaimType].ToString().ToLower();
                                }
+                                else
+                                {
+                                    id = ""; // if email is not valid we will assume id is not valid
+                                }
                            }
                        }
                        if (!string.IsNullOrEmpty(id))
@ -290,6 +294,10 @@ namespace Oqtane.Extensions
                {
                    email = context.Principal.FindFirstValue(emailClaimType);
                }
+                else
+                {
+                    id = ""; // if email is not valid we will assume id is not valid
+                }
            }

            // validate user
@ -610,7 +618,9 @@ namespace Oqtane.Extensions

        private static bool EmailValid(string email, string domainfilter)
        {
-            if (!string.IsNullOrEmpty(email) && email.Contains("@") && email.Contains("."))
+            if (!string.IsNullOrEmpty(email))
+            {
+                if (email.Contains("@") && email.Contains("."))
                {
                    var domains = domainfilter.ToLower().Split(',', StringSplitOptions.RemoveEmptyEntries);
                    foreach (var domain in domains)
@ -628,5 +638,7 @@ namespace Oqtane.Extensions
                }
                return false;
            }            
+            return (string.IsNullOrEmpty(domainfilter)); // email is optional unless domain filter is specified
+        }
    }
 }