diff --git a/Oqtane.Server/Extensions/OqtaneSiteAuthenticationBuilderExtensions.cs b/Oqtane.Server/Extensions/OqtaneSiteAuthenticationBuilderExtensions.cs index 68a002c7..604270c1 100644 --- a/Oqtane.Server/Extensions/OqtaneSiteAuthenticationBuilderExtensions.cs +++ b/Oqtane.Server/Extensions/OqtaneSiteAuthenticationBuilderExtensions.cs @@ -205,6 +205,10 @@ namespace Oqtane.Extensions { email = item[emailClaimType].ToString().ToLower(); } + else + { + id = ""; // if email is not valid we will assume id is not valid + } } } if (!string.IsNullOrEmpty(id)) @@ -290,6 +294,10 @@ namespace Oqtane.Extensions { email = context.Principal.FindFirstValue(emailClaimType); } + else + { + id = ""; // if email is not valid we will assume id is not valid + } } // validate user @@ -610,23 +618,27 @@ namespace Oqtane.Extensions private static bool EmailValid(string email, string domainfilter) { - if (!string.IsNullOrEmpty(email) && email.Contains("@") && email.Contains(".")) + if (!string.IsNullOrEmpty(email)) { - var domains = domainfilter.ToLower().Split(',', StringSplitOptions.RemoveEmptyEntries); - foreach (var domain in domains) + if (email.Contains("@") && email.Contains(".")) { - if (domain.StartsWith("!")) + var domains = domainfilter.ToLower().Split(',', StringSplitOptions.RemoveEmptyEntries); + foreach (var domain in domains) { - if (email.ToLower().Contains(domain.Substring(1))) return false; - } - else - { - if (!email.ToLower().Contains(domain)) return false; + if (domain.StartsWith("!")) + { + if (email.ToLower().Contains(domain.Substring(1))) return false; + } + else + { + if (!email.ToLower().Contains(domain)) return false; + } } + return true; } - return true; - } - return false; + return false; + } + return (string.IsNullOrEmpty(domainfilter)); // email is optional unless domain filter is specified } } }