0

I am using the Google PHP API to authenticate user login. I would like to restrict login access to specific email domains, eg only users with email @thedomain.com can login.

I've tried setting the hd parameter as suggested, with no luck. I also noticed that the returned $client = new Google_Client(); object returns an empty string for ["hd"]=> string(0) ""

Checking the email domain after authentication may be viable, but i fell like there must be a method within the Google API.

Anyone have ideas or suggestions?

Community
  • 1
  • 1
Vinnie James
  • 5,763
  • 6
  • 43
  • 52

1 Answers1

0

Ended up using the hd object, which required instantiating a new $service

if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
        $client->setAccessToken($_SESSION['access_token']);
        // create service to pull userinfo
        $service = new Google_Service_Oauth2($client);
        $user = $service->userinfo->get();
        $userHd = $user['hd'];
        if ($userHd === 'thedomain.com') {
            // log the user in
        }
Vinnie James
  • 5,763
  • 6
  • 43
  • 52