Use exact match to compare whitelisted domains

Author: fguillot

Auth/GoogleAuthProvider.php

@@ -221,15 +221,15 @@ public function isAccountCreationAllowed(array $profile)
      */
     public function validateDomainRestriction(array $profile, $domains)
     {
-        foreach (explode(',', $domains) as $domain) {
-            $domain = trim($domain);
+        if (strpos($profile['email'], '@') === false) {
+            return false;
+        }
 
-            if (strpos($profile['email'], '@') === false) {
-                return false;
-            }
+        list(, $hostname) = explode('@', $profile['email']);
+        $hostname = trim($hostname);
 
-            list(, $hostname) = explode('@', $profile['email']);
-            if (strpos($hostname, $domain) === 0) {
+        foreach (explode(',', $domains) as $domain) {
+            if ($hostname === trim($domain)) {
                 return true;
             }
         }

Plugin.php

@@ -71,7 +71,7 @@ public function getPluginAuthor()
 
     public function getPluginVersion()
     {
-        return '1.0.5';
+        return '1.0.6';
     }
 
     public function getPluginHomepage()

Test/GoogleAuthTest.php

@@ -40,6 +40,7 @@ public function testEmailRestrictions()
         $this->assertTrue($provider->isAccountCreationAllowed(array('email' => 'me@mydomain.tld')));
         $this->assertFalse($provider->isAccountCreationAllowed(array('email' => 'me@my-other-domain.tld')));
         $this->assertFalse($provider->isAccountCreationAllowed(array('email' => 'test+mydomain.tld+@example.org')));
+        $this->assertFalse($provider->isAccountCreationAllowed(array('email' => 'test@mydomain.tld.example.org')));
 
         $this->assertTrue($this->container['configModel']->save(array('google_account_creation' => '1', 'google_email_domains' => 'example.org, example.com')));
         $this->container['memoryCache']->flush();