How to Restrict Ueberauth Google Strategy to Particular GSuite Domain?

arooj · August 25, 2020, 4:28pm

I’m trying to use Google Sign-In with a particular Gsuite domain only.

Similar: https://stackoverflow.com/questions/10858813/restrict-login-email-with-google-oauth2-0-to-specific-domain-name

Documentation: https://github.com/ueberauth/ueberauth_google

chasers · August 31, 2020, 6:31pm

Looks like they give you the "hd" in the params … which seems to be the domain of the Gsuite login in question.

Also note they give you a bunch of other stuff in the assigns which could be useful. I’ve pulled out that variable here too.

def callback(
        %{assigns: %{ueberauth_auth: auth}} = conn,
        %{"provider" => "google", "hd" => "logflare.app"} = params
      ), do: sign_in_stuff(conn, params)

def callback(
        %{assigns: %{ueberauth_auth: auth}} = conn,
        %{"provider" => "google", "hd" => _everyone_else} = params
      ), do: reject_sign_in(conn, params)

arooj · September 1, 2020, 9:46pm

Thank you. This looks like exactly what I was looking for. Will test soon.