changed Google OpenID WHITE_LISTED_DOMAINS setting to only check strings and added...

diff --git a/doc/backends/google.rst b/doc/backends/google.rst
index c3cbcfdcca0fbcec1a0268f3b751fe954aed825c..271f2f67de773ae2e7ed6772bcd7db4b6cc8160d 100644 (file)
--- a/doc/backends/google.rst
+++ b/doc/backends/google.rst
@@ -65,6 +65,16 @@ To enable OAuth2 support:
 Check which applications can be included in their `Google Data Protocol Directory`_
 
 
+Google OpenID 
+-------------
+
+Configurable settings:
+
+- Supply a list of domain strings to be checked. The default (empty list) allows all domains.  If a list is provided and a user attempts to sign in with a Google account that is not in the list, then a ValueError will be raised and the user will be redirected to your login error page::
+
+    WHITE_LISTED_DOMAINS = ['mydomain.com']
+
+
 Orkut
 -----
 

diff --git a/social_auth/backends/google.py b/social_auth/backends/google.py
index b81acc7c5dcac35b977eed4978b569b0b204ada9..0748998a6beb06c264f47c079244280be2f3b434 100644 (file)
--- a/social_auth/backends/google.py
+++ b/social_auth/backends/google.py
@@ -84,10 +84,8 @@ class GoogleBackend(OpenIDBackend):
         is unique enought to flag a single user. Email comes from schema:
         http://axschema.org/contact/email"""
         # only include white-listed domains
-        import re
-        for domain in WHITE_LISTED_DOMAINS: 
-            if not re.search(domain, details['email']):
-                raise ValueError('INVALID DOMAIN')
+        if WHITE_LISTED_DOMAINS and details['email'].split('@')[1] not in WHITE_LISTED_DOMAINS: 
+            raise ValueError('INVALID DOMAIN')
 
         return details['email']