google login php с определенным доменом

Question

поэтому я делаю приложение php с приложением google , и он работает, но я хочу только подключить людей, у которых был определенный домен xxx@domaine.com, а не xxx@gmail.com .ect

мой код

<?php 
session_start(); //session start 
  
require_once ('libraries/Google/autoload.php'); 
  
//Insert your cient ID and secret 
//You can get it from : https://console.developers.google.com/ 
$client_id = '---client_id---.apps.googleusercontent.com'; 
$client_secret = '---client_secret---'; 
$redirect_uri = 'http://localhost/test/glogin/glogin.php'; 
  
//database 
$db_username = "root"; //Database Username 
$db_password = ""; //Database Password 
$host_name = "localhost"; //Mysql Hostname 
$db_name = 'test'; //Database Name 
  
//incase of logout request, just unset the session var 
if (isset($_GET['logout'])) { 
  unset($_SESSION['access_token']); 
    
} 
  
/************************************************ 
  Make an API request on behalf of a user. In 
  this case we need to have a valid OAuth 2.0 
  token for the user, so we need to send them 
  through a login flow. To do this we need some 
  information from our API console project. 
 ************************************************/ 
$client = new Google_Client(); 
$client->setClientId($client_id); 
$client->setClientSecret($client_secret); 
$client->setRedirectUri($redirect_uri); 
$client->addScope("email"); 
$client->addScope("profile"); 
  
/************************************************ 
  When we create the service here, we pass the 
  client to it. The client then queries the service 
  for the required scopes, and uses that when 
  generating the authentication URL later. 
 ************************************************/ 
$service = new Google_Service_Oauth2($client); 
  
/************************************************ 
  If we have a code back from the OAuth 2.0 flow, 
  we need to exchange that with the authenticate() 
  function. We store the resultant access token 
  bundle in the session, and redirect to ourself. 
*/ 
    
if (isset($_GET['code'])) { 
  $client->authenticate($_GET['code']); 
  $_SESSION['access_token'] = $client->getAccessToken(); 
  header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL)); 
  exit; 
} 
  
/************************************************ 
  If we have an access token, we can make 
  requests, else we generate an authentication URL. 
 ************************************************/ 
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) { 
  $client->setAccessToken($_SESSION['access_token']); 
} else { 
  $authUrl = $client->createAuthUrl(); 
   
} 
  
  
//Display user info or display login url as per the info we have. 
echo '<div style="margin:20px">'; 
 if (isset($authUrl)){ 
    // show login url 
    echo '<div align="center">'; 
 echo '<h3>Login with Google -- Demo</h3>'; 
    echo '<div>Please click login button to connect to Google.</div>'; 
    echo '<a class="login" href="' . $authUrl . '"><img src="images/google-login-button.png" /></a>'; 
    echo '</div>'; 
      
      
  } 
 else{ 
      
    $user = $service->userinfo->get(); //get user info 
      
    // connect to database 
    $mysqli = new mysqli($host_name, $db_username, $db_password, $db_name); 
    if ($mysqli->connect_error) { 
        die('Error : ('. $mysqli->connect_errno .') '. $mysqli->connect_error); 
    } 
      
    //check if user exist in database using COUNT 
    $result = $mysqli->query("SELECT COUNT(google_id) as usercount FROM google_users WHERE google_id=$user->id"); 
    $user_count = $result->fetch_object()->usercount; //will return 0 if user doesn't exist 
      
    //show user picture 
    echo '<img src="'.$user->picture.'" style="float: right;margin-top: 33px;" />'; 
      
    if($user_count) //if user already exist change greeting text to "Welcome Back" 
    { 
        echo 'Welcome back '.$user->name.'! [<a href="'.$redirect_uri.'?logout=1">Log Out</a>]'; 
        $_SESSION['login_user']= $user->id; 
        $_SESSION['login_name']= $user->name; 
        $_SESSION['picture']= $user->picture; 
        $_SESSION['login_email']= $user->email; 
        header('Location: ../index.php'); 
    } 
    else //else greeting text "Thanks for registering" 
    { 
        echo 'Hi '.$user->name.', Thanks for Registering! [<a href="'.$redirect_uri.'?logout=1">Log Out</a>]'; 
        $statement = $mysqli->prepare("INSERT INTO google_users (google_id, google_name, google_email, google_link, google_picture_link) VALUES (?,?,?,?,?)"); 
        $statement->bind_param('issss', $user->id,  $user->name, $user->email, $user->link, $user->picture); 
        $statement->execute(); 
        $_SESSION['login_user']= $user->id; 
        $_SESSION['picture']= $user->picture; 
        $_SESSION['login_name']= $user->name; 
        $_SESSION['login_email']= $user->email; 
        header('Location: ../index.php'); 
        echo $mysqli->error; 
    } 
      
    //print user details 
    echo '<pre>'; 
    print_r($user); 
    echo '</pre>'; 
} 
echo '</div>'; 
  
  
?> 

пожалуйста, нужна помощь, и я просто новичок спасибо

Answer 1

$client->verifyIdToken() даст вам массив сведений о пользователе вместе с доменом. Таким образом, вы можете изменить свой код для проверки домена, как

на успех AUTH

if ($client->getAccessToken()) { 
    $token_data = $client->verifyIdToken(); 
    // print all the data related after auth 
    print_r($token_data) 
    $email = explode('@', $token_data["email"]); 
    $domain = $email[1]; // Will give you domaine.com 
    print 'Domain : '.$domain; 
} 

Refer