This repository has been archived by the owner on Feb 11, 2023. It is now read-only.
Google Groups authorization does not work for emails from other domains #52
Comments
|
I have a possibly simpler fix which uses the Get Members Google Directory API call instead of hasMembers: |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Google OAuth 2.0 authentication could be used to authenticate Google user from any domain, including Google's own
gmail.com. One just need to omithd=...parameter in OAuth query.Google group, created in particular domain, may contain emails from arbitrary domains, even not hosted by Google.
However, hasMember method, used by Google Groups authorization code may check group membership only for users of current GSuite domain. This means, that Google Groups authorization is not currently able to authorize
@gmail.comaccounts and accounts of any Google user from domains other than current GSuite domain.Alternative solution would be to user list that returns all email in Google group, even those, that don't belong to the users of current GSuite domain or to any Google account.
This alternative solution would be less efficient, so it is worth to support both approaches and use one or another depending on user's email domain.
The text was updated successfully, but these errors were encountered: