diff --git a/Template/config/integration.php b/Template/config/integration.php
index 56400b9..d9b915c 100644
--- a/Template/config/integration.php
+++ b/Template/config/integration.php
@@ -44,6 +44,10 @@
form->text('oauth2_key_groups', $values) ?>
+ form->label(t('Group Filter'), 'oauth2_key_group_filter') ?>
+ form->text('oauth2_key_group_filter', $values) ?>
+
+
diff --git a/User/GenericOAuth2UserProvider.php b/User/GenericOAuth2UserProvider.php
index 25c8566..c7b288d 100644
--- a/User/GenericOAuth2UserProvider.php
+++ b/User/GenericOAuth2UserProvider.php
@@ -146,6 +146,27 @@ public function getEmail()
return $this->getKey('oauth2_key_email');
}
+ /**
+ * Check if group is in filter
+ *
+ * @access protected
+ * @param string $group
+ * @return boolean
+ */
+ protected function isGroupInFilter(string $group, array $filter)
+ {
+ if (empty($filter)) {
+ $this->logger->debug('OAuth2: No group specified in filter. All provided groups will be used.');
+ return true;
+ } else {
+ if (in_array($group, $filter)) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+ }
+
/**
* Get external group ids
*
@@ -173,11 +194,19 @@ public function getExternalGroupIds()
$groups = array_unique($groups);
$this->logger->debug('OAuth2: '.$this->getUsername().' groups are '. join(',', $groups));
+ $filteredGroups = array();
+ $groupFilter = explode(',',$this->configModel->get('oauth2_key_group_filter'));
+
foreach ($groups as $group) {
- $this->groupModel->getOrCreateExternalGroupId($group, $group);
+ if ( $this->isGroupInFilter($group, $groupFilter)) {
+ $this->groupModel->getOrCreateExternalGroupId($group, $group);
+ array_push($filteredGroups, $group);
+ } else {
+ $this->logger->debug('OAuth2: '.$group.' will be ignored.');
+ }
}
- return $groups;
+ return $filteredGroups;
}
/**