Skip to content

[identity] Email domain Blacklist provider for register/create-user#973

Merged
cleftheris merged 27 commits intodevelopfrom
feature/support-blacklist-email-domains
Mar 30, 2026
Merged

[identity] Email domain Blacklist provider for register/create-user#973
cleftheris merged 27 commits intodevelopfrom
feature/support-blacklist-email-domains

Conversation

@avraimakis
Copy link
Copy Markdown
Contributor

@avraimakis avraimakis commented Mar 26, 2026
edited by Copilot AI
Loading

  • Fix corrupted TryGetDomain method in EmailDomainBlacklistValidator.cs (last commit broke method signature with incorrect autofix)
  • Remove misleading ValidateAsync_WithCancellation_StillValidatesEmail test that didn't actually test cancellation behavior (since ValidateAsync has no CancellationToken parameter)
  • All 24 EmailDomainBlacklist tests pass on net8.0 and net9.0

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

Άγγελος Βραϊμάκης added 4 commits March 24, 2026 19:25
Add email domain blacklist validator and providers
697f449 
Introduced EmailDomainBlacklistValidator with support for multiple providers (default, config, file-based) to prevent registration with disposable or blacklisted email domains. Added extension methods for easy DI registration and configuration-based enable/disable. Included a comprehensive disposable email domain blocklist file. Validator is now invoked during user registration.
Correction at email parameter
db04541
Add email domain blacklist validator to Identity setup
8be6116
Add configurable email domain blacklist validation
11e858f 
- Introduce EmailBlacklist config section and file-based domain list
- Refactor EmailDomainBlacklistValidator and providers for clarity
- Enable/disable validator via config; support file/config providers
- Always copy disposable_email_blocklist.conf.txt to output
- Update Microsoft.Azure.SignalR to 1.33.0 and add Management package
@avraimakis avraimakis requested a review from travlos March 26, 2026 11:02
@travlos travlos marked this pull request as ready for review March 27, 2026 10:23
Copilot AI review requested due to automatic review settings March 27, 2026 10:23
Copilot AI reviewed Mar 27, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR introduces an email-domain blacklist validation feature into the Identity registration pipeline, aiming to block signups (or updates) using disposable/blocked email domains.

Changes:

  • Wires an email-domain blacklist validator into Identity’s AddIdentityDefaults setup.
  • Adds EmailDomainBlacklistValidator (with config/file-backed blacklist providers).
  • Adds a large disposable-domain blocklist file and copies it to build output.

Reviewed changes

Copilot reviewed 4 out of 5 changed files in this pull request and generated 8 comments.

Show a summary per file
File Description
src/Indice.Features.Identity.Server/Extensions/ServiceCollectionExtensions.cs Enables the new validator in the IdentityServer default Identity setup chain.
src/Indice.Features.Identity.Core/Extensions/IdentityBuilderExtensions.cs Adds the AddEmailDomainBlacklistValidator registration method and provider wiring.
src/Indice.Features.Identity.Core/EmailValidation/EmailDomainBlacklistValidator.cs Implements the validator and provider types (config + file + default).
src/Indice.Features.Identity.Core/EmailValidation/disposable_email_blocklist.conf.txt Adds the domain blacklist data file used for disposable-email blocking.
src/Indice.Features.Identity.Core/Indice.Features.Identity.Core.csproj Ensures the blocklist file is copied to the output directory.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@cleftheris cleftheris changed the title Feature/support blacklist email domains [identity] Email domain Blacklist provider for register/create-user Mar 27, 2026
travlos added 2 commits March 27, 2026 16:33
@travlos
Refactor email domain blacklist system and config
3c92361 
- Introduce EmailBlacklistOptions for flexible blacklist configuration.
- Replace old providers with injectable Config/File providers.
- Use embedded resource for blacklist file (email_blocklist.conf).
- Improve domain extraction and validation logic (RFC-compliant).
- Update IdentityBuilderExtensions for new DI/config pattern.
- Remove hardcoded file paths and legacy provider code.
- Modernize codebase and improve null handling.
@travlos
Merge confict
c736c19
@travlos
Refactor email domain blacklist to use options & resources
68728a4 
- Switch blacklist config to comma-separated string in options
- Rename provider method to IsDomainBlacklistedAsync
- Config provider now uses IOptions<EmailBlacklistOptions>
- File provider loads blacklist from embedded resource, not file
- Treat null/invalid emails as blacklisted in validator
- Remove configKey param from IdentityBuilderExtensions
- Embed blacklist file in assembly, remove file I/O
- Update tests for new config and embedded resource usage
- Clean up code, improve resource handling and test reliability
@travlos travlos requested a review from Copilot March 30, 2026 08:13
Copilot AI reviewed Mar 30, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 6 out of 7 changed files in this pull request and generated 9 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

travlos and others added 5 commits March 30, 2026 11:31
@travlos
Apply suggestions from code review
e73551d 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@travlos
Apply suggestions from code review
03c2089 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@travlos
Update email blacklist config section and docs
76fb3a0 
Renamed the email blacklist config section to "IdentityOptions:Email:Blacklist" for clarity and consistency. Improved XML documentation for blacklist providers to clarify configuration usage and correct file references. Removed unused using directives from IdentityBuilderExtensions.cs.
@travlos
Merge branch 'feature/support-blacklist-email-domains' of https://git…
7340309 
…hub.com/indice-co/Indice.Platform into feature/support-blacklist-email-domains
@travlos @github-advanced-security
Potential fix for code scanning alert no. 2592: Generic catch clause
88ddadd 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
travlos
travlos previously approved these changes Mar 30, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@travlos travlos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚀🚀🚀

@travlos
Refactor email blacklist config option names for clarity
61c893a 
Renamed EmailBlacklistOptions properties for consistency:
- Changed section name to "IdentityOptions:EmailBlacklist"
- Renamed EnableDomainBlacklist to Enabled
- Renamed Domain to Domains (comma-separated list)
Updated all references and documentation to use new names.
travlos added 3 commits March 30, 2026 13:57
@travlos
Simplify EmailBlacklist config section and loading logic
061c861 
Changed EmailBlacklistOptions.Name to "EmailBlacklist" for a simpler config section name. Updated IdentityBuilderExtensions to load EmailBlacklistOptions properties individually using GetIdentityOption<T>(), improving clarity and flexibility in configuration binding.
@travlos
Merge branch 'develop' into feature/support-blacklist-email-domains
2b04672
@travlos
Update EmailBlacklistOptions property and version bump
dfe325e 
Renamed 'Domain' to 'Domains' in unit tests to match property changes in EmailBlacklistOptions. Commented out <VersionSuffix>rc02</VersionSuffix> in Directory.Build.props to disable the RC version suffix during builds.
cleftheris
cleftheris approved these changes Mar 30, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@cleftheris cleftheris left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚀

@cleftheris cleftheris merged commit b319b1d into develop Mar 30, 2026
1 check passed
@cleftheris cleftheris deleted the feature/support-blacklist-email-domains branch March 30, 2026 15:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@cleftheris cleftheris cleftheris approved these changes

@travlos travlos travlos left review comments

+1 more reviewer

Copilot code review Copilot Copilot left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@avraimakis @cleftheris @travlos