wp_login hook. WP_user vs. IDP's SAML values ($attrs)

[becchett]

Dear friends,
I'm using this plugin to manage both authentication and authorization, about the last one @pitbulk
suggested using Trigger wp_login hook so I've changed the functions.php file of the active template
and added my function:

function wp_user_mail_check($user_login, $user) {
$infndomain="@mydomain.it";
$mail="$user->user_email";
$username="$user->user_login";
$localusers[]="enrico";
$localusers[]="fabrizio";
$localuser_wp="false";
foreach ( $localusers as $localuser ) {
if ( "$username" == "$localuser" ) {
$localuser_wp = "true";
}
}
if ( $localuser_wp == "false" && !(preg_match("$infndomain",$mail)) ) {
get_header();
echo "

";
echo "ERROR. User $username, $mail, is not authorized";
echo "

";
get_sidebar();
get_footer();
exit;
}
}
add_action( 'wp_login', 'wp_user_mail_check',10,2);

This function allows login to any users that belong to mydomain.it, besides other local users.

With this customization authorization works fine but I can check only values of WP_user object.

I think that is a kind of limit, I'd like the wp_login function to check the attributes received from IDP.
If I understand onelogin_saml_sso code these values exist in $attrs array, so the change that I suggest
refers to the onelogin-saml-sso/php/functions.php :

orignal code, row number 468:
do_action( 'wp_login', $user->user_login, $user );

replace with:
do_action( 'wp_login', $user->user_login, $user , $attrs);

What do you think about it ? If it doesn't work is there a possible alternative ?
Thanks a lot
Best Regards
Enrico