From 5ca52262b8a0597156417cb8339530aacb55e0e6 Mon Sep 17 00:00:00 2001
From: Alexander Skvortsov <sasha.skvortsov109@gmail.com>
Date: Mon, 9 Dec 2019 20:20:50 -0500
Subject: [PATCH 1/2] Added wildcard support to host whitelist

---
 inc/namespace.php | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/inc/namespace.php b/inc/namespace.php
index c9d732a..bb0c42f 100644
--- a/inc/namespace.php
+++ b/inc/namespace.php
@@ -567,7 +567,15 @@ function cross_site_sso_redirect( $url ) {
 	if ( '.local' === substr( $host, - strlen( '.local' ) ) ) {
 		$allowed_hosts[] = $host;
 	}
-	if ( empty( $allowed_hosts ) || ! in_array( $host, $allowed_hosts, true ) ) {
+
+	$approved = false
+	foreach ($allowed_hosts as $pattern) {
+		if fnmatch($pattern, $host) {
+			$approved = true;
+		}
+	}
+
+	if (!$approved) {
 		/* translators: %s is domain of the blacklisted site */
 		wp_die( sprintf( esc_html__( '%s is not a whitelisted cross-network SSO site.', 'wp-simple-saml' ), esc_html( $host ) ) );
 	}

From 5eaf7adac9a23863369d00b3c2cc6caf33c4334c Mon Sep 17 00:00:00 2001
From: Alexander Skvortsov <sasha.skvortsov109@gmail.com>
Date: Mon, 9 Dec 2019 20:30:34 -0500
Subject: [PATCH 2/2] Stylistic adjustments

---
 inc/namespace.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/inc/namespace.php b/inc/namespace.php
index bb0c42f..25a8200 100644
--- a/inc/namespace.php
+++ b/inc/namespace.php
@@ -568,14 +568,14 @@ function cross_site_sso_redirect( $url ) {
 		$allowed_hosts[] = $host;
 	}
 
-	$approved = false
-	foreach ($allowed_hosts as $pattern) {
-		if fnmatch($pattern, $host) {
+	$approved = false;
+	foreach ( $allowed_hosts as $pattern ) {
+		if ( fnmatch( $pattern, $host ) ) {
 			$approved = true;
 		}
 	}
 
-	if (!$approved) {
+	if ( ! $approved ) {
 		/* translators: %s is domain of the blacklisted site */
 		wp_die( sprintf( esc_html__( '%s is not a whitelisted cross-network SSO site.', 'wp-simple-saml' ), esc_html( $host ) ) );
 	}