Ability to limit hosted domain on Google OAuth2 Authentication

[diogouchoas]

Is your feature request related to a problem? Please describe.
Many users might need to limit oauth2 login with Google to allow only our corporate email domain. By default any valid google account is able to login, including @gmail.com .

Describe the solution you'd like
Add hd (hosted domain) variable to oauth configuration section.
https://developers.google.com/identity/openid-connect/openid-connect#hd-param

Describe alternatives you've considered
We currently use apache openidc module for login to Thruk

Additional context

[kirk444]

I believe you can accomplish this directly with Google when you're configuring the "OAuth consent screen". There will be a field where you can specify allowed domains:

 Authorized domains
When a domain is used on the consent screen or in an OAuth client’s configuration, it must be pre-registered here. If your app needs to go through verification, please go to the [Google Search Console ](https://search.google.com/search-console/about)to check if your domains are authorized. [Learn more ](https://support.google.com/cloud/answer/7650096) about the authorized domain limit.