Check for Group membership before sending an email

[Jnchi]

• Don't send the OTP email unless the user is part of the appropriate group, (See: https://github.com/CyberNinjas/libnss_aad/blob/master/libnss_aad.c#L167).

    if (verify_user(jwt, user_addr) == 0 // <-- Check for username match in JWT
        && verify_group(ab_token, group_id, debug) == 0) { // <-- Check for group membership
        ret = EXIT_SUCCESS;
    }

Source: https://github.com/CyberNinjas/pam_aad/blob/master/pam_aad.c#L382-491

• If user is not a member of the group, send an ACCESS DENIED email.