How can I use a service account to get the email of a user in a Google Apps domain, without already knowing an email from that domain? -

-

I am trying to use a service account to access data from a domain that is my app Google Apps Marketplace is installed)

But to get the list of users or the list of admins for any domain, it is necessary to call the Google Admin SDK API That you know the email address of a user in the domain. 

  http transport http transport = new net HTTPS transport (); Jacksonfactor jasonfactor = new jacksonfactor (); GoogleCredential credentials = new GoogleCredential.Builder () .setTransport (httpTransport) .setJsonFactory (jsonFactory) .setServiceAccountId (SERVICE_ACCOUNT_EMAIL) .setServiceAccountScopes (DirectoryScopes.ADMIN_DIRECTORY_USERS) .setServiceAccountUser (USEREMAIL) .setServiceAccountPrivateKeyFromP12File (new java.io.File (SERVICE_ACCOUNT_PKCS12_FILE_PATH)). Construction (); Directory Service = New Directory. Builder (httpTransport, jsonfactory, null) .setHttpRequestInitializer (Credential) .build (); Directory.Users.List Request = service.users () .list (). SetDomain (domain);

The above works, but for this you are called the setServiceAccountUser (userEmail) method on Builder. Without this, when you execute the request, you will get 403 "not authorized for this resource / API error". It is documented by many current questions, such as

But how do you know a userEmail for the first time? You can not already get a list of emails in the domain without knowing an email in the domain. You can archive an email from administrator, which first installs the app - but it looks unfair and insufficient. What if the administrator's account was deleted or the email address changed?

Administrative accounts can not be given to the domain of service accounts; They need to impersonate a Domain Administrator, so an email address is required. Recommended Approach is an archive of the email that you have installed, or a configuration screen where they can set up an email for the administrator account to use. . As you have said, this approach may be a bit delicate, if the admin account has been removed or this email is changed, make sure that you handle that case, by disabling the app and warning the user that the administrator has Have to configure.


Comments

Post a Comment

Popular posts from this blog

apache - 504 Gateway Time-out The server didn't respond in time. How to fix it? -

-
Using a form submission on an embedded iframe , the customer downloads a compressed log file Requested. The request was sent to the server, which is the compressed log files, perform some database operations and returns a compressed file. After just 2 minutes, 504 gateway time-out server did not respond timely message on browser net panel How to fix this error? The log files were taking a long time to compress, and timeout was set to 2min The error was fixed by extending the file file: # # timeout: The number of seconds before getting the time out. # # # Timeout 120 timeout 600
Read more

c# - .net WebSocket: CloseOutputAsync vs CloseAsync -

-
We have a working ASP.NET Web API REST service, which is one of the methods of our controller, HTTPTTEX. .) Socket handler code looks something like this ... Public async task socket handler (AspNetWebSocketContext context) {_webSocket = context.WebSocket; ... while (! Cts.IsCancellationRequested) {WebSocketReceiveResult Results = _webSocket.ReceiveAsync (Input Segment, cts.Token) .Result; WebSocketsStateCollusocketState = _webSocket.State; If (result.MessageType == WebSocketMessageType.Close || currentSocketState == WebSocketState.CloseReceived) {// What should I use. CloseAysnc () or. CloseOutputAsync ()? _webSocket.CloseOutputAsync (WebSocketCloseStatus.NormalClosure, "Client Requested", cts.Token). Wait (); } If (currentSocketState == WebSocketState.Open) {...}}} .What is the difference between .CooseAsync () and CloseOutputAysnc ()? I tried both of them and they both seemed to work fine but some difference should be the same they both describe very similar to...
Read more

c++ - How to properly scale qgroupbox title with stylesheet for high resolution display? -

-
I am trying to apply a stylesheet for QGroupBox (QT4.8), which works on the normal screen ( 96 dpi) high resolution screen (Yoga 2 Pro, 3200x1800, 275 dpi, windows 8.1). The following style looks good on the 275 dpi screen, but the top margins on a regular 96 dpi screen are far too big. QGroupBox {border: 1px solid red; Range radius: 7px; Margin-top: 12x; } QGroupBox :: Title {subcontrol-origin: margin; Subcontrol-position: left above; Padding-left: 10px; Padding-right: 10px; } Changing the top-margin has an effect, but I did not get a proper setting which works on both screens. If I shorten the value, the content of the group box overlaps with the title on 275 dpi screen. I was also playing with units "East", "PX", "MX", "PT". Reading the document I would have guessed, "2 X" was the correct solution, which should be scaled with different screen resolutions. Without the stylesheet, the groupbox works well on both screens. ...
Read more