使用Google Directory API提取域中的所有用户 [英] Using Google Directory API to fetch all users in a domain
问题描述
我正在为Google Marketplace构建一个应用程序,并且在最终部署之前刚刚从1.0切换到OAuth 2.0.
I am building an app for the Google Marketplace and just made the switch to OAuth 2.0 from 1.0 before final deployment.
在进行切换之前,我能够使用资源调配API来获取已安装给定应用程序的域中的用户,并且已授予适当的权限.
Before the switch, I was able to use the provisioning API to fetch users in a domain that has installed the app given, appropriate permissions have been granted.
我对Directory API(与OAuth 2相对应)的经验要求我执行两足式OAuth以获取访问令牌,然后将其用于执行Admin操作.仅当访问令牌属于主题域的管理员用户时,此方法才有效.
My experience with the Directory API (the OAuth 2 counterpart) requires that i perform a 2-legged OAuth to get an access token which I then uses to perform the Admin action. This only works if the access token belongs to an Administrator user of the subject domain.
应用程序中有一个部分可将所有用户从域中拉出,我需要所有登录用户(包括该域的非管理用户)都可以访问该域.
There's a section in the app that pulls all users from the domain and I need this to be accessible to all logged in users including non-administrative users of the domain.
当我使用Zend库使用Provisioning API时没有这种问题
Didn't have such problems when I was using the provisioning API using the Zend library
推荐答案
不确定.但是以下帖子可能会有所帮助
Not sure. But the following post might be helpful
直到最近,该技术主要使用2-Legged进行 OAuth 1.0a(2-LO).但是,随着OAuth 1.0的弃用 协议以及由此导致的2-LO编程关闭, 推荐的授权机制是现在使用OAuth 2.0和 服务帐户.
Until recently this technique was mostly performed using 2-Legged OAuth 1.0a (2-LO). However, with the deprecation of the OAuth 1.0 protocol and the resulting programmed shutdown of 2-LO, the recommended authorization mechanism is now to use OAuth 2.0 and service accounts.
来源- http://googleappsdeveloper.blogspot.com/2012/11/domain-wide-delegation-of-authority-and.html
这篇关于使用Google Directory API提取域中的所有用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
