使用 bash curl 和 oauth 返回谷歌应用程序用户帐户数据? [英] Use bash curl with oauth to return google apps user account data?
本文介绍了使用 bash curl 和 oauth 返回谷歌应用程序用户帐户数据?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在寻找一种相当简单的方法来使用 curl 在 google Apps 中返回有关一批用户帐户(如 createddate 或 lastlogin)的信息.我对 curl 和 Google Apps api 非常缺乏经验.
有谁知道关于如何使用 curl 和 Oauth 来请求用户帐户数据的优秀介绍性文章?
先谢谢你!
解决方案
这不容易实现,因为 Bash 不容易处理 OAuth 2.0 和 JSON.话虽如此,这里有一个基本版本,可以为您提供所需的数据.grep 可以使用一些清理,但话说回来,用 grep 解释 JSON 是一个非常糟糕的主意.这是 Google API 库存在并应该使用的完美示例.
<预><代码># 将我们的凭据与名为 .my_creds=~/.`basename $0`# 创建您自己的客户端 ID/秘密# https://developers.google.com/identity/protocols/OAuth2InstalledApp#creatingcredclient_id='您自己的客户 ID'client_secret='你自己的秘密'如果 [ -s $my_creds ];然后# 如果我们已经存储了令牌,请使用它.$my_credstime_now=`日期+%s`别的scope='https://www.googleapis.com/auth/admin.directory.user.readonly'# 形成请求地址# https://developers.google.com/identity/protocols/OAuth2InstalledApp#step-2-send-a-request-to-googles-oauth-20-serverauth_url="https://accounts.google.com/o/oauth2/v2/auth?client_id=$client_id&scope=$scope&response_type=code&redirect_uri=urn:ietf:wg:oauth:2.0:oob"echo "请前往:"回声回声$auth_url"回声echo "接受后,输入你得到的代码:"读取 auth_code# 交换访问和刷新令牌的授权码# https://developers.google.com/identity/protocols/OAuth2InstalledApp#exchange-authorization-codeauth_result=$(curl -s "https://www.googleapis.com/oauth2/v4/token" \-H "内容类型:应用程序/x-www-form-urlencoded" \-d 代码=$auth_code \-d client_id=$client_id \-d client_secret=$client_secret \-d redirect_uri=urn:ietf:wg:oauth:2.0:oob \-d grant_type=authorization_code)access_token=$(echo -e "$auth_result" | \grep -Po '"access_token" *: *.*?[^\\]",' | \awk -F'"' '{ 打印 $4 }')refresh_token=$(echo -e "$auth_result" | \grep -Po '"refresh_token" *: *.*?[^\\]",*' | \awk -F'"' '{ 打印 $4 }')expires_in=$(echo -e "$auth_result" | \grep -Po '"expires_in" *: *.*' |\awk -F' ' '{ 打印 $3 }' |awk -F',' '{ 打印 $1}')time_now=`日期+%s`expires_at=$((time_now + expires_in - 60))echo -e "access_token=$access_token\nrefresh_token=$refresh_token\nexpires_at=$expires_at" > $my_creds菲# 如果我们的访问令牌已过期,请使用刷新令牌获取新令牌# https://developers.google.com/identity/protocols/OAuth2InstalledApp#offline如果 [ $time_now -gt $expires_at ];然后refresh_result=$(curl -s "https://www.googleapis.com/oauth2/v4/token" \-H "内容类型:应用程序/x-www-form-urlencoded" \-d refresh_token=$refresh_token \-d client_id=$client_id \-d client_secret=$client_secret \-d grant_type=refresh_token)access_token=$(echo -e "$refresh_result" | \grep -Po '"access_token" *: *.*?[^\\]",' | \awk -F'"' '{ 打印 $4 }')expires_in=$(echo -e "$refresh_result" | \grep -Po '"expires_in" *: *.*' |\awk -F' ' '{ 打印 $3 }' |awk -F',' '{ 打印 $1 }')time_now=`日期+%s`expires_at=$(($time_now + $expires_in - 60))echo -e "access_token=$access_token\nrefresh_token=$refresh_token\nexpires_at=$expires_at" > $my_creds菲# 调用 Directory API list users 端点,可能是多个页面# https://developers.google.com/admin-sdk/directory/v1/reference/users/list尽管 :做api_data=$(curl -s --get https://www.googleapis.com/admin/directory/v1/users \-d 客户=my_customer \-d 漂亮打印=真 \`if [ -n "$next_page" ];然后 echo "-d pageToken=$next_page";菲` \-d 最大结果=500 \-d "fields=users(primaryEmail,creationTime,lastLoginTime),nextPageToken"\-H "内容类型:应用程序/json" \-H "授权:不记名 $access_token")echo -e "$api_data" |grep -v 'nextPageToken'next_page=$(echo $api_data | \grep -Po '"nextPageToken" *: *.*?[^\\]"' | \awk -F'"' '{ 打印 $4 }')如果 [ -z "$next_page" ]然后休息菲完毕I am looking for a fairly simple method to use curl to return information about a batch of users accounts (like createddate or lastlogin) in google Apps. I am very inexperienced with curl and the Google Apps api's.
Does anyone know of a good introductory article on how to use curl with Oauth to request user account data?
Thank you in advance!
解决方案
This isn't easily achieved as OAuth 2.0 and JSON aren't easily handled by Bash. Having said that, here's a basic version that'll give you the data you're looking for. The greps could use some cleanup but then again, interpreting JSON with grep is a really bad idea anyway. This is a perfect example of why the Google API Libraries exist and should be used.
# Store our credentials in our home directory with a file called .
my_creds=~/.`basename $0`
# create your own client id/secret
# https://developers.google.com/identity/protocols/OAuth2InstalledApp#creatingcred
client_id='YOUR OWN CLIENT ID'
client_secret='YOUR OWN SECRET'
if [ -s $my_creds ]; then
# if we already have a token stored, use it
. $my_creds
time_now=`date +%s`
else
scope='https://www.googleapis.com/auth/admin.directory.user.readonly'
# Form the request URL
# https://developers.google.com/identity/protocols/OAuth2InstalledApp#step-2-send-a-request-to-googles-oauth-20-server
auth_url="https://accounts.google.com/o/oauth2/v2/auth?client_id=$client_id&scope=$scope&response_type=code&redirect_uri=urn:ietf:wg:oauth:2.0:oob"
echo "Please go to:"
echo
echo "$auth_url"
echo
echo "after accepting, enter the code you are given:"
read auth_code
# exchange authorization code for access and refresh tokens
# https://developers.google.com/identity/protocols/OAuth2InstalledApp#exchange-authorization-code
auth_result=$(curl -s "https://www.googleapis.com/oauth2/v4/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d code=$auth_code \
-d client_id=$client_id \
-d client_secret=$client_secret \
-d redirect_uri=urn:ietf:wg:oauth:2.0:oob \
-d grant_type=authorization_code)
access_token=$(echo -e "$auth_result" | \
grep -Po '"access_token" *: *.*?[^\\]",' | \
awk -F'"' '{ print $4 }')
refresh_token=$(echo -e "$auth_result" | \
grep -Po '"refresh_token" *: *.*?[^\\]",*' | \
awk -F'"' '{ print $4 }')
expires_in=$(echo -e "$auth_result" | \
grep -Po '"expires_in" *: *.*' | \
awk -F' ' '{ print $3 }' | awk -F',' '{ print $1}')
time_now=`date +%s`
expires_at=$((time_now + expires_in - 60))
echo -e "access_token=$access_token\nrefresh_token=$refresh_token\nexpires_at=$expires_at" > $my_creds
fi
# if our access token is expired, use the refresh token to get a new one
# https://developers.google.com/identity/protocols/OAuth2InstalledApp#offline
if [ $time_now -gt $expires_at ]; then
refresh_result=$(curl -s "https://www.googleapis.com/oauth2/v4/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d refresh_token=$refresh_token \
-d client_id=$client_id \
-d client_secret=$client_secret \
-d grant_type=refresh_token)
access_token=$(echo -e "$refresh_result" | \
grep -Po '"access_token" *: *.*?[^\\]",' | \
awk -F'"' '{ print $4 }')
expires_in=$(echo -e "$refresh_result" | \
grep -Po '"expires_in" *: *.*' | \
awk -F' ' '{ print $3 }' | awk -F',' '{ print $1 }')
time_now=`date +%s`
expires_at=$(($time_now + $expires_in - 60))
echo -e "access_token=$access_token\nrefresh_token=$refresh_token\nexpires_at=$expires_at" > $my_creds
fi
# call the Directory API list users endpoint, may be multiple pages
# https://developers.google.com/admin-sdk/directory/v1/reference/users/list
while :
do
api_data=$(curl -s --get https://www.googleapis.com/admin/directory/v1/users \
-d customer=my_customer \
-d prettyPrint=true \
`if [ -n "$next_page" ]; then echo "-d pageToken=$next_page"; fi` \
-d maxResults=500 \
-d "fields=users(primaryEmail,creationTime,lastLoginTime),nextPageToken" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer $access_token")
echo -e "$api_data" | grep -v 'nextPageToken'
next_page=$(echo $api_data | \
grep -Po '"nextPageToken" *: *.*?[^\\]"' | \
awk -F'"' '{ print $4 }')
if [ -z "$next_page" ]
then
break
fi
done
这篇关于使用 bash curl 和 oauth 返回谷歌应用程序用户帐户数据?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
