使用bash curl与oauth返回google应用的用户帐户日期？ [英] Use bash curl with oauth to return google apps user account date?

问题描述

我正在寻找一个相当简单的方法来使用curl来返回有关一系列用户帐户（如createddate或lastlogin）在谷歌应用程序的信息。我对curl和Google Apps api非常缺乏经验。

I am looking for a fairly simple method to use curl to return information about a batch of users accounts (like createddate or lastlogin) in google Apps. I am very inexperienced with curl and the Google Apps api's.

有人知道有关如何使用curl与Oauth请求用户帐户数据的好的介绍性文章吗？

Does anyone know of a good introductory article on how to use curl with Oauth to request user account data?

提前谢谢！

推荐答案

这不容易实现，因为OAuth 2.0和JSON不容易由Bash处理。说到这里，这里有一个基本的版本，将给你的数据，你正在寻找。 greps可以使用一些清理，但再次，用grep解释JSON是一个真正坏主意无论如何。这是为什么存在 Google API库并应使用的完美示例。

This isn't easily achieved as OAuth 2.0 and JSON aren't easily handled by Bash. Having said that, here's a basic version that'll give you the data you're looking for. The greps could use some cleanup but then again, interpreting JSON with grep is a really bad idea anyway. This is a perfect example of why the Google API Libraries exist and should be used.

# Store our credentials in our home directory with a file called .<script name>
my_creds=~/.`basename $0`
client_id='716905662885.apps.googleusercontent.com'
client_secret='CMVqIy_iQqBEMlzjYffdYM8A' # not really a secret
if [ -s $my_creds ]; then
  # if we already have a token stored, use it
  . $my_creds
  time_now=`date +%s`
else
  scope='https://www.googleapis.com/auth/admin.directory.user.readonly'
  # Form the request URL
  # http://goo.gl/U0uKEb
  auth_url="https://accounts.google.com/o/oauth2/auth?client_id=$client_id&scope=$scope&response_type=code&redirect_uri=urn:ietf:wg:oauth:2.0:oob"

  echo "Please go to:"
  echo
  echo "$auth_url"
  echo
  echo "after accepting, enter the code you are given:"
  read auth_code

  # swap authorization code for access and refresh tokens
  # http://goo.gl/Mu9E5J
  auth_result=$(curl -s https://accounts.google.com/o/oauth2/token \
    -H "Content-Type: application/x-www-form-urlencoded" \
    -d code=$auth_code \
    -d client_id=$client_id \
    -d client_secret=$client_secret \
    -d redirect_uri=urn:ietf:wg:oauth:2.0:oob \
    -d grant_type=authorization_code)
  access_token=$(echo -e "$auth_result" | \
                 grep -Po '"access_token" *: *.*?[^\\]",' | \
                 awk -F'"' '{ print $4 }')
  refresh_token=$(echo -e "$auth_result" | \
                  grep -Po '"refresh_token" *: *.*?[^\\]",*' | \
                  awk -F'"' '{ print $4 }')
  expires_in=$(echo -e "$auth_result" | \
               grep -Po '"expires_in" *: *.*' | \
               awk -F' ' '{ print $3 }' | awk -F',' '{ print $1}')
  time_now=`date +%s`
  expires_at=$((time_now + expires_in - 60))
  echo -e "access_token=$access_token\nrefresh_token=$refresh_token\nexpires_at=$expires_at" > $my_creds
fi

# if our access token is expired, use the refresh token to get a new one
# http://goo.gl/71rN6V
if [ $time_now -gt $expires_at ]; then
  refresh_result=$(curl -s https://accounts.google.com/o/oauth2/token \
   -H "Content-Type: application/x-www-form-urlencoded" \
   -d refresh_token=$refresh_token \
   -d client_id=$client_id \
   -d client_secret=$client_secret \
   -d grant_type=refresh_token)
  access_token=$(echo -e "$refresh_result" | \
                 grep -Po '"access_token" *: *.*?[^\\]",' | \
                 awk -F'"' '{ print $4 }')
  expires_in=$(echo -e "$refresh_result" | \
               grep -Po '"expires_in" *: *.*' | \
               awk -F' ' '{ print $3 }' | awk -F',' '{ print $1 }')
  time_now=`date +%s`
  expires_at=$(($time_now + $expires_in - 60))
  echo -e "access_token=$access_token\nrefresh_token=$refresh_token\nexpires_at=$expires_at" > $my_creds
fi

# call the Directory API list users endpoint, may be multiple pages
# http://goo.gl/k0jnQJ
while :
do
  api_data=$(curl -s --get https://www.googleapis.com/admin/directory/v1/users \
    -d customer=my_customer \
    -d prettyPrint=true \
    `if [ -n "$next_page" ]; then echo "-d pageToken=$next_page"; fi` \
    -d maxResults=500 \
    -d "fields=users(primaryEmail,creationTime,lastLoginTime),nextPageToken" \
    -H "Content-Type: application/json" \
    -H "Authorization: Bearer $access_token")
  echo -e "$api_data" | grep -v 'nextPageToken'
  next_page=$(echo $api_data | \
    grep -Po '"nextPageToken" *: *.*?[^\\]"' | \
    awk -F'"' '{ print $4 }')
  if [ -z "$next_page" ]
  then
    break
  fi
done

这篇关于使用bash curl与oauth返回google应用的用户帐户日期？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！