google_directory 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: be15ff583f69da807620a4b2aef6466b6a896e5d9fc50bdd36f5855fb63b4d50
+  data.tar.gz: b7ecff040096c31c35a8b29ff13859e763f9cb4fcb3d025247c255f32fb6e801
+SHA512:
+  metadata.gz: dc47b4ce9e1d17d53ff5ec0a109feec4b0cc82951917cdfe3b1392aa16688d594152710a321d7c7225654348962995ddef87c2b368d0250412a4992ac675d17a
+  data.tar.gz: 0f482a2d2cfc9ae100b0e5b0617c8892a5445821ac64da29fc9334c32aedd0bb616748b63751e500ca3a1e97dddffdc6863659b0bdd3ea1ff4d081af82a86cb6

data/lib/google_directory.rb

@@ -0,0 +1,6 @@
+require "google_directory/version"
+require "google_directory/connection"
+
+module GoogleDirectory
+  # Your code goes here...
+end

data/lib/google_directory/connection.rb

@@ -0,0 +1,100 @@
+require 'google/apis/admin_directory_v1'
+require 'googleauth'
+require 'googleauth/stores/file_token_store'
+
+require 'fileutils'
+
+require "google_directory/user_commands"
+
+module GoogleDirectory
+
+  # The GoogleDirectory, makes it easy to work with Google Directory.
+  # @since 0.1.0
+  #
+  # @note Its important to have your oauth setup and its client_secret.json file downloaded in the root directory
+  # @note You can also use environment variables to override google defaults as wanted.
+  class Connection
+
+    include GoogleDirectory::UserCommands
+
+    # default settings from google for all users
+    OOB_URI = ENV['OOB_URI'] || 'urn:ietf:wg:oauth:2.0:oob'
+    CREDENTIALS_PATH = ENV['CREDENTIALS_PATH'] || File.join( Dir.home, '.credentials', "admin-directory_v1-ruby-accounts.yaml")
+
+    # Get info the Google Cloud Admin
+    # https://console.cloud.google.com/apis/ or
+    # build using: https://developers.google.com/api-client-library/ruby/guide/aaa_client_secrets
+    CLIENT_SECRETS_PATH = ENV['CLIENT_SECRETS_PATH'] || 'client_secret.json'
+
+    # Scope options - https://www.googleapis.com/auth/admin.directory.user
+    SCOPE = Google::Apis::AdminDirectoryV1::AUTH_ADMIN_DIRECTORY_USER
+
+    # Initialize the API
+    # https://www.rubydoc.info/github/google/google-api-ruby-client/Google/Apis/AdminDirectoryV1/DirectoryService
+    # https://github.com/google/google-api-ruby-client/issues/360
+
+    # @note make connection to google directory services
+    # @param service [Class] the default is: Google::Apis::AdminDirectoryV1::DirectoryService
+    def initialize( service: Google::Apis::AdminDirectoryV1::DirectoryService )
+      app_name ||= ENV['APPLICATION_NAME'] || 'google_cloud_app_name'
+      @service   = service.new
+      @service.client_options.application_name = app_name
+      @service.authorization = authorize
+    end
+
+    # @note Run a command against Google Directory
+    #
+    # @param action [Symbol] choose action to perform these include: :user_get, :user_exists? (t/f), :user_create, :user_delete, :user_update & convience commands :user_suspend, :user_reactivate, :user_change_password
+    # @param attributes [Hash] attributes needed to perform action
+    # @return [Hash] will hopefully return a hash with {success: {action: :action, attributes: {primary_email: "user@domain"}, response: "whatever google answered - usually a hash"} }
+    def run( action:, attributes: {} )
+      response  = { success: nil, error: nil }
+      begin
+        response[:success] = send( action, attributes: attributes )
+      rescue Google::Apis::ClientError => error
+        response[:error]   = {action: action, attributes: attributes,
+                              error: error}
+      end
+      response
+    end
+    alias_method :execute, :run
+
+    # # answer = GoogleDirectory.(action: :user_get, attributes: {primary_email: "btihen@las.ch"})
+    # def self.call(service: Google::Apis::AdminDirectoryV1::DirectoryService,
+    #               app_name: nil,
+    #               action:, attributes: {} )
+    #   new(service: service, app_name: app_name).
+    #     run(action: action, attributes: attributes)
+    # end
+
+    private
+    attr_reader :service
+    ##
+    # FROM:
+    # https://www.rubydoc.info/github/google/google-api-ruby-client/Google/Apis/AdminDirectoryV1/DirectoryService
+    # Ensure valid credentials, either by restoring from the saved credentials
+    # files or intitiating an OAuth2 authorization. If authorization is required,
+    # the user's default browser will be launched to approve the request.
+    # @return [Google::Auth::UserRefreshCredentials] OAuth2 credentials
+    def authorize
+      FileUtils.mkdir_p(File.dirname(CREDENTIALS_PATH))
+
+      client_id   = Google::Auth::ClientId.from_file(CLIENT_SECRETS_PATH)
+      token_store = Google::Auth::Stores::FileTokenStore.new(file: CREDENTIALS_PATH)
+      authorizer  = Google::Auth::UserAuthorizer.new( client_id, SCOPE, token_store )
+      user_id = 'default'
+      credentials = authorizer.get_credentials(user_id)
+      if credentials.nil?
+        url = authorizer.get_authorization_url(
+          base_url: OOB_URI)
+        puts "Open the following URL in the browser and enter the " +
+             "resulting code after authorization"
+        puts url
+        code = gets
+        credentials = authorizer.get_and_store_credentials_from_code(
+          user_id: user_id, code: code, base_url: OOB_URI)
+      end
+      credentials
+    end
+  end
+end

data/lib/google_directory/user_commands.rb

@@ -0,0 +1,117 @@
+# already required in Google API
+# require 'SecureRandom'
+
+module GoogleDirectory
+
+  # @note DirectoryService Ruby API Commands - https://www.rubydoc.info/github/google/google-api-ruby-client/Google/Apis/AdminDirectoryV1/DirectoryService
+  # @note GoogleUser Attributes - https://www.rubydoc.info/github/google/google-api-ruby-client/Google/Apis/AdminDirectoryV1/User
+  module UserCommands
+
+    # @note Get GoogleDirectory User Info
+    #
+    # @param attributes [Hash] this attribute MUST include: { primary_email: "username@domain.com" }
+    # @return [Hash] formatted as {success: {action: :user_get, attributes: {primary_email: "user@domain"}, response: GoogleUserObject } }
+    def user_get( attributes: )
+      response = service.get_user( attributes[:primary_email] )
+      {action: :user_get, user: attributes[:primary_email], response: response}
+    end
+
+    # @note Test if user exists in Google Directory
+    #
+    # @param attributes [Hash] this attribute MUST include: { primary_email: "username@domain.com" }
+    # @return [Hash] formatted as {success: {action: :user_exists?, attributes: {primary_email: "user@domain"}, response: Boolean } }
+    def user_exists?( attributes: )
+      begin
+        response = service.get_user( attributes[:primary_email] )
+        return {action: :user_exists?, user: attributes[:primary_email], response: true}
+      rescue Google::Apis::ClientError => error
+        if error.message.include? 'notFound'
+          return {action: :user_exists?, user: attributes[:primary_email], response: false}
+        else
+          raise error
+        end
+      end
+    end
+
+    # @note creates a new Google Directory User
+    #
+    # @param attributes [Hash] this attribute MUST include: { primary_email: "username@domain.com", name: {given_name: "First Names", family_name: "LAST NAMES" } }
+    # @return [Hash] formatted as {success: {action: :user_create, attributes: {primary_email: "user@domain"}, response: GoogleUserObject } }
+    def user_create( attributes: )
+      # http://blog.liveedu.tv/ruby-generate-random-string/
+      password = SecureRandom.base64
+      defaults  = { suspended: true, password: password, change_password_at_next_login: true }
+      user_attr = defaults.merge( attributes )
+      # create a google user object
+      user_object = Google::Apis::AdminDirectoryV1::User.new user_attr
+      # create user in directory services
+      response = service.insert_user( user_object )
+      {action: :user_create, user: attributes[:primary_email], response: response}
+    end
+
+    # @note updates an exising Google Directory User
+    #
+    # @param attributes [Hash] this attribute MUST include: { primary_email: "username@domain.com", attributes_to_change: "" } }
+    # @return [Hash] formatted as {success: {action: :user_update, attributes: {primary_email: "user@domain"}, response: GoogleUserObject } }
+    def user_update( attributes: )
+      # create a user object for google to update
+      response = update_user( attributes )
+      {action: :user_update, user: attributes[:primary_email], response: response}
+    end
+
+    # @note updates an exising Google Directory User password - convience method instead of using :user_update
+    #
+    # @param attributes [Hash] this attribute MUST include: { primary_email: "username@domain.com", password: "secret" } - if no password is included a random password will be assigned
+    # @return [Hash] formatted as {success: {action: :user_change_password, attributes: {primary_email: "user@domain"}, response: GoogleUserObject } }
+    def user_change_password( attributes: )
+      password = SecureRandom.base64
+      defaults  = { password: password, change_password_at_next_login: true }
+      user_attr = defaults.merge( attributes )
+
+      response = update_user( user_attr )
+      {action: :user_change_password, user: attributes[:primary_email], response: response}
+    end
+
+    # @note activates an exising Google Directory User password - convience method instead of using :user_update
+    #
+    # @param attributes [Hash] this attribute MUST include: { primary_email: "username@domain.com" }
+    # @return [Hash] formatted as {success: {action: :user_reactivate, attributes: {primary_email: "user@domain"}, response: GoogleUserObject } }
+    def user_reactivate( attributes: )
+      defaults  = { :suspended => false }
+      user_attr = defaults.merge( attributes )
+
+      response = update_user( user_attr )
+      {action: :user_reactivate, user: attributes[:primary_email], response: response}
+    end
+
+    # @note suspends an exising Google Directory User password - convience method instead of using :user_update
+    #
+    # @param attributes [Hash] this attribute MUST include: { primary_email: "username@domain.com" }
+    # @return [Hash] formatted as {success: {action: :user_suspend, attributes: {primary_email: "user@domain"}, response: GoogleUserObject } }
+    def user_suspend( attributes: )
+      defaults  = { :suspended => true }
+      user_attr = defaults.merge( attributes )
+
+      response = update_user( user_attr )
+      {action: :user_suspend, user: attributes[:primary_email], response: response}
+    end
+
+    # @note deletes an exising Google Directory User
+    #
+    # @param attributes [Hash] this attribute MUST include: { primary_email: "username@domain.com" }
+    # @return [Hash] formatted as {success: {action: :user_delete, attributes: {primary_email: "user@domain"}, response: "" } }
+    def user_delete( attributes: )
+      response = service.delete_user( attributes[:primary_email] )
+      {action: :user_delete, user: attributes[:primary_email], response: response}
+    end
+
+    private
+    def update_user( user_attr )
+      # create a user object that google will create
+      user_object = Google::Apis::AdminDirectoryV1::User.new user_attr
+      # send user object to google directory
+      service.update_user( user_attr[:primary_email], user_object )
+    end
+
+  end
+end

data/lib/google_directory/users_commands.rb

@@ -0,0 +1,24 @@
+# already required in Google API
+# require 'SecureRandom'
+
+module GoogleDirectory
+
+  # DirectoryService Ruby API Commands
+  # https://www.rubydoc.info/github/google/google-api-ruby-client/Google/Apis/AdminDirectoryV1/DirectoryService
+  module UsersCommands
+
+    # Usage hints
+    # https://github.com/google/google-api-ruby-client/issues/360
+
+    # get multiple users
+    # if you don't want the defaults { max_results: 10, order_by: 'email' }
+    # you must override (a nil disables the option)
+    def users_list( attributes: {} )
+      defaults = { max_results: 10, order_by: 'email' }
+      filters  = defaults.merge( attributes )
+      response = service.list_users( filters )
+      {action: :users_list, filters: filters, response: response}
+    end
+
+  end
+end

data/lib/google_directory/version.rb

@@ -0,0 +1,5 @@
+module GoogleDirectory
+  module Version
+    VERSION = "0.1.0"
+  end
+end

metadata

@@ -0,0 +1,121 @@
+--- !ruby/object:Gem::Specification
+name: google_directory
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Bill Tihen
+- Lee Weisbecker
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2018-05-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: google-api-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.21'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.21'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.11'
+description: Authenticate, list, make, check, suspend and activate google users.
+email:
+- btihen@gmail.com
+- lweisbecker@las.ch
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/google_directory.rb
+- lib/google_directory/connection.rb
+- lib/google_directory/user_commands.rb
+- lib/google_directory/users_commands.rb
+- lib/google_directory/version.rb
+homepage: https://github.com/LAS-IT/google_directory
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.6
+signing_key: 
+specification_version: 4
+summary: Simple ruby wrapper to manage google accounts.
+test_files: []