shepherd-onboard 0.1.17 → 0.1.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/shepherd-onboard.js +21 -0
- package/package.json +1 -1
package/bin/shepherd-onboard.js
CHANGED
|
@@ -824,6 +824,8 @@ Domain-wide delegation OAuth Client ID: ${payload.googleWorkspaceDelegation.clie
|
|
|
824
824
|
Scopes:
|
|
825
825
|
${payload.googleWorkspaceDelegation.scopes.join("\n")}
|
|
826
826
|
|
|
827
|
+
The setup command copies those scopes to the clipboard as one comma-separated string on macOS. Tell the user they can paste directly into the OAuth scopes field. If clipboard copy is unavailable, use the scopes printed above.
|
|
828
|
+
|
|
827
829
|
The customer does not create a service account and does not upload service account JSON in the default Shepherd-managed flow. Their super admin only authorizes the Client ID and scopes in Google Admin Console. Shepherd's backend stores and uses its private service account JSON server-side.
|
|
828
830
|
Shepherd must still enforce selected users and groups internally before polling or impersonating any employee email.
|
|
829
831
|
|
|
@@ -918,15 +920,34 @@ function googleWorkspaceDelegationSetup(setup) {
|
|
|
918
920
|
|
|
919
921
|
function printGoogleWorkspaceDelegationSetup(setup) {
|
|
920
922
|
const resolved = googleWorkspaceDelegationSetup(setup);
|
|
923
|
+
const copiedScopes = copyTextToClipboard(resolved.scopes.join(","));
|
|
921
924
|
console.log(`App name: ${resolved.appName}`);
|
|
922
925
|
console.log(`Service account email: ${resolved.serviceAccountEmail}`);
|
|
923
926
|
console.log(`Domain-wide delegation OAuth Client ID: ${resolved.clientId}`);
|
|
924
927
|
console.log("Customer action: in Google Admin Console, add the Client ID above and paste these scopes.");
|
|
925
928
|
console.log("Customers do not create a service account or upload service account JSON; Shepherd stores its private service account JSON server-side.");
|
|
929
|
+
if (copiedScopes) {
|
|
930
|
+
console.log("Copied comma-separated scopes to the clipboard.");
|
|
931
|
+
} else if (platform() === "darwin") {
|
|
932
|
+
console.log("Could not copy scopes to the clipboard; copy the scopes below instead.");
|
|
933
|
+
}
|
|
926
934
|
console.log("\nScopes:");
|
|
927
935
|
for (const scope of resolved.scopes) console.log(scope);
|
|
928
936
|
}
|
|
929
937
|
|
|
938
|
+
function copyTextToClipboard(text) {
|
|
939
|
+
if (platform() !== "darwin") return false;
|
|
940
|
+
try {
|
|
941
|
+
execFileSync("pbcopy", [], {
|
|
942
|
+
input: text,
|
|
943
|
+
stdio: ["pipe", "ignore", "ignore"],
|
|
944
|
+
});
|
|
945
|
+
return true;
|
|
946
|
+
} catch {
|
|
947
|
+
return false;
|
|
948
|
+
}
|
|
949
|
+
}
|
|
950
|
+
|
|
930
951
|
function authenticatedEmail(authenticated) {
|
|
931
952
|
return authenticated?.workosUser?.email ?? authenticated?.account?.email ?? null;
|
|
932
953
|
}
|