Thank you beforehand for taking the time to check out my question.
While using Cloud Identity API to query for managed devices (Windows, Mac) details from our Google Workspace, I am able to query successfully by the "device ID" assigned by google, however, the "hostname" field is not included in the response.
This is an example of the call and response that I get.
https://cloudidentity.googleapis.com/v1/devices
def device_query():
FILTER = urllib.parse.quote_plus('serial:'+<serialNumber>)
list_url = BASE_URL + 'devices?name=' + FILTER
auth_header = {'Authorization': 'Bearer ' + getAuthToken()}
content = urllib.request.urlopen(
urllib.request.Request(list_url, headers=auth_header)).read()
response = json.loads(content)
deviceDetails = response['devices']
print(deviceDetails)
{'devices':
[{'name': 'devices/xxxxxxxxxxxx',
'createTime': '9999-99-99T20:11:31.680Z',
'lastSyncTime': '9999-99-99T15:01:51.922Z',
'ownerType': 'Company Owned',
'model': 'Windows',
'osVersion': 'Win10',
'deviceType': 'Windows',
'serialNumber': '737dh39he8d3978'}]
}
When looking at any device through Workspace, I can see similar details including the hostname.
[Workspace UI device hostname example][1]
The UI URL looks like this: https://admin.google.com/ac/devices/details/8613sw4fa4-90b2-5098-61384-d139d0775r9gg/information?uid=7dhdhsw7hd3h83d&dt=4
This is the API endpoint: cloudidentity.googleapis.com/v1 I am using to retrieve device data.
Related
I created a script following "Ruby Quickstart" but I can't run it with the API.
I know that I should publish it as API executable. To do that I need to switch the script project to use a "standard GCP project" and I couldn't find how to do it from the API.
If I switch it manually it works. When I execute the code below I get this error:
> 403, PERMISSION_DENIED: The caller does not have permission
This is the code:
def create_and_execute
# Initialize the API
service = Google::Apis::ScriptV1::ScriptService.new
service.client_options.application_name = APPLICATION_NAME
service.authorization = authorize
# Make the API request.
request = Google::Apis::ScriptV1::CreateProjectRequest.new(
title: "My Script3"
)
resp = service.create_project request
script_id = resp.script_id
content = Google::Apis::ScriptV1::Content.new(
files: [
Google::Apis::ScriptV1::File.new(
name: "hello",
type: "SERVER_JS",
source: "function helloWorld() {\n console.log('Hello, world!');\n}"
),
Google::Apis::ScriptV1::File.new(
name: "appsscript",
type: "JSON",
source: "{\"timeZone\":\"America/Los_Angeles\",\"exceptionLogging\":\"CLOUD\",\"executionApi\":{\"access\":\"ANYONE\"}}"
)
],
script_id: script_id
)
service.update_project_content(script_id, content)
service.create_project_version(script_id,Google::Apis::ScriptV1::Version.new(script_id: script_id))
service.create_project_deployment(script_id,Google::Apis::ScriptV1::DeploymentConfig.new(script_id: script_id,version_number: 1))
service.run_script(script_id, Google::Apis::ScriptV1::ExecutionRequest.new(function: 'helloWorld', dev_mode: true))
end
I am sorry to inform you that this operation is not possible. You need to use a standard browser interface (read as not an API) to switch a GCP project as described here. On this docs you can find more information about how to use Apps Script on your app, and here you can learn how to activate any API (included Apps Scripts API).
I'm unable to a folder by providing an id to that folder using Boxr gem. Previously I didn't has the enterprise settings as shown in this post which I have now fixed. I'm creating a token using JWT authentication get_user_token method the following way.
token = Boxr::get_user_token("38521XXXX", private_key: ENV.fetch('JWT_PRIVATE_KEY'), private_key_password: ENV.fetch('JWT_PRIVATE_KEY_PASSWORD'), public_key_id: ENV.fetch('JWT_PUBLIC_KEY_ID'), client_id: ENV.fetch('BOX_CLIENT_ID'), client_secret: ENV.fetch('BOX_CLIENT_SECRET'))
I then pass this this token when creating a client.
client = Boxr::Client.new(token)
when I check the current user on client this is what I get:
client.current_user
=> {"type"=>"user",
"id"=>"60853XXXX",
"name"=>"OnlineAppsPoC",
"login"=>"AutomationUser_629741_06JgxiPtPj#boxdevedition.com",
"created_at"=>"2018-10-04T08:41:32-07:00",
"modified_at"=>"2018-10-04T08:41:50-07:00",
"language"=>"en",
"timezone"=>"America/Los_Angeles",
"space_amount"=>10737418240,
"space_used"=>0,
"max_upload_size"=>2147483648,
"status"=>"active",
"job_title"=>"",
"phone"=>"",
"address"=>"",
"avatar_url"=>"https://app.box.com/api/avatar/large/6085300897"}
When I run client.methods I see there is folder_from_id however when I call that method I get the following error:
pry(#<FormsController>)> client.folder_from_id("123456", fields: [])
Boxr::BoxrError: 404: Not Found
from /usr/local/bundle/gems/boxr-1.4.0/lib/boxr/client.rb:239:in `check_response_status'
I have the following settings:
I also authorize the application. Not sure what else to do.
token = Boxr::get_user_token(user_id,
private_key: ENV.fetch('JWT_PRIVATE_KEY'),
private_key_password: ENV.fetch('JWT_PRIVATE_KEY_PASSWORD'),
public_key_id: ENV.fetch('JWT_PUBLIC_KEY_ID'),
client_id: ENV.fetch('BOX_CLIENT_ID'),
client_secret: ENV.fetch('BOX_CLIENT_SECRET'))
client = Boxr::Client.new(token.access_token)
folder = client.folder_from_id(folder_id)
client.upload_file(file_path, folder)
For anybody using C# and BOXJWT.
You just need to have a boxManager set up and will get you with anything you need, say BoxFile, Folder etc.
If you have the folderID, well & good, but if you need to retrieve, this can be done as shown below:
string inputFolderId = _boxManager.GetFolder(RootFolderID).Folders.Where(i => i.Name == boxFolder).FirstOrDefault().Id; //Retrieves FolderId
Folder inputFolder = _boxManager.GetFolder(inputFolderId);
I'm trying the new request verification process for Slack API on AWS Lambda but I can't produce a valid signature from a request.
The example showed in https://api.slack.com/docs/verifying-requests-from-slack is for a slash command but I'm using for an event subscription, especially, a subscription to a bot event (app_mention). Does the new process support event subscriptions as well?
If so, am I missing something?
Mapping template for Integration request in API Gateway. I can't get a raw request as the slack documentation says but did my best like this:
{
"body" : $input.body,
"headers": {
#foreach($param in $input.params().header.keySet())
"$param": "$util.escapeJavaScript($input.params().header.get($param))" #if($foreach.hasNext),#end
#end
}
}
My function for verification:
def is_valid_request(headers, body):
logger.info(f"DECODED_SECRET: {DECODED_SECRET}")
logger.info(f"DECRYPTED_SECRET: {DECRYPTED_SECRET}")
timestamp = headers.get(REQ_KEYS['timestamp'])
logger.info(f"timestamp: {timestamp}")
encoded_body = urlencode(body)
logger.info(f"encoded_body: {encoded_body}")
base_str = f"{SLACK_API_VER}:{timestamp}:{encoded_body}"
logger.info(f"base_str: {base_str}")
base_b = bytes(base_str, 'utf-8')
dgst_str = hmac.new(DECRYPTED_SECRET, base_b, digestmod=sha256).hexdigest()
sig_str = f"{SLACK_API_VER}={dgst_str}"
logger.info(f"signature: {sig_str}")
req_sig = headers.get(REQ_KEYS['sig'])
logger.info(f"req_sig: {req_sig}")
logger.info(f"comparing: {hmac.compare_digest(sig_str, req_sig)}")
return hmac.compare_digest(sig_str, req_sig)
Lambda Log in CloudWatch. I can't show the values for security reasons but it seems like each variable/constant has a reasonable value:
DECODED_SECRET: ...
DECRYPTED_SECRET: ...
timestamp: 1532011621
encoded_body: ...
base_str: v0:1532011621:token= ... &team_id= ... &api_app_id= ...
signature: v0=3 ...
req_sig: v0=1 ...
comparing: False
signature should match with req_sig but it doesn't. I guess there is something wrong with base_str = f"{SLACK_API_VER}:{timestamp}:{encoded_body}". I mean, the concatination or urlencoding of the request body, but I'm not sure. Thank you in advance!
I'm setting up a rocket chat server in an air gapped testbed where I'll have thousands of automated users talking to each other to generate network traffic. I had seen the user import via CSV documented here. That lets me create my users, but not with pre-assigned passwords. Looking in programs/server/packages/rocketchat_importer-csv.js I see that it is setting the password to a formulaic string including the current date.
That's as good as a random password for my needs.
Is there a way to, say, include another column in the CSV where I can assign the password for each user?
I installed it via snaps on Ubuntu 16.04.4 if that affects anything.
In the end, I wrote a python script to do the job making a web request for each line of the CSV. Here's what I came up with:
import csv
import json
import requests
def main(csv_path, admin_user, admin_pass, base_url):
"""
Read the given CSV of the format:
loginname, email, real name, password
and create all the users described in it in the Rocket.Chat server
available at `base_url`
"""
login_json = json.dumps({'username': admin_user, 'password': admin_pass})
response = requests.post(base_url + '/api/v1/login', data=login_json)
data = response.json()['data']
token = data['authToken']
userid = data['userId']
headers = {
'X-Auth-Token': token,
'X-User-Id': userid,
'Content-type': 'application/json',
}
with open(csv_path) as raw:
reader = csv.reader(raw)
for user in reader:
request = {
'username': user[0],
'email': user[1],
'name': user[2],
'password': user[3],
}
ret = requests.post(base_url + '/api/v1/users.create',
data=json.dumps(request), headers=headers)
There is some way to create domains in google admin console via a rest api (or some python google-sdk). I search in google documentation but i couldn't find anything.
Yes, take a look at their api. You need of course to be a gapps reseller. https://developers.google.com/admin-sdk/reseller/
Yes, an exemple with Node :
https://cloud.google.com/nodejs/docs/reference/domains/latest
import { DomainsClient } from "#google-cloud/domains";
const client = new DomainsClient({
keyFile,
projectId,
});
const [domainRegisterParameters] = await client.retrieveRegisterParameters({
domainName: "example.com",
location,
});
const registerParameters = domainRegisterParameters.registerParameters
await this.client.registerDomain({...}) // it buy the domain name
It seem to be this for python :
https://cloud.google.com/python/docs/reference/domains/latest