In this post, I’m walking the user through an app that talks to Google via their Provisioning API.
I’ll be talking about the following:
- Ruby/Rails
- HTTP Basic Authorization
- REST
- Google GData and Google Provisioning API
This article is a work in progress.
provisioner_google.rb
def retrieve_user(username) raise ArgumentError, "username blank", caller if username.empty? resp = @rest_client.GET("/a/feeds/foo.com/user/2.0/#{username}") feed = Document.new(resp.body) unless ! XPath.match( feed, "/AppsForYourDomainErrors" ).empty? xn = ProvXn.new xn.givenname = feed.elements["//apps:name"].attributes["givenName"] xn.familyname = feed.elements["//apps:name"].attributes["familyName"] xn.username = feed.elements["//apps:login"].attributes["userName"] return xn end error_code = feed.elements["//AppsForYourDomainErrors/error"].attributes["errorCode"] reason = feed.elements["//AppsForYourDomainErrors/error"].attributes["reason"] if error_code == '1301' raise ActiveRecord::RecordNotFound else raise ProvisionerException.new(error_code, reason), "unhandled error" end end # currently only supports changes to password. def update_user_attributes(attributes) raise ArgumentError, "username blank", caller if attributes['username'].empty? path = "/a/feeds/foo.com/user/2.0/#{attributes["username"]}" xml = <<TXT <?xml version="1.0" encoding="UTF-8"?> <atom:entry xmlns:atom="http://www.w3.org/2005/Atom" xmlns:apps="http://schemas.google.com/apps/2006" xmlns:gd="http://schemas.google.com/g/2005"> <atom:id>https://apps-apis.google.com/a/feeds/foo.com/user/2.0/#{ attributes['username'] }</atom:id> <apps:login userName="#{ attributes['username'] }" password="#{ attributes['password'] }" suspended="false" admin="false" changePasswordAtNextLogin="false" agreedToTerms="true"/> </atom:entry> TXT xmldoc = Document.new(xml) resp = @rest_client.PUT(path, xmldoc.to_s) end
Test.