forked from memaker/test_google_api
-
Notifications
You must be signed in to change notification settings - Fork 0
/
create_user.php
109 lines (97 loc) · 3.06 KB
/
create_user.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
<?php
/**
* This file is on Google's library
*/
require_once realpath('/path/to/autoload.php');
/**
* Client id and service account name as reported
* on https://console.developers.google.com/ - Projects - Credentials
*/
$client_id = 'long-string.apps.googleusercontent.com'; // 'CLIENT ID' on Google
$service_account_name = 'long-string@developer.gserviceaccount.com'; // 'EMAIL ADDRESS' on Google
/**
* This is the .p12 file generated on https://console.developers.google.com/ - Projects - Credentials
*/
$key_file_location = '/path/to/file_name.p12';
/**
* Email address for admin user that should be used to perform API actions
* Needs to be created via Google Apps Admin interface and be added to an admin role
* that has permissions for Admin APIs for Users
*/
$delegatedAdmin = 'admin@yourdomain.com';
/**
* Array of scopes you need for whatever actions you want to perform
* See https://developers.google.com/admin-sdk/directory/v1/guides/authorizing
* The admin.directory.user is needed to create the user, the admin.directory.group is needed to add the
* user to a group (see later on this file)
*/
$scopes = array(
'https://www.googleapis.com/auth/admin.directory.user',
'https://www.googleapis.com/auth/admin.directory.group'
);
/**
* Create AssertionCredentails object for use with Google_Client
*/
$cred = new Google_Auth_AssertionCredentials(
$service_account_name,
$scopes,
file_get_contents($key_file_location)
);
/**
* API requests shall be used using the delegated admin
*/
$cred->sub = $delegatedAdmin;
/**
* Create Google_Client for making API calls
*/
$client = new Google_Client();
$client->setApplicationName("This is the name");
$client->setAssertionCredentials($cred);
if ($client->getAuth()->isAccessTokenExpired()) {
$client->getAuth()->refreshTokenWithAssertion($cred);
}
/**
* Create Google_Service_Directory
*/
$service = new Google_Service_Directory($client);
/**
* Create the user
*/
$nameInstance = new Google_Service_Directory_UserName();
$nameInstance -> setGivenName('John');
$nameInstance -> setFamilyName('Doe');
$email = 'john.doe@domain.com';
$password = 'password';
$userInstance = new Google_Service_Directory_User();
$userInstance -> setName($nameInstance);
$userInstance -> setHashFunction("MD5");
$userInstance -> setPrimaryEmail($email);
$userInstance -> setPassword(hash("md5", $password));
try
{
$createUserResult = $service->users->insert($userInstance);
var_dump($createUserResult);
}
catch (Google_IO_Exception $gioe)
{
echo "Error in connection: ".$gioe->getMessage();
}
catch (Google_Service_Exception $gse)
{
echo "User already exists: ".$gse->getMessage();
}
/**
* If you want it, add the user to a group
*/
$memberInstance = new Google_Service_Directory_Member();
$memberInstance->setEmail($email);
$memberInstance->setRole('MEMBER');
$memberInstance->setType('USER');
try
{
$insertMembersResult = $service->members->insert('groupname@domain.com', $memberInstance);
}
catch (Google_IO_Exception $gioe)
{
echo "Error in connection: ".$gioe->getMessage();
}