Hi Alex,
Thanks for your comments.
Believe it or not, we do have a use case for this request.
We're deploying Google Apps in a University and one of their requirements
is to be able to change the username from their own website (along with
password).
Since we use GADS, if we rename in LDAP, this will suspend the user in
Google Apps and create a new user.
So, we need a way to change the username. If we do use 3LO, the user will
be prompt with an additional username and pass to fill in, so he will be
confused. That's why we plan to use 2LO or ClientLogin (least preferable
option), to hide this extra step for the user. At the end of the day, the
site will be only accessible via University' intranet.
Best
On Friday, March 16, 2012 11:00:23 AM UTC+1, Isidoro! wrote:
>
> Hi Guys,
>
> I'm trying to build a PHP application to rename users in Google Apps. I'm
> using Provisioning API and 2LO with Zend. I have problems with access.
> This is my code:
>
> $oauthOptions = array(
> 'requestScheme' => Zend_Oauth::REQUEST_SCHEME_HEADER,
> 'version' => '1.0',
> 'signatureMethod' => 'HMAC-SHA1',
> 'consumerKey' => $CONSUMER_KEY,
> 'consumerSecret' => $CONSUMER_SECRET
> );
>
> $consumer = new Zend_Oauth_Consumer($oauthOptions);
> $token = new Zend_Oauth_Token_Access();
> $httpClient = $token->getHttpClient($oauthOptions);
>
> $service = new Zend_Gdata_Gapps($httpClient, $DOMAIN);
> $service->enableRequestDebugLogging('/tmp/foo.txt');
> $updateUser = $service->retrieveUser($USER);
>
> echo 'user to change ' . $updateUser->login;
>
> $updateUser->login->name = 'x1';
> $updateUser = $updateUser->save();
>
> If I set the scope to https://apps-apis.google.com/a/feeds/user/#readonlyI'm
> able to retrieve the user.
> I have disabled from the control panel Two-legged OAuth access control
> (allow Access to All API) and added the scope
> https://apps-apis.google.com/a/feeds/user/2.0/domain/ to update the user
> but I get a Zend Exception
>
> GET /a/feeds/XXXXXX.com/user/2.0/XXXXXXX HTTP/1.1
> Host: apps-apis.google.com
> Connection: close
> User-Agent: MyCompany-MyApp-1.0 Zend_Framework_Gdata/1.11.0dev
> Accept-encoding: identity
> Authorization: OAuth realm="",oauth_consumer_key="cloudspartner.com
> ",oauth_nonce="a52fa4056615b5623c9e4b9c6ce55b85",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1331891784",oauth_version="1.0",oauth_signature="DczkQoN2VJpDkyXGMgcFedCcMMg%3D"
>
> Closing socket
>
> Closing socket
>
> HTTP/1.1 401 Unknown authorization header
> WWW-Authenticate: GoogleLogin realm="
> http://www.google.com/accounts/ClientLogin";, service="apps"
> Content-Type: text/html; charset=UTF-8
> Date: Fri, 16 Mar 2012 09:56:25 GMT
> Expires: Fri, 16 Mar 2012 09:56:25 GMT
> Cache-Control: private, max-age=0
> X-Content-Type-Options: nosniff
> X-Frame-Options: SAMEORIGIN
> X-XSS-Protection: 1; mode=block
> Server: GSE
> Connection: close
>
> <HTML>
> <HEAD>
> <TITLE>Unknown authorization header</TITLE>
> </HEAD>
> <BODY BGCOLOR="#FFFFFF" TEXT="#000000">
> <H1>Unknown authorization header</H1>
> <H2>Error 401</H2>
> </BODY>
> </HTML>
>
> Can you point me to the right direction?
> I can always do ClienLogin, but I'm trying to avoid it.
>
> Thanks and regards,
>
>
>
--
You received this message because you are subscribed to the Google Groups
"Google Apps Domain Information and Management APIs" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/google-apps-mgmt-apis/-/afBLnWhkEcMJ.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/google-apps-mgmt-apis?hl=en.
