Approuver un appareil

Les exemples suivants vous montrent comment mettre à jour l'état d'approbation d'un utilisateur.

REST

Pour mettre à jour l'état d'approbation, appelez devices.deviceUsers.approve() avec un nom d'appareil et un objet client.

HTTP Python

L'exemple suivant montre une fonction de l'outil d'aide permettant de mettre à jour l'état d'approbation à l'aide de la bibliothèque HTTP Python :

"""Example script to use the approve method of the Devices API."""
import pprint

from six.moves import urllib

import google.auth.transport.requests
from google.oauth2 import service_account

SCOPES = ['https://www.googleapis.com/auth/cloud-identity.devices']
BASE_URL = 'https://cloudidentity.googleapis.com/v1/'

# Change this to the location of the service account key
SA_FILE = ''

# Enter the administrator to call as here.
ADMIN_EMAIL = ''

# Enter the Device User Resource Name. You can get this from the value
# of the name field in the results of a List method call
RESOURCE_NAME = ''

if not SA_FILE:
  print('Please specify the location of the service account key file')
if not ADMIN_EMAIL:
  print('Please specify the email of the administrator to call as')
if not RESOURCE_NAME:
  print('Please specify the Device User Resource Name to be approved')

if not SA_FILE or not ADMIN_EMAIL or not RESOURCE_NAME:
  exit(-1)

def create_delegated_credentials(user_email):
  credentials = service_account.Credentials.from_service_account_file(
      SA_FILE,
      scopes=['https://www.googleapis.com/auth/cloud-identity.devices'])

  delegated_credentials = credentials.with_subject(user_email)

  return delegated_credentials

######################################################################
# AUTHENTICATE the service account and retrieve an oauth2 access token

request = google.auth.transport.requests.Request()
dc = create_delegated_credentials(ADMIN_EMAIL)
dc.refresh(request)
print('Access token: ' + dc.token + '\n')

###############################
# Approve the DeviceUser
header = {
    'authorization': 'Bearer ' + dc.token,
    'Content-Type': 'application/json'
}

action_url = BASE_URL + RESOURCE_NAME + ':approve'
request = urllib.request.Request(action_url, None, headers=header)
request.get_method = lambda: 'POST'

try:
  approve_response = urllib.request.urlopen(request)
except urllib.error.HTTPError as e:
  if e.code == 400:
    print('The request was invalid. Perhaps the device is already approved?')
  else:
    print('Unknown error occurred')
  exit(-1)

pp = pprint.PrettyPrinter(indent=4)
pp.pprint(approve_response)

Notez que RESOURCE_NAME serait défini sur le nom de la ressource récupérée à partir d'une ressource d'appareil.