列出设备用户

"""Sample script to demonstrate the use of the List method in the Devices API."""
import json
import pprint

from six.moves import urllib

import google.auth.transport.requests
from google.oauth2 import service_account

SCOPES = ['https://www.googleapis.com/auth/cloud-identity.devices']
BASE_URL = 'https://cloudidentity.googleapis.com/v1/'

# Change this to the location of the service account key
SA_FILE = ''

# Enter the administrator to call as here.
ADMIN_EMAIL = ''

if not SA_FILE:
  print('Please specify the location of the service account key file')
if not ADMIN_EMAIL:
  print('Please specify the email of the administrator to call as')

if not SA_FILE or not ADMIN_EMAIL:
  exit(-1)

def create_delegated_credentials(user_email):
  credentials = service_account.Credentials.from_service_account_file(
      SA_FILE,
      scopes=['https://www.googleapis.com/auth/cloud-identity.devices'])

  delegated_credentials = credentials.with_subject(user_email)

  return delegated_credentials

######################################################################
# AUTHENTICATE the service account and retrieve an oauth2 access token

request = google.auth.transport.requests.Request()
dc = create_delegated_credentials(ADMIN_EMAIL)
dc.refresh(request)
print('Access token: ' + dc.token + '\n')

###############################
# LIST deviceUsers with filter.

# Change this filter according to the options here:
# https://support.google.com/a/answer/7549103
FILTER = urllib.parse.quote_plus('status:approved os:IOS')
list_url = BASE_URL + 'devices/-/deviceUsers?filter=' + FILTER
auth_header = {'Authorization': 'Bearer ' + dc.token}
content = urllib.request.urlopen(
    urllib.request.Request(list_url, headers=auth_header)).read()
response = json.loads(content)
pp = pprint.PrettyPrinter(indent=4)

if 'deviceUsers' in response:
  print('Listed: ' + str(len(response['deviceUsers'])) + ' deviceUsers\n')

  for element in response['deviceUsers']:
    pp.pprint(element)
  print('Next page token: ' + response['nextPageToken'])
else:
  print('Empty response')

"""Sample script to demonstrate the use of the get method in the Devices API."""
import json
import pprint

from six.moves import urllib

import google.auth.transport.requests
from google.oauth2 import service_account

SCOPES = ['https://www.googleapis.com/auth/cloud-identity.devices']
BASE_URL = 'https://cloudidentity.googleapis.com/v1/'

# Change this to the location of the service account key
SA_FILE = ''

# Enter the administrator to call as here.
ADMIN_EMAIL = ''

# Enter the Resource Name. You can get this from the value of the name
# field in the results of a List method call
RESOURCE_NAME = ''

if not SA_FILE:
  print('Please specify the location of the service account key file')
if not ADMIN_EMAIL:
  print('Please specify the email of the administrator to call as')
if not RESOURCE_NAME:
  print('Please specify the Resource Name to be retrieved')

if not SA_FILE or not ADMIN_EMAIL or not RESOURCE_NAME:
  exit(-1)

def create_delegated_credentials(user_email):
  credentials = service_account.Credentials.from_service_account_file(
      SA_FILE,
      scopes=['https://www.googleapis.com/auth/cloud-identity.devices'])

  delegated_credentials = credentials.with_subject(user_email)

  return delegated_credentials

######################################################################
# AUTHENTICATE the service account and retrieve an oauth2 access token

request = google.auth.transport.requests.Request()
dc = create_delegated_credentials(ADMIN_EMAIL)
dc.refresh(request)
print('Access token: ' + dc.token + '\n')

###############################
# Get the resource
get_url = BASE_URL + RESOURCE_NAME
auth_header = {'Authorization': 'Bearer ' + dc.token}
content = urllib.request.urlopen(
    urllib.request.Request(get_url, headers=auth_header)).read()
response = json.loads(content)
pp = pprint.PrettyPrinter(indent=4)
pp.pprint(response)