Comments (16)
@wesleykirkland thanks!!! The updated module will rely on PoshCode's Configuration module v1.2.0for configuration management, so make sure you have that installed:
Install-Module Configuration -Repository PSGallery -RequiredVersion 1.2.0 -Scope CurrentUser
Once installed, load in v2.0.0 and you can pass it an array of hashtables to build out the multi-config, setting whichever you want as default via the appropriate flag (this can be changed on the fly):
@(
@{
SetAsDefaultConfig = $true
ConfigName = "main"
P12KeyPath = "C:\P12s\PSGSuite.p12"
AppEmail = "[email protected]"
AdminEmail = "[email protected]"
CustomerID = "C021xxxxxx"
Domain = "mydomain.io"
Preference = "CustomerID"
ServiceAccountClientID = "98723498723489723498239"
}
@{
ConfigName = "client1"
P12KeyPath = "C:\P12s\PSGSuite-theirdomain.p12"
AppEmail = "[email protected]"
AdminEmail = "[email protected]"
CustomerID = "C092xxxxxx"
Domain = "theirdomain.io"
Preference = "CustomerID"
ServiceAccountClientID = "12399898494949494994949"
}
) | ForEach-Object {
$props = $_
Set-PSGSuiteConfig @props
}
Once you have that done, you can switch between active configs by using Switch-PSGSuiteConfig -ConfigName $configName
(or by using the domain name via Switch-PSGSuiteConfig -Domain theirdomain.io
. If you want to switch the default config (the config that's loaded on module import), pass the -SetToDefault switch when switching configs.
from psgsuite.
Assuming you're using the full service account email and not the client ID for the AppEmail in your PSGSuiteConfig
/ Get-GSToken
call? Also, are you passing a list of scopes or a single scope?
Could you send me your Get-GSToken
command with sensitive parts removed so I can try and replicate? I use the module daily and haven't had an issue myself, but my typical calls are limited to a single scope for the most part.
from psgsuite.
Yes, I'm working in a lab, so the account has all power. I followed your documentation about the setup, and it went without a hitch (very good doc).
The code is very straightforward:
Import-Module PSGSuite
Set-PSGSuiteConfig @settings
$allgroups = Get-GSGroupList
$settings containing all the info to log in.
By default, the token will look like that:
{
"iss": "XXX",
"sub": "XXX",
"scope": "https://www.googleapis.com/auth/admin.directory.group",
"aud": "https://www.googleapis.com/oauth2/v4/token",
"exp": "15099322693728",
"iat": "15099289693728"
}
and i get:
Get-GSToken : 401 - Unauthorized: invalid_grant / Invalid JWT: Token must be a short-lived token (60 minutes) and in a reasonable timeframe. Check your iat and exp values and use a clock with skew to account for clock differences between systems.
So i looked into the clock possible issues, but i'm synchronized with google servers (or close enough). I looked inside the google documentation for the JWT token, and every iat and exp values are in a ten digits format. By doing the change shown before, it works.
It could still be something weird on my side...
from psgsuite.
from psgsuite.
Alright, the issue is based on the locals:
PS > (Get-Date($now) -UFormat "%s")
1513840921,66042
PS > [decimal](Get-Date($now) -UFormat "%s")
151384092166042
so a substring would be more robust than a convert to decimal...
from psgsuite.
working on the next major update for PSGSuite right now which resolves this by building the requests using Google's .NET SDK's instead of REST API calls with Invoke-RestMethod
. PSGSuite v2 will also add a fair amount more features as well (multi domain support, client_secrets.json AND P12 key service account support, Drive file uploading, PowerShell Core support, and more)
from psgsuite.
@scrthq Any chance that the current implementation can do multi domain support with different P12 keys? The module have everything I need but I have 5+ GSuite tenants to pull data from.
from psgsuite.
@wesleykirkland it can actually, although config management can get a bit unwieldy. PSGSuite 2.0.0 does this pretty seamlessly though and should be out soon (targetting the next couple weeks)
from psgsuite.
@scrthq Yeah I found the config management was a bit tricky. If you can provide some documentation on how to get started with V2 I'll beta test for you. Until then I'm having to use the config management trickery.
Also awesome work so far!
from psgsuite.
#6 created to track progress on 2.0.0 rollout
from psgsuite.
PSGSuite 2.0.0 released!
Wiki has been updated, 100% of functions also have comment based help as well so the documentation is at your fingertips while using the module directly.
Please check out the README for any breaking changes!
PowerShell Gallery link: https://www.powershellgallery.com/packages/PSGSuite/2.0.0
Cheers!
from psgsuite.
@TLaborde FYI - I'm going to be adding a legacy branch to this repo and incorporating this fix there for those that do need to use v1.2.1 for email delegation support.
from psgsuite.
@TLaborde - got this working, should fix the local issue. I'll be uploading 1.2.2 in GitHub releases within the next couple days!
Let me know if this works for you:
[string]$now = Get-Date (Get-Date).ToUniversalTime() -UFormat "%s"
$createDate = [int]$now.Split(".").Split(",")[0]
$expiryDate = [int]$now.Split(".").Split(",")[0] + 3540
from psgsuite.
perfect, thanks!
from psgsuite.
Awesome! You'll find the legacy 1.2.2 zip in the releases section. Let me know if you need any help installing!
from psgsuite.
FYI @TLaborde - delegation commands have been added back into PSGSuite in v2.4.0! Still uses the old API calls, but I managed to get the JWT creation needed for the REST API calls that Gmail Delegation does refactored to work in PowerShell 4.0-6.x+! If you haven't updated yet, you should be safe to do so now and retain the ability to use Gmail delegation functions!
from psgsuite.
Related Issues (20)
- Additional Reports Since Last Edited HOT 1
- Send-GmailMessage: Special characters not displayed as expected in HTML Body HOT 1
- Inconsistent Get-GSUser "IsEnrolledIn2Sv" field results when multiple users are returned HOT 1
- Update-GSChromeOSDevice - Wipe devices User Profile Only HOT 6
- PowerShell Constrained Language mode HOT 1
- Setup Guide Unclear / Not up to Date HOT 5
- Dynamically Generating Functions for Slide/Doc/Sheet updates
- Create Documents and Presentations
- 2.37.0 release is too big for Azure Automation
- Add option to enable conversation history HOT 1
- Licensing Data out of date HOT 4
- Still being developed?
- Add Last Known Network to Get-GSChromeOSDevice HOT 8
- Get-GSGmailSignature ... Update-GSGmailSignature HOT 1
- Update-GSUser support for unarchiving HOT 2
- Update-GSUserSecuritySettings -User User -AllowLessSecureApps -$True
- Set group labels via CloudIdentity API
- I am getting error in gsuite assement
- Initial Setup Instructions Need Updating (Here's what worked for me) HOT 1
- Implement retries with exponential backoff for long running commands like Get-GSDriveFileList
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from psgsuite.