ÐÑОвеÑïŒ
ãã®èšäºã§ã¯ãG Suite ãŠãŒã¶ãŒãæäœããããã®ãPowerShell ãš Google API ã®å¯Ÿè©±ã®å®è£ ã«ã€ããŠèª¬æããŸãã
ç§ãã¡ã¯çµç¹å
šäœã§ããã€ãã®å
éšãµãŒãã¹ãšã¯ã©ãŠã ãµãŒãã¹ã䜿çšããŠããŸãã ã»ãšãã©ã®å Žåããããã®èªèšŒã¯ Google ãŸã㯠Active Directory ã«ãã£ãŠè¡ãããŸããããããã®éã§ã¯ã¬ããªã«ãç¶æã§ããªããããæ°ããåŸæ¥å¡ãéè·ããå Žåã¯ãããã XNUMX ã€ã®ã·ã¹ãã ã§ã¢ã«ãŠã³ããäœæ/æå¹ã«ããå¿
èŠããããŸãã ããã»ã¹ãèªååããããã«ãæ
å ±ãåéããŠäž¡æ¹ã®ãµãŒãã¹ã«éä¿¡ããã¹ã¯ãªãããäœæããããšã«ããŸããã
æ¿èª
èŠä»¶ãäœæããéãæ¿èªã«ã¯å®éã®äººéã®ç®¡çè ã䜿çšããããšã«ããŸãããããã«ãããå¶çºçãŸãã¯æå³çãªå€§èŠæš¡ãªå€æŽãçºçããå Žåã®ã¢ã¯ã·ã§ã³ã®åæãç°¡çŽ åãããŸãã
Google API ã¯ãèªèšŒãšèªå¯ã« OAuth 2.0 ãããã³ã«ã䜿çšããŸãã 䜿çšäŸãšè©³çŽ°ãªèª¬æã¯æ¬¡ã®å Žæã«ãããŸãã
ãã¹ã¯ããã ã¢ããªã±ãŒã·ã§ã³ã®èªèšŒã«äœ¿çšãããã¹ã¯ãªãããéžæããŸããã ãµãŒãã¹ ã¢ã«ãŠã³ãã䜿çšãããªãã·ã§ã³ããããŸããããã«ããããŠãŒã¶ãŒãäžå¿ èŠã«ç§»åããå¿ èŠããªããªããŸãã
äžã®å³ã¯ãGoogle ããŒãžããéžæããã·ããªãªã®æŠç¥èª¬æã§ãã
- ãŸããGET ãã©ã¡ãŒã¿ãæå®ããŠããŠãŒã¶ãŒã Google ã¢ã«ãŠã³ãèªèšŒããŒãžã«éä¿¡ããŸãã
- ã¢ããªã±ãŒã·ã§ã³ID
- ã¢ããªã±ãŒã·ã§ã³ãã¢ã¯ã»ã¹ããå¿ èŠãããé å
- æç¶ãå®äºåŸã«ãŠãŒã¶ãŒããªãã€ã¬ã¯ããããã¢ãã¬ã¹
- ããŒã¯ã³ãæŽæ°ããæ¹æ³
- ã»ãã¥ãªãã£ã³ãŒã
- èªèšŒã³ãŒãéä¿¡ãã©ãŒããã
- èªå¯ãå®äºãããšããŠãŒã¶ãŒã¯æåã®ãªã¯ãšã¹ãã§æå®ãããããŒãžã«ãªãã€ã¬ã¯ããããGET ãã©ã¡ãŒã¿ã«ãã£ãŠãšã©ãŒãŸãã¯èªå¯ã³ãŒããæž¡ãããŸãã
- ã¢ããªã±ãŒã·ã§ã³ (ã¹ã¯ãªãã) ã¯ãããã®ãã©ã¡ãŒã¿ãŒãåãåãå¿ èŠããããã³ãŒããåãåã£ãå Žåã¯ãããŒã¯ã³ãååŸããããã«æ¬¡ã®ãªã¯ãšã¹ããå®è¡ããŸãã
- ãªã¯ãšã¹ããæ£ããå ŽåãGoogle API ã¯æ¬¡ãè¿ããŸãã
- ãªã¯ãšã¹ãã«äœ¿çšã§ããã¢ã¯ã»ã¹ããŒã¯ã³
- ãã®ããŒã¯ã³ã®æå¹æé
- ã¢ã¯ã»ã¹ããŒã¯ã³ãæŽæ°ããã«ã¯ãªãã¬ãã·ã¥ããŒã¯ã³ãå¿ èŠã§ãã
ãŸããGoogle API ã³ã³ãœãŒã«ã«ç§»åããå¿
èŠããããŸãã
ã¹ã¯ãªãã ã¢ã«ãŽãªãºã ãèªã¿ãããããããã«ãã¢ããªã±ãŒã·ã§ã³ã®ã¢ã¯ã»ã¹ ããŒã¯ã³ãšæŽæ°ããŒã¯ã³ãè¿ãå¥ã®é¢æ°ã§æåã®ã¹ãããã衚瀺ã§ããŸãã
$client_secret = 'Our Client Secret'
$client_id = 'Our Client ID'
function Get-GoogleAuthToken {
if (-not [System.Net.HttpListener]::IsSupported) {
"HttpListener is not supported."
exit 1
}
$codeverifier = -join ((65..90) + (97..122) + (48..57) + 45 + 46 + 95 + 126 |Get-Random -Count 60| % {[char]$_})
$hasher = new-object System.Security.Cryptography.SHA256Managed
$hashByteArray = $hasher.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($codeverifier))
$base64 = ((([System.Convert]::ToBase64String($hashByteArray)).replace('=','')).replace('+','-')).replace('/','_')
$ports = @(10600,15084,39700,42847,65387,32079)
$port = $ports[(get-random -Minimum 0 -maximum 5)]
Write-Host "Start browser..."
Start-Process "https://accounts.google.com/o/oauth2/v2/auth?code_challenge_method=S256&code_challenge=$base64&access_type=offline&client_id=$client_id&redirect_uri=http://localhost:$port&response_type=code&scope=https://www.googleapis.com/auth/admin.directory.user https://www.googleapis.com/auth/admin.directory.group"
$listener = New-Object System.Net.HttpListener
$listener.Prefixes.Add("http://localhost:"+$port+'/')
try {$listener.Start()} catch {
"Unable to start listener."
exit 1
}
while (($code -eq $null)) {
$context = $listener.GetContext()
Write-Host "Connection accepted" -f 'mag'
$url = $context.Request.RawUrl
$code = $url.split('?')[1].split('=')[1].split('&')[0]
if ($url.split('?')[1].split('=')[0] -eq 'error') {
Write-Host "Error!"$code -f 'red'
$buffer = [System.Text.Encoding]::UTF8.GetBytes("Error!"+$code)
$context.Response.ContentLength64 = $buffer.Length
$context.Response.OutputStream.Write($buffer, 0, $buffer.Length)
$context.Response.OutputStream.Close()
$listener.Stop()
exit 1
}
$buffer = [System.Text.Encoding]::UTF8.GetBytes("Now you can close this browser tab.")
$context.Response.ContentLength64 = $buffer.Length
$context.Response.OutputStream.Write($buffer, 0, $buffer.Length)
$context.Response.OutputStream.Close()
$listener.Stop()
}
Return Invoke-RestMethod -Method Post -Uri "https://www.googleapis.com/oauth2/v4/token" -Body @{
code = $code
client_id = $client_id
client_secret = $client_secret
redirect_uri = 'http://localhost:'+$port
grant_type = 'authorization_code'
code_verifier = $codeverifier
}
$code = $null
OAuth ã¯ã©ã€ã¢ã³ãèå¥åã®ããããã£ã§ååŸããã¯ã©ã€ã¢ã³ã ID ãšã¯ã©ã€ã¢ã³ã ã·ãŒã¯ã¬ãããèšå®ããŸããã³ãŒã ããªãã¡ã€ã¢ã¯ãäºçŽãããŠããªãæåããã©ã³ãã ã«çæããå¿ èŠããã 43 ïœ 128 æåã®æååã§ã: [AZ] / [az] / [0-9 ] /ã-ã/ããã /ã_ã/ã~ãã
ãã®ã³ãŒãã¯å床éä¿¡ãããŸãã ããã«ããããŠãŒã¶ãŒã®æ¿èªåŸã«ãªãã€ã¬ã¯ããšããŠè¿ãããå¿çãæ»æè
ã«ãã£ãŠååãããå¯èœæ§ãããè匱æ§ãæé€ãããŸãã
çŸåšã®ãªã¯ãšã¹ãã®ã³ãŒãããªãã¡ã€ã¢ãã¯ãªã¢ããã¹ãã§éä¿¡ããããšãã§ããŸã (ããã§ã¯æå³ããããŸããããã㯠SHA256 ããµããŒãããŠããªãã·ã¹ãã ã«ã®ã¿é©ããŠããŸã)ããŸãã¯ãSHA256 ã¢ã«ãŽãªãºã ã䜿çšããŠããã·ã¥ãäœæããBASE64Url ã§ãšã³ã³ãŒãããå¿
èŠããããŸã (ç°ãªããã®ã«ãªããŸã)ã Base64 ãã XNUMX ã€ã®ããŒãã«æåå)ãè¡æ«æå = ãåé€ããŸãã
次ã«ãæ¿èªåŸã«ãªãã€ã¬ã¯ããšããŠè¿ãããå¿çãåä¿¡ããããã«ãããŒã«ã« ãã·ã³ã§ http ã®ãªãã¹ã³ãéå§ããå¿ èŠããããŸãã
管çã¿ã¹ã¯ã¯ç¹å¥ãªãµãŒããŒã§å®è¡ãããè€æ°ã®ç®¡çè ãåæã«ã¹ã¯ãªãããå®è¡ããå¯èœæ§ãæé€ã§ããªããããçŸåšã®ãŠãŒã¶ãŒã®ããŒããã©ã³ãã ã«éžæãããŸãããäºåå®çŸ©ãããããŒããæå®ããŸããã API ã³ã³ãœãŒã«ã§ãä¿¡é Œã§ãããã®ãšããŠè¿œå ããå¿ èŠããããŸãã
access_type=ãªãã©ã€ã³ ããã¯ããŠãŒã¶ãŒããã©ãŠã¶ãŒãæäœããªããŠããã¢ããªã±ãŒã·ã§ã³ãæå¹æéåãã®ããŒã¯ã³ãç¬èªã«æŽæ°ã§ããããšãæå³ããŸãã
response_type = code ã³ãŒããã©ã®ããã«è¿ããããã®åœ¢åŒãèšå®ããŸã (ãŠãŒã¶ãŒããã©ãŠã¶ããã¹ã¯ãªããã«ã³ãŒããã³ããŒãããšãã®å€ãèªèšŒã¡ãœãããžã®åç
§)ã
ã¹ã³ãŒã ã¢ã¯ã»ã¹ã®ç¯å²ãšçš®é¡ã瀺ããŸãã ãããã¯ã¹ããŒã¹ãŸã㯠%20 (URL ãšã³ã³ãŒãã£ã³ã°ã«åŸã£ãŠ) ã§åºåãå¿
èŠããããŸãã ã¢ã¯ã»ã¹é åãšã¿ã€ãã®ãªã¹ãã¯ã次ã®ãšããã§ãã
èªèšŒã³ãŒããåä¿¡ããåŸãã¢ããªã±ãŒã·ã§ã³ã¯ãã©ãŠã¶ã«ã¯ããŒãº ã¡ãã»ãŒãžãè¿ããããŒãã§ã®ãªãã¹ã³ãåæ¢ããããŒã¯ã³ãååŸããããã« POST ãªã¯ãšã¹ããéä¿¡ããŸãã ãã®äžã«ã¯ãã³ã³ãœãŒã« API ãã以åã«æå®ãã ID ãšã·ãŒã¯ã¬ããããŠãŒã¶ãŒããªãã€ã¬ã¯ããããã¢ãã¬ã¹ãããã³ãããã³ã«ä»æ§ã«åŸã£ãŠ Grant_type ã瀺ããŸãã
å¿çãšããŠãã¢ã¯ã»ã¹ ããŒã¯ã³ããã®æå¹æé (ç§åäœ)ãããã³ã¢ã¯ã»ã¹ ããŒã¯ã³ãæŽæ°ã§ãããªãã¬ãã·ã¥ ããŒã¯ã³ãåãåããŸãã
ã¢ããªã±ãŒã·ã§ã³ã¯ããŒã¯ã³ãå®å šãªå Žæã«ä¿åããæå¹æéãé·ãå¿ èŠããããããåä¿¡ããã¢ã¯ã»ã¹ãåãæ¶ããŸã§ãã¢ããªã±ãŒã·ã§ã³ã¯ãªãã¬ãã·ã¥ ããŒã¯ã³ãè¿ããŸããã æåŸã«ãããŒã¯ã³ãåãæ¶ããªã¯ãšã¹ããè¿œå ããŸãããã¢ããªã±ãŒã·ã§ã³ãæ£åžžã«å®äºããããªãã¬ãã·ã¥ ããŒã¯ã³ãè¿ãããªãã£ãå Žåã¯ãæé ãå床éå§ãããŸã (ããŒã¯ã³ã端æ«äžã«ããŒã«ã«ã«ä¿åããã®ã¯å®å šã§ã¯ãªããšèããã®ã§ãæå·åã§ç©äºãè€éã«ãããããã©ãŠã¶ãé »ç¹ã«éãããããããªã)ã
do {
$token_result = Get-GoogleAuthToken
$token = $token_result.access_token
if ($token_result.refresh_token -eq $null) {
Write-Host ("Session is not destroyed. Revoking token...")
Invoke-WebRequest -Uri ("https://accounts.google.com/o/oauth2/revoke?token="+$token)
}
} while ($token_result.refresh_token -eq $null)
$refresh_token = $token_result.refresh_token
$minute = ([int]("{0:mm}" -f ([timespan]::fromseconds($token_result.expires_in))))+((Get-date).Minute)-2
if ($minute -lt 0) {$minute += 60}
elseif ($minute -gt 59) {$minute -=60}
$token_expire = @{
hour = ([int]("{0:hh}" -f ([timespan]::fromseconds($token_result.expires_in))))+((Get-date).Hour)
minute = $minute
}
ãã§ã«ãæ°ã¥ãã®ãšãããããŒã¯ã³ãåãæ¶ãå Žå㯠Invoke-WebRequest ã䜿çšãããŸãã Invoke-RestMethod ãšã¯ç°ãªããåä¿¡ããããŒã¿ã䜿çšå¯èœãªåœ¢åŒã§è¿ããããªã¯ãšã¹ãã®ã¹ããŒã¿ã¹ã衚瀺ããŸãã
次ã«ãã¹ã¯ãªããã¯ãŠãŒã¶ãŒã®å§åãå ¥åããããã«æ±ãããã°ã€ã³ãšé»åã¡ãŒã«ãçæããŸãã
ãªã¯ãšã¹ã
次ã®ãªã¯ãšã¹ãã¯æ¬¡ã®ãšããã§ãããŸããæ°ãããã°ã€ã³ãäœæãããçŸåšã®ãã°ã€ã³ãæå¹ã«ãããã決å®ããããã«ãåããã°ã€ã³ãæã€ãŠãŒã¶ãŒããã§ã«ååšãããã©ããã確èªããå¿ èŠããããŸãã
ã¹ã€ããã䜿çšããŠããã¹ãŠã®ãªã¯ãšã¹ããéžæä»ãã® XNUMX ã€ã®é¢æ°ã®åœ¢åŒã§å®è£ ããããšã«ããŸããã
function GoogleQuery {
param (
$type,
$query
)
switch ($type) {
"SearchAccount" {
Return Invoke-RestMethod -Method Get -Uri "https://www.googleapis.com/admin/directory/v1/users" -Headers @{Authorization = "Bearer "+(Get-GoogleToken)} -Body @{
domain = 'rocketguys.com'
query = "email:$query"
}
}
"UpdateAccount" {
$body = @{
name = @{
givenName = $query['givenName']
familyName = $query['familyName']
}
suspended = 'false'
password = $query['password']
changePasswordAtNextLogin = 'true'
phones = @(@{
primary = 'true'
value = $query['phone']
type = "mobile"
})
orgUnitPath = $query['orgunit']
}
Return Invoke-RestMethod -Method Put -Uri ("https://www.googleapis.com/admin/directory/v1/users/"+$query['email']) -Headers @{Authorization = "Bearer "+(Get-GoogleToken)} -Body (ConvertTo-Json $body) -ContentType 'application/json; charset=utf-8'
}
"CreateAccount" {
$body = @{
primaryEmail = $query['email']
name = @{
givenName = $query['givenName']
familyName = $query['familyName']
}
suspended = 'false'
password = $query['password']
changePasswordAtNextLogin = 'true'
phones = @(@{
primary = 'true'
value = $query['phone']
type = "mobile"
})
orgUnitPath = $query['orgunit']
}
Return Invoke-RestMethod -Method Post -Uri "https://www.googleapis.com/admin/directory/v1/users" -Headers @{Authorization = "Bearer "+(Get-GoogleToken)} -Body (ConvertTo-Json $body) -ContentType 'application/json; charset=utf-8'
}
"AddMember" {
$body = @{
userKey = $query['email']
}
$ifrequest = Invoke-RestMethod -Method Get -Uri "https://www.googleapis.com/admin/directory/v1/groups" -Headers @{Authorization = "Bearer "+(Get-GoogleToken)} -Body $body
$array = @()
foreach ($group in $ifrequest.groups) {$array += $group.email}
if ($array -notcontains $query['groupkey']) {
$body = @{
email = $query['email']
role = "MEMBER"
}
Return Invoke-RestMethod -Method Post -Uri ("https://www.googleapis.com/admin/directory/v1/groups/"+$query['groupkey']+"/members") -Headers @{Authorization = "Bearer "+(Get-GoogleToken)} -Body (ConvertTo-Json $body) -ContentType 'application/json; charset=utf-8'
} else {
Return ($query['email']+" now is a member of "+$query['groupkey'])
}
}
}
}
åãªã¯ãšã¹ãã§ã¯ãããŒã¯ã³ ã¿ã€ããšã¢ã¯ã»ã¹ ããŒã¯ã³èªäœãå«ã Authorization ããããŒãéä¿¡ããå¿ èŠããããŸãã çŸåšãããŒã¯ã³ ã¿ã€ãã¯åžžã« Bearer ã§ãã ãªããªãããŒã¯ã³ã®æå¹æéãåããŠããªãããšã確èªããããŒã¯ã³ãçºè¡ãããŠãã XNUMX æéåŸã«æŽæ°ããå¿ èŠããããããã¢ã¯ã»ã¹ ããŒã¯ã³ãè¿ãå¥ã®é¢æ°ã®ãªã¯ãšã¹ããæå®ããŸããã æåã®ã¢ã¯ã»ã¹ ããŒã¯ã³ãåä¿¡ãããšãã«ãåãã³ãŒãéšåãã¹ã¯ãªããã®å é ã«ãããŸãã
function Get-GoogleToken {
if (((Get-date).Hour -gt $token_expire.hour) -or (((Get-date).Hour -ge $token_expire.hour) -and ((Get-date).Minute -gt $token_expire.minute))) {
Write-Host "Token Expired. Refreshing..."
$request = (Invoke-RestMethod -Method Post -Uri "https://www.googleapis.com/oauth2/v4/token" -ContentType 'application/x-www-form-urlencoded' -Body @{
client_id = $client_id
client_secret = $client_secret
refresh_token = $refresh_token
grant_type = 'refresh_token'
})
$token = $request.access_token
$minute = ([int]("{0:mm}" -f ([timespan]::fromseconds($request.expires_in))))+((Get-date).Minute)-2
if ($minute -lt 0) {$minute += 60}
elseif ($minute -gt 59) {$minute -=60}
$script:token_expire = @{
hour = ([int]("{0:hh}" -f ([timespan]::fromseconds($request.expires_in))))+((Get-date).Hour)
minute = $minute
}
}
return $token
}
ãã°ã€ã³ãååšãããã©ããã確èªããŸãã
function Check_Google {
$query = (GoogleQuery 'SearchAccount' $username)
if ($query.users -ne $null) {
$user = $query.users[0]
Write-Host $user.name.fullName' - '$user.PrimaryEmail' - suspended: '$user.Suspended
$GAresult = $user
}
if ($GAresult) {
$return = $GAresult
} else {$return = 'gg'}
return $return
}
email:$query ãªã¯ãšã¹ãã¯ããšã€ãªã¢ã¹ãå«ãããŸãã«ãã®ã¡ãŒã«ã¢ãã¬ã¹ãæã€ãŠãŒã¶ãŒãæ€çŽ¢ãããã API ã«èŠæ±ããŸãã ã¯ã€ã«ãã«ãŒãã䜿çšã§ããŸãã =ã:ã:{ãã¬ãã£ãã¯ã¹}*.
ããŒã¿ãååŸããã«ã¯ãGET ãªã¯ãšã¹ã ã¡ãœããã䜿çšããŠãããŒã¿ãæ¿å ¥ããŸã (ã¢ã«ãŠã³ãã®äœæãŸãã¯ã°ã«ãŒããžã®ã¡ã³ããŒã®è¿œå ) - POSTãæ¢åã®ããŒã¿ãæŽæ°ããŸã - PUTãã¬ã³ãŒã (ã°ã«ãŒãã®ã¡ã³ããŒãªã©) ãåé€ããŸã -æ¶å»ã
ãã®ã¹ã¯ãªããã¯ãé»è©±çªå· (æªæ€èšŒã®æåå) ãšãå°åã®é åžã°ã«ãŒããžã®åå ãèŠæ±ããŸãã éžæãã Active Directory OU ã«åºã¥ããŠãŠãŒã¶ãŒãã©ã®çµç¹åäœãæã€å¿ èŠããããã決å®ãããã¹ã¯ãŒããäœæããŸãã
do {
$phone = Read-Host "ТелеÑПМ в ÑПÑЌаÑе +7Ñ
Ñ
Ñ
Ñ
Ñ
Ñ
Ñ
Ñ
"
} while (-not $phone)
do {
$moscow = Read-Host "Ð ÐПÑкПвÑкОй ПÑОÑ? (y/n) "
} while (-not (($moscow -eq 'y') -or ($moscow -eq 'n')))
$orgunit = '/'
if ($OU -like "*OU=Delivery,OU=Users,OU=ROOT,DC=rocket,DC=local") {
Write-host "ÐÑÐŽÐµÑ ÑПзЎаМа в /Team delivery"
$orgunit = "/Team delivery"
}
$Password = -join ( 48..57 + 65..90 + 97..122 | Get-Random -Count 12 | % {[char]$_})+"*Ba"
ãããŠåœŒã¯ã¢ã«ãŠã³ããæäœãå§ããŸãã
$query = @{
email = $email
givenName = $firstname
familyName = $lastname
password = $password
phone = $phone
orgunit = $orgunit
}
if ($GMailExist) {
Write-Host "ÐапÑÑкаеЌ ОзЌеМеМОе аккаÑÐœÑа" -f mag
(GoogleQuery 'UpdateAccount' $query) | fl
write-host "Ðе забÑÐŽÑ Ð¿ÑПвеÑОÑÑ Ð³ÑÑÐ¿Ð¿Ñ Ñ Ð²ÐºÐ»ÑÑеММПгП $Username в Google."
} else {
Write-Host "ÐапÑÑкаеЌ ÑПзЎаМОе аккаÑÐœÑа" -f mag
(GoogleQuery 'CreateAccount' $query) | fl
}
if ($moscow -eq "y"){
write-host "ÐПбавлÑеЌ в гÑÑÐ¿Ð¿Ñ moscowoffice"
$query = @{
groupkey = '[email protected]'
email = $email
}
(GoogleQuery 'AddMember' $query) | fl
}
ã¢ã«ãŠã³ããæŽæ°ããã³äœæããé¢æ°ã®æ§æã¯äŒŒãŠããŸãããã¹ãŠã®è¿œå ãã£ãŒã«ããå¿ èŠãªããã§ã¯ãããŸãããé»è©±çªå·ã®ã»ã¯ã·ã§ã³ã§ã¯ãçªå·ãšãã®ã¿ã€ããå«ãã¬ã³ãŒãã XNUMX ã€ãŸã§å«ããããšãã§ããé åãæå®ããå¿ èŠããããŸãã
ãŠãŒã¶ãŒãã°ã«ãŒãã«è¿œå ãããšãã«ãšã©ãŒãçºçããªãããã«ããã«ã¯ããŸããŠãŒã¶ãŒèªèº«ããã°ã«ãŒãã®ã¡ã³ããŒãŸãã¯æ§æã®ãªã¹ããååŸããŠããã®ãŠãŒã¶ãŒããã§ã«ãã®ã°ã«ãŒãã®ã¡ã³ããŒã§ãããã©ããã確èªããŸãã
ç¹å®ã®ãŠãŒã¶ãŒã®ã°ã«ãŒã ã¡ã³ããŒã·ããã®ã¯ãšãªã¯ååž°çã§ã¯ãªããçŽæ¥ã®ã¡ã³ããŒã·ããã®ã¿ã衚瀺ããŸãã ãŠãŒã¶ãŒãã¡ã³ããŒãšãªã£ãŠããåã°ã«ãŒãããã§ã«ååšãã芪ã°ã«ãŒãã«ãŠãŒã¶ãŒãå«ããããšã¯æåããŸãã
ãŸãšã
æ®ã£ãŠããã®ã¯ããŠãŒã¶ãŒã«æ°ããã¢ã«ãŠã³ãã®ãã¹ã¯ãŒããéä¿¡ããããšã ãã§ãã ãã㯠SMS çµç±ã§è¡ãããæé ãšãã°ã€ã³ã«é¢ããäžè¬æ å ±ããé»è©±çªå·ãšãšãã«æ¡çšéšéããæäŸãããå人ã¡ãŒã«ã«éä¿¡ãããŸãã 代ããã«ããéãç¯çŽããŠç§å¯ã®é»å ±ãã£ããã«ãã¹ã¯ãŒããéä¿¡ããããšãã§ããŸããããã XNUMX çªç®ã®èŠçŽ ãšèŠãªãããŸã (MacBook ã¯äŸå€ã§ã)ã
æåŸãŸã§èªãã§ããã ãããããšãããããŸãã èšäºã®æžãæ¹ãæ¹åããããã®ææ¡ãåãã§æèŠãããŠããã ããŸãããŸããã¹ã¯ãªãããæžããšãã«èŠã€ãããšã©ãŒãå°ãªããªãããšãé¡ã£ãŠããŸã =)
ããŒãå¥ã«åœ¹ç«ã€ãªã³ã¯ããŸãã¯åã«è³ªåã«åçãããªã³ã¯ã®ãªã¹ã:
ã¢ãã€ã«ããã³ãã¹ã¯ããã ã¢ããªåãã® OAuth 2.0 Web ãµãŒã㌠ã¢ããªã±ãŒã·ã§ã³ã§ã® OAuth 2.0 ã®äœ¿çš OAuth ãããªã㯠ã¯ã©ã€ã¢ã³ãã«ããã³ãŒã亀æçšã®èšŒæã㌠PowerShell ã§ã©ã³ãã ãªæåãçæãã ASCII ããŒãã«ãšèª¬æ PowerShell: æååã®ããã·ã¥å€ãååŸãã Base64URLã®ãšã³ã³ãŒã/ãã³ãŒã Base64 ãšã³ã³ãŒããš Base64url ãšã³ã³ãŒã PowerShell 5.1 ã® Invoke-RestMethod ã¹ããã 1 㧠access_type ããªãã©ã€ã³ã§ããã«ããããããããªãã¬ãã·ã¥ ããŒã¯ã³ãååŸã§ããªã æ¯èŒæŒç®åã«ã€ã㊠ãã£ã¬ã¯ã㪠API: ãŠãŒã¶ãŒ ã¢ã«ãŠã³ã ãŠãŒã¶ãŒãæ€çŽ¢ãã ãã£ã¬ã¯ã㪠API: ã°ã«ãŒã Invoke-RestMethod ã®ãšã©ãŒåŠç - Powershell
åºæïŒ habr.com