c# - Unable to Create User using Google Admin SDK - Exception 401 Unauthorized -


i trying populate users in c# application. however, keep getting exception:

{"error occurred while sending direct message or getting response."} [dotnetopenauth.messaging.protocolexception]: {"error occurred while sending direct message or getting response."} data: {system.collections.listdictionaryinternal} helplink: null innerexception: {"the remote server returned error: (401) unauthorized."} message: "error occurred while sending direct message or getting response." source: "google.apis" stacktrace: "   @ google.apis.requests.clientservicerequest`1.execute() in c:\\code.google.com\\google-api-dotnet-client\\default\\tools\\buildrelease\\bin\\release\\release140\\default\\src\\googleapis\\apis\\requests\\clientservicerequest.cs:line 88\r\n   @ googleaccountspopulation.directoryserviceclient.createuser(user user) in e:\\googleaccountspopulation\\googleaccountspopulation\\googleaccountspopulation\\directoryserviceclient.cs:line 70\r\n   @ googleaccountspopulation.frmgoogleaccountspopulation.btnpopulateaccounts_click(object sender, eventargs e) in e:\\googleaccountspopulation\\googleaccountspopulation\\googleaccountspopulation\\populateform.cs:line 449" targetsite: {tresponse execute()}

the exception being raised on line:

userserviceclient.createuser(user);

here codes service:

directoryservicespecs userservicespecs = new directoryservicespecs() {     certificatefilepath = path.getdirectoryname(application.executablepath) + "\\certificates\\" + gappsschool.certificatefile,     privatekey = gappsschool.privatekey,     serviceaccountid = gappsschool.serviceaccountid,     serviceaccountuser = gappsschool.serviceaccountuser,     domain = gappsschool.emaildomain,     servicescope = directoryservice.scopes.admindirectoryuser.getstringvalue() }; directoryserviceclient userserviceclient = new directoryserviceclient(userservicespecs);  user user = new user(); user.name = new username(); if (usernames.length > 1) {     user.name.familyname = lmsuser.name.replace(usernames[0], "").trim();     user.name.givenname = usernames[0]; } else {     user.name.familyname = "n.a.";     user.name.givenname = usernames[0]; } user.name.fullname = lmsuser.name; user.password = lmsuser.password; user.primaryemail = lmsuser.emailaccount + "@" + gappsschool.emaildomain; if (properties.settings.default.lmspasswardhashalgorithm.trim() != string.empty)     user.hashfunction = "md5";  user = userserviceclient.createuser(user); trackentries.add(new trackentry() {     emailaccount = lmsuser.emailaccount,     schoolname = gappsschool.name,     status = "success",     error = "" }); log.info("successfully created user \"" + lmsuser.emailaccount + "\" (" + lmsuser.id.tostring() + ", " + gappsschool.name + ").");   userserviceclient.createuser(user);

authorization

in google apps domains, domain administrator can grant third-party applications domain-wide access users' data — referred domain-wide delegation of authority. delegate authority way, domain administrators can use service accounts oauth 2.0.

here list of scopes available in directory api.

to request access using oauth 2.0, application needs scope information, information google supplies when register application (such client id , client secret).

try checking how perform google apps domain-wide delegation of authority. receiving exception 401 unauthorized maybe because service account not authorized create user (wrong scope used or scope used not added), based emily's answer - must impersonate administrator account (note: administrator can create users).


-

Comments

Post a Comment

Popular posts from this blog

amazon web services - S3 Pre-signed POST validate file type? -

i know it's possible put limit on file size content-length-range header. possible validate file type? https://docs.aws.amazon.com/amazons3/latest/dev/httppostforms.html#policyconditions i see there content-type header, if set say, audio/mp3 allow mp3 files , return error if file not mp3? i found previous question answers mention validating file size: s3 direct upload restricting file size , type you can specify content-type @ post request. you can specify @ signature, post must done content-type: { "expiration": "2007-12-01t12:00:00.000z", "conditions": [ {"acl": "public-read" }, {"bucket": "johnsmith" }, {"content-type: "audio/mp3"} ] } creating html form (using aws signature version 4) edit: @ previous question found, checking content-type.
Read more

c# - Check Keyboard Input Winforms -

i wondering if instead of doing this protected override void onkeydown(keyeventargs e) { if (e.keycode == keys.a) console.writeline("the key down."); } i set bool method , this: if(keydown(keys.a)) // whatever here i've been sitting here ages trying figure out how it. can't wrap head around it. in case wondering, plan call bool inside different method, check input. since want perform action after pressing key, using keydown event enough. but in cases suppose want check if specific key down in middle of process, can use getkeystate method way: [dllimport("user32.dll", charset = charset.auto, exactspelling = true)] public static extern short getkeystate(int keycode); public const int key_pressed = 0x8000; public static bool iskeydown(keys key) { return convert.toboolean(getkeystate((int)key) & key_pressed); } you should know, each time check key state using example iskeydown(keys.a) method returns true if ke...
Read more