Scritto da
Marco Di Sabatino Di Diodoro
  • email
  • twitter
  • linkedin
  • linkedin

Many organizations are migrating to Google Apps, a suite focused on productivity, collaboration and communication.

Managing such cloud-based resources in a centralized way allows companies to keep control over all the accounts; for this reason a ConnId connector was developed to integrate Apache Syncope with Google Apps.

Syncope-GSuite

In this post, we explain how configure a Google Apps resource with Apache Syncope.

Obtain configuration parameters

      1. Log in to your Google Apps Admin Console (at https://www.google.com/a/domain-name) and verify that Security > Enable API access is checked.

      2. In the OAuth 2.0 application of choice (at https://console.developers.google.com), create credential of type OAuth Client Id / Other, then download the related client_secrets.json file.

      3. Download the Google Apps connector bundle

      4. Change to the directory where you have downloaded the bundle and run the following command on the client_secrets.json file that you obtained earlier in this procedure:

        $ jar xvf net.tirasa.connid.bundles.googleapps-1.4.3-SNAPSHOT.jar
$ java -jar net.tirasa.connid.bundles.googleapps-1.4.3-SNAPSHOT.jar /path/to/client_secrets.json
Please open the following address in your browser: https://accounts.google.com/o/oauth2/auth?
access_type=offline ...
        This command opens the default browser, and loads a screen on which you authorize consent to access the Google Apps account.

      5. When you have authorized consent, the browser returns a code. Copy and paste the code into the terminal from which you ran the original command

        $ Attempting to open that address in the default browser now...
Please enter code:
XXXXXXXX

      6. A response similar to the following is returned.

        {
   "clientId": "5x4x3x4x0x8x-cxlx3xsxcx8xixlxmx3x0xrxgx7x6x3x.apps.googleusercontent.com"
   "clientSecret":"0xhx9xrx8xdxqx9xDxjxUx3x";
   "refreshToken":"1x7xmxfx_yxuxNxUxFxjxVxVxkxXx3XxHxMxYxzx5xcxI"
}

Create a Google Apps Connector

First, we need to create a new connector, from Topologies

GSuite_2

Put all required parameters for Google Apps connector

GSuite_3

Select what operations are allowed for this connector

GSuite_4

Configure Google Apps resource on Apache Syncope

GSuite_5

 

GSuite_6

Configure attributes to manage

GSuite_9

During the creation of a user on Google, a unique identifier (GoogleAppsId) is generated by Google and must be saved on Syncope. This identifier is used by Syncope to link the user. To store the GoogleAppsId it's necessary to add a propagation action.

Syncope 2.1.X doesn't need a PropagationAction, just configure as indicated by the figure below

GSuite_10

7 VOTIYes, Excellent!Yes, Excellent!
Ti è stato utile questo articolo?
Dal Blog di Tirasa
Quello che facciamo, studiamo e pensiamo tutti i giorni lo condividiamo qui.
Vai al blog >