Created
December 15, 2014 00:21
-
-
Save nobuhito/0e80e93e0f6b99cb0826 to your computer and use it in GitHub Desktop.
GoogleDriveで社外共有しているユーザーとファイルをGASで取得 ref: http://qiita.com/nobuhito@github/items/7e47387a22d089ad5bfa
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- OAuth2Invoker.gs.org 2014-12-12 15:45:41 +0900 | |
+++ OAuth2Invoker.gs 2014-12-12 15:46:04 +0900 | |
@@ -1,7 +1,7 @@ | |
/** | |
* Used for invoked Google App Engine services from Google Apps Script. | |
*/ | |
-function OAuth2Invoker(email, pemBase64, scope){ | |
+function OAuth2Invoker(email, pemBase64, scope, target){ | |
this.post = function(url, payload){ | |
var params = { | |
method:'post', | |
@@ -28,13 +28,16 @@ | |
} | |
} | |
+ var s = []; | |
if(payload){ | |
- payload.payload = payload; | |
+ for (var i in payload) { | |
+ s.push(i + "=" + payload[i]); | |
+ } | |
} | |
Logger.log(params); | |
- var response = UrlFetchApp.fetch(url, params); | |
+ var response = UrlFetchApp.fetch(url + "?" + s.join("&"), params); | |
return response; | |
} | |
@@ -64,9 +67,10 @@ | |
var exp = iat + 3600; //expire in 1 hour | |
var jwtClaimSet = { | |
+ "sub": target, | |
"iss":email, | |
"scope":scope, | |
- "aud":"https://accounts.google.com/o/oauth2/token", //this is always the value for google tokens | |
+ "aud":"https://www.googleapis.com/oauth2/v3/token", //this is always the value for google tokens | |
exp: exp, | |
iat: iat | |
}; | |
@@ -77,7 +81,7 @@ | |
var signedBase64 = sign(headerBase64 + '.' + jwtClaimBase64); | |
var assertion = headerBase64 + '.' + jwtClaimBase64 + '.' + signedBase64; | |
- var resp = UrlFetchApp.fetch("https://accounts.google.com/o/oauth2/token",{ | |
+ var resp = UrlFetchApp.fetch("https://www.googleapis.com/oauth2/v3/token",{ | |
'method':'post', | |
'payload' : { | |
'grant_type':"urn:ietf:params:oauth:grant-type:jwt-bearer", | |
@@ -103,7 +107,7 @@ | |
} else { | |
accessToken = requestAccessToken(); | |
var fiftyFiveMinutes = 3300; | |
- CacheService.getPrivateCache().put(email + scope, accessToken, fiftyFiveMinutes); | |
+ //CacheService.getPrivateCache().put(email + scope, accessToken, fiftyFiveMinutes); | |
} | |
return accessToken; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function main() { | |
var prop = PropertiesService.getScriptProperties(); | |
var myDomain = prop.getProperty('myDomain'); // チェックするドメインを指定 | |
if (myDomain == undefined) { | |
Logger.log('Alert: スクリプトのプロパティにmyDomainをセットしてください'); | |
return undefined; | |
} | |
var pem64 = prop.getProperty('pem64'); | |
if (pem64 == undefined) { | |
Logger.log('Alert: スクリプトのプロパティにpem64をセットしてください'); | |
return undefined; | |
} | |
var serviceAccount = prop.getProperty('serviceAccount'); | |
if (serviceAccount == undefined) { | |
Logger.log('Alert: スクリプトのプロパティにserviceAccountをセットしてください'); | |
return undefined; | |
} | |
var api = "https://www.googleapis.com"; | |
var scope = [ | |
"https://www.googleapis.com/auth/drive", | |
"https://www.googleapis.com/auth/drive.file", | |
"https://www.googleapis.com/auth/drive.readonly", | |
"https://www.googleapis.com/auth/drive.metadata.readonly", | |
"https://www.googleapis.com/auth/drive.appdata", | |
"https://www.googleapis.com/auth/drive.apps.readonly" | |
]; | |
var users = AdminDirectory.Users.list({domain: myDomain, maxResults: 500}).users; | |
Logger.log("domain member: " + users.length + " users" ) | |
var shares = {}; | |
for (var i in users) { | |
var target = users[i].primaryEmail; | |
var userName = users[i].name.fullName | |
var invoker = new OAuth2Invoker(serviceAccount, pem64, scope.join(" "), target); | |
var items_options = { | |
"q": "%27" + target + "%27+in+owners", | |
"maxResults": 1000 | |
}; | |
var items_res = invoker.get(api + '/drive/v2/files', items_options); | |
var items = JSON.parse(items_res).items; | |
Logger.log(userName + ": " + items.length + " files"); | |
for (var i in items) { | |
var fileName = items[i].title; | |
var permissions_res = invoker.get(api + "/drive/v2/files/" + items[i].id + "/permissions"); | |
var permissions = JSON.parse(permissions_res).items; | |
for (var j in permissions) { | |
var email = permissions[j].emailAddress; | |
if (email != undefined && email.split("@")[1] != myDomain) { | |
if (!shares[userName]) { shares[userName] = {} } | |
if (!shares[userName][fileName]) { shares[userName][fileName] = [] } | |
shares[userName][fileName].push(email); | |
} | |
} | |
} | |
} | |
Logger.log(shares); | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment