How was the technical implementation accomplished given the documentation’s indication of no password synchronization, while the Google Workspace User API seemingly necessitates a password field?
When creating a user, a random password is generated, but only the hash is stored. The relevant lines of code for this are as follows:
self._fix_user_resource(resource)
# mandatory properties
if not resource.get("name"):
resource["name"] = dict()
if not resource["name"].get("givenName"):
resource["name"]["givenName"] = new.get("givenName", [self.gh.get_random_ascii_string()])[0]
if not resource["name"].get("familyName"):
resource["name"]["familyName"] = new.get("sn", [self.gh.get_random_ascii_string()])[0]
if not resource.get("password"):
resource["password"] = self._get_random_pw()
if not resource.get("primaryEmail"):
resource["primaryEmail"] = new.get("mailPrimaryAddress", [self._get_random_email_address()])[0]
external_ids = self._create_ldap_id_entries(new)
try:
resource["externalIds"].extend(external_ids)
except KeyError:
resource["externalIds"] = [external_ids]
@staticmethod
def _anonymize(txt):
"""
Get a random string.
:param txt: str: String to anonymize.
:return: str: random string
"""
return uuid.uuid4().get_hex()
@staticmethod
def _get_random_pw():
# have at least one char from each category in password
# https://msdn.microsoft.com/en-us/library/azure/jj943764.aspx
pw = list(random.choice(string.lowercase))
pw.append(random.choice(string.uppercase))
pw.append(random.choice(string.digits))
pw.append(random.choice(u"@#$%^&*-_+=[]{}|\:,.?/`~();"))
pw.extend(random.choice(string.ascii_letters + string.digits + u"@#$%^&*-_+=[]{}|\:,.?/`~();")
for _ in range(12))
random.shuffle(pw)
return u"".join(pw)
