Push notifications for Directory changes - google-admin-sdk

Is it possible for me to setup an app which is installable by other organisations which send push notifications to a specific URL for directory changes?

Yes, you can setup an app that can be that can be used outside your organization. Just make sure that when deploying, make sure to allow "Anyone"
As for sending push notifications for directory changes (Drive)
Google Apps Script is no longer a viable platform for implementing Google API Push Notifications across most services (Drive, Calendar, Admin Directory etc.). If you want to stick with Google's cloud offerings, there are alternatives you can explore. Google Cloud Functions is one such option.
Reference:
Google Apps Script - Sharing outside of domain
Drive API Push Notifications for a Google Apps Script Web App

Related

How can I invoke a desktop app from Google Cloud Platform services?

I'm building a desktop client app (win/linux/mac) with a backend hosted in GCP (I'm considering other cloud platforms too). The desktop app should be minimalistic and provide access to local machine resources to the backend. And I'm looking for a way to invoke my app from the server (when some event occurs) and then the app would do some work on a local machine. Here's what I've tried so far.
Google Cloud Pub/Sub. Seems like it does what I need, but to make it work I have to create a service account, generate JSON key and store it locally, which is not good. I can restrict the service account access permissions, of course, but still it doesn't look good to me. Maybe there are other ways to auth my app running at the end user machine? I want to keep my desktop app minimal (ideally without UI, just an "agent" console process / Windows service). Maybe I could consider a login screen to connect the app with the backend, if that solves the problem, but I don't want to overcomplicate.
Google Cloud Run + SignalR / WebSockets. This solution also looks good, but it has one significant disadvantage. As long as there's at least one open WebSocket the Cloud Run instance is considered active and therefore billed. There are other difficulties related to scalability and container instances synchronization too.
What do you think about the options above, and what are the other possibilities? Am I left with REST API and polling for updates? I'm quite new to the cloud stuff so any help is appreciated. Thanks!
If you want to be able to invoke your local app from Google Cloud, you need 2 things
The first one, to register your app on Google Cloud, with, preferably, a auth mecanism (can be an API key for example). Like this, the GCP backend know where to call you app (which IP/port) and how (the auth mechanism)
The second is to have your app up and running and listen external communication. HTTP is the easiest way. Wait a HTTP call on the IP/port defined during the registration, check the auth and perform the process.
You can store the data (location and the auth) in firestore for example, and use Cloud Run to perform the HTTP call.
You can also inverse the solution and to poll (long polling or regular poll) the backend from the local app when it is running.
The 2 approach are possible, the second one slightly easier but can be challenging to manage the security.

Upload mobile app to cloud instead of google play or app store

Can we store our app in cloud instead of storing it in google play or app store for client to download? If yes we service is there for this in azure and aws? Any help will be appreciate.
You can use Visual Studio App Center
This way you can manage the end-to-end lifecycle for a mobile application. Services like Build, Test, Distribute, Diagnostics, Analytics, Push Notifications etc., all can be done in a single place.
Users can install the app via email distribution lists for testing, much as they'd download an app from the app store
For Pricing refer here

Creating a Mult-Tenant OAuth Client App

Essentially, I'm wanting to create an Oauth Client as an App so I can get data from Dynamics for multiple customers. Does anyone know if this is possible to do in AppSource or do you know of another way?
I have a service that will be served in a cloud different than Azure so there really isn't anything for me to submit as an App and I really don't want every customer to have to setup their own App that gives my service the privileges/access it needs, but it's looking like I may have to.
It sounds like you'll want to register an app with Azure AD (the OAuth2.0 service/identity provider for work and school accounts), and create a multi-tenant app. Then you can configure this app in the Azure Portal to get permissions to the APIs the app wants tokens to call (in your case Dynamics or the Microsoft Graph).
Once this app is written, you can code up your app using one of the Azure AD Auth Libraries. Here's some sample code for a .NET web API. You can find more code samples on Github and search active directory. Moreover, the Azure Active Directory Developer Landing Page is a great place to look for more resources on doing all of this.

Create and Push an App programmatically from another App in Cloud Foundry

Is it possible to create and push an application into Cloud Foundry from a different application that is already running in Cloud Foundry? Essentially I need to do a 'cf push' from within the application.
I saw there's a Cloud Foundry API that I can use (https://apidocs.cloudfoundry.org/237/apps/creating_an_app.html). Can anyone give me an example?
The Cloud Foundry Java Client is designed for use cases like this. It takes care of negotiating the OAuth2 security used by the CF API and provides nice abstractions for common operations that require multiple CF API calls (e.g. pushing an app, which involves creating app metadata, pushing the bits, and starting the app). I would prefer this option over using Java to shell out to the cf CLI, as you get greater control over the CF API and aren't subject the CLI UI to detect success/failure.
There's nothing stopping an app from running on CF from pushing other apps, but the platform doesn't do a lot to help with this either. Specifically, you'll need the address of the CF API endpoint (e.g. http://api.mycf.example.com) to be able to target, authenticate, and deploy apps. But there is no way for an app running on CF to know the API endpoint of the CF it is running on. So you will need to configure the CF API endpoint into the application that will be pushing other apps.
TL;DR Yes it is possible. Shell out to the CF cli.
The easiest way to do this would be to just include the CF cli in your application and shell out to it to push your app. You'll have to make sure that the binary you use matches the OS where your app is running (most likely Ubuntu 14.04). But that way, you can just provide it with your user's CF credentials and use the cf push logic in the CLI.
There is a CloudFoundry API you can use, but I'd advise against it. Trying to authenticate and push a cf app will be tricky. cf push does a lot under the hood -- it not only creates the app via the API endpoint you found, but it also uploads application files in an intelligent way, it attaches routes and services to the app, starts the app, polls the CF API for the updates on the status of the staging task, etc. You'd have to implement all of this on your own (not to mention the OAuth2 workflow to get an auth token).
There are some third-party CF libraries you might find useful (depending on the language you are using):
https://github.com/cloudfoundry/cf-java-client
https://www.npmjs.com/package/cf-nodejs-client
Lastly the CloudFoundry cli is open-sourced (https://github.com/cloudfoundry/cli). Bear in mind that as discussed above the push logic consists of multiple operations, and as such the codebase might be difficult to grok.

Write a Plug-in for Cloud foundry authentication

I need to integrate the Cloudfoundry with third party authentication tool, say, Keystone. I need to write a plug-in where it can be attached / installed to the cloud foundry with out any code changes in Cloudfoundry. If I want to use the authentication from keystone I will install the plug-in for Cloudfoundry. The code changes should only go to the plug-in and not to the Cloudfoundry code.
Please let me know how can I achieve this.
Thanks in advance,
Sateesh B.
The following link https://github.com/cloudfoundry/vcap-java-client is a java client library that does restful calls to vcap (aka cloud foundry). Now in my opinion, if you want to use a custom authentication method (be whatever you choose) in high level terms, you would have to make it into a adapter design pattern.
Once your users pass your authentication, your application can then communicate with Cloud Foundry via rest calls or libraries such as https://github.com/cloudfoundry/vcap-java-client and have their account created or etc. You just have to add that layer of your own authentication which then you can use the data from the authenticated user in creating or fetching cloud foundry info/apps.
This way you haven't touched cloud foundry and you can easily implement more than one way of authentication.