feat(go): improvements for google idp;

1. Use the impersonate package to authenticate.
2. Use Pages method to get all data.

pro/idp/google/google.go

@@ -4,7 +4,9 @@ import (
 	"context"
 	"github.com/gravitl/netmaker/pro/idp"
 	admindir "google.golang.org/api/admin/directory/v1"
+	"google.golang.org/api/impersonate"
 	"google.golang.org/api/option"
+	"os"
 )
 
 type Client struct {
@@ -12,7 +14,31 @@ type Client struct {
 }
 
 func NewGoogleWorkspaceClient() (*Client, error) {
-	service, err := admindir.NewService(context.TODO(), option.WithCredentialsFile("credentials.json"))
+	targetPrincipal := os.Getenv("GOOGLE_WORKSPACE_SERVICE_ACCOUNT_EMAIL")
+	subject := os.Getenv("GOOGLE_WORKSPACE_ADMIN_EMAIL")
+
+	source, err := impersonate.CredentialsTokenSource(
+		context.TODO(),
+		impersonate.CredentialsConfig{
+			TargetPrincipal: targetPrincipal,
+			Scopes: []string{
+				admindir.AdminDirectoryUserReadonlyScope,
+				admindir.AdminDirectoryGroupReadonlyScope,
+				admindir.AdminDirectoryGroupMemberReadonlyScope,
+			},
+			Subject: subject,
+		},
+		//option.WithCredentialsJSON(nil),
+		option.WithCredentialsFile("credentials.json"),
+	)
+	if err != nil {
+		return nil, err
+	}
+
+	service, err := admindir.NewService(
+		context.TODO(),
+		option.WithTokenSource(source),
+	)
 	if err != nil {
 		return nil, err
 	}
@@ -23,47 +49,55 @@ func NewGoogleWorkspaceClient() (*Client, error) {
 }
 
 func (g *Client) GetUsers() ([]idp.User, error) {
-	resp, err := g.service.Users.List().Fields("id", "primaryEmail", "suspended").Do()
-	if err != nil {
-		return nil, err
-	}
+	var retval []idp.User
+	err := g.service.Users.List().
+		Customer("my_customer").
+		Fields("users(id,primaryEmail,suspended)", "nextPageToken").
+		Pages(context.TODO(), func(users *admindir.Users) error {
+			for _, user := range users.Users {
+				retval = append(retval, idp.User{
+					ID:              user.Id,
+					Username:        user.PrimaryEmail,
+					AccountDisabled: user.Suspended,
+				})
+			}
 
-	retval := make([]idp.User, len(resp.Users))
-	for i, user := range resp.Users {
-		retval[i] = idp.User{
-			ID:              user.Id,
-			Username:        user.PrimaryEmail,
-			AccountDisabled: user.Suspended,
-		}
-	}
+			return nil
+		})
 
-	return retval, nil
+	return retval, err
 }
 
 func (g *Client) GetGroups() ([]idp.Group, error) {
-	resp, err := g.service.Groups.List().Fields("id", "name").Do()
-	if err != nil {
-		return nil, err
-	}
+	var retval []idp.Group
+	err := g.service.Groups.List().
+		Customer("my_customer").
+		Fields("groups(id,name)", "nextPageToken").
+		Pages(context.TODO(), func(groups *admindir.Groups) error {
+			for _, group := range groups.Groups {
+				var retvalMembers []string
+				err := g.service.Members.List(group.Id).
+					Fields("members(id)", "nextPageToken").
+					Pages(context.TODO(), func(members *admindir.Members) error {
+						for _, member := range members.Members {
+							retvalMembers = append(retvalMembers, member.Id)
+						}
 
-	retval := make([]idp.Group, len(resp.Groups))
-	for i, group := range resp.Groups {
-		members, err := g.service.Members.List(group.Id).Fields("id").Do()
-		if err != nil {
-			return nil, err
-		}
+						return nil
+					})
+				if err != nil {
+					return err
+				}
 
-		retvalMembers := make([]string, len(members.Members))
-		for j, member := range members.Members {
-			retvalMembers[j] = member.Id
-		}
+				retval = append(retval, idp.Group{
+					ID:      group.Id,
+					Name:    group.Name,
+					Members: retvalMembers,
+				})
+			}
 
-		retval[i] = idp.Group{
-			ID:      group.Id,
-			Name:    group.Name,
-			Members: retvalMembers,
-		}
-	}
+			return nil
+		})
 
-	return retval, nil
+	return retval, err
 }