"""Generate backup codes for office@lonestarelectrical.net so Kyla can bypass 2FA enrollment block""" from google.oauth2 import service_account from googleapiclient.discovery import build SCOPES = [ 'https://www.googleapis.com/auth/admin.directory.user', 'https://www.googleapis.com/auth/admin.directory.user.security', ] creds = service_account.Credentials.from_service_account_file( 'temp/acg-msp-access-8f72339997e5.json', scopes=SCOPES ) delegated = creds.with_subject('sysadmin@lonestarelectrical.net') service = build('admin', 'directory_v1', credentials=delegated) user_email = 'office@lonestarelectrical.net' # Check current 2SV status print(f"=== {user_email} 2SV Status ===") user = service.users().get(userKey=user_email).execute() print(f"2SV Enrolled: {user.get('isEnrolledIn2Sv', False)}") print(f"2SV Enforced: {user.get('isEnforcedIn2Sv', False)}") # Generate backup verification codes print(f"\n=== Generating Backup Codes ===") try: codes = service.verificationCodes().generate(userKey=user_email).execute() print("[OK] Backup codes generated") except Exception as e: print(f"[INFO] Generate returned: {e}") # List the codes try: result = service.verificationCodes().list(userKey=user_email).execute() backup_codes = result.get('items', []) if backup_codes: print(f"\nBackup codes for Kyla to use at login:") for code in backup_codes: status = code.get('etag', '') print(f" {code.get('verificationCode', 'N/A')}") print(f"\nInstructions for Kyla:") print(f" 1. Go to https://accounts.google.com") print(f" 2. Enter email: {user_email}") print(f" 3. Enter the temp password we set") print(f" 4. When prompted for 2FA, click 'Try another way'") print(f" 5. Select 'Enter a backup code'") print(f" 6. Use one of the codes above") print(f" 7. Once logged in, go to Security > 2-Step Verification to set up her phone") else: print("[WARNING] No codes returned") except Exception as e: print(f"[ERROR] Could not list codes: {e}")