keystone.token package¶
Subpackages¶
Submodules¶
keystone.token.controllers module¶
-
class
keystone.token.controllers.BaseAuthenticationMethod(*args, **kwargs)[source]¶ Bases:
objectCommon utilities/dependencies for all authentication method classes.
-
exception
keystone.token.controllers.ExternalAuthNotApplicable[source]¶ Bases:
exceptions.ExceptionExternal authentication is not applicable.
-
class
keystone.token.controllers.ExternalAuthenticationMethod(*args, **kwargs)[source]¶ Bases:
keystone.token.controllers.BaseAuthenticationMethodAuthenticate using an external authentication method.
-
authenticate(request, auth)[source]¶ Try to authenticate an external user via REMOTE_USER variable.
Parameters: - request – A request object.
- auth – Dictionary representing the authentication request.
Returns: A tuple containing the user reference, project identifier, token expiration, bind information, and original audit information.
-
-
class
keystone.token.controllers.LocalAuthenticationMethod(*args, **kwargs)[source]¶ Bases:
keystone.token.controllers.BaseAuthenticationMethodAuthenticate against a local backend using password credentials.
-
authenticate(request, auth)[source]¶ Try to authenticate against the identity backend.
Parameters: - request – A request object.
- auth – Dictionary representing the authentication request.
Returns: A tuple containing the user reference, project identifier, token expiration, bind information, and original audit information.
-
-
class
keystone.token.controllers.TokenAuthenticationMethod(*args, **kwargs)[source]¶ Bases:
keystone.token.controllers.BaseAuthenticationMethodAuthenticate using an existing token.
-
authenticate(request, auth)[source]¶ Try to authenticate using an already existing token.
Parameters: - request – A request object.
- auth – Dictionary representing the authentication request.
Returns: A tuple containing the user reference, project identifier, token expiration, bind information, and original audit information.
-
-
class
keystone.token.controllers.V2TokenDataHelper(*args, **kwargs)[source]¶ Bases:
objectCreate V2 token data.
-
classmethod
format_catalog(catalog_ref)[source]¶ Munge catalogs from internal to output format.
Internal catalogs look like:
{$REGION: { {$SERVICE: { $key1: $value1, ... } } }The legacy api wants them to look like:
[{'name': $SERVICE[name], 'type': $SERVICE, 'endpoints': [{ 'tenantId': $tenant_id, ... 'region': $REGION, }], 'endpoints_links': [], }]
-
v3_to_v2_token(v3_token_data, token_id)[source]¶ Convert v3 token data into v2.0 token data.
This method expects a dictionary generated from V3TokenDataHelper.get_token_data() and converts it to look like a v2.0 token dictionary.
Parameters: - v3_token_data – dictionary formatted for v3 tokens
- token_id – ID of the token being converted
Returns: dictionary formatted for v2 tokens
Raises: keystone.exception.Unauthorized – If a specific token type is not supported in v2.
-
classmethod
-
keystone.token.controllers.authentication_method_generator(request, auth)[source]¶ Given an request return a suitable authentication method.
This is simply a generator to handle matching an authentication request with the appropriate authentication method.
Parameters: auth – Dictionary containing authentication information from the request. Returns: An authentication method class object.
keystone.token.provider module¶
Token provider interface.
-
class
keystone.token.provider.Manager(*args, **kwargs)[source]¶ Bases:
keystone.common.manager.ManagerDefault pivot point for the token provider backend.
See
keystone.common.manager.Managerfor more details on how this dynamically calls the backend.-
INVALIDATE_PROJECT_TOKEN_PERSISTENCE= 'invalidate_project_tokens'¶
-
INVALIDATE_USER_TOKEN_PERSISTENCE= 'invalidate_user_tokens'¶
-
V2= 'v2.0'¶
-
V3= 'v3.0'¶
-
VERSIONS= frozenset(['v3.0', 'v2.0'])¶
-
driver_namespace= 'keystone.token.provider'¶
-
Module contents¶
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.