Extension supporting Federation.
Bases: object
Create a mapping.
Parameters: | mapping_ref (dict) – mapping ref with mapping name |
---|---|
Returns: | mapping_ref |
Add an IdP-Protocol configuration.
Raises : | keystone.exception.IdentityProviderNotFound |
---|
Delete an identity provider.
Raises : | keystone.exception.IdentityProviderNotFound |
---|
Delete a mapping.
Parameters: | mapping_id – id of mapping to delete |
---|---|
Returns: | None |
Delete an IdP-Protocol configuration.
Raises : | keystone.exception.IdentityProviderNotFound, keystone.exception.FederatedProtocolNotFound, |
---|
Get an identity provider by ID.
Raises : | keystone.exception.IdentityProviderNotFound |
---|
Get a mapping, returns the mapping based on mapping_id.
Parameters: | mapping_id – id of mapping to get |
---|---|
Returns: | mapping_ref |
Get mapping based on idp_id and protocol_id.
Parameters: |
|
---|---|
Raises : | keystone.exception.IdentityProviderNotFound, keystone.exception.FederatedProtocolNotFound, |
Returns: | mapping_ref |
Get an IdP-Protocol configuration.
Raises : | keystone.exception.IdentityProviderNotFound, keystone.exception.FederatedProtocolNotFound |
---|
List all identity providers.
Raises : | keystone.exception.IdentityProviderNotFound |
---|
List an IdP’s supported protocols.
Raises : | keystone.exception.IdentityProviderNotFound, |
---|
Update an identity provider by ID.
Raises : | keystone.exception.IdentityProviderNotFound |
---|
Bases: keystone.common.manager.Manager
Default pivot point for the Federation backend.
See keystone.common.manager.Manager for more details on how this dynamically calls the backend.
Utilities for Federation Extension.
Bases: object
A class to process assertions and mapping rules.
Transform assertion to a dictionary of user name and group ids based on mapping rules.
This function will iterate through the mapping rules to find assertions that are valid.
Parameters: | assertion_data (dict) – an assertion containing values from an IdP |
---|
Example assertion_data:
{
'Email': 'testacct@example.com',
'UserName': 'testacct',
'FirstName': 'Test',
'LastName': 'Account',
'orgPersonType': 'Tester'
}
Returns: | dictionary with user and group_ids |
---|
The expected return structure is:
{
'name': 'foobar',
'group_ids': ['abc123', 'def456']
}