keystone.token.providers package¶
Subpackages¶
Submodules¶
keystone.token.providers.common module¶
-
class
keystone.token.providers.common.
BaseProvider
(*args, **kwargs)[source]¶
-
class
keystone.token.providers.common.
V2TokenDataHelper
(*args, **kwargs)[source]¶ Bases:
object
Creates V2 token data.
-
classmethod
format_catalog
(catalog_ref)[source]¶ Munge catalogs from internal to output format.
Internal catalogs look like:
{$REGION: { {$SERVICE: { $key1: $value1, ... } } }
The legacy api wants them to look like:
[{'name': $SERVICE[name], 'type': $SERVICE, 'endpoints': [{ 'tenantId': $tenant_id, ... 'region': $REGION, }], 'endpoints_links': [], }]
-
v3_to_v2_token
(v3_token_data)[source]¶ Convert v3 token data into v2.0 token data.
This method expects a dictionary generated from V3TokenDataHelper.get_token_data() and converts it to look like a v2.0 token dictionary.
Parameters: v3_token_data – dictionary formatted for v3 tokens Returns: dictionary formatted for v2 tokens Raises: keystone.exception.Unauthorized – If a specific token type is not supported in v2.
-
classmethod
-
class
keystone.token.providers.common.
V3TokenDataHelper
(*args, **kwargs)[source]¶ Bases:
object
Token data helper.
-
get_token_data
(user_id, method_names, domain_id=None, project_id=None, expires=None, trust=None, token=None, include_catalog=True, bind=None, access_token=None, issued_at=None, audit_info=None)[source]¶
-
populate_roles_for_groups
(token_data, group_ids, project_id=None, domain_id=None, user_id=None)[source]¶ Populate roles basing on provided groups and project/domain
Used for ephemeral users with dynamically assigned groups. This method does not return anything, yet it modifies token_data in place.
Parameters: - token_data – a dictionary used for building token response
- group_ids – list of group IDs a user is a member of
- project_id – project ID to scope to
- domain_id – domain ID to scope to
- user_id – user ID
Raises: keystone.exception.Unauthorized – when no roles were found for a (group_ids, project_id) or (group_ids, domain_id) pairs.
-
keystone.token.providers.pki module¶
Keystone PKI Token Provider
keystone.token.providers.pkiz module¶
Keystone Compressed PKI Token Provider
keystone.token.providers.uuid module¶
Keystone UUID Token Provider