keystone.federation.backends package

Submodules

keystone.federation.backends.base module

class keystone.federation.backends.base.FederationDriverBase[source]

Bases: object

create_idp(idp_id, idp)[source]

Create an identity provider.

Parameters:
  • idp_id (string) – ID of IdP object
  • idp (dict) – idp object
Returns:

idp ref

Return type:

dict

create_mapping(mapping_id, mapping)[source]

Create a mapping.

Parameters:
  • mapping_id (string) – ID of mapping object
  • mapping (dict) – mapping ref with mapping name
Returns:

mapping ref

Return type:

dict

create_protocol(idp_id, protocol_id, protocol)[source]

Add an IdP-Protocol configuration.

Parameters:
  • idp_id (string) – ID of IdP object
  • protocol_id (string) – ID of protocol object
  • protocol (dict) – protocol object
Raises keystone.exception.IdentityProviderNotFound:
 

If the IdP doesn’t exist.

Returns:

protocol ref

Return type:

dict

create_sp(sp_id, sp)[source]

Create a service provider.

Parameters:
  • sp_id (string) – id of the service provider
  • sp (dict) – service provider object
Returns:

service provider ref

Return type:

dict

delete_idp(idp_id)[source]

Delete an identity provider.

Parameters:idp_id (string) – ID of IdP object
Raises keystone.exception.IdentityProviderNotFound:
 If the IdP doesn’t exist.
delete_mapping(mapping_id)[source]

Delete a mapping.

Parameters:mapping_id – id of mapping to delete
Returns:None
delete_protocol(idp_id, protocol_id)[source]

Delete an IdP-Protocol configuration.

Parameters:
  • idp_id (string) – ID of IdP object
  • protocol_id (string) – ID of protocol object
Raises:
delete_sp(sp_id)[source]

Delete a service provider.

Parameters:sp_id (string) – id of the service provider
Raises keystone.exception.ServiceProviderNotFound:
 If the service provider doesn’t exist.
get_enabled_service_providers()[source]

List enabled service providers for Service Catalog.

Service Provider in a catalog contains three attributes: id, auth_url, sp_url, where:

  • id is a unique, user defined identifier for service provider object
  • auth_url is an authentication URL of remote Keystone
  • sp_url a URL accessible at the remote service provider where SAML assertion is transmitted.
Returns:list of dictionaries with enabled service providers
Return type:list of dicts
get_idp(idp_id)[source]

Get an identity provider by ID.

Parameters:idp_id (string) – ID of IdP object
Raises keystone.exception.IdentityProviderNotFound:
 If the IdP doesn’t exist.
Returns:idp ref
Return type:dict
get_idp_from_remote_id(remote_id)[source]

Get an identity provider by remote ID.

Parameters:remote_id – ID of remote IdP
Raises keystone.exception.IdentityProviderNotFound:
 If the IdP doesn’t exist.
Returns:idp ref
Return type:dict
get_mapping(mapping_id)[source]

Get a mapping, returns the mapping based on mapping_id.

Parameters:mapping_id – id of mapping to get
Raises keystone.exception.MappingNotFound:
 If the mapping cannot be found.
Returns:mapping ref
Return type:dict
get_mapping_from_idp_and_protocol(idp_id, protocol_id)[source]

Get mapping based on idp_id and protocol_id.

Parameters:
  • idp_id (string) – id of the identity provider
  • protocol_id (string) – id of the protocol
Raises:
Returns:

mapping ref

Return type:

dict

get_protocol(idp_id, protocol_id)[source]

Get an IdP-Protocol configuration.

Parameters:
  • idp_id (string) – ID of IdP object
  • protocol_id (string) – ID of protocol object
Raises:
Returns:

protocol ref

Return type:

dict

get_sp(sp_id)[source]

Get a service provider.

Parameters:sp_id (string) – id of the service provider
Returns:service provider ref
Return type:dict
Raises keystone.exception.ServiceProviderNotFound:
 If the service provider doesn’t exist.
list_mappings()[source]

List all mappings.

Returns:list of mapping refs
Return type:list of dicts
list_protocols(idp_id)[source]

List an IdP’s supported protocols.

Parameters:idp_id (string) – ID of IdP object
Raises keystone.exception.IdentityProviderNotFound:
 If the IdP doesn’t exist.
Returns:list of protocol ref
Return type:list of dict
update_idp(idp_id, idp)[source]

Update an identity provider by ID.

Parameters:
  • idp_id (string) – ID of IdP object
  • idp (dict) – idp object
Raises keystone.exception.IdentityProviderNotFound:
 

If the IdP doesn’t exist.

Returns:

idp ref

Return type:

dict

update_mapping(mapping_id, mapping_ref)[source]

Update a mapping.

Parameters:
  • mapping_id (string) – id of mapping to update
  • mapping_ref (dict) – new mapping ref
Returns:

mapping ref

Return type:

dict

update_protocol(idp_id, protocol_id, protocol)[source]

Change an IdP-Protocol configuration.

Parameters:
  • idp_id (string) – ID of IdP object
  • protocol_id (string) – ID of protocol object
  • protocol (dict) – protocol object
Raises:
Returns:

protocol ref

Return type:

dict

update_sp(sp_id, sp)[source]

Update a service provider.

Parameters:
  • sp_id (string) – id of the service provider
  • sp (dict) – service prvider object
Returns:

service provider ref

Return type:

dict

Raises keystone.exception.ServiceProviderNotFound:
 

If the service provider doesn’t exist.

class keystone.federation.backends.base.FederationDriverV8[source]

Bases: keystone.federation.backends.base.FederationDriverBase

Removed or redefined methods from V8.

Move the abstract methods of any methods removed or modified in later versions of the driver from FederationDriverBase to here. We maintain this so that legacy drivers, which will be a subclass of FederationDriverV8, can still reference them.

list_idps()[source]

List all identity providers.

Returns:list of idp refs
Return type:list of dicts
Raises keystone.exception.IdentityProviderNotFound:
 If the IdP doesn’t exist.
list_sps()[source]

List all service providers.

Returns:List of service provider ref objects
Return type:list of dicts
class keystone.federation.backends.base.FederationDriverV9[source]

Bases: keystone.federation.backends.base.FederationDriverBase

New or redefined methods from V8.

Add any new V9 abstract methods (or those with modified signatures) to this class.

list_idps(hints)[source]

List all identity providers.

Parameters:hints – filter hints which the driver should implement if at all possible.
Returns:list of idp refs
Return type:list of dicts
Raises keystone.exception.IdentityProviderNotFound:
 If the IdP doesn’t exist.
list_sps(hints)[source]

List all service providers.

Parameters:hints – filter hints which the driver should implement if at all possible.
Returns:List of service provider ref objects
Return type:list of dicts
Raises keystone.exception.ServiceProviderNotFound:
 If the SP doesn’t exist.
class keystone.federation.backends.base.V9FederationWrapperForV8Driver(*args, **kwargs)[source]

Bases: keystone.federation.backends.base.FederationDriverV9

Wrapper class to supported a V8 legacy driver.

In order to support legacy drivers without having to make the manager code driver-version aware, we wrap legacy drivers so that they look like the latest version. For the various changes made in a new driver, here are the actions needed in this wrapper:

Method removed from new driver - remove the call-through method from this
class, since the manager will no longer be calling it.
Method signature (or meaning) changed - wrap the old method in a new
signature here, and munge the input and output parameters accordingly.
New method added to new driver - add a method to implement the new
functionality here if possible. If that is not possible, then return NotImplemented, since we do not guarantee to support new functionality with legacy drivers.
create_idp(idp_id, idp)[source]
create_mapping(mapping_id, mapping)[source]
create_protocol(idp_id, protocol_id, protocol)[source]
create_sp(sp_id, sp)[source]
delete_idp(idp_id)[source]
delete_mapping(mapping_id)[source]
delete_protocol(idp_id, protocol_id)[source]
delete_sp(sp_id)[source]
get_enabled_service_providers()[source]
get_idp(idp_id)[source]
get_idp_from_remote_id(remote_id)[source]
get_mapping(mapping_id)[source]
get_mapping_from_idp_and_protocol(idp_id, protocol_id)[source]
get_protocol(idp_id, protocol_id)[source]
get_sp(sp_id)[source]
list_idps(hints)[source]
list_mappings()[source]
list_protocols(idp_id)[source]
list_sps(hints)[source]
update_idp(idp_id, idp)[source]
update_mapping(mapping_id, mapping_ref)[source]
update_protocol(idp_id, protocol_id, protocol)[source]
update_sp(sp_id, sp)[source]

keystone.federation.backends.sql module

class keystone.federation.backends.sql.Federation[source]

Bases: keystone.federation.backends.base.FederationDriverV9

create_idp(idp_id, idp)[source]
create_mapping(*args, **kwargs)[source]
create_protocol(*args, **kwargs)[source]
create_sp(*args, **kwargs)[source]
delete_idp(idp_id)[source]
delete_mapping(mapping_id)[source]
delete_protocol(idp_id, protocol_id)[source]
delete_sp(sp_id)[source]
get_enabled_service_providers()[source]
get_idp(idp_id)[source]
get_idp_from_remote_id(remote_id)[source]
get_mapping(mapping_id)[source]
get_mapping_from_idp_and_protocol(idp_id, protocol_id)[source]
get_protocol(idp_id, protocol_id)[source]
get_sp(sp_id)[source]
list_idps(hints=None)[source]
list_mappings()[source]
list_protocols(idp_id)[source]
list_sps(hints=None)[source]
update_idp(idp_id, idp)[source]
update_mapping(*args, **kwargs)[source]
update_protocol(idp_id, protocol_id, protocol)[source]
update_sp(sp_id, sp)[source]
class keystone.federation.backends.sql.FederationProtocolModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.DictBase

attributes = ['id', 'idp_id', 'mapping_id']
classmethod from_dict(dictionary)[source]
id
idp_id
mapping_id
mutable_attributes = frozenset(['mapping_id'])
to_dict()[source]

Return a dictionary with model’s attributes.

class keystone.federation.backends.sql.IdPRemoteIdsModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.DictBase

attributes = ['idp_id', 'remote_id']
classmethod from_dict(dictionary)[source]
idp_id
mutable_attributes = frozenset(['idp_id', 'remote_id'])
remote_id
to_dict()[source]

Return a dictionary with model’s attributes.

class keystone.federation.backends.sql.IdentityProviderModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.DictBase

attributes = ['id', 'enabled', 'description', 'remote_ids']
description
enabled
classmethod from_dict(dictionary)[source]
id
mutable_attributes = frozenset(['description', 'enabled', 'remote_ids'])
remote_ids
to_dict()[source]

Return a dictionary with model’s attributes.

class keystone.federation.backends.sql.MappingModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.DictBase

attributes = ['id', 'rules']
classmethod from_dict(dictionary)[source]
id
rules
to_dict()[source]

Return a dictionary with model’s attributes.

class keystone.federation.backends.sql.ServiceProviderModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.DictBase

attributes = ['auth_url', 'id', 'enabled', 'description', 'relay_state_prefix', 'sp_url']
auth_url
description
enabled
classmethod from_dict(dictionary)[source]
id
mutable_attributes = frozenset(['description', 'sp_url', 'relay_state_prefix', 'auth_url', 'enabled'])
relay_state_prefix
sp_url
to_dict()[source]

Return a dictionary with model’s attributes.

Module contents