Token provider interface.
keystone.token.provider.
Manager
[source]¶Bases: keystone.common.manager.Manager
Default pivot point for the token provider backend.
See keystone.common.manager.Manager
for more details on how this
dynamically calls the backend.
INVALIDATE_PROJECT_TOKEN_PERSISTENCE
= 'invalidate_project_tokens'¶INVALIDATE_USER_TOKEN_PERSISTENCE
= 'invalidate_user_tokens'¶V3
= 'v3.0'¶VERSIONS
= frozenset(['v3.0'])¶driver_namespace
= 'keystone.token.provider'¶keystone.token.token_formatters.
ApplicationCredentialScopedPayload
[source]¶Bases: keystone.token.token_formatters.BasePayload
assemble
(user_id, methods, system, project_id, domain_id, expires_at, audit_ids, trust_id, federated_info, access_token_id, app_cred_id)[source]¶version
= 9¶keystone.token.token_formatters.
BasePayload
[source]¶Bases: object
assemble
(user_id, methods, system, project_id, domain_id, expires_at, audit_ids, trust_id, federated_info, access_token_id, app_cred_id)[source]¶Assemble the payload of a token.
Parameters: |
|
---|---|
Returns: | the payload of a token |
attempt_convert_uuid_hex_to_bytes
(value)[source]¶Attempt to convert value to bytes or return value.
Parameters: | value – value to attempt to convert to bytes |
---|---|
Returns: | tuple containing boolean indicating whether user_id was stored as bytes and uuid value as bytes or the original value |
convert_uuid_bytes_to_hex
(uuid_byte_string)[source]¶Generate uuid.hex format based on byte string.
Parameters: | uuid_byte_string – uuid string to generate from |
---|---|
Returns: | uuid hex formatted string |
convert_uuid_hex_to_bytes
(uuid_string)[source]¶Compress UUID formatted strings to bytes.
Parameters: | uuid_string – uuid string to compress to bytes |
---|---|
Returns: | a byte representation of the uuid |
create_arguments_apply
(**kwargs)[source]¶Check the arguments to see if they apply to this payload variant.
Returns: | True if the arguments indicate that this payload class is needed for the token otherwise returns False. |
---|---|
Return type: | bool |
disassemble
(payload)[source]¶Disassemble an unscoped payload into the component data.
The tuple consists of:
(user_id, methods, system, project_id, domain_id,
expires_at_str, audit_ids, trust_id, federated_info,
access_token_id, app_cred_id)
methods
are the auth methods.Fields will be set to None if they didn’t apply to this payload type.
Parameters: | payload – this variant of payload |
---|---|
Returns: | a tuple of the payloads component data |
random_urlsafe_str_to_bytes
(s)[source]¶Convert a string from random_urlsafe_str()
to six.binary_type.
Return type: | six.binary_type |
---|
version
= None¶keystone.token.token_formatters.
DomainScopedPayload
[source]¶Bases: keystone.token.token_formatters.BasePayload
assemble
(user_id, methods, system, project_id, domain_id, expires_at, audit_ids, trust_id, federated_info, access_token_id, app_cred_id)[source]¶version
= 1¶keystone.token.token_formatters.
FederatedDomainScopedPayload
[source]¶Bases: keystone.token.token_formatters.FederatedScopedPayload
version
= 6¶keystone.token.token_formatters.
FederatedProjectScopedPayload
[source]¶Bases: keystone.token.token_formatters.FederatedScopedPayload
version
= 5¶keystone.token.token_formatters.
FederatedScopedPayload
[source]¶Bases: keystone.token.token_formatters.FederatedUnscopedPayload
assemble
(user_id, methods, system, project_id, domain_id, expires_at, audit_ids, trust_id, federated_info, access_token_id, app_cred_id)[source]¶version
= None¶keystone.token.token_formatters.
FederatedUnscopedPayload
[source]¶Bases: keystone.token.token_formatters.BasePayload
assemble
(user_id, methods, system, project_id, domain_id, expires_at, audit_ids, trust_id, federated_info, access_token_id, app_cred_id)[source]¶version
= 4¶keystone.token.token_formatters.
OauthScopedPayload
[source]¶Bases: keystone.token.token_formatters.BasePayload
assemble
(user_id, methods, system, project_id, domain_id, expires_at, audit_ids, trust_id, federated_info, access_token_id, app_cred_id)[source]¶version
= 7¶keystone.token.token_formatters.
ProjectScopedPayload
[source]¶Bases: keystone.token.token_formatters.BasePayload
assemble
(user_id, methods, system, project_id, domain_id, expires_at, audit_ids, trust_id, federated_info, access_token_id, app_cred_id)[source]¶version
= 2¶keystone.token.token_formatters.
SystemScopedPayload
[source]¶Bases: keystone.token.token_formatters.BasePayload
assemble
(user_id, methods, system, project_id, domain_id, expires_at, audit_ids, trust_id, federated_info, access_token_id, app_cred_id)[source]¶version
= 8¶keystone.token.token_formatters.
TokenFormatter
[source]¶Bases: object
Packs and unpacks payloads into tokens for transport.
create_token
(user_id, expires_at, audit_ids, methods=None, system=None, domain_id=None, project_id=None, trust_id=None, federated_info=None, access_token_id=None, app_cred_id=None)[source]¶Given a set of payload attributes, generate a Fernet token.
crypto
¶Return a cryptography instance.
You can extend this class with a custom crypto @property to provide
your own token encoding / decoding. For example, using a different
cryptography library (e.g. python-keyczar
) or to meet arbitrary
security requirements.
This @property just needs to return an object that implements
encrypt(plaintext)
and decrypt(ciphertext)
.
keystone.token.token_formatters.
TrustScopedPayload
[source]¶Bases: keystone.token.token_formatters.BasePayload
assemble
(user_id, methods, system, project_id, domain_id, expires_at, audit_ids, trust_id, federated_info, access_token_id, app_cred_id)[source]¶version
= 3¶Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.