keystoneauth1 package¶
Subpackages¶
- keystoneauth1.access package
- keystoneauth1.exceptions package
- Submodules
- keystoneauth1.exceptions.auth module
- keystoneauth1.exceptions.auth_plugins module
- keystoneauth1.exceptions.base module
- keystoneauth1.exceptions.catalog module
- keystoneauth1.exceptions.connection module
- keystoneauth1.exceptions.discovery module
- keystoneauth1.exceptions.http module
- keystoneauth1.exceptions.oidc module
- keystoneauth1.exceptions.response module
- keystoneauth1.exceptions.service_providers module
- Module contents
- keystoneauth1.extras package
- keystoneauth1.fixture package
- keystoneauth1.hacking package
- keystoneauth1.identity package
- Subpackages
- keystoneauth1.identity.generic package
- keystoneauth1.identity.v3 package
- Submodules
- keystoneauth1.identity.v3.base module
- keystoneauth1.identity.v3.federation module
- keystoneauth1.identity.v3.k2k module
- keystoneauth1.identity.v3.oidc module
- keystoneauth1.identity.v3.password module
- keystoneauth1.identity.v3.token module
- keystoneauth1.identity.v3.tokenless_auth module
- keystoneauth1.identity.v3.totp module
- Module contents
- Submodules
- keystoneauth1.identity.access module
- keystoneauth1.identity.base module
- keystoneauth1.identity.v2 module
- Module contents
- Subpackages
- keystoneauth1.loading package
- keystoneauth1.tests package
- Subpackages
- keystoneauth1.tests.unit package
- Subpackages
- keystoneauth1.tests.unit.access package
- keystoneauth1.tests.unit.extras package
- Subpackages
- keystoneauth1.tests.unit.extras.kerberos package
- Submodules
- keystoneauth1.tests.unit.extras.kerberos.base module
- keystoneauth1.tests.unit.extras.kerberos.test_fedkerb_loading module
- keystoneauth1.tests.unit.extras.kerberos.test_kerberos_loading module
- keystoneauth1.tests.unit.extras.kerberos.test_mapped module
- keystoneauth1.tests.unit.extras.kerberos.test_v3 module
- keystoneauth1.tests.unit.extras.kerberos.utils module
- Module contents
- keystoneauth1.tests.unit.extras.oauth1 package
- keystoneauth1.tests.unit.extras.saml2 package
- keystoneauth1.tests.unit.extras.kerberos package
- Module contents
- Subpackages
- keystoneauth1.tests.unit.identity package
- Submodules
- keystoneauth1.tests.unit.identity.test_access module
- keystoneauth1.tests.unit.identity.test_identity_common module
- keystoneauth1.tests.unit.identity.test_identity_v2 module
- keystoneauth1.tests.unit.identity.test_identity_v3 module
- keystoneauth1.tests.unit.identity.test_identity_v3_federation module
- keystoneauth1.tests.unit.identity.test_identity_v3_oidc module
- keystoneauth1.tests.unit.identity.test_password module
- keystoneauth1.tests.unit.identity.test_token module
- keystoneauth1.tests.unit.identity.test_tokenless_auth module
- keystoneauth1.tests.unit.identity.utils module
- Module contents
- keystoneauth1.tests.unit.loading package
- Submodules
- keystoneauth1.tests.unit.loading.test_cli module
- keystoneauth1.tests.unit.loading.test_conf module
- keystoneauth1.tests.unit.loading.test_entry_points module
- keystoneauth1.tests.unit.loading.test_generic module
- keystoneauth1.tests.unit.loading.test_loading module
- keystoneauth1.tests.unit.loading.test_session module
- keystoneauth1.tests.unit.loading.test_v3 module
- keystoneauth1.tests.unit.loading.utils module
- Module contents
- Submodules
- keystoneauth1.tests.unit.client_fixtures module
- keystoneauth1.tests.unit.k2k_fixtures module
- keystoneauth1.tests.unit.keystoneauth_fixtures module
- keystoneauth1.tests.unit.matchers module
- keystoneauth1.tests.unit.oidc_fixtures module
- keystoneauth1.tests.unit.test_betamax_fixture module
- keystoneauth1.tests.unit.test_betamax_hooks module
- keystoneauth1.tests.unit.test_betamax_serializer module
- keystoneauth1.tests.unit.test_discovery module
- keystoneauth1.tests.unit.test_fixtures module
- keystoneauth1.tests.unit.test_hacking_checks module
- keystoneauth1.tests.unit.test_matchers module
- keystoneauth1.tests.unit.test_session module
- keystoneauth1.tests.unit.test_token_endpoint module
- keystoneauth1.tests.unit.test_utils module
- keystoneauth1.tests.unit.utils module
- Module contents
- Subpackages
- keystoneauth1.tests.unit package
- Module contents
- Subpackages
Submodules¶
keystoneauth1.adapter module¶
-
class
keystoneauth1.adapter.
Adapter
(session, service_type=None, service_name=None, interface=None, region_name=None, endpoint_override=None, version=None, auth=None, user_agent=None, connect_retries=None, logger=None, allow={}, additional_headers=None)¶ Bases:
object
An instance of a session with local variables.
A session is a global object that is shared around amongst many clients. It therefore contains state that is relevant to everyone. There is a lot of state such as the service type and region_name that are only relevant to a particular client that is using the session. An adapter provides a wrapper of client local data around the global session object.
Parameters: - session (keystoneauth1.session.Session) – The session object to wrap.
- service_type (str) – The default service_type for URL discovery.
- service_name (str) – The default service_name for URL discovery.
- interface (str) – The default interface for URL discovery.
- region_name (str) – The default region_name for URL discovery.
- endpoint_override (str) – Always use this endpoint URL for requests for this client.
- version (tuple) – The version that this API targets.
- auth (keystoneauth1.plugin.BaseAuthPlugin) – An auth plugin to use instead of the session one.
- user_agent (str) – The User-Agent string to set.
- connect_retries (int) – the maximum number of retries that should be attempted for connection errors. Default None - use session default which is don’t retry.
- logger (logging.Logger) – A logging object to use for requests that pass through this adapter.
- allow (dict) – Extra filters to pass when discovering API versions. (optional)
- additional_headers (dict) – Additional headers that should be attached to every request passing through the adapter. Headers of the same name specified per request will take priority.
-
delete
(url, **kwargs)¶
-
get
(url, **kwargs)¶
-
get_endpoint
(auth=None, **kwargs)¶ Get an endpoint as provided by the auth plugin.
Parameters: auth (keystoneauth1.plugin.BaseAuthPlugin) – The auth plugin to use for token. Overrides the plugin on the session. (optional) Raises: keystoneauth1.exceptions.auth_plugins.MissingAuthPlugin – if a plugin is not available. Returns: An endpoint if available or None. Return type: str
-
get_project_id
(auth=None)¶ Return the authenticated project_id as provided by the auth plugin.
Parameters: auth (keystoneauth1.plugin.BaseAuthPlugin) – The auth plugin to use for token. Overrides the plugin on the session. (optional)
Raises: - keystoneauth1.exceptions.auth.AuthorizationFailure – if a new token fetch fails.
- keystoneauth1.exceptions.auth_plugins.MissingAuthPlugin – if a plugin is not available.
Returns: Current project_id or None if not supported by plugin.
Return type:
-
get_token
(auth=None)¶ Return a token as provided by the auth plugin.
Parameters: auth (keystoneauth1.plugin.BaseAuthPlugin) – The auth plugin to use for token. Overrides the plugin on the session. (optional) Raises: keystoneauth1.exceptions.auth.AuthorizationFailure – if a new token fetch fails. Returns: A valid token. Return type: str
-
get_user_id
(auth=None)¶ Return the authenticated user_id as provided by the auth plugin.
Parameters: auth (keystoneauth1.plugin.BaseAuthPlugin) – The auth plugin to use for token. Overrides the plugin on the session. (optional)
Raises: - keystoneauth1.exceptions.auth.AuthorizationFailure – if a new token fetch fails.
- keystoneauth1.exceptions.auth_plugins.MissingAuthPlugin – if a plugin is not available.
Returns: Current user_id or None if not supported by plugin.
Return type:
-
head
(url, **kwargs)¶
-
invalidate
(auth=None)¶ Invalidate an authentication plugin.
-
patch
(url, **kwargs)¶
-
post
(url, **kwargs)¶
-
put
(url, **kwargs)¶
-
classmethod
register_argparse_arguments
(parser, service_type=None)¶ Attach arguments to a given argparse Parser for Adapters.
Parameters: - parser (argparse.ArgumentParser) – The argparse parser to attach options to.
- service_type (str) – Default service_type value. (optional)
-
classmethod
register_service_argparse_arguments
(parser, service_type)¶ Attach arguments to a given argparse Parser for Adapters.
Parameters: - parser (argparse.ArgumentParser) – The argparse parser to attach options to.
- service_type (str) – Name of a service to generate additional arguments for.
-
request
(url, method, **kwargs)¶
-
class
keystoneauth1.adapter.
LegacyJsonAdapter
(session, service_type=None, service_name=None, interface=None, region_name=None, endpoint_override=None, version=None, auth=None, user_agent=None, connect_retries=None, logger=None, allow={}, additional_headers=None)¶ Bases:
keystoneauth1.adapter.Adapter
Make something that looks like an old HTTPClient.
A common case when using an adapter is that we want an interface similar to the HTTPClients of old which returned the body as JSON as well.
You probably don’t want this if you are starting from scratch.
-
request
(*args, **kwargs)¶
-
-
keystoneauth1.adapter.
register_adapter_argparse_arguments
(*args, **kwargs)¶
-
keystoneauth1.adapter.
register_service_adapter_argparse_arguments
(*args, **kwargs)¶
keystoneauth1.discover module¶
The passive components to version discovery.
The Discover object in discover.py contains functions that can create objects on your behalf. These functions are not usable from within the keystoneauth1 library because you will get dependency resolution issues.
The Discover object in this file provides the querying components of Discovery. This includes functions like url_for which allow you to retrieve URLs and the raw data specified in version discovery responses.
-
class
keystoneauth1.discover.
Discover
(session, url, authenticated=None)¶ Bases:
object
-
CURRENT_STATUSES
= ('stable', 'current', 'supported')¶
-
DEPRECATED_STATUSES
= ('deprecated',)¶
-
EXPERIMENTAL_STATUSES
= ('experimental',)¶
-
data_for
(version, **kwargs)¶ Return endpoint data for a version.
Parameters: version (tuple) – The version is always a minimum version in the same major release as there should be no compatibility issues with using a version newer than the one asked for. Returns: the endpoint data for a URL that matches the required version (the format is described in version_data) or None if no match. Return type: dict
-
raw_version_data
(allow_experimental=False, allow_deprecated=True, allow_unknown=False)¶ Get raw version information from URL.
Raw data indicates that only minimal validation processing is performed on the data, so what is returned here will be the data in the same format it was received from the endpoint.
Parameters: Returns: The endpoints returned from the server that match the criteria.
Return type:
-
url_for
(version, **kwargs)¶ Get the endpoint url for a version.
Parameters: version (tuple) – The version is always a minimum version in the same major release as there should be no compatibility issues with using a version newer than the one asked for. Returns: The url for the specified version or None if no match. Return type: str
-
version_data
(reverse=False, **kwargs)¶ Get normalized version data.
Return version data in a structured way.
Parameters: reverse (bool) – Reverse the list. reverse=true will mean the returned list is sorted from newest to oldest version. Returns: - A list of version data dictionaries sorted by version number.
- Each data element in the returned list is a dictionary consisting of at least:
version tuple: The normalized version of the endpoint. url str: The url for the endpoint. raw_status str: The status as provided by the server Return type: list(dict)
-
-
keystoneauth1.discover.
add_catalog_discover_hack
(service_type, old, new)¶ Add a version removal rule for a particular service.
Originally deployments of OpenStack would contain a versioned endpoint in the catalog for different services. E.g. an identity service might look like
http://localhost:5000/v2.0
. This is a problem when we want to use a different version like v3.0 as there is no way to tell where it is located. We cannot simply change all service catalogs either so there must be a way to handle the older style of catalog.This function adds a rule for a given service type that if part of the URL matches a given regular expression in old then it will be replaced with the new value. This will replace all instances of old with new. It should therefore contain a regex anchor.
For example the included rule states:
add_catalog_version_hack('identity', re.compile('/v2.0/?$'), '/')
so if the catalog retrieves an identity URL that ends with /v2.0 or /v2.0/ then it should replace it simply with / to fix the user’s catalog.
Parameters: - service_type (str) – The service type as defined in the catalog that the rule will apply to.
- old (re.RegexObject) – The regular expression to search for and replace if found.
- new (str) – The new string to replace the pattern with.
-
keystoneauth1.discover.
get_version_data
(session, url, authenticated=None)¶ Retrieve raw version data from a url.
-
keystoneauth1.discover.
normalize_version_number
(version)¶ Turn a version representation into a tuple.
-
keystoneauth1.discover.
version_match
(required, candidate)¶ Test that an available version satisfies the required version.
To be suitable a version must be of the same major version as required and be at least a match in minor/patch level.
eg. 3.3 is a match for a required 3.1 but 4.1 is not.
Parameters: Returns: True if candidate is suitable False otherwise.
Return type:
keystoneauth1.plugin module¶
-
class
keystoneauth1.plugin.
BaseAuthPlugin
¶ Bases:
object
The basic structure of an authentication plugin.
Note
See Authentication Plugins for a description of plugins provided by this library.
-
get_auth_state
()¶ Retrieve the current authentication state for the plugin.
Retrieve any internal state that represents the authenticated plugin.
This should not fetch any new data if it is not present.
Raises: NotImplementedError – if the plugin does not support this feature. Returns: raw python data (which can be JSON serialized) that can be moved into another plugin (of the same type) to have the same authenticated state. Return type: object or None if unauthenticated.
-
get_cache_id
()¶ Fetch an identifier that uniquely identifies the auth options.
The returned identifier need not be decomposable or otherwise provide anyway to recreate the plugin. It should not contain sensitive data in plaintext.
This string MUST change if any of the parameters that are used to uniquely identity this plugin change.
If get_cache_id returns a str value suggesting that caching is supported then get_auth_cache and set_auth_cache must also be implemented.
Returns: A unique string for the set of options Return type: str or None if this is unsupported or unavailable.
-
get_connection_params
(session, **kwargs)¶ Return any additional connection parameters required for the plugin.
Parameters: session (keystoneclient.session.Session) – The session object that the auth_plugin belongs to. Returns: Headers that are set to authenticate a message or None for failure. Note that when checking this value that the empty dict is a valid, non-failure response. Return type: dict
-
get_endpoint
(session, **kwargs)¶ Return an endpoint for the client.
There are no required keyword arguments to
get_endpoint
as a plugin implementation should use best effort with the information available to determine the endpoint. However there are certain standard options that will be generated by the clients and should be used by plugins:service_type
: what sort of service is required.service_name
: the name of the service in the catalog.interface
: what visibility the endpoint should have.region_name
: the region the endpoint exists in.
Parameters: session (keystoneauth1.session.Session) – The session object that the auth_plugin belongs to. Returns: The base URL that will be used to talk to the required service or None if not available. Return type: string
-
get_headers
(session, **kwargs)¶ Fetch authentication headers for message.
This is a more generalized replacement of the older get_token to allow plugins to specify different or additional authentication headers to the OpenStack standard ‘X-Auth-Token’ header.
How the authentication headers are obtained is up to the plugin. If the headers are still valid they may be re-used, retrieved from cache or the plugin may invoke an authentication request against a server.
The default implementation of get_headers calls the get_token method to enable older style plugins to continue functioning unchanged. Subclasses should feel free to completely override this function to provide the headers that they want.
There are no required kwargs. They are passed directly to the auth plugin and they are implementation specific.
Returning None will indicate that no token was able to be retrieved and that authorization was a failure. Adding no authentication data can be achieved by returning an empty dictionary.
Parameters: session (keystoneauth1.session.Session) – The session object that the auth_plugin belongs to. Returns: Headers that are set to authenticate a message or None for failure. Note that when checking this value that the empty dict is a valid, non-failure response. Return type: dict
-
get_project_id
(session, **kwargs)¶ Return the project id that we are authenticated to.
Wherever possible the project id should be inferred from the token however there are certain URLs and other places that require access to the currently authenticated project id.
Parameters: session (keystoneauth1.session.Session) – A session object so the plugin can make HTTP calls. Returns: A project identifier or None if one is not available. Return type: str
-
get_sp_auth_url
(session, sp_id, **kwargs)¶ Return auth_url from the Service Provider object.
This url is used for obtaining unscoped federated token from remote cloud.
Parameters: sp_id (string) – ID of the Service Provider to be queried. Returns: A Service Provider auth_url or None if one is not available. Return type: str
-
get_sp_url
(session, sp_id, **kwargs)¶ Return sp_url from the Service Provider object.
This url is used for passing SAML2 assertion to the remote cloud.
Parameters: sp_id (str) – ID of the Service Provider to be queried. Returns: A Service Provider sp_url or None if one is not available. Return type: str
-
get_token
(session, **kwargs)¶ Obtain a token.
How the token is obtained is up to the plugin. If it is still valid it may be re-used, retrieved from cache or invoke an authentication request against a server.
There are no required kwargs. They are passed directly to the auth plugin and they are implementation specific.
Returning None will indicate that no token was able to be retrieved.
This function is misplaced as it should only be required for auth plugins that use the ‘X-Auth-Token’ header. However due to the way plugins evolved this method is required and often called to trigger an authentication request on a new plugin.
When implementing a new plugin it is advised that you implement this method, however if you don’t require the ‘X-Auth-Token’ header override the get_headers method instead.
Parameters: session (keystoneauth1.session.Session) – A session object so the plugin can make HTTP calls. Returns: A token to use. Return type: string
-
get_user_id
(session, **kwargs)¶ Return a unique user identifier of the plugin.
Wherever possible the user id should be inferred from the token however there are certain URLs and other places that require access to the currently authenticated user id.
Parameters: session (keystoneauth1.session.Session) – A session object so the plugin can make HTTP calls. Returns: A user identifier or None if one is not available. Return type: str
-
invalidate
()¶ Invalidate the current authentication data.
This should result in fetching a new token on next call.
A plugin may be invalidated if an Unauthorized HTTP response is returned to indicate that the token may have been revoked or is otherwise now invalid.
Returns: True if there was something that the plugin did to invalidate. This means that it makes sense to try again. If nothing happens returns False to indicate give up. Return type: bool
-
set_auth_state
(data)¶ Install existing authentication state for a plugin.
Take the output of get_auth_state and install that authentication state into the current authentication plugin.
Raises: NotImplementedError – if the plugin does not support this feature.
-
keystoneauth1.session module¶
-
class
keystoneauth1.session.
Session
(auth=None, session=None, original_ip=None, verify=True, cert=None, timeout=None, user_agent=None, redirect=30, additional_headers=None)¶ Bases:
object
Maintains client communication state and common functionality.
As much as possible the parameters to this class reflect and are passed directly to the
requests
library.Parameters: - auth (keystoneauth1.plugin.BaseAuthPlugin) – An authentication plugin to authenticate the session with. (optional, defaults to None)
- session (requests.Session) – A requests session object that can be used for issuing requests. (optional)
- original_ip (str) – The original IP of the requesting user which will be sent to identity service in a ‘Forwarded’ header. (optional)
- verify – The verification arguments to pass to requests. These are of the same form as requests expects, so True or False to verify (or not) against system certificates or a path to a bundle or CA certs to check against or None for requests to attempt to locate and use certificates. (optional, defaults to True)
- cert – A client certificate to pass to requests. These are of the same form as requests expects. Either a single filename containing both the certificate and key or a tuple containing the path to the certificate then a path to the key. (optional)
- timeout (float) – A timeout to pass to requests. This should be a numerical value indicating some amount (or fraction) of seconds or 0 for no timeout. (optional, defaults to 0)
- user_agent (str) – A User-Agent header string to use for the request.
If not provided, a default of
DEFAULT_USER_AGENT
is used, which contains the keystoneauth1 version as well as those of the requests library and which Python is being used. When a non-None value is passed, it will be prepended to the default. - redirect (int/bool) – Controls the maximum number of redirections that can be followed by a request. Either an integer for a specific count or True/False for forever/never. (optional, default to 30)
- additional_headers (dict) – Additional headers that should be attached to every request passing through the session. Headers of the same name specified per request will take priority.
-
adapters
¶
-
get_auth_connection_params
(auth=None, **kwargs)¶ Return auth connection params as provided by the auth plugin.
An auth plugin may specify connection parameters to the request like providing a client certificate for communication.
We restrict the values that may be returned from this function to prevent an auth plugin overriding values unrelated to connection parmeters. The values that are currently accepted are:
- cert: a path to a client certificate, or tuple of client certificate and key pair that are used with this request.
- verify: a boolean value to indicate verifying SSL certificates against the system CAs or a path to a CA file to verify with.
These values are passed to the requests library and further information on accepted values may be found there.
Parameters: auth (keystoneauth1.plugin.BaseAuthPlugin) – The auth plugin to use for tokens. Overrides the plugin on the session. (optional)
Raises: - keystoneauth1.exceptions.auth.AuthorizationFailure – if a new token fetch fails.
- keystoneauth1.exceptions.auth_plugins.MissingAuthPlugin – if a plugin is not available.
- keystoneauth1.exceptions.auth_plugins.UnsupportedParameters – if the plugin returns a parameter that is not supported by this session.
Returns: Authentication headers or None for failure.
Return type:
-
get_auth_headers
(auth=None, **kwargs)¶ Return auth headers as provided by the auth plugin.
Parameters: auth (keystoneauth1.plugin.BaseAuthPlugin) – The auth plugin to use for token. Overrides the plugin on the session. (optional)
Raises: - keystoneauth1.exceptions.auth.AuthorizationFailure – if a new token fetch fails.
- keystoneauth1.exceptions.auth_plugins.MissingAuthPlugin – if a plugin is not available.
Returns: Authentication headers or None for failure.
Return type:
-
get_endpoint
(auth=None, **kwargs)¶ Get an endpoint as provided by the auth plugin.
Parameters: auth (keystoneauth1.plugin.BaseAuthPlugin) – The auth plugin to use for token. Overrides the plugin on the session. (optional) Raises: keystoneauth1.exceptions.auth_plugins.MissingAuthPlugin – if a plugin is not available. Returns: An endpoint if available or None. Return type: string
-
get_project_id
(auth=None)¶ Return the authenticated project_id as provided by the auth plugin.
Parameters: auth (keystoneauth1.plugin.BaseAuthPlugin) – The auth plugin to use for token. Overrides the plugin on the session. (optional)
Raises: - keystoneauth1.exceptions.auth.AuthorizationFailure – if a new token fetch fails.
- keystoneauth1.exceptions.auth_plugins.MissingAuthPlugin – if a plugin is not available.
Returns: Current project_id or None if not supported by plugin.
Return type:
-
get_token
(auth=None)¶ Return a token as provided by the auth plugin.
Parameters: auth (keystoneauth1.plugin.BaseAuthPlugin) – The auth plugin to use for token. Overrides the plugin on the session. (optional)
Raises: - keystoneauth1.exceptions.auth.AuthorizationFailure – if a new token fetch fails.
- keystoneauth1.exceptions.auth_plugins.MissingAuthPlugin – if a plugin is not available.
Warning
DEPRECATED: This assumes that the only header that is used to authenticate a message is
X-Auth-Token
. This may not be correct. Useget_auth_headers()
instead.Returns: A valid token. Return type: string
-
get_user_id
(auth=None)¶ Return the authenticated user_id as provided by the auth plugin.
Parameters: auth (keystoneauth1.plugin.BaseAuthPlugin) – The auth plugin to use for token. Overrides the plugin on the session. (optional)
Raises: - keystoneauth1.exceptions.auth.AuthorizationFailure – if a new token fetch fails.
- keystoneauth1.exceptions.auth_plugins.MissingAuthPlugin – if a plugin is not available.
Returns: Current user_id or None if not supported by plugin.
Return type:
-
invalidate
(auth=None)¶ Invalidate an authentication plugin.
Parameters: auth (keystoneauth1.plugin.BaseAuthPlugin) – The auth plugin to invalidate. Overrides the plugin on the session. (optional)
-
mount
(scheme, adapter)¶
-
request
(url, method, json=None, original_ip=None, user_agent=None, redirect=None, authenticated=None, endpoint_filter=None, auth=None, requests_auth=None, raise_exc=True, allow_reauth=True, log=True, endpoint_override=None, connect_retries=0, logger=<logging.Logger object>, allow={}, **kwargs)¶ Send an HTTP request with the specified characteristics.
Wrapper around requests.Session.request to handle tasks such as setting headers, JSON encoding/decoding, and error handling.
Arguments that are not handled are passed through to the requests library.
Parameters: - url (str) – Path or fully qualified URL of HTTP request. If only a path is provided then endpoint_filter must also be provided such that the base URL can be determined. If a fully qualified URL is provided then endpoint_filter will be ignored.
- method (str) – The http method to use. (e.g. ‘GET’, ‘POST’)
- original_ip (str) – Mark this request as forwarded for this ip. (optional)
- headers (dict) – Headers to be included in the request. (optional)
- json – Some data to be represented as JSON. (optional)
- user_agent (str) – A user_agent to use for the request. If present will override one present in headers. (optional)
- redirect (int/bool) – the maximum number of redirections that can be followed by a request. Either an integer for a specific count or True/False for forever/never. (optional)
- connect_retries (int) – the maximum number of retries that should be attempted for connection errors. (optional, defaults to 0 - never retry).
- authenticated (bool) – True if a token should be attached to this request, False if not or None for attach if an auth_plugin is available. (optional, defaults to None)
- endpoint_filter (dict) – Data to be provided to an auth plugin with which it should be able to determine an endpoint to use for this request. If not provided then URL is expected to be a fully qualified URL. (optional)
- endpoint_override (str) – The URL to use instead of looking up the
endpoint in the auth plugin. This will be
ignored if a fully qualified URL is
provided but take priority over an
endpoint_filter. This string may contain
the values
%(project_id)s
and%(user_id)s
to have those values replaced by the project_id/user_id of the current authentication. (optional) - auth (keystoneauth1.plugin.BaseAuthPlugin) – The auth plugin to use when authenticating this request. This will override the plugin that is attached to the session (if any). (optional)
- requests_auth (
requests.auth.AuthBase
) – A requests library auth plugin that cannot be passed via kwarg because the auth kwarg collides with our own auth plugins. (optional) - raise_exc (bool) – If True then raise an appropriate exception for failed HTTP requests. If False then return the request object. (optional, default True)
- allow_reauth (bool) – Allow fetching a new token and retrying the request on receiving a 401 Unauthorized response. (optional, default True)
- log (bool) – If True then log the request and response data to the debug log. (optional, default True)
- logger (logging.Logger) – The logger object to use to log request and responses. If not provided the keystoneauth1.session default logger will be used.
- allow (dict) – Extra filters to pass when discovering API versions. (optional)
- kwargs –
any other parameter that can be passed to
requests.Session.request()
(such as headers). Except:- data will be overwritten by the data in the json param.
- allow_redirects is ignored as redirects are handled by the session.
Raises: keystoneauth1.exceptions.base.ClientException – For connection failure, or to indicate an error response code.
Returns: The response to the request.
-
user_agent
= None¶
-
class
keystoneauth1.session.
TCPKeepAliveAdapter
(pool_connections=10, pool_maxsize=10, max_retries=0, pool_block=False)¶ Bases:
requests.adapters.HTTPAdapter
The custom adapter used to set TCP Keep-Alive on all connections.
This Adapter also preserves the default behaviour of Requests which disables Nagle’s Algorithm. See also: http://blogs.msdn.com/b/windowsazurestorage/archive/2010/06/25/nagle-s-algorithm-is-not-friendly-towards-small-requests.aspx
-
init_poolmanager
(*args, **kwargs)¶
-
keystoneauth1.token_endpoint module¶
-
class
keystoneauth1.token_endpoint.
Token
(endpoint, token)¶ Bases:
keystoneauth1.plugin.BaseAuthPlugin
A provider that will always use the given token and endpoint.
This is really only useful for testing and in certain CLI cases where you have a known endpoint and admin token that you want to use.
-
get_auth_ref
(session, **kwargs)¶ Return the authentication reference of an auth plugin.
Parameters: session (keystoneauth1.session.session) – A session object to be used for communication
-
get_endpoint
(session, **kwargs)¶ Return the supplied endpoint.
Using this plugin the same endpoint is returned regardless of the parameters passed to the plugin.
-
get_token
(session)¶
-