keystonemiddleware package

Subpackages

Submodules

keystonemiddleware.audit module

Build open standard audit information based on incoming requests

AuditMiddleware filter should be placed after keystonemiddleware.auth_token in the pipeline so that it can utilise the information the Identity server provides.

class keystonemiddleware.audit.AuditMap

Bases: tuple

AuditMap(path_kw, custom_actions, service_endpoints, default_target_endpoint_type)

custom_actions

Alias for field number 1

default_target_endpoint_type

Alias for field number 3

path_kw

Alias for field number 0

service_endpoints

Alias for field number 2

class keystonemiddleware.audit.AuditMiddleware(app, **conf)

Bases: object

Create an audit event based on request/response.

The audit middleware takes in various configuration options such as the ability to skip audit of certain requests. The full list of options can be discovered here: http://docs.openstack.org/developer/keystonemiddleware/audit.html

class keystonemiddleware.audit.ClientResource(project_id=None, **kwargs)

Bases: pycadf.resource.Resource

class keystonemiddleware.audit.KeystoneCredential(identity_status=None, **kwargs)

Bases: pycadf.credential.Credential

class keystonemiddleware.audit.OpenStackAuditApi(cfg_file)

Bases: object

get_action(req)

Take a given Request, parse url path to calculate action type.

Depending on req.method:

if POST:

  • path ends with ‘action’, read the body and use as action;
  • path ends with known custom_action, take action from config;
  • request ends with known path, assume is create action;
  • request ends with unknown path, assume is update action.

if GET:

  • request ends with known path, assume is list action;
  • request ends with unknown path, assume is read action.

if PUT, assume update action. if DELETE, assume delete action. if HEAD, assume read action.

get_target_resource(req)

Retrieve target information

If discovery is enabled, target will attempt to retrieve information from service catalog. If not, the information will be taken from given config file.

exception keystonemiddleware.audit.PycadfAuditApiConfigError

Bases: exceptions.Exception

Error raised when pyCADF fails to configure correctly.

class keystonemiddleware.audit.Service

Bases: tuple

Service(id, name, type, admin_endp, public_endp, private_endp)

admin_endp

Alias for field number 3

id

Alias for field number 0

name

Alias for field number 1

private_endp

Alias for field number 5

public_endp

Alias for field number 4

type

Alias for field number 2

keystonemiddleware.audit.filter_factory(global_conf, **local_conf)

Returns a WSGI filter app for use with paste.deploy.

keystonemiddleware.ec2_token module

Starting point for routing EC2 requests.

class keystonemiddleware.ec2_token.EC2Token(application)

Bases: object

Authenticate an EC2 request with keystone and convert to token.

keystonemiddleware.ec2_token.app_factory(global_conf, **local_conf)
keystonemiddleware.ec2_token.filter_factory(global_conf, **local_conf)

Returns a WSGI filter app for use with paste.deploy.

keystonemiddleware.i18n module

oslo.i18n integration module.

See http://docs.openstack.org/developer/oslo.i18n/usage.html .

keystonemiddleware.opts module

keystonemiddleware.opts.list_auth_token_opts()

Return a list of oslo_config options available in auth_token middleware.

The returned list includes all oslo_config options which may be registered at runtime by the project.

Each element of the list is a tuple. The first element is the name of the group under which the list of elements in the second element will be registered. A group name of None corresponds to the [DEFAULT] group in config files.

This function is also discoverable via the entry point ‘keystonemiddleware.auth_token’ under the ‘oslo.config.opts’ namespace.

The purpose of this is to allow tools like the Oslo sample config file generator to discover the options exposed to users by this middleware.

Returns:a list of (group_name, opts) tuples

keystonemiddleware.s3_token module

S3 Token Middleware

This WSGI component:

  • Gets a request from the swift3 middleware with an S3 Authorization access key.
  • Validates s3 token in Keystone.
  • Transforms the account name to AUTH_%(tenant_name).
class keystonemiddleware.s3_token.S3Token(app, conf)

Bases: object

Middleware that handles S3 authentication.

exception keystonemiddleware.s3_token.ServiceError

Bases: exceptions.Exception

keystonemiddleware.s3_token.filter_factory(global_conf, **local_conf)

Returns a WSGI filter app for use with paste.deploy.

Module contents

Table Of Contents

Project Source

This Page

Navigation

© Copyright OpenStack Contributors. Last updated on Sun May 15 18:09:51 2016, commit f9cb1e4. Created using Sphinx 1.2.3.