keystone package

Subpackages

• keystone.assignment package
  • Subpackages
    • keystone.assignment.backends package
      • Submodules
      • keystone.assignment.backends.base module
      • keystone.assignment.backends.sql module
      • Module contents
    • keystone.assignment.role_backends package
      • Submodules
      • keystone.assignment.role_backends.base module
      • keystone.assignment.role_backends.sql module
      • Module contents
  • Submodules
  • keystone.assignment.controllers module
  • keystone.assignment.core module
  • keystone.assignment.routers module
  • keystone.assignment.schema module
  • Module contents
• keystone.auth package
  • Subpackages
    • keystone.auth.plugins package
      • Submodules
      • keystone.auth.plugins.base module
      • keystone.auth.plugins.core module
      • keystone.auth.plugins.external module
      • keystone.auth.plugins.mapped module
      • keystone.auth.plugins.oauth1 module
      • keystone.auth.plugins.password module
      • keystone.auth.plugins.token module
      • keystone.auth.plugins.totp module
      • Module contents
  • Submodules
  • keystone.auth.controllers module
  • keystone.auth.core module
  • keystone.auth.routers module
  • keystone.auth.schema module
  • Module contents
• keystone.catalog package
  • Subpackages
    • keystone.catalog.backends package
      • Submodules
      • keystone.catalog.backends.base module
      • keystone.catalog.backends.sql module
      • keystone.catalog.backends.templated module
      • Module contents
  • Submodules
  • keystone.catalog.controllers module
  • keystone.catalog.core module
  • keystone.catalog.routers module
  • keystone.catalog.schema module
  • Module contents
• keystone.cmd package
  • Subpackages
    • keystone.cmd.doctor package
      • Submodules
      • keystone.cmd.doctor.caching module
      • keystone.cmd.doctor.credential module
      • keystone.cmd.doctor.database module
      • keystone.cmd.doctor.debug module
      • keystone.cmd.doctor.federation module
      • keystone.cmd.doctor.ldap module
      • keystone.cmd.doctor.security_compliance module
      • keystone.cmd.doctor.tokens module
      • keystone.cmd.doctor.tokens_fernet module
      • Module contents
  • Submodules
  • keystone.cmd.cli module
  • keystone.cmd.manage module
  • Module contents
• keystone.common package
  • Subpackages
    • keystone.common.cache package
      • Submodules
      • keystone.common.cache.core module
      • Module contents
    • keystone.common.kvs package
      • Subpackages
        • keystone.common.kvs.backends package
          • Submodules
          • keystone.common.kvs.backends.inmemdb module
          • keystone.common.kvs.backends.memcached module
          • Module contents
      • Submodules
      • keystone.common.kvs.core module
      • Module contents
    • keystone.common.ldap package
      • Submodules
      • keystone.common.ldap.core module
      • keystone.common.ldap.models module
      • Module contents
    • keystone.common.sql package
      • Subpackages
        • keystone.common.sql.contract_repo package
          • Subpackages
            • keystone.common.sql.contract_repo.versions package
              • Submodules
              • keystone.common.sql.contract_repo.versions.001_contract_initial_null_migration module
              • keystone.common.sql.contract_repo.versions.002_password_created_at_not_nullable module
              • keystone.common.sql.contract_repo.versions.003_remove_unencrypted_blob_column_from_credential module
              • keystone.common.sql.contract_repo.versions.004_reset_password_created_at module
              • keystone.common.sql.contract_repo.versions.005_placeholder module
              • keystone.common.sql.contract_repo.versions.006_placeholder module
              • keystone.common.sql.contract_repo.versions.007_placeholder module
              • keystone.common.sql.contract_repo.versions.008_placeholder module
              • keystone.common.sql.contract_repo.versions.009_placeholder module
              • keystone.common.sql.contract_repo.versions.010_contract_add_revocation_event_index module
              • keystone.common.sql.contract_repo.versions.011_contract_user_id_unique_for_nonlocal_user module
              • keystone.common.sql.contract_repo.versions.012_contract_add_domain_id_to_idp module
              • keystone.common.sql.contract_repo.versions.013_protocol_cascade_delete_for_federated_user module
              • keystone.common.sql.contract_repo.versions.014_contract_add_domain_id_to_user_table module
              • keystone.common.sql.contract_repo.versions.015_contract_update_federated_user_domain module
              • keystone.common.sql.contract_repo.versions.016_contract_add_user_options module
              • Module contents
          • Submodules
          • keystone.common.sql.contract_repo.manage module
          • Module contents
        • keystone.common.sql.data_migration_repo package
          • Subpackages
            • keystone.common.sql.data_migration_repo.versions package
              • Submodules
              • keystone.common.sql.data_migration_repo.versions.001_data_initial_null_migration module
              • keystone.common.sql.data_migration_repo.versions.002_password_created_at_not_nullable module
              • keystone.common.sql.data_migration_repo.versions.003_migrate_unencrypted_credentials module
              • keystone.common.sql.data_migration_repo.versions.004_reset_password_created_at module
              • keystone.common.sql.data_migration_repo.versions.005_placeholder module
              • keystone.common.sql.data_migration_repo.versions.006_placeholder module
              • keystone.common.sql.data_migration_repo.versions.007_placeholder module
              • keystone.common.sql.data_migration_repo.versions.008_placeholder module
              • keystone.common.sql.data_migration_repo.versions.009_placeholder module
              • keystone.common.sql.data_migration_repo.versions.010_migrate_add_revocation_event_index module
              • keystone.common.sql.data_migration_repo.versions.011_expand_user_id_unique_for_nonlocal_user module
              • keystone.common.sql.data_migration_repo.versions.012_migrate_add_domain_id_to_idp module
              • keystone.common.sql.data_migration_repo.versions.013_protocol_cascade_delete_for_federated_user module
              • keystone.common.sql.data_migration_repo.versions.014_migrate_add_domain_id_to_user_table module
              • keystone.common.sql.data_migration_repo.versions.015_migrate_update_federated_user_domain module
              • keystone.common.sql.data_migration_repo.versions.016_migrate_add_user_options module
              • Module contents
          • Submodules
          • keystone.common.sql.data_migration_repo.manage module
          • Module contents
        • keystone.common.sql.expand_repo package
          • Subpackages
            • keystone.common.sql.expand_repo.versions package
              • Submodules
              • keystone.common.sql.expand_repo.versions.001_expand_initial_null_migration module
              • keystone.common.sql.expand_repo.versions.002_password_created_at_not_nullable module
              • keystone.common.sql.expand_repo.versions.003_add_key_hash_and_encrypted_blob_to_credential module
              • keystone.common.sql.expand_repo.versions.004_reset_password_created_at module
              • keystone.common.sql.expand_repo.versions.005_placeholder module
              • keystone.common.sql.expand_repo.versions.006_placeholder module
              • keystone.common.sql.expand_repo.versions.007_placeholder module
              • keystone.common.sql.expand_repo.versions.008_placeholder module
              • keystone.common.sql.expand_repo.versions.009_placeholder module
              • keystone.common.sql.expand_repo.versions.010_expand_add_revocation_event_index module
              • keystone.common.sql.expand_repo.versions.011_expand_user_id_unique_for_nonlocal_user module
              • keystone.common.sql.expand_repo.versions.012_expand_add_domain_id_to_idp module
              • keystone.common.sql.expand_repo.versions.013_protocol_cascade_delete_for_federated_user module
              • keystone.common.sql.expand_repo.versions.014_expand_add_domain_id_to_user_table module
              • keystone.common.sql.expand_repo.versions.015_expand_update_federated_user_domain module
              • keystone.common.sql.expand_repo.versions.016_expand_add_user_options module
              • Module contents
          • Submodules
          • keystone.common.sql.expand_repo.manage module
          • Module contents
        • keystone.common.sql.migrate_repo package
          • Subpackages
            • keystone.common.sql.migrate_repo.versions package
              • Submodules
              • keystone.common.sql.migrate_repo.versions.067_kilo module
              • keystone.common.sql.migrate_repo.versions.068_placeholder module
              • keystone.common.sql.migrate_repo.versions.069_placeholder module
              • keystone.common.sql.migrate_repo.versions.070_placeholder module
              • keystone.common.sql.migrate_repo.versions.071_placeholder module
              • keystone.common.sql.migrate_repo.versions.072_placeholder module
              • keystone.common.sql.migrate_repo.versions.073_insert_assignment_inherited_pk module
              • keystone.common.sql.migrate_repo.versions.074_add_is_domain_project module
              • keystone.common.sql.migrate_repo.versions.075_confirm_config_registration module
              • keystone.common.sql.migrate_repo.versions.076_placeholder module
              • keystone.common.sql.migrate_repo.versions.077_placeholder module
              • keystone.common.sql.migrate_repo.versions.078_placeholder module
              • keystone.common.sql.migrate_repo.versions.079_placeholder module
              • keystone.common.sql.migrate_repo.versions.080_placeholder module
              • keystone.common.sql.migrate_repo.versions.081_add_endpoint_policy_table module
              • keystone.common.sql.migrate_repo.versions.082_add_federation_tables module
              • keystone.common.sql.migrate_repo.versions.083_add_oauth1_tables module
              • keystone.common.sql.migrate_repo.versions.084_add_revoke_tables module
              • keystone.common.sql.migrate_repo.versions.085_add_endpoint_filtering_table module
              • keystone.common.sql.migrate_repo.versions.086_add_duplicate_constraint_trusts module
              • keystone.common.sql.migrate_repo.versions.087_implied_roles module
              • keystone.common.sql.migrate_repo.versions.088_domain_specific_roles module
              • keystone.common.sql.migrate_repo.versions.089_add_root_of_all_domains module
              • keystone.common.sql.migrate_repo.versions.090_add_local_user_and_password_tables module
              • keystone.common.sql.migrate_repo.versions.091_migrate_data_to_local_user_and_password_tables module
              • keystone.common.sql.migrate_repo.versions.092_make_implied_roles_fks_cascaded module
              • keystone.common.sql.migrate_repo.versions.093_migrate_domains_to_projects module
              • keystone.common.sql.migrate_repo.versions.094_add_federated_user_table module
              • keystone.common.sql.migrate_repo.versions.095_add_integer_pkey_to_revocation_event_table module
              • keystone.common.sql.migrate_repo.versions.096_drop_role_name_constraint module
              • keystone.common.sql.migrate_repo.versions.097_drop_user_name_domainid_constraint module
              • keystone.common.sql.migrate_repo.versions.098_placeholder module
              • keystone.common.sql.migrate_repo.versions.099_placeholder module
              • keystone.common.sql.migrate_repo.versions.100_placeholder module
              • keystone.common.sql.migrate_repo.versions.101_drop_role_name_constraint module
              • keystone.common.sql.migrate_repo.versions.102_drop_domain_table module
              • keystone.common.sql.migrate_repo.versions.103_add_nonlocal_user_table module
              • keystone.common.sql.migrate_repo.versions.104_drop_user_name_domainid_constraint module
              • keystone.common.sql.migrate_repo.versions.105_add_password_date_columns module
              • keystone.common.sql.migrate_repo.versions.106_allow_password_column_to_be_nullable module
              • keystone.common.sql.migrate_repo.versions.107_add_user_date_columns module
              • keystone.common.sql.migrate_repo.versions.108_add_failed_auth_columns module
              • keystone.common.sql.migrate_repo.versions.109_add_password_self_service_column module
              • Module contents
          • Submodules
          • keystone.common.sql.migrate_repo.manage module
          • Module contents
      • Submodules
      • keystone.common.sql.core module
      • keystone.common.sql.upgrades module
      • Module contents
    • keystone.common.validation package
      • Submodules
      • keystone.common.validation.parameter_types module
      • keystone.common.validation.validators module
      • Module contents
  • Submodules
  • keystone.common.authorization module
  • keystone.common.clean module
  • keystone.common.context module
  • keystone.common.controller module
  • keystone.common.dependency module
  • keystone.common.driver_hints module
  • keystone.common.extension module
  • keystone.common.fernet_utils module
  • keystone.common.json_home module
  • keystone.common.manager module
  • keystone.common.openssl module
  • keystone.common.profiler module
  • keystone.common.request module
  • keystone.common.resource_options module
  • keystone.common.router module
  • keystone.common.tokenless_auth module
  • keystone.common.utils module
  • keystone.common.wsgi module
  • Module contents
• keystone.conf package
  • Submodules
  • keystone.conf.assignment module
  • keystone.conf.auth module
  • keystone.conf.catalog module
  • keystone.conf.constants module
  • keystone.conf.credential module
  • keystone.conf.default module
  • keystone.conf.domain_config module
  • keystone.conf.endpoint_filter module
  • keystone.conf.endpoint_policy module
  • keystone.conf.eventlet_server module
  • keystone.conf.federation module
  • keystone.conf.fernet_tokens module
  • keystone.conf.identity module
  • keystone.conf.identity_mapping module
  • keystone.conf.kvs module
  • keystone.conf.ldap module
  • keystone.conf.memcache module
  • keystone.conf.oauth1 module
  • keystone.conf.opts module
  • keystone.conf.paste_deploy module
  • keystone.conf.policy module
  • keystone.conf.resource module
  • keystone.conf.revoke module
  • keystone.conf.role module
  • keystone.conf.saml module
  • keystone.conf.security_compliance module
  • keystone.conf.shadow_users module
  • keystone.conf.signing module
  • keystone.conf.token module
  • keystone.conf.tokenless_auth module
  • keystone.conf.trust module
  • keystone.conf.utils module
  • Module contents
• keystone.contrib package
  • Subpackages
    • keystone.contrib.ec2 package
      • Submodules
      • keystone.contrib.ec2.controllers module
      • keystone.contrib.ec2.core module
      • keystone.contrib.ec2.routers module
      • Module contents
    • keystone.contrib.endpoint_filter package
      • Subpackages
        • keystone.contrib.endpoint_filter.backends package
          • Submodules
          • keystone.contrib.endpoint_filter.backends.catalog_sql module
          • Module contents
      • Module contents
    • keystone.contrib.s3 package
      • Submodules
      • keystone.contrib.s3.core module
      • Module contents
  • Module contents
• keystone.credential package
  • Subpackages
    • keystone.credential.backends package
      • Submodules
      • keystone.credential.backends.base module
      • keystone.credential.backends.sql module
      • Module contents
    • keystone.credential.providers package
      • Subpackages
        • keystone.credential.providers.fernet package
          • Submodules
          • keystone.credential.providers.fernet.core module
          • Module contents
      • Submodules
      • keystone.credential.providers.core module
      • Module contents
  • Submodules
  • keystone.credential.controllers module
  • keystone.credential.core module
  • keystone.credential.provider module
  • keystone.credential.routers module
  • keystone.credential.schema module
  • Module contents
• keystone.endpoint_policy package
  • Subpackages
    • keystone.endpoint_policy.backends package
      • Submodules
      • keystone.endpoint_policy.backends.base module
      • keystone.endpoint_policy.backends.sql module
      • Module contents
  • Submodules
  • keystone.endpoint_policy.controllers module
  • keystone.endpoint_policy.core module
  • keystone.endpoint_policy.routers module
  • Module contents
• keystone.federation package
  • Subpackages
    • keystone.federation.backends package
      • Submodules
      • keystone.federation.backends.base module
      • keystone.federation.backends.sql module
      • Module contents
  • Submodules
  • keystone.federation.constants module
  • keystone.federation.controllers module
  • keystone.federation.core module
  • keystone.federation.idp module
  • keystone.federation.routers module
  • keystone.federation.schema module
  • keystone.federation.utils module
  • Module contents
• keystone.identity package
  • Subpackages
    • keystone.identity.backends package
      • Subpackages
        • keystone.identity.backends.ldap package
          • Submodules
          • keystone.identity.backends.ldap.common module
          • keystone.identity.backends.ldap.core module
          • keystone.identity.backends.ldap.models module
          • Module contents
      • Submodules
      • keystone.identity.backends.base module
      • keystone.identity.backends.resource_options module
      • keystone.identity.backends.sql module
      • keystone.identity.backends.sql_model module
      • Module contents
    • keystone.identity.id_generators package
      • Submodules
      • keystone.identity.id_generators.sha256 module
      • Module contents
    • keystone.identity.mapping_backends package
      • Submodules
      • keystone.identity.mapping_backends.base module
      • keystone.identity.mapping_backends.mapping module
      • keystone.identity.mapping_backends.sql module
      • Module contents
    • keystone.identity.shadow_backends package
      • Submodules
      • keystone.identity.shadow_backends.base module
      • keystone.identity.shadow_backends.sql module
      • Module contents
  • Submodules
  • keystone.identity.controllers module
  • keystone.identity.core module
  • keystone.identity.generator module
  • keystone.identity.routers module
  • keystone.identity.schema module
  • Module contents
• keystone.middleware package
  • Submodules
  • keystone.middleware.auth module
  • keystone.middleware.core module
  • Module contents
• keystone.models package
  • Submodules
  • keystone.models.revoke_model module
  • keystone.models.token_model module
  • Module contents
• keystone.oauth1 package
  • Subpackages
    • keystone.oauth1.backends package
      • Submodules
      • keystone.oauth1.backends.base module
      • keystone.oauth1.backends.sql module
      • Module contents
  • Submodules
  • keystone.oauth1.controllers module
  • keystone.oauth1.core module
  • keystone.oauth1.routers module
  • keystone.oauth1.schema module
  • keystone.oauth1.validator module
  • Module contents
• keystone.policy package
  • Subpackages
    • keystone.policy.backends package
      • Submodules
      • keystone.policy.backends.base module
      • keystone.policy.backends.rules module
      • keystone.policy.backends.sql module
      • Module contents
  • Submodules
  • keystone.policy.controllers module
  • keystone.policy.core module
  • keystone.policy.routers module
  • keystone.policy.schema module
  • Module contents
• keystone.resource package
  • Subpackages
    • keystone.resource.backends package
      • Submodules
      • keystone.resource.backends.base module
      • keystone.resource.backends.sql module
      • Module contents
    • keystone.resource.config_backends package
      • Submodules
      • keystone.resource.config_backends.base module
      • keystone.resource.config_backends.sql module
      • Module contents
  • Submodules
  • keystone.resource.controllers module
  • keystone.resource.core module
  • keystone.resource.routers module
  • keystone.resource.schema module
  • Module contents
• keystone.revoke package
  • Subpackages
    • keystone.revoke.backends package
      • Submodules
      • keystone.revoke.backends.base module
      • keystone.revoke.backends.sql module
      • Module contents
  • Submodules
  • keystone.revoke.controllers module
  • keystone.revoke.core module
  • keystone.revoke.model module
  • keystone.revoke.routers module
  • Module contents
• keystone.server package
  • Submodules
  • keystone.server.backends module
  • keystone.server.common module
  • keystone.server.wsgi module
  • Module contents
• keystone.tests package
  • Subpackages
    • keystone.tests.common package
      • Submodules
      • keystone.tests.common.auth module
      • Module contents
    • keystone.tests.functional package
      • Subpackages
        • keystone.tests.functional.shared package
          • Submodules
          • keystone.tests.functional.shared.test_running module
          • Module contents
      • Submodules
      • keystone.tests.functional.core module
      • Module contents
    • keystone.tests.hacking package
      • Submodules
      • keystone.tests.hacking.checks module
      • Module contents
    • keystone.tests.unit package
      • Subpackages
        • keystone.tests.unit.assignment package
          • Subpackages
            • keystone.tests.unit.assignment.role_backends package
              • Submodules
              • keystone.tests.unit.assignment.role_backends.test_sql module
              • Module contents
          • Submodules
          • keystone.tests.unit.assignment.test_backends module
          • keystone.tests.unit.assignment.test_core module
          • Module contents
        • keystone.tests.unit.auth package
          • Submodules
          • keystone.tests.unit.auth.test_controllers module
          • keystone.tests.unit.auth.test_schema module
          • Module contents
        • keystone.tests.unit.backend package
          • Submodules
          • keystone.tests.unit.backend.core_ldap module
          • keystone.tests.unit.backend.core_sql module
          • Module contents
        • keystone.tests.unit.catalog package
          • Submodules
          • keystone.tests.unit.catalog.test_backends module
          • keystone.tests.unit.catalog.test_core module
          • Module contents
        • keystone.tests.unit.common package
          • Submodules
          • keystone.tests.unit.common.test_authorization module
          • keystone.tests.unit.common.test_cache module
          • keystone.tests.unit.common.test_database_conflicts module
          • keystone.tests.unit.common.test_injection module
          • keystone.tests.unit.common.test_json_home module
          • keystone.tests.unit.common.test_notifications module
          • keystone.tests.unit.common.test_resource_options_common module
          • keystone.tests.unit.common.test_sql_core module
          • keystone.tests.unit.common.test_utils module
          • Module contents
        • keystone.tests.unit.contrib package
          • Subpackages
            • keystone.tests.unit.contrib.federation package
              • Submodules
              • keystone.tests.unit.contrib.federation.test_utils module
              • Module contents
          • Module contents
        • keystone.tests.unit.credential package
          • Submodules
          • keystone.tests.unit.credential.test_backend_sql module
          • keystone.tests.unit.credential.test_fernet_provider module
          • Module contents
        • keystone.tests.unit.endpoint_policy package
          • Subpackages
            • keystone.tests.unit.endpoint_policy.backends package
              • Submodules
              • keystone.tests.unit.endpoint_policy.backends.test_base module
              • keystone.tests.unit.endpoint_policy.backends.test_sql module
              • Module contents
          • Module contents
        • keystone.tests.unit.external package
          • Submodules
          • keystone.tests.unit.external.test_timeutils module
          • Module contents
        • keystone.tests.unit.federation package
          • Submodules
          • keystone.tests.unit.federation.test_core module
          • Module contents
        • keystone.tests.unit.identity package
          • Subpackages
            • keystone.tests.unit.identity.backends package
              • Submodules
              • keystone.tests.unit.identity.backends.test_base module
              • keystone.tests.unit.identity.backends.test_ldap module
              • keystone.tests.unit.identity.backends.test_ldap_common module
              • keystone.tests.unit.identity.backends.test_sql module
              • Module contents
            • keystone.tests.unit.identity.shadow_users package
              • Submodules
              • keystone.tests.unit.identity.shadow_users.test_backend module
              • keystone.tests.unit.identity.shadow_users.test_core module
              • Module contents
          • Submodules
          • keystone.tests.unit.identity.test_backend_sql module
          • keystone.tests.unit.identity.test_backends module
          • keystone.tests.unit.identity.test_controllers module
          • keystone.tests.unit.identity.test_core module
          • Module contents
        • keystone.tests.unit.ksfixtures package
          • Submodules
          • keystone.tests.unit.ksfixtures.auth_plugins module
          • keystone.tests.unit.ksfixtures.backendloader module
          • keystone.tests.unit.ksfixtures.cache module
          • keystone.tests.unit.ksfixtures.database module
          • keystone.tests.unit.ksfixtures.hacking module
          • keystone.tests.unit.ksfixtures.key_repository module
          • keystone.tests.unit.ksfixtures.ldapdb module
          • keystone.tests.unit.ksfixtures.policy module
          • keystone.tests.unit.ksfixtures.temporaryfile module
          • Module contents
        • keystone.tests.unit.policy package
          • Subpackages
            • keystone.tests.unit.policy.backends package
              • Submodules
              • keystone.tests.unit.policy.backends.test_base module
              • keystone.tests.unit.policy.backends.test_sql module
              • Module contents
          • Submodules
          • keystone.tests.unit.policy.test_backends module
          • Module contents
        • keystone.tests.unit.resource package
          • Subpackages
            • keystone.tests.unit.resource.backends package
              • Submodules
              • keystone.tests.unit.resource.backends.test_sql module
              • Module contents
            • keystone.tests.unit.resource.config_backends package
              • Submodules
              • keystone.tests.unit.resource.config_backends.test_sql module
              • Module contents
          • Submodules
          • keystone.tests.unit.resource.test_backends module
          • keystone.tests.unit.resource.test_controllers module
          • keystone.tests.unit.resource.test_core module
          • Module contents
        • keystone.tests.unit.schema package
          • Submodules
          • keystone.tests.unit.schema.v2 module
          • Module contents
        • keystone.tests.unit.tests package
          • Submodules
          • keystone.tests.unit.tests.test_core module
          • keystone.tests.unit.tests.test_utils module
          • Module contents
        • keystone.tests.unit.token package
          • Submodules
          • keystone.tests.unit.token.test_backends module
          • keystone.tests.unit.token.test_common module
          • keystone.tests.unit.token.test_fernet_provider module
          • keystone.tests.unit.token.test_token_data_helper module
          • keystone.tests.unit.token.test_token_model module
          • keystone.tests.unit.token.test_uuid_provider module
          • Module contents
        • keystone.tests.unit.trust package
          • Submodules
          • keystone.tests.unit.trust.test_backends module
          • Module contents
      • Submodules
      • keystone.tests.unit.core module
      • keystone.tests.unit.default_fixtures module
      • keystone.tests.unit.fakeldap module
      • keystone.tests.unit.federation_fixtures module
      • keystone.tests.unit.filtering module
      • keystone.tests.unit.identity_mapping module
      • keystone.tests.unit.mapping_fixtures module
      • keystone.tests.unit.rest module
      • keystone.tests.unit.test_associate_project_endpoint_extension module
      • keystone.tests.unit.test_auth module
      • keystone.tests.unit.test_auth_plugin module
      • keystone.tests.unit.test_backend_endpoint_policy module
      • keystone.tests.unit.test_backend_endpoint_policy_sql module
      • keystone.tests.unit.test_backend_federation_sql module
      • keystone.tests.unit.test_backend_id_mapping_sql module
      • keystone.tests.unit.test_backend_kvs module
      • keystone.tests.unit.test_backend_ldap module
      • keystone.tests.unit.test_backend_ldap_pool module
      • keystone.tests.unit.test_backend_rules module
      • keystone.tests.unit.test_backend_sql module
      • keystone.tests.unit.test_backend_templated module
      • keystone.tests.unit.test_catalog module
      • keystone.tests.unit.test_cert_setup module
      • keystone.tests.unit.test_cli module
      • keystone.tests.unit.test_config module
      • keystone.tests.unit.test_contrib_s3_core module
      • keystone.tests.unit.test_contrib_simple_cert module
      • keystone.tests.unit.test_credential module
      • keystone.tests.unit.test_driver_hints module
      • keystone.tests.unit.test_entry_points module
      • keystone.tests.unit.test_exception module
      • keystone.tests.unit.test_hacking_checks module
      • keystone.tests.unit.test_kvs module
      • keystone.tests.unit.test_ldap_livetest module
      • keystone.tests.unit.test_ldap_pool_livetest module
      • keystone.tests.unit.test_ldap_tls_livetest module
      • keystone.tests.unit.test_middleware module
      • keystone.tests.unit.test_no_admin_token_auth module
      • keystone.tests.unit.test_policy module
      • keystone.tests.unit.test_revoke module
      • keystone.tests.unit.test_shadow_users module
      • keystone.tests.unit.test_sql_banned_operations module
      • keystone.tests.unit.test_sql_upgrade module
      • keystone.tests.unit.test_token_bind module
      • keystone.tests.unit.test_token_provider module
      • keystone.tests.unit.test_url_middleware module
      • keystone.tests.unit.test_v2 module
      • keystone.tests.unit.test_v2_controller module
      • keystone.tests.unit.test_v2_validation module
      • keystone.tests.unit.test_v3 module
      • keystone.tests.unit.test_v3_assignment module
      • keystone.tests.unit.test_v3_auth module
      • keystone.tests.unit.test_v3_catalog module
      • keystone.tests.unit.test_v3_credential module
      • keystone.tests.unit.test_v3_domain_config module
      • keystone.tests.unit.test_v3_endpoint_policy module
      • keystone.tests.unit.test_v3_federation module
      • keystone.tests.unit.test_v3_filters module
      • keystone.tests.unit.test_v3_identity module
      • keystone.tests.unit.test_v3_oauth1 module
      • keystone.tests.unit.test_v3_os_revoke module
      • keystone.tests.unit.test_v3_policy module
      • keystone.tests.unit.test_v3_protection module
      • keystone.tests.unit.test_v3_resource module
      • keystone.tests.unit.test_v3_trust module
      • keystone.tests.unit.test_validation module
      • keystone.tests.unit.test_versions module
      • keystone.tests.unit.test_wsgi module
      • keystone.tests.unit.utils module
      • Module contents
  • Module contents
• keystone.token package
  • Subpackages
    • keystone.token.persistence package
      • Subpackages
        • keystone.token.persistence.backends package
          • Submodules
          • keystone.token.persistence.backends.kvs module
          • keystone.token.persistence.backends.sql module
          • Module contents
      • Submodules
      • keystone.token.persistence.core module
      • Module contents
    • keystone.token.providers package
      • Subpackages
        • keystone.token.providers.fernet package
          • Submodules
          • keystone.token.providers.fernet.core module
          • keystone.token.providers.fernet.token_formatters module
          • Module contents
      • Submodules
      • keystone.token.providers.base module
      • keystone.token.providers.common module
      • keystone.token.providers.uuid module
      • Module contents
  • Submodules
  • keystone.token.controllers module
  • keystone.token.provider module
  • keystone.token.routers module
  • Module contents
• keystone.trust package
  • Subpackages
    • keystone.trust.backends package
      • Submodules
      • keystone.trust.backends.base module
      • keystone.trust.backends.sql module
      • Module contents
  • Submodules
  • keystone.trust.controllers module
  • keystone.trust.core module
  • keystone.trust.routers module
  • keystone.trust.schema module
  • Module contents
• keystone.v2_crud package
  • Submodules
  • keystone.v2_crud.admin_crud module
  • keystone.v2_crud.user_crud module
  • Module contents
• keystone.version package
  • Submodules
  • keystone.version.controllers module
  • keystone.version.routers module
  • keystone.version.service module
  • Module contents

Submodules

keystone.exception module

exception keystone.exception.AccountLocked(message=None, **kwargs)

Bases: keystone.exception.Unauthorized

message_format = u'The account is locked for user: %(user_id)s.'

exception keystone.exception.AdditionalAuthRequired(auth_response=None, **kwargs)

Bases: keystone.exception.AuthPluginException

message_format = u'Additional authentications steps required.'

exception keystone.exception.AssignmentTypeCalculationError(message=None, **kwargs)

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Unexpected combination of grant attributes - User: %(user_id)s, Group: %(group_id)s, Project: %(project_id)s, Domain: %(domain_id)s.'

exception keystone.exception.AuthMethodNotSupported(*args, **kwargs)

Bases: keystone.exception.AuthPluginException

message_format = u'Attempted to authenticate with an unsupported method.'

exception keystone.exception.AuthPluginException(*args, **kwargs)

Bases: keystone.exception.Unauthorized

message_format = u'Authentication plugin error.'

exception keystone.exception.CertificateFilesUnavailable(message=None, **kwargs)

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Expected signing certificates are not available on the server. Please check Keystone configuration.'

exception keystone.exception.CircularRegionHierarchyError(message=None, **kwargs)

Bases: keystone.exception.Error

code = 400

message_format = u'The specified parent region %(parent_region_id)s would create a circular region hierarchy.'

title = 'Bad Request'

exception keystone.exception.ConfigFileNotFound(message=None, **kwargs)

Bases: keystone.exception.UnexpectedError

debug_message_format = u'The Keystone configuration file %(config_file)s could not be found.'

exception keystone.exception.ConfigRegistrationNotFound

Bases: exceptions.Exception

exception keystone.exception.Conflict(message=None, **kwargs)

Bases: keystone.exception.Error

code = 409

message_format = u'Conflict occurred attempting to store %(type)s - %(details)s.'

title = 'Conflict'

exception keystone.exception.CredentialEncryptionError

Bases: exceptions.Exception

message_format = u'An unexpected error prevented the server from accessing encrypted credentials.'

exception keystone.exception.CredentialNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find credential: %(credential_id)s.'

exception keystone.exception.CrossBackendNotAllowed(message=None, **kwargs)

Bases: keystone.exception.Forbidden

message_format = u'Group membership across backend boundaries is not allowed. Group in question is %(group_id)s, user is %(user_id)s.'

exception keystone.exception.DirectMappingError(message=None, **kwargs)

Bases: keystone.exception.UnexpectedError

message_format = u"Local section in mapping %(mapping_id)s refers to a remote match that doesn't exist (e.g. {0} in a local section)."

exception keystone.exception.DomainConfigNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find %(group_or_option)s in domain configuration for domain %(domain_id)s.'

exception keystone.exception.DomainNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find domain: %(domain_id)s.'

exception keystone.exception.DomainSpecificRoleMismatch(message=None, **kwargs)

Bases: keystone.exception.Forbidden

message_format = u'Project %(project_id)s must be in the same domain as the role %(role_id)s being assigned.'

exception keystone.exception.DomainSpecificRoleNotWithinIdPDomain(message=None, **kwargs)

Bases: keystone.exception.Forbidden

message_format = u'role: %(role_name)s must be within the same domain as the identity provider: %(identity_provider)s.'

exception keystone.exception.EndpointGroupNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find Endpoint Group: %(endpoint_group_id)s.'

exception keystone.exception.EndpointNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find endpoint: %(endpoint_id)s.'

exception keystone.exception.Error(message=None, **kwargs)

Bases: exceptions.Exception

Base error class.

Child classes should define an HTTP status code, title, and a message_format.

code = None

message_format = None

title = None

exception keystone.exception.FederatedProtocolNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find federated protocol %(protocol_id)s for Identity Provider: %(idp_id)s.'

exception keystone.exception.Forbidden(message=None, **kwargs)

Bases: keystone.exception.SecurityError

code = 403

message_format = u'You are not authorized to perform the requested action.'

title = 'Forbidden'

exception keystone.exception.ForbiddenAction(message=None, **kwargs)

Bases: keystone.exception.Forbidden

message_format = u'You are not authorized to perform the requested action: %(action)s.'

exception keystone.exception.ForbiddenNotSecurity(message=None, **kwargs)

Bases: keystone.exception.Error

When you want to return a 403 Forbidden response but not security.

Use this for errors where the message is always safe to present to the user and won’t give away extra information.

code = 403

title = 'Forbidden'

exception keystone.exception.Gone(message=None, **kwargs)

Bases: keystone.exception.Error

code = 410

message_format = u'The service you have requested is no longer available on this server.'

title = 'Gone'

exception keystone.exception.GroupNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find group: %(group_id)s.'

exception keystone.exception.IdentityProviderNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find Identity Provider: %(idp_id)s.'

exception keystone.exception.ImpliedRoleNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'%(prior_role_id)s does not imply %(implied_role_id)s.'

exception keystone.exception.InsufficientAuthMethods(message=None, **kwargs)

Bases: keystone.exception.Error

code = 401

message_format = u'Insufficient auth methods received for %(user_id)s. Auth Methods Provided: %(methods)s.'

title = 'Unauthorized'

exception keystone.exception.InvalidDomainConfig(message=None, **kwargs)

Bases: keystone.exception.Forbidden

message_format = u'Invalid domain specific configuration: %(reason)s.'

exception keystone.exception.InvalidImpliedRole(message=None, **kwargs)

Bases: keystone.exception.Forbidden

message_format = u'%(role_id)s cannot be an implied roles.'

exception keystone.exception.InvalidOperatorError(message=None, **kwargs)

Bases: keystone.exception.ValidationError

message_format = u"The given operator %(_op)s is not valid. It must be one of the following: 'eq', 'neq', 'lt', 'lte', 'gt', or 'gte'."

exception keystone.exception.InvalidPolicyAssociation(message=None, **kwargs)

Bases: keystone.exception.Forbidden

message_format = u'Invalid mix of entities for policy association: only Endpoint, Service, or Region+Service allowed. Request was - Endpoint: %(endpoint_id)s, Service: %(service_id)s, Region: %(region_id)s.'

exception keystone.exception.KeysNotFound(message=None, **kwargs)

Bases: keystone.exception.UnexpectedError

debug_message_format = u'No encryption keys found; run keystone-manage fernet_setup to bootstrap one.'

exception keystone.exception.LDAPServerConnectionError(message=None, **kwargs)

Bases: keystone.exception.Error

code = 504

message_format = u'Timed out waiting to establish a connection to the LDAP Server (%(url)s).'

title = 'Gateway Timeout'

exception keystone.exception.MalformedEndpoint(message=None, **kwargs)

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Malformed endpoint URL (%(endpoint)s), see ERROR log for details.'

exception keystone.exception.MappedGroupNotFound(message=None, **kwargs)

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Group %(group_id)s returned by mapping %(mapping_id)s was not found in the backend.'

exception keystone.exception.MappingNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find mapping: %(mapping_id)s.'

exception keystone.exception.MetadataFileError(message=None, **kwargs)

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Error while reading metadata file: %(reason)s.'

exception keystone.exception.MigrationNotProvided(mod_name, path)

Bases: exceptions.Exception

exception keystone.exception.MultipleSQLDriversInConfig(message=None, **kwargs)

Bases: keystone.exception.UnexpectedError

debug_message_format = u'The Keystone domain-specific configuration has specified more than one SQL driver (only one is permitted): %(source)s.'

exception keystone.exception.NotFound(message=None, **kwargs)

Bases: keystone.exception.Error

code = 404

message_format = u'Could not find: %(target)s.'

title = 'Not Found'

exception keystone.exception.NotImplemented(message=None, **kwargs)

Bases: keystone.exception.Error

code = 501

message_format = u'The action you have requested has not been implemented.'

title = 'Not Implemented'

exception keystone.exception.OAuthHeadersMissingError(message=None, **kwargs)

Bases: keystone.exception.UnexpectedError

debug_message_format = u'No Authorization headers found, cannot proceed with OAuth related calls. If running under HTTPd or Apache, ensure WSGIPassAuthorization is set to On.'

exception keystone.exception.PasswordAgeValidationError(message=None, **kwargs)

Bases: keystone.exception.PasswordValidationError

message_format = u'You cannot change your password at this time due to the minimum password age. Once you change your password, it must be used for %(min_age_days)d day(s) before it can be changed. Please try again in %(days_left)d day(s) or contact your administrator to reset your password.'

exception keystone.exception.PasswordExpired(message=None, **kwargs)

Bases: keystone.exception.Unauthorized

message_format = u'The password is expired and needs to be changed for user: %(user_id)s.'

exception keystone.exception.PasswordHistoryValidationError(message=None, **kwargs)

Bases: keystone.exception.PasswordValidationError

message_format = u'The new password cannot be identical to a previous password. The number of previous passwords that must be unique is %(unique_count)s.'

exception keystone.exception.PasswordRequirementsValidationError(message=None, **kwargs)

Bases: keystone.exception.PasswordValidationError

message_format = u'The password does not match the requirements: %(detail)s.'

exception keystone.exception.PasswordValidationError(message=None, **kwargs)

Bases: keystone.exception.ValidationError

message_format = u'Password validation error: %(detail)s.'

exception keystone.exception.PasswordVerificationError(message=None, **kwargs)

Bases: keystone.exception.ForbiddenNotSecurity

message_format = u'The password length must be less than or equal to %(size)i. The server could not comply with the request because the password is invalid.'

exception keystone.exception.PolicyAssociationNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find policy association.'

exception keystone.exception.PolicyNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find policy: %(policy_id)s.'

exception keystone.exception.ProjectNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find project: %(project_id)s.'

exception keystone.exception.PublicIDNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = '%(id)s'

exception keystone.exception.RegionDeletionError(message=None, **kwargs)

Bases: keystone.exception.ForbiddenNotSecurity

message_format = u'Unable to delete region %(region_id)s because it or its child regions have associated endpoints.'

exception keystone.exception.RegionNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find region: %(region_id)s.'

exception keystone.exception.RoleAssignmentNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find role assignment with role: %(role_id)s, user or group: %(actor_id)s, project or domain: %(target_id)s.'

exception keystone.exception.RoleNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find role: %(role_id)s.'

exception keystone.exception.SAMLSigningError(message=None, **kwargs)

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Unable to sign SAML assertion. It is likely that this server does not have xmlsec1 installed or this is the result of misconfiguration. Reason %(reason)s.'

exception keystone.exception.SchemaValidationError(message=None, **kwargs)

Bases: keystone.exception.ValidationError

message_format = u'%(detail)s'

exception keystone.exception.SecurityError(message=None, **kwargs)

Bases: keystone.exception.Error

Security error exception.

Avoids exposing details of security errors, unless in insecure_debug mode.

amendment = u'(Disable insecure_debug mode to suppress these details.)'

exception keystone.exception.ServiceNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find service: %(service_id)s.'

exception keystone.exception.ServiceProviderNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find Service Provider: %(sp_id)s.'

exception keystone.exception.StringLengthExceeded(message=None, **kwargs)

Bases: keystone.exception.ValidationError

message_format = u"String length exceeded. The length of string '%(string)s' exceeds the limit of column %(type)s(CHAR(%(length)d))."

exception keystone.exception.TokenNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find token: %(token_id)s.'

exception keystone.exception.TokenlessAuthConfigError(message=None, **kwargs)

Bases: keystone.exception.ValidationError

message_format = u'Could not determine Identity Provider ID. The configuration option %(issuer_attribute)s was not found in the request environment.'

exception keystone.exception.TrustConsumeMaximumAttempt(message=None, **kwargs)

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Unable to consume trust %(trust_id)s. Unable to acquire lock.'

exception keystone.exception.TrustNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find trust: %(trust_id)s.'

exception keystone.exception.TrustUseLimitReached(message=None, **kwargs)

Bases: keystone.exception.Forbidden

message_format = u'No remaining uses for trust: %(trust_id)s.'

exception keystone.exception.URLValidationError(message=None, **kwargs)

Bases: keystone.exception.ValidationError

message_format = u'Cannot create an endpoint with an invalid URL: %(url)s.'

exception keystone.exception.Unauthorized(message=None, **kwargs)

Bases: keystone.exception.SecurityError

code = 401

message_format = u'The request you have made requires authentication.'

title = 'Unauthorized'

exception keystone.exception.UnexpectedError(message=None, **kwargs)

Bases: keystone.exception.SecurityError

Avoids exposing details of failures, unless in insecure_debug mode.

code = 500

debug_message_format = u'An unexpected error prevented the server from fulfilling your request: %(exception)s.'

message_format = u'An unexpected error prevented the server from fulfilling your request.'

title = 'Internal Server Error'

exception keystone.exception.UnsupportedTokenVersionException(message=None, **kwargs)

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Token version is unrecognizable or unsupported.'

exception keystone.exception.UserDisabled(message=None, **kwargs)

Bases: keystone.exception.Unauthorized

message_format = u'The account is disabled for user: %(user_id)s.'

exception keystone.exception.UserNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find user: %(user_id)s.'

exception keystone.exception.ValidationError(message=None, **kwargs)

Bases: keystone.exception.Error

code = 400

message_format = u'Expecting to find %(attribute)s in %(target)s. The server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error.'

title = 'Bad Request'

exception keystone.exception.ValidationExpirationError(message=None, **kwargs)

Bases: keystone.exception.Error

code = 400

message_format = u"The 'expires_at' must not be before now. The server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error."

title = 'Bad Request'

exception keystone.exception.ValidationSizeError(message=None, **kwargs)

Bases: keystone.exception.Error

code = 400

message_format = u'Request attribute %(attribute)s must be less than or equal to %(size)i. The server could not comply with the request because the attribute size is invalid (too large). The client is assumed to be in error.'

title = 'Bad Request'

exception keystone.exception.ValidationTimeStampError(message=None, **kwargs)

Bases: keystone.exception.Error

code = 400

message_format = u'Timestamp not in expected format. The server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error.'

title = 'Bad Request'

exception keystone.exception.VersionNotFound(message=None, **kwargs)

Bases: keystone.exception.NotFound

message_format = u'Could not find version: %(version)s.'

keystone.i18n module

oslo.i18n integration module.

See https://docs.openstack.org/developer/oslo.i18n/usage.html .

keystone.notifications module

Notifications module for OpenStack Identity Service resources.

keystone.notifications.ACTIONS = NotificationActions(created='created', deleted='deleted', disabled='disabled', updated='updated', internal='internal')

The actions on resources.

class keystone.notifications.Audit

Bases: object

Namespace for audit notification functions.

This is a namespace object to contain all of the direct notification functions utilized for Manager methods.

classmethod added_to(target_type, target_id, actor_type, actor_id, initiator=None, public=True, reason=None)

classmethod created(resource_type, resource_id, initiator=None, public=True, reason=None)

classmethod deleted(resource_type, resource_id, initiator=None, public=True, reason=None)

classmethod disabled(resource_type, resource_id, initiator=None, public=True, reason=None)

classmethod internal(resource_type, resource_id, reason=None)

classmethod removed_from(target_type, target_id, actor_type, actor_id, initiator=None, public=True, reason=None)

classmethod updated(resource_type, resource_id, initiator=None, public=True, reason=None)

class keystone.notifications.CadfNotificationWrapper(operation)

Bases: object

Send CADF event notifications for various methods.

This function is only used for Authentication events. Its action and event_type are dictated below.

• action: authenticate
• event_type: identity.authenticate

Sends CADF notifications for events such as whether an authentication was successful or not.

Parameters:operation – The authentication related action being performed

class keystone.notifications.CadfRoleAssignmentNotificationWrapper(operation)

Bases: object

Send CADF notifications for role_assignment methods.

This function is only used for role assignment events. Its action and event_type are dictated below.

• action: created.role_assignment or deleted.role_assignment

• event_type: identity.role_assignment.created or

  identity.role_assignment.deleted

Sends a CADF notification if the wrapped method does not raise an Exception (such as keystone.exception.NotFound).

Parameters:operation – one of the values from ACTIONS (created or deleted)

ROLE_ASSIGNMENT = 'role_assignment'

keystone.notifications.clear_subscribers()

Empty subscribers dictionary.

This effectively stops notifications since there will be no subscribers to publish to.

keystone.notifications.emit_event

alias of CadfNotificationWrapper

keystone.notifications.listener(cls)

A class decorator to declare a class to be a notification listener.

A notification listener must specify the event(s) it is interested in by defining a event_callbacks attribute or property. event_callbacks is a dictionary where the key is the type of event and the value is a dictionary containing a mapping of resource types to callback(s).

ACTIONS contains constants for the currently supported events. There is currently no single place to find constants for the resource types.

Example:

@listener
class Something(object):

    def __init__(self):
        self.event_callbacks = {
            notifications.ACTIONS.created: {
                'user': self._user_created_callback,
            },
            notifications.ACTIONS.deleted: {
                'project': [
                    self._project_deleted_callback,
                    self._do_cleanup,
                ]
            },
        }

keystone.notifications.notify_event_callbacks(service, resource_type, operation, payload)

Send a notification to registered extensions.

keystone.notifications.register_event_callback(event, resource_type, callbacks)

Register each callback with the event.

Parameters:

• event (keystone.notifications.ACTIONS) – Action being registered
• resource_type (str) – Type of resource being operated on
• callbacks (list) – Callback items to be registered with event

Raises:

• ValueError – If event is not a valid ACTION
• TypeError – If callback is not callable

keystone.notifications.reset_notifier()

Reset the notifications internal state.

This is used only for testing purposes.

keystone.notifications.role_assignment

alias of CadfRoleAssignmentNotificationWrapper

keystone.notifications.send_saml_audit_notification(action, request, user_id, group_ids, identity_provider, protocol, token_id, outcome)

Send notification to inform observers about SAML events.

Parameters:

• action (str) – Action being audited
• request (keystone.common.request.Request) – Current request to collect request info from
• user_id (str) – User ID from Keystone token
• group_ids (list) – List of Group IDs from Keystone token
• identity_provider (str or None) – ID of the IdP from the Keystone token
• protocol (str) – Protocol ID for IdP from the Keystone token
• token_id (str or None) – audit_id from Keystone token
• outcome (str) – One of pycadf.cadftaxonomy

Module contents