keystone.federation.backends package¶
Submodules¶
keystone.federation.backends.base module¶
-
class
keystone.federation.backends.base.FederationDriverBase[source]¶ Bases:
object-
create_idp(idp_id, idp)[source]¶ Create an identity provider.
Parameters: - idp_id (string) – ID of IdP object
- idp (dict) – idp object
Returns: idp ref
Return type: dict
-
create_mapping(mapping_id, mapping)[source]¶ Create a mapping.
Parameters: - mapping_id (string) – ID of mapping object
- mapping (dict) – mapping ref with mapping name
Returns: mapping ref
Return type: dict
-
create_protocol(idp_id, protocol_id, protocol)[source]¶ Add an IdP-Protocol configuration.
Parameters: - idp_id (string) – ID of IdP object
- protocol_id (string) – ID of protocol object
- protocol (dict) – protocol object
Raises: keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
Returns: protocol ref
Return type: dict
-
create_sp(sp_id, sp)[source]¶ Create a service provider.
Parameters: - sp_id (string) – id of the service provider
- sp (dict) – service provider object
Returns: service provider ref
Return type: dict
-
delete_idp(idp_id)[source]¶ Delete an identity provider.
Parameters: idp_id (string) – ID of IdP object Raises: keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
-
delete_mapping(mapping_id)[source]¶ Delete a mapping.
Parameters: mapping_id – id of mapping to delete Returns: None
-
delete_protocol(idp_id, protocol_id)[source]¶ Delete an IdP-Protocol configuration.
Parameters: - idp_id (string) – ID of IdP object
- protocol_id (string) – ID of protocol object
Raises: - keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
- keystone.exception.FederatedProtocolNotFound – If the federated protocol cannot be found.
-
delete_sp(sp_id)[source]¶ Delete a service provider.
Parameters: sp_id (string) – id of the service provider Raises: keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.
-
get_enabled_service_providers()[source]¶ List enabled service providers for Service Catalog.
Service Provider in a catalog contains three attributes:
id,auth_url,sp_url, where:- id is a unique, user defined identifier for service provider object
- auth_url is an authentication URL of remote Keystone
- sp_url a URL accessible at the remote service provider where SAML assertion is transmitted.
Returns: list of dictionaries with enabled service providers Return type: list of dicts
-
get_idp(idp_id)[source]¶ Get an identity provider by ID.
Parameters: idp_id (string) – ID of IdP object Raises: keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist. Returns: idp ref Return type: dict
-
get_idp_from_remote_id(remote_id)[source]¶ Get an identity provider by remote ID.
Parameters: remote_id – ID of remote IdP Raises: keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist. Returns: idp ref Return type: dict
-
get_mapping(mapping_id)[source]¶ Get a mapping, returns the mapping based on mapping_id.
Parameters: mapping_id – id of mapping to get Raises: keystone.exception.MappingNotFound – If the mapping cannot be found. Returns: mapping ref Return type: dict
-
get_mapping_from_idp_and_protocol(idp_id, protocol_id)[source]¶ Get mapping based on idp_id and protocol_id.
Parameters: - idp_id (string) – id of the identity provider
- protocol_id (string) – id of the protocol
Raises: - keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
- keystone.exception.FederatedProtocolNotFound – If the federated protocol cannot be found.
Returns: mapping ref
Return type: dict
-
get_protocol(idp_id, protocol_id)[source]¶ Get an IdP-Protocol configuration.
Parameters: - idp_id (string) – ID of IdP object
- protocol_id (string) – ID of protocol object
Raises: - keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
- keystone.exception.FederatedProtocolNotFound – If the federated protocol cannot be found.
Returns: protocol ref
Return type: dict
-
get_sp(sp_id)[source]¶ Get a service provider.
Parameters: sp_id (string) – id of the service provider Returns: service provider ref Return type: dict Raises: keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.
-
list_idps(hints)[source]¶ List all identity providers.
Parameters: hints – filter hints which the driver should implement if at all possible. Returns: list of idp refs Return type: list of dicts Raises: keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
-
list_protocols(idp_id)[source]¶ List an IdP’s supported protocols.
Parameters: idp_id (string) – ID of IdP object Raises: keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist. Returns: list of protocol ref Return type: list of dict
-
list_sps(hints)[source]¶ List all service providers.
Parameters: hints – filter hints which the driver should implement if at all possible. Returns: List of service provider ref objects Return type: list of dicts Raises: keystone.exception.ServiceProviderNotFound – If the SP doesn’t exist.
-
update_idp(idp_id, idp)[source]¶ Update an identity provider by ID.
Parameters: - idp_id (string) – ID of IdP object
- idp (dict) – idp object
Raises: keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
Returns: idp ref
Return type: dict
-
update_mapping(mapping_id, mapping_ref)[source]¶ Update a mapping.
Parameters: - mapping_id (string) – id of mapping to update
- mapping_ref (dict) – new mapping ref
Returns: mapping ref
Return type: dict
-
update_protocol(idp_id, protocol_id, protocol)[source]¶ Change an IdP-Protocol configuration.
Parameters: - idp_id (string) – ID of IdP object
- protocol_id (string) – ID of protocol object
- protocol (dict) – protocol object
Raises: - keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
- keystone.exception.FederatedProtocolNotFound – If the federated protocol cannot be found.
Returns: protocol ref
Return type: dict
-
update_sp(sp_id, sp)[source]¶ Update a service provider.
Parameters: - sp_id (string) – id of the service provider
- sp (dict) – service prvider object
Returns: service provider ref
Return type: dict
Raises: keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.
-
keystone.federation.backends.sql module¶
-
class
keystone.federation.backends.sql.Federation[source]¶ Bases:
keystone.federation.backends.base.FederationDriverBase
-
class
keystone.federation.backends.sql.FederationProtocolModel(*args, **kwargs)[source]¶ Bases:
sqlalchemy.ext.declarative.api.Base,keystone.common.sql.core.DictBase-
attributes= ['id', 'idp_id', 'mapping_id']¶
-
id¶
-
idp_id¶
-
mapping_id¶
-
mutable_attributes= frozenset(['mapping_id'])¶
-
-
class
keystone.federation.backends.sql.IdPRemoteIdsModel(*args, **kwargs)[source]¶ Bases:
sqlalchemy.ext.declarative.api.Base,keystone.common.sql.core.DictBase-
attributes= ['idp_id', 'remote_id']¶
-
idp_id¶
-
mutable_attributes= frozenset(['remote_id', 'idp_id'])¶
-
remote_id¶
-
-
class
keystone.federation.backends.sql.IdentityProviderModel(*args, **kwargs)[source]¶ Bases:
sqlalchemy.ext.declarative.api.Base,keystone.common.sql.core.DictBase-
attributes= ['id', 'domain_id', 'enabled', 'description', 'remote_ids']¶
-
description¶
-
domain_id¶
-
enabled¶
-
id¶
-
mutable_attributes= frozenset(['enabled', 'remote_ids', 'description'])¶
-
remote_ids¶
-
-
class
keystone.federation.backends.sql.MappingModel(*args, **kwargs)[source]¶ Bases:
sqlalchemy.ext.declarative.api.Base,keystone.common.sql.core.DictBase-
attributes= ['id', 'rules']¶
-
id¶
-
rules¶
-
-
class
keystone.federation.backends.sql.ServiceProviderModel(*args, **kwargs)[source]¶ Bases:
sqlalchemy.ext.declarative.api.Base,keystone.common.sql.core.DictBase-
attributes= ['auth_url', 'id', 'enabled', 'description', 'relay_state_prefix', 'sp_url']¶
-
auth_url¶
-
description¶
-
enabled¶
-
id¶
-
mutable_attributes= frozenset(['auth_url', 'enabled', 'relay_state_prefix', 'description', 'sp_url'])¶
-
relay_state_prefix¶
-
sp_url¶
-