keystone.common.tokenless_auth module¶
- class keystone.common.tokenless_auth.TokenlessAuthHelper(env)[source]¶
Bases:
keystone.common.provider_api.ProviderAPIMixin
,object
- get_mapped_user(project_id=None, domain_id=None)[source]¶
Map client certificate to an existing user.
If user is ephemeral, there is no validation on the user himself; however it will be mapped to a corresponding group(s) and the scope of this ephemeral user is the same as what is assigned to the group.
- Parameters
project_id – Project scope of the mapped user.
domain_id – Domain scope of the mapped user.
- Returns
A dictionary that contains the keys, such as user_id, user_name, domain_id, domain_name
- Return type
dict