keystone.application_credential.backends.base module

class keystone.application_credential.backends.base.ApplicationCredentialDriverBase[source]

Bases: object

abstract authenticate(application_credential_id, secret)[source]

Validate an application credential.

Parameters:
  • application_credential_id (str) – Application Credential ID

  • secret (str) – Secret

Raises:

AssertionError – If id or secret is invalid.

abstract create_application_credential(application_credential, roles)[source]

Create a new application credential.

Parameters:
  • application_credential (dict) – Application Credential data

  • roles (list) – A list of roles that apply to the application_credential.

Returns:

a new application credential

abstract delete_access_rule(access_rule_id)[source]

Delete one access rule.

Parameters:

access_rule_id (str) – Access Rule ID

abstract delete_access_rules_for_user(user_id)[source]

Delete all access rules for user.

This is called when the user itself is deleted.

Parameters:

user_id (str) – User ID

abstract delete_application_credential(application_credential_id)[source]

Delete a single application credential.

Parameters:

application_credential_id (str) – ID of the application credential to delete.

abstract delete_application_credentials_for_user(user_id)[source]

Delete all application credentials for a user.

Parameters:

user_id – ID of a user to whose application credentials should be deleted.

abstract delete_application_credentials_for_user_on_project(user_id, project_id)[source]

Delete all application credentials for a user on a given project.

Parameters:
  • user_id (str) – ID of a user to whose application credentials should be deleted.

  • project_id (str) – ID of a project on which to filter application credentials.

abstract get_access_rule(access_rule_id)[source]

Get an access rule by its ID.

Parameters:

access_rule_id (str) – Access Rule ID

abstract get_application_credential(application_credential_id)[source]

Get an application credential by the credential id.

Parameters:

application_credential_id (str) – Application Credential ID

abstract list_access_rules_for_user(user_id)[source]

List the access rules that a user has created.

Access rules are only created as attributes of application credentials, they cannot be created independently.

Parameters:

user_id (str) – User ID

abstract list_application_credentials_for_user(user_id, hints)[source]

List application credentials for a user.

Parameters:
  • user_id (str) – User ID

  • hints – contains the list of filters yet to be satisfied. Any filters satisfied here will be removed so that the caller will know if any filters remain.