keystone.auth.core.
AuthContext
[source]¶Bases: dict
Retrofitting auth_context to reconcile identity attributes.
The identity attributes must not have conflicting values among the auth plug-ins. The only exception is expires_at, which is set to its earliest value.
IDENTITY_ATTRIBUTES
= frozenset(['access_token_id', 'project_id', 'user_id', 'domain_id', 'expires_at'])¶keystone.auth.core.
AuthInfo
(auth=None)[source]¶Bases: keystone.common.provider_api.ProviderAPIMixin
, object
Encapsulation of “auth” request.
get_scope
()[source]¶Get scope information.
Verify and return the scoping information.
Returns: | (domain_id, project_id, trust_ref, unscoped, system). If scope to a project, (None, project_id, None, None, None) will be returned. If scoped to a domain, (domain_id, None, None, None, None) will be returned. If scoped to a trust, (None, project_id, trust_ref, None, None), Will be returned, where the project_id comes from the trust definition. If unscoped, (None, None, None, ‘unscoped’, None) will be returned. If system_scoped, (None, None, None, None, ‘all’) will be returned. |
---|
keystone.auth.core.
UserMFARulesValidator
[source]¶Bases: keystone.common.provider_api.ProviderAPIMixin
, object
Helper object that can validate the MFA Rules.
check_auth_methods_against_rules
(user_id, auth_methods)[source]¶Validate the MFA rules against the successful auth methods.
Parameters: |
|
---|---|
Returns: | Boolean, |
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.