keystone.common.tokenless_auth module¶
-
class
keystone.common.tokenless_auth.
TokenlessAuthHelper
(env)[source]¶ Bases:
keystone.common.provider_api.ProviderAPIMixin
,object
-
get_mapped_user
(project_id=None, domain_id=None)[source]¶ Map client certificate to an existing user.
If user is ephemeral, there is no validation on the user himself; however it will be mapped to a corresponding group(s) and the scope of this ephemeral user is the same as what is assigned to the group.
- Parameters
project_id – Project scope of the mapped user.
domain_id – Domain scope of the mapped user.
- Returns
A dictionary that contains the keys, such as user_id, user_name, domain_id, domain_name
- Return type
dict
-