keystone.federation.backends.sql module¶
-
class
keystone.federation.backends.sql.
Federation
[source]¶ Bases:
keystone.federation.backends.base.FederationDriverBase
-
create_idp
(idp_id, idp)[source]¶ Create an identity provider.
- Parameters
idp_id (string) – ID of IdP object
idp (dict) – idp object
- Returns
idp ref
- Return type
dict
-
create_mapping
(mapping_id, mapping)[source]¶ Create a mapping.
- Parameters
mapping_id (string) – ID of mapping object
mapping (dict) – mapping ref with mapping name
- Returns
mapping ref
- Return type
dict
-
create_protocol
(idp_id, protocol_id, protocol)[source]¶ Add an IdP-Protocol configuration.
- Parameters
idp_id (string) – ID of IdP object
protocol_id (string) – ID of protocol object
protocol (dict) – protocol object
- Raises
keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
- Returns
protocol ref
- Return type
dict
-
create_sp
(sp_id, sp)[source]¶ Create a service provider.
- Parameters
sp_id (string) – id of the service provider
sp (dict) – service provider object
- Returns
service provider ref
- Return type
dict
-
delete_idp
(idp_id)[source]¶ Delete an identity provider.
- Parameters
idp_id (string) – ID of IdP object
- Raises
keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
-
delete_mapping
(mapping_id)[source]¶ Delete a mapping.
- Parameters
mapping_id – id of mapping to delete
- Returns
None
-
delete_protocol
(idp_id, protocol_id)[source]¶ Delete an IdP-Protocol configuration.
- Parameters
idp_id (string) – ID of IdP object
protocol_id (string) – ID of protocol object
- Raises
keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
keystone.exception.FederatedProtocolNotFound – If the federated protocol cannot be found.
-
delete_sp
(sp_id)[source]¶ Delete a service provider.
- Parameters
sp_id (string) – id of the service provider
- Raises
keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.
-
get_enabled_service_providers
()[source]¶ List enabled service providers for Service Catalog.
Service Provider in a catalog contains three attributes:
id
,auth_url
,sp_url
, where:id is a unique, user defined identifier for service provider object
auth_url is an authentication URL of remote Keystone
sp_url a URL accessible at the remote service provider where SAML assertion is transmitted.
- Returns
list of dictionaries with enabled service providers
- Return type
list of dicts
-
get_idp
(idp_id)[source]¶ Get an identity provider by ID.
- Parameters
idp_id (string) – ID of IdP object
- Raises
keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
- Returns
idp ref
- Return type
dict
-
get_idp_from_remote_id
(remote_id)[source]¶ Get an identity provider by remote ID.
- Parameters
remote_id – ID of remote IdP
- Raises
keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
- Returns
idp ref
- Return type
dict
-
get_mapping
(mapping_id)[source]¶ Get a mapping, returns the mapping based on mapping_id.
- Parameters
mapping_id – id of mapping to get
- Raises
keystone.exception.MappingNotFound – If the mapping cannot be found.
- Returns
mapping ref
- Return type
dict
-
get_mapping_from_idp_and_protocol
(idp_id, protocol_id)[source]¶ Get mapping based on idp_id and protocol_id.
- Parameters
idp_id (string) – id of the identity provider
protocol_id (string) – id of the protocol
- Raises
keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
keystone.exception.FederatedProtocolNotFound – If the federated protocol cannot be found.
- Returns
mapping ref
- Return type
dict
-
get_protocol
(idp_id, protocol_id)[source]¶ Get an IdP-Protocol configuration.
- Parameters
idp_id (string) – ID of IdP object
protocol_id (string) – ID of protocol object
- Raises
keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
keystone.exception.FederatedProtocolNotFound – If the federated protocol cannot be found.
- Returns
protocol ref
- Return type
dict
-
get_sp
(sp_id)[source]¶ Get a service provider.
- Parameters
sp_id (string) – id of the service provider
- Returns
service provider ref
- Return type
dict
- Raises
keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.
-
list_idps
(hints=None)[source]¶ List all identity providers.
- Parameters
hints – filter hints which the driver should implement if at all possible.
- Returns
list of idp refs
- Return type
list of dicts
- Raises
keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
-
list_protocols
(idp_id)[source]¶ List an IdP’s supported protocols.
- Parameters
idp_id (string) – ID of IdP object
- Raises
keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
- Returns
list of protocol ref
- Return type
list of dict
-
list_sps
(hints=None)[source]¶ List all service providers.
- Parameters
hints – filter hints which the driver should implement if at all possible.
- Returns
List of service provider ref objects
- Return type
list of dicts
- Raises
keystone.exception.ServiceProviderNotFound – If the SP doesn’t exist.
-
update_idp
(idp_id, idp)[source]¶ Update an identity provider by ID.
- Parameters
idp_id (string) – ID of IdP object
idp (dict) – idp object
- Raises
keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
- Returns
idp ref
- Return type
dict
-
update_mapping
(mapping_id, mapping)[source]¶ Update a mapping.
- Parameters
mapping_id (string) – id of mapping to update
mapping_ref (dict) – new mapping ref
- Returns
mapping ref
- Return type
dict
-
update_protocol
(idp_id, protocol_id, protocol)[source]¶ Change an IdP-Protocol configuration.
- Parameters
idp_id (string) – ID of IdP object
protocol_id (string) – ID of protocol object
protocol (dict) – protocol object
- Raises
keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
keystone.exception.FederatedProtocolNotFound – If the federated protocol cannot be found.
- Returns
protocol ref
- Return type
dict
-
update_sp
(sp_id, sp)[source]¶ Update a service provider.
- Parameters
sp_id (string) – id of the service provider
sp (dict) – service prvider object
- Returns
service provider ref
- Return type
dict
- Raises
keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.
-
-
class
keystone.federation.backends.sql.
FederationProtocolModel
(*args, **kwargs)[source]¶ Bases:
sqlalchemy.ext.declarative.api.Base
,keystone.common.sql.core.ModelDictMixin
-
attributes
= ['id', 'idp_id', 'mapping_id', 'remote_id_attribute']¶
-
id
¶
-
idp_id
¶
-
mapping_id
¶
-
mutable_attributes
= frozenset({'mapping_id', 'remote_id_attribute'})¶
-
remote_id_attribute
¶
-
-
class
keystone.federation.backends.sql.
IdPRemoteIdsModel
(*args, **kwargs)[source]¶ Bases:
sqlalchemy.ext.declarative.api.Base
,keystone.common.sql.core.ModelDictMixin
-
attributes
= ['idp_id', 'remote_id']¶
-
idp_id
¶
-
mutable_attributes
= frozenset({'idp_id', 'remote_id'})¶
-
remote_id
¶
-
-
class
keystone.federation.backends.sql.
IdentityProviderModel
(*args, **kwargs)[source]¶ Bases:
sqlalchemy.ext.declarative.api.Base
,keystone.common.sql.core.ModelDictMixin
-
attributes
= ['id', 'domain_id', 'enabled', 'description', 'remote_ids', 'authorization_ttl']¶
-
description
¶
-
domain_id
¶
-
enabled
¶
-
expiring_user_group_memberships
¶
-
id
¶
-
mutable_attributes
= frozenset({'authorization_ttl', 'description', 'enabled', 'remote_ids'})¶
-
remote_ids
¶
-
-
class
keystone.federation.backends.sql.
MappingModel
(*args, **kwargs)[source]¶ Bases:
sqlalchemy.ext.declarative.api.Base
,keystone.common.sql.core.ModelDictMixin
-
attributes
= ['id', 'rules']¶
-
id
¶
-
rules
¶
-
-
class
keystone.federation.backends.sql.
ServiceProviderModel
(*args, **kwargs)[source]¶ Bases:
sqlalchemy.ext.declarative.api.Base
,keystone.common.sql.core.ModelDictMixin
-
attributes
= ['auth_url', 'id', 'enabled', 'description', 'relay_state_prefix', 'sp_url']¶
-
auth_url
¶
-
description
¶
-
enabled
¶
-
id
¶
-
mutable_attributes
= frozenset({'auth_url', 'description', 'enabled', 'relay_state_prefix', 'sp_url'})¶
-
relay_state_prefix
¶
-
sp_url
¶
-