keystone.federation.backends.sql module

class keystone.federation.backends.sql.Federation[source]

Bases: keystone.federation.backends.base.FederationDriverBase

create_idp(idp_id, idp)[source]

Create an identity provider.

Parameters
  • idp_id (string) – ID of IdP object

  • idp (dict) – idp object

Returns

idp ref

Return type

dict

create_mapping(mapping_id, mapping)[source]

Create a mapping.

Parameters
  • mapping_id (string) – ID of mapping object

  • mapping (dict) – mapping ref with mapping name

Returns

mapping ref

Return type

dict

create_protocol(idp_id, protocol_id, protocol)[source]

Add an IdP-Protocol configuration.

Parameters
  • idp_id (string) – ID of IdP object

  • protocol_id (string) – ID of protocol object

  • protocol (dict) – protocol object

Raises

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

Returns

protocol ref

Return type

dict

create_sp(sp_id, sp)[source]

Create a service provider.

Parameters
  • sp_id (string) – id of the service provider

  • sp (dict) – service provider object

Returns

service provider ref

Return type

dict

delete_idp(idp_id)[source]

Delete an identity provider.

Parameters

idp_id (string) – ID of IdP object

Raises

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

delete_mapping(mapping_id)[source]

Delete a mapping.

Parameters

mapping_id – id of mapping to delete

Returns

None

delete_protocol(idp_id, protocol_id)[source]

Delete an IdP-Protocol configuration.

Parameters
  • idp_id (string) – ID of IdP object

  • protocol_id (string) – ID of protocol object

Raises
delete_sp(sp_id)[source]

Delete a service provider.

Parameters

sp_id (string) – id of the service provider

Raises

keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.

get_enabled_service_providers()[source]

List enabled service providers for Service Catalog.

Service Provider in a catalog contains three attributes: id, auth_url, sp_url, where:

  • id is a unique, user defined identifier for service provider object

  • auth_url is an authentication URL of remote Keystone

  • sp_url a URL accessible at the remote service provider where SAML assertion is transmitted.

Returns

list of dictionaries with enabled service providers

Return type

list of dicts

get_idp(idp_id)[source]

Get an identity provider by ID.

Parameters

idp_id (string) – ID of IdP object

Raises

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

Returns

idp ref

Return type

dict

get_idp_from_remote_id(remote_id)[source]

Get an identity provider by remote ID.

Parameters

remote_id – ID of remote IdP

Raises

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

Returns

idp ref

Return type

dict

get_mapping(mapping_id)[source]

Get a mapping, returns the mapping based on mapping_id.

Parameters

mapping_id – id of mapping to get

Raises

keystone.exception.MappingNotFound – If the mapping cannot be found.

Returns

mapping ref

Return type

dict

get_mapping_from_idp_and_protocol(idp_id, protocol_id)[source]

Get mapping based on idp_id and protocol_id.

Parameters
  • idp_id (string) – id of the identity provider

  • protocol_id (string) – id of the protocol

Raises
Returns

mapping ref

Return type

dict

get_protocol(idp_id, protocol_id)[source]

Get an IdP-Protocol configuration.

Parameters
  • idp_id (string) – ID of IdP object

  • protocol_id (string) – ID of protocol object

Raises
Returns

protocol ref

Return type

dict

get_sp(sp_id)[source]

Get a service provider.

Parameters

sp_id (string) – id of the service provider

Returns

service provider ref

Return type

dict

Raises

keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.

list_idps(hints=None)[source]

List all identity providers.

Parameters

hints – filter hints which the driver should implement if at all possible.

Returns

list of idp refs

Return type

list of dicts

Raises

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

list_mappings()[source]

List all mappings.

Returns

list of mapping refs

Return type

list of dicts

list_protocols(idp_id)[source]

List an IdP’s supported protocols.

Parameters

idp_id (string) – ID of IdP object

Raises

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

Returns

list of protocol ref

Return type

list of dict

list_sps(hints=None)[source]

List all service providers.

Parameters

hints – filter hints which the driver should implement if at all possible.

Returns

List of service provider ref objects

Return type

list of dicts

Raises

keystone.exception.ServiceProviderNotFound – If the SP doesn’t exist.

update_idp(idp_id, idp)[source]

Update an identity provider by ID.

Parameters
  • idp_id (string) – ID of IdP object

  • idp (dict) – idp object

Raises

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

Returns

idp ref

Return type

dict

update_mapping(mapping_id, mapping)[source]

Update a mapping.

Parameters
  • mapping_id (string) – id of mapping to update

  • mapping_ref (dict) – new mapping ref

Returns

mapping ref

Return type

dict

update_protocol(idp_id, protocol_id, protocol)[source]

Change an IdP-Protocol configuration.

Parameters
  • idp_id (string) – ID of IdP object

  • protocol_id (string) – ID of protocol object

  • protocol (dict) – protocol object

Raises
Returns

protocol ref

Return type

dict

update_sp(sp_id, sp)[source]

Update a service provider.

Parameters
  • sp_id (string) – id of the service provider

  • sp (dict) – service prvider object

Returns

service provider ref

Return type

dict

Raises

keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.

class keystone.federation.backends.sql.FederationProtocolModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['id', 'idp_id', 'mapping_id', 'remote_id_attribute']
classmethod from_dict(dictionary)[source]

Return a model instance from a dictionary.

id
idp_id
mapping_id
mutable_attributes = frozenset({'mapping_id', 'remote_id_attribute'})
remote_id_attribute
to_dict()[source]

Return a dictionary with model’s attributes.

class keystone.federation.backends.sql.IdPRemoteIdsModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['idp_id', 'remote_id']
classmethod from_dict(dictionary)[source]

Return a model instance from a dictionary.

idp_id
mutable_attributes = frozenset({'idp_id', 'remote_id'})
remote_id
to_dict()[source]

Return a dictionary with model’s attributes.

class keystone.federation.backends.sql.IdentityProviderModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['id', 'domain_id', 'enabled', 'description', 'remote_ids', 'authorization_ttl']
authorization_ttl
description
domain_id
enabled
expiring_user_group_memberships
classmethod from_dict(dictionary)[source]

Return a model instance from a dictionary.

id
mutable_attributes = frozenset({'authorization_ttl', 'description', 'enabled', 'remote_ids'})
remote_ids
to_dict()[source]

Return a dictionary with model’s attributes.

class keystone.federation.backends.sql.MappingModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['id', 'rules']
classmethod from_dict(dictionary)[source]

Return a model instance from a dictionary.

id
rules
to_dict()[source]

Return a dictionary with model’s attributes.

class keystone.federation.backends.sql.ServiceProviderModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['auth_url', 'id', 'enabled', 'description', 'relay_state_prefix', 'sp_url']
auth_url
description
enabled
classmethod from_dict(dictionary)[source]

Return a model instance from a dictionary.

id
mutable_attributes = frozenset({'auth_url', 'description', 'enabled', 'relay_state_prefix', 'sp_url'})
relay_state_prefix
sp_url
to_dict()[source]

Return a dictionary with model’s attributes.