keystone.revoke.backends.sql module

class keystone.revoke.backends.sql.RevocationEvent(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

access_token_id
attributes = ['trust_id', 'consumer_id', 'access_token_id', 'audit_id', 'audit_chain_id', 'expires_at', 'domain_id', 'project_id', 'user_id', 'role_id', 'issued_before', 'revoked_at']
audit_chain_id
audit_id
consumer_id
domain_id
expires_at
id
issued_before
project_id
revoked_at
role_id
trust_id
user_id
class keystone.revoke.backends.sql.Revoke[source]

Bases: keystone.revoke.backends.base.RevokeDriverBase

list_events(last_fetch=None, token=None)[source]

return the revocation events, as a list of objects.

Parameters

  • last_fetch – Time of last fetch. Return all events newer.

  • token – dictionary of values from a token, normalized for differences between v2 and v3. The checked values are a subset of the attributes of model.TokenEvent

Returns

A list of keystone.revoke.model.RevokeEvent newer than last_fetch. If no last_fetch is specified, returns all events for tokens issued after the expiration cutoff.

revoke(event)[source]

register a revocation event.

Parameters

event – An instance of keystone.revoke.model.RevocationEvent