keystone.federation.idp module¶
-
class
keystone.federation.idp.
ECPGenerator
[source]¶ Bases:
object
A class for generating an ECP assertion.
-
class
keystone.federation.idp.
MetadataGenerator
[source]¶ Bases:
object
A class for generating SAML IdP Metadata.
-
generate_metadata
()[source]¶ Generate Identity Provider Metadata.
Generate and format metadata into XML that can be exposed and consumed by a federated Service Provider.
- Returns
XML <EntityDescriptor> object.
- Raises
keystone.exception.ValidationError – If the required config options aren’t set.
-
-
class
keystone.federation.idp.
SAMLGenerator
[source]¶ Bases:
object
A class to generate SAML assertions.
-
samlize_token
(issuer, recipient, user, user_domain_name, roles, project, project_domain_name, groups, expires_in=None)[source]¶ Convert Keystone attributes to a SAML assertion.
- Parameters
issuer (string) – URL of the issuing party
recipient (string) – URL of the recipient
user (string) – User name
user_domain_name (string) – User Domain name
roles (list) – List of role names
project (string) – Project name
project_domain_name (string) – Project Domain name
groups (list) – List of strings of user groups and domain name, where strings are serialized dictionaries.
expires_in (int) – Sets how long the assertion is valid for, in seconds
- Returns
XML <Response> object
-