keystone.oauth1.backends.sql module

class keystone.oauth1.backends.sql.AccessToken(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

access_secret

attributes = ['id', 'access_secret', 'authorizing_user_id', 'project_id', 'role_ids', 'consumer_id', 'expires_at']

authorizing_user_id

consumer_id

expires_at

classmethod from_dict(user_dict)

Return a model instance from a dictionary.

id

project_id

role_ids

to_dict()

Return the model’s attributes as a dictionary.

class keystone.oauth1.backends.sql.Consumer(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixinWithExtras

attributes = ['id', 'description', 'secret']

description

extra

id

secret

class keystone.oauth1.backends.sql.OAuth1

Bases: keystone.oauth1.backends.base.Oauth1DriverBase

authorize_request_token(request_token_id, user_id, role_ids)

Authorize request token.

Parameters

• request_token_id (string) – the id of the request token, to be authorized

• user_id (string) – the id of the authorizing user

• role_ids (list) – list of role ids to authorize

Returns

verifier

create_access_token(request_id, access_token_duration)

Create access token.

Parameters

• request_id (string) – the id of the request token, to be deleted

• access_token_duration (string) – duration of an access token

Returns

access_token_ref

create_consumer(consumer_ref)

Create consumer.

Parameters

consumer_ref (dict) – consumer ref with consumer name

Returns

consumer_ref

create_request_token(consumer_id, requested_project, request_token_duration)

Create request token.

Parameters

• consumer_id (string) – the id of the consumer

• requested_project_id (string) – requested project id

• request_token_duration (string) – duration of request token

Returns

request_token_ref

delete_access_token(user_id, access_token_id)

Delete access token.

Parameters

• user_id (string) – authorizing user id

• access_token_id (string) – access token to delete

Returns

None

delete_consumer(consumer_id)

Delete consumer.

Parameters

consumer_id (string) – id of consumer to get

Returns

None.

get_access_token(access_token_id)

Get access token.

Parameters

access_token_id (string) – the id of the access token

Returns

access_token_ref

get_consumer(consumer_id)

Get consumer, returns the consumer id (key) and description.

Parameters

consumer_id (string) – id of consumer to get

Returns

consumer_ref

get_consumer_with_secret(consumer_id)

Like get_consumer(), but also returns consumer secret.

Returned dictionary consumer_ref includes consumer secret. Secrets should only be shared upon consumer creation; the consumer secret is required to verify incoming OAuth requests.

Parameters

consumer_id (string) – id of consumer to get

Returns

consumer_ref containing consumer secret

get_request_token(request_token_id)

Get request token.

Parameters

request_token_id (string) – the id of the request token

Returns

request_token_ref

list_access_tokens(user_id)

List access tokens.

Parameters

user_id (string) – search for access tokens authorized by given user id

Returns

list of access tokens the user has authorized

list_consumers()

List consumers.

Returns

list of consumers

update_consumer(consumer_id, consumer_ref)

Update consumer.

Parameters

• consumer_id (string) – id of consumer to update

• consumer_ref (dict) – new consumer ref with consumer name

Returns

consumer_ref

class keystone.oauth1.backends.sql.RequestToken(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['id', 'request_secret', 'verifier', 'authorizing_user_id', 'requested_project_id', 'role_ids', 'consumer_id', 'expires_at']

authorizing_user_id

consumer_id

expires_at

classmethod from_dict(user_dict)

Return a model instance from a dictionary.

id

request_secret

requested_project_id

role_ids

to_dict()

Return the model’s attributes as a dictionary.

verifier