Source code for keystone.identity.shadow_backends.base

# Copyright 2012 OpenStack Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

import abc

from keystone import exception


[docs]def federated_objects_to_list(fed_ref): """Create a new reformatted federated object list using the one passed in. When returning federated objects with a user we only need the attributes idp_id, protocol_id, and unique_id. Therefore, we pull these elements out of the fed_ref and create a newly formatted list with the needed information. We simply group each federated object's protocol_ids and unique_ids under the corresponding idp_id. :returns list: Containing the user's federated objects """ if not fed_ref: return [] fed = {} for fed_dict in fed_ref: fed.setdefault( fed_dict['idp_id'], { 'idp_id': fed_dict['idp_id'], 'protocols': [] } )['protocols'].append({ 'protocol_id': fed_dict['protocol_id'], 'unique_id': fed_dict['unique_id'] }) return list(fed.values())
[docs]class ShadowUsersDriverBase(object, metaclass=abc.ABCMeta): """Interface description for an Shadow Users driver."""
[docs] @abc.abstractmethod def create_federated_object(self, fed_dict): """Create a new federated object. :param dict federated_dict: Reference to the federated user """ raise exception.NotImplemented()
[docs] @abc.abstractmethod def create_federated_user(self, domain_id, federated_dict, email=None): """Create a new user with the federated identity. :param domain_id: The domain ID of the IdP used for the federated user :param dict federated_dict: Reference to the federated user :param email: Federated user's email :returns dict: Containing the user reference """ raise exception.NotImplemented()
[docs] def delete_federated_object(self, user_id): """Delete a user's federated objects. :param user_id: Unique identifier of the user """ raise exception.NotImplemented()
[docs] @abc.abstractmethod def get_federated_objects(self, user_id): """Get all federated objects for a user. :param user_id: Unique identifier of the user :returns list: Containing the user's federated objects """ raise exception.NotImplemented()
[docs] @abc.abstractmethod def get_federated_user(self, idp_id, protocol_id, unique_id): """Return the found user for the federated identity. :param idp_id: The identity provider ID :param protocol_id: The federation protocol ID :param unique_id: The unique ID for the user :returns dict: Containing the user reference """ raise exception.NotImplemented()
[docs] @abc.abstractmethod def update_federated_user_display_name(self, idp_id, protocol_id, unique_id, display_name): """Update federated user's display name if changed. :param idp_id: The identity provider ID :param protocol_id: The federation protocol ID :param unique_id: The unique ID for the user :param display_name: The user's display name """ raise exception.NotImplemented()
[docs] @abc.abstractmethod def get_user(self, user_id): """Return the found user. :param user_id: Unique identifier of the user :returns dict: Containing the user reference """ raise exception.NotImplemented()
[docs] @abc.abstractmethod def create_nonlocal_user(self, user_dict): """Create a new non-local user. :param dict user_dict: Reference to the non-local user :returns dict: Containing the user reference """ raise exception.NotImplemented()
[docs] @abc.abstractmethod def set_last_active_at(self, user_id): """Set the last active at date for the user. :param user_id: Unique identifier of the user """ raise exception.NotImplemented()
[docs] @abc.abstractmethod def list_federated_users_info(self, hints=None): """Get the shadow users info with the specified filters. :param hints: contains the list of filters yet to be satisfied. Any filters satisfied here will be removed so that the caller will know if any filters remain. :returns list: A list of objects that containing the shadow users reference. """ raise exception.NotImplemented()