keystone.federation.idp module¶
- class keystone.federation.idp.ECPGenerator[source]¶
Bases:
object
A class for generating an ECP assertion.
- class keystone.federation.idp.MetadataGenerator[source]¶
Bases:
object
A class for generating SAML IdP Metadata.
- generate_metadata()[source]¶
Generate Identity Provider Metadata.
Generate and format metadata into XML that can be exposed and consumed by a federated Service Provider.
- Returns
XML <EntityDescriptor> object.
- Raises
keystone.exception.ValidationError – If the required config options aren’t set.
- class keystone.federation.idp.SAMLGenerator[source]¶
Bases:
object
A class to generate SAML assertions.
- samlize_token(issuer, recipient, user, user_domain_name, roles, project, project_domain_name, groups, expires_in=None)[source]¶
Convert Keystone attributes to a SAML assertion.
- Parameters
issuer (string) – URL of the issuing party
recipient (string) – URL of the recipient
user (string) – User name
user_domain_name (string) – User Domain name
roles (list) – List of role names
project (string) – Project name
project_domain_name (string) – Project Domain name
groups (list) – List of strings of user groups and domain name, where strings are serialized dictionaries.
expires_in (int) – Sets how long the assertion is valid for, in seconds
- Returns
XML <Response> object