keystone.token.providers.jws.core module

class keystone.token.providers.jws.core.JWSFormatter[source]

Bases: object

algorithm = 'ES256'
create_token(user_id, expires_at, audit_ids, methods, system=None, domain_id=None, project_id=None, trust_id=None, federated_group_ids=None, identity_provider_id=None, protocol_id=None, access_token_id=None, app_cred_id=None)[source]
property private_key
property public_keys
validate_token(token_id)[source]
class keystone.token.providers.jws.core.Provider(*args, **kwargs)[source]

Bases: keystone.token.providers.base.Provider

generate_id_and_issued_at(token)[source]

Generate a token based on the information provided.

Parameters

token (keystone.models.token.TokenModel) – A token object containing information about the authorization context of the request.

Returns

tuple containing an ID for the token and the issued at time of the token (token_id, issued_at).

validate_token(token_id)[source]

Validate a given token by its ID and return the token_data.

Parameters

token_id (str) – the unique ID of the token

Returns

token data as a tuple in the form of:

(user_id, methods, audit_ids, system, domain_id, project_id,

trust_id, federated_group_ids, identity_provider_id, protocol_id, access_token_id, app_cred_id, issued_at, expires_at)

user_id is the unique ID of the user as a string methods a list of authentication methods used to obtain the token audit_ids a list of audit IDs for the token system a dictionary containing system scope if system-scoped domain_id the unique ID of the domain if domain-scoped project_id the unique ID of the project if project-scoped trust_id the unique identifier of the trust if trust-scoped federated_group_ids list of federated group IDs identity_provider_id unique ID of the user’s identity provider protocol_id unique ID of the protocol used to obtain the token access_token_id the unique ID of the access_token for OAuth1 tokens app_cred_id the unique ID of the application credential issued_at a datetime object of when the token was minted expires_at a datetime object of when the token expires

Raises

keystone.exception.TokenNotFound – If the token doesn’t exist.