keystoneauth1.identity.v2 module

class keystoneauth1.identity.v2.Auth(auth_url: str, *, trust_id: str | None = None, tenant_id: str | None = None, tenant_name: str | None = None, reauthenticate: bool = True)

Bases: BaseIdentityPlugin

Identity V2 Authentication Plugin.

Parameters:
  • auth_url (string) – Identity service endpoint for authorization.

  • trust_id (string) – Trust ID for trust scoping.

  • tenant_id (string) – Tenant ID for project scoping.

  • tenant_name (string) – Tenant name for project scoping.

  • reauthenticate (bool) – Allow fetching a new token if the current one is going to expire. (optional) default True

__abstractmethods__ = frozenset({'get_auth_data'})
__annotations__ = {'MIN_TOKEN_LIFE_SECONDS': 'int', '_discovery_cache': 'ty.Dict[str, discover.Discover]', 'auth_ref': 'ty.Optional[access.AccessInfo]', 'auth_url': <class 'str'>, 'reauthenticate': 'bool'}
__doc__ = 'Identity V2 Authentication Plugin.\n\n    :param string auth_url: Identity service endpoint for authorization.\n    :param string trust_id: Trust ID for trust scoping.\n    :param string tenant_id: Tenant ID for project scoping.\n    :param string tenant_name: Tenant name for project scoping.\n    :param bool reauthenticate: Allow fetching a new token if the current one\n                                is going to expire. (optional) default True\n    '
__init__(auth_url: str, *, trust_id: str | None = None, tenant_id: str | None = None, tenant_name: str | None = None, reauthenticate: bool = True)
__module__ = 'keystoneauth1.identity.v2'
_abc_impl = <_abc._abc_data object>
auth_url: str
abstract get_auth_data(headers: MutableMapping[str, str] | None = None) Dict[str, object]

Return the authentication section of an auth plugin.

Parameters:

headers (dict) – The headers that will be sent with the auth request if a plugin needs to add to them.

Returns:

A dict of authentication data for the auth type.

Return type:

dict

get_auth_ref(session: Session, **kwargs: Any) AccessInfoV2

Obtain a token from an OpenStack Identity Service.

This method is overridden by the various token version plugins.

This function should not be called independently and is expected to be invoked via the do_authenticate function.

This function will be invoked if the AcessInfo object cached by the plugin is not valid. Thus plugins should always fetch a new AccessInfo when invoked. If you are looking to just retrieve the current auth data then you should use get_access.

Parameters:

session (keystoneauth1.session.Session) – A session object that can be used for communication.

Raises:
Returns:

Token access information.

Return type:

keystoneauth1.access.AccessInfo

property has_scope_parameters: bool

Return true if parameters can be used to create a scoped token.

class keystoneauth1.identity.v2.Password(auth_url: str, username: str | None | Unset = Unset.token, password: str | None = None, user_id: str | None | Unset = Unset.token, *, trust_id: str | None = None, tenant_id: str | None = None, tenant_name: str | None = None, reauthenticate: bool = True)

Bases: Auth

A plugin for authenticating with a username and password.

A username or user_id must be provided.

Parameters:
  • auth_url (string) – Identity service endpoint for authorization.

  • username (string) – Username for authentication.

  • password (string) – Password for authentication.

  • user_id (string) – User ID for authentication.

  • trust_id (string) – Trust ID for trust scoping.

  • tenant_id (string) – Tenant ID for tenant scoping.

  • tenant_name (string) – Tenant name for tenant scoping.

  • reauthenticate (bool) – Allow fetching a new token if the current one is going to expire. (optional) default True

Raises:

TypeError – if a user_id or username is not provided.

__abstractmethods__ = frozenset({})
__annotations__ = {'MIN_TOKEN_LIFE_SECONDS': 'int', '_discovery_cache': 'ty.Dict[str, discover.Discover]', 'auth_ref': 'ty.Optional[access.AccessInfo]', 'auth_url': 'str', 'reauthenticate': 'bool'}
__doc__ = 'A plugin for authenticating with a username and password.\n\n    A username or user_id must be provided.\n\n    :param string auth_url: Identity service endpoint for authorization.\n    :param string username: Username for authentication.\n    :param string password: Password for authentication.\n    :param string user_id: User ID for authentication.\n    :param string trust_id: Trust ID for trust scoping.\n    :param string tenant_id: Tenant ID for tenant scoping.\n    :param string tenant_name: Tenant name for tenant scoping.\n    :param bool reauthenticate: Allow fetching a new token if the current one\n                                is going to expire. (optional) default True\n\n    :raises TypeError: if a user_id or username is not provided.\n    '
__init__(auth_url: str, username: str | None | Unset = Unset.token, password: str | None = None, user_id: str | None | Unset = Unset.token, *, trust_id: str | None = None, tenant_id: str | None = None, tenant_name: str | None = None, reauthenticate: bool = True)
__module__ = 'keystoneauth1.identity.v2'
_abc_impl = <_abc._abc_data object>
get_auth_data(headers: MutableMapping[str, str] | None = None) Dict[str, object]

Return the authentication section of an auth plugin.

Parameters:

headers (dict) – The headers that will be sent with the auth request if a plugin needs to add to them.

Returns:

A dict of authentication data for the auth type.

Return type:

dict

get_cache_id_elements() Dict[str, str | None]

Get the elements for this auth plugin that make it unique.

As part of the get_cache_id requirement we need to determine what aspects of this plugin and its values that make up the unique elements.

This should be overridden by plugins that wish to allow caching.

Returns:

The unique attributes and values of this plugin.

Return type:

A flat dict with a str key and str or None value. This is required as we feed these values into a hash. Pairs where the value is None are ignored in the hashed id.

class keystoneauth1.identity.v2.Token(auth_url: str, token: str, *, trust_id: str | None = None, tenant_id: str | None = None, tenant_name: str | None = None, reauthenticate: bool = True)

Bases: Auth

A plugin for authenticating with an existing token.

Parameters:
  • auth_url (string) – Identity service endpoint for authorization.

  • token (string) – Existing token for authentication.

  • tenant_id (string) – Tenant ID for tenant scoping.

  • tenant_name (string) – Tenant name for tenant scoping.

  • trust_id (string) – Trust ID for trust scoping.

  • reauthenticate (bool) – Allow fetching a new token if the current one is going to expire. (optional) default True

__abstractmethods__ = frozenset({})
__annotations__ = {'MIN_TOKEN_LIFE_SECONDS': 'int', '_discovery_cache': 'ty.Dict[str, discover.Discover]', 'auth_ref': 'ty.Optional[access.AccessInfo]', 'auth_url': 'str', 'reauthenticate': 'bool'}
__doc__ = 'A plugin for authenticating with an existing token.\n\n    :param string auth_url: Identity service endpoint for authorization.\n    :param string token: Existing token for authentication.\n    :param string tenant_id: Tenant ID for tenant scoping.\n    :param string tenant_name: Tenant name for tenant scoping.\n    :param string trust_id: Trust ID for trust scoping.\n    :param bool reauthenticate: Allow fetching a new token if the current one\n                                is going to expire. (optional) default True\n    '
__init__(auth_url: str, token: str, *, trust_id: str | None = None, tenant_id: str | None = None, tenant_name: str | None = None, reauthenticate: bool = True)
__module__ = 'keystoneauth1.identity.v2'
_abc_impl = <_abc._abc_data object>
get_auth_data(headers: MutableMapping[str, str] | None = None) Dict[str, object]

Return the authentication section of an auth plugin.

Parameters:

headers (dict) – The headers that will be sent with the auth request if a plugin needs to add to them.

Returns:

A dict of authentication data for the auth type.

Return type:

dict

get_cache_id_elements() Dict[str, str | None]

Get the elements for this auth plugin that make it unique.

As part of the get_cache_id requirement we need to determine what aspects of this plugin and its values that make up the unique elements.

This should be overridden by plugins that wish to allow caching.

Returns:

The unique attributes and values of this plugin.

Return type:

A flat dict with a str key and str or None value. This is required as we feed these values into a hash. Pairs where the value is None are ignored in the hashed id.

class keystoneauth1.identity.v2.Unset(value)

Bases: Enum

An enumeration.

__doc__ = 'An enumeration.'
__module__ = 'keystoneauth1.identity.v2'
token = 0