keystoneauth1.identity.access module

class keystoneauth1.identity.access.AccessInfoPlugin(auth_ref, auth_url=None)

Bases: keystoneauth1.identity.base.BaseIdentityPlugin

A plugin that turns an existing AccessInfo object into a usable plugin.

There are cases where reuse of an auth_ref or AccessInfo object is warranted such as from a cache, from auth_token middleware, or another source.

Turn the existing access info object into an identity plugin. This plugin cannot be refreshed as the AccessInfo object does not contain any authorizing information.

Parameters
  • auth_ref (keystoneauth1.access.AccessInfo) – the existing AccessInfo object.

  • auth_url – the url where this AccessInfo was retrieved from. Required if using the AUTH_INTERFACE with get_endpoint. (optional)

get_auth_ref(session, **kwargs)

Obtain a token from an OpenStack Identity Service.

This method is overridden by the various token version plugins.

This function should not be called independently and is expected to be invoked via the do_authenticate function.

This function will be invoked if the AcessInfo object cached by the plugin is not valid. Thus plugins should always fetch a new AccessInfo when invoked. If you are looking to just retrieve the current auth data then you should use get_access.

Parameters

session (keystoneauth1.session.Session) – A session object that can be used for communication.

Raises
Returns

Token access information.

Return type

keystoneauth1.access.AccessInfo

invalidate()

Invalidate the current authentication data.

This should result in fetching a new token on next call.

A plugin may be invalidated if an Unauthorized HTTP response is returned to indicate that the token may have been revoked or is otherwise now invalid.

Returns

True if there was something that the plugin did to invalidate. This means that it makes sense to try again. If nothing happens returns False to indicate give up.

Return type

bool