keystoneclient.v3.contrib.federation package¶
Submodules¶
keystoneclient.v3.contrib.federation.base module¶
-
class
keystoneclient.v3.contrib.federation.base.EntityManager(client)¶ Bases:
keystoneclient.base.ManagerManager class for listing federated accessible objects.
-
list()¶
-
object_type¶
-
resource_class= None¶
-
keystoneclient.v3.contrib.federation.core module¶
keystoneclient.v3.contrib.federation.domains module¶
-
class
keystoneclient.v3.contrib.federation.domains.DomainManager(client)¶ Bases:
keystoneclient.v3.contrib.federation.base.EntityManager-
object_type= ‘domains’¶
-
resource_class¶ alias of
Domain
-
keystoneclient.v3.contrib.federation.identity_providers module¶
-
class
keystoneclient.v3.contrib.federation.identity_providers.IdentityProvider(manager, info, loaded=False)¶ Bases:
keystoneclient.base.ResourceObject representing Identity Provider container.
- Attributes:
- id: user-defined unique string identifying Identity Provider.
-
class
keystoneclient.v3.contrib.federation.identity_providers.IdentityProviderManager(client)¶ Bases:
keystoneclient.base.CrudManagerManager class for manipulating Identity Providers.
-
base_url= ‘OS-FEDERATION’¶
-
collection_key= ‘identity_providers’¶
-
create(id, **kwargs)¶ Create Identity Provider object.
Utilize Keystone URI: PUT /OS-FEDERATION/identity_providers/$identity_provider
Parameters: - id – unique id of the identity provider.
- kwargs – optional attributes: description (str), enabled (boolean) and remote_ids (list).
Returns: an IdentityProvider resource object.
Return type: keystoneclient.v3.federation.IdentityProvider
-
delete(identity_provider)¶ Delete Identity Provider object.
Utilize Keystone URI: DELETE /OS-FEDERATION/identity_providers/$identity_provider
Parameters: identity_provider – the Identity Provider ID itself or an object with it stored inside.
-
get(identity_provider)¶ Fetch Identity Provider object.
Utilize Keystone URI: GET /OS-FEDERATION/identity_providers/$identity_provider
Parameters: identity_provider – an object with identity_provider_id stored inside. Returns: an IdentityProvider resource object. Return type: keystoneclient.v3.federation.IdentityProvider
-
key= ‘identity_provider’¶
-
list(**kwargs)¶ List all Identity Providers.
Utilize Keystone URI: GET /OS-FEDERATION/identity_providers
Returns: a list of IdentityProvider resource objects. Return type: List
-
resource_class¶ alias of
IdentityProvider
-
update(identity_provider, **kwargs)¶ Update Identity Provider object.
Utilize Keystone URI: PATCH /OS-FEDERATION/identity_providers/$identity_provider
Parameters: identity_provider – an object with identity_provider_id stored inside. Returns: an IdentityProvider resource object. Return type: keystoneclient.v3.federation.IdentityProvider
-
keystoneclient.v3.contrib.federation.mappings module¶
-
class
keystoneclient.v3.contrib.federation.mappings.Mapping(manager, info, loaded=False)¶ Bases:
keystoneclient.base.ResourceAn object representing mapping container.
- Attributes:
- id: user defined unique string identifying mapping.
-
class
keystoneclient.v3.contrib.federation.mappings.MappingManager(client)¶ Bases:
keystoneclient.base.CrudManagerManager class for manipulating federation mappings.
-
base_url= ‘OS-FEDERATION’¶
-
collection_key= ‘mappings’¶
-
create(mapping_id, **kwargs)¶ Create federation mapping.
Utilize Identity API operation: PUT /OS-FEDERATION/mappings/$mapping_id
Parameters: - mapping_id – user defined string identifier of the federation mapping.
- rules – a list of mapping rules.
Example of the
rulesparameter:[ { "local": [ { "group": { "id": "0cd5e9" } } ], "remote": [ { "type": "orgPersonType", "not_any_of": [ "Contractor", "Guest" ] } ] } ]
-
delete(mapping)¶ Delete federation mapping identified by mapping id.
Utilize Identity API operation: DELETE /OS-FEDERATION/mappings/$mapping_id
Parameters: mapping – a Mapping type object with mapping id stored inside.
-
get(mapping)¶ Fetch federation mapping identified by mapping id.
Utilize Identity API operation: GET /OS-FEDERATION/mappings/$mapping_id
Parameters: mapping – a Mapping type object with mapping id stored inside.
-
key= ‘mapping’¶
-
list(**kwargs)¶ List all federation mappings.
Utilize Identity API operation: GET /OS-FEDERATION/mappings
-
update(mapping, **kwargs)¶ Update federation mapping identified by mapping id.
Utilize Identity API operation: PATCH /OS-FEDERATION/mappings/$mapping_id
Parameters: - mapping – a Mapping type object with mapping id stored inside.
- rules – a list of mapping rules.
Example of the
rulesparameter:[ { "local": [ { "group": { "id": "0cd5e9" } } ], "remote": [ { "type": "orgPersonType", "not_any_of": [ "Contractor", "Guest" ] } ] } ]
-
keystoneclient.v3.contrib.federation.projects module¶
-
class
keystoneclient.v3.contrib.federation.projects.ProjectManager(client)¶ Bases:
keystoneclient.v3.contrib.federation.base.EntityManager-
object_type= ‘projects’¶
-
resource_class¶ alias of
Project
-
keystoneclient.v3.contrib.federation.protocols module¶
-
class
keystoneclient.v3.contrib.federation.protocols.Protocol(manager, info, loaded=False)¶ Bases:
keystoneclient.base.ResourceAn object representing federation protocol container.
- Attributes:
- id: user-defined unique per Identity Provider string identifying
- federation protocol.
-
class
keystoneclient.v3.contrib.federation.protocols.ProtocolManager(client)¶ Bases:
keystoneclient.base.CrudManagerManager class for manipulating federation protocols.
-
base_url= ‘OS-FEDERATION/identity_providers’¶
-
build_url(dict_args_in_out=None)¶ Build URL for federation protocols.
-
collection_key= ‘protocols’¶
-
create(protocol_id, identity_provider, mapping, **kwargs)¶ Create federation protocol object and tie to the Identity Provider.
Utilize Identity API operation: PUT /OS-FEDERATION/identity_providers/ $identity_provider/protocols/$protocol
Parameters: - protocol_id – a string type parameter identifying a federation protocol
- identity_provider – a string type parameter identifying an Identity Provider
- mapping – a base.Resource object with federation mapping id
-
delete(identity_provider, protocol)¶ Delete Protocol object tied to the Identity Provider.
Utilize Identity API operation: DELETE /OS-FEDERATION/identity_providers/ $identity_provider/protocols/$protocol
Parameters: - identity_provider – a base.Resource type object with Identity Provider id stored inside
- protocol – a base.Resource type object with federation protocol id stored inside
-
get(identity_provider, protocol, **kwargs)¶ Fetch federation protocol object tied to the Identity Provider.
Utilize Identity API operation: GET /OS-FEDERATION/identity_providers/ $identity_provider/protocols/$protocol
Parameters: - identity_provider – a base.Resource type object with Identity Provider id stored inside
- protocol – a base.Resource type object with federation protocol id stored inside
-
key= ‘protocol’¶
-
list(identity_provider, **kwargs)¶ List all federation protocol objects tied to the Identity Provider.
Utilize Identity API operation: GET /OS-FEDERATION/identity_providers/ $identity_provider/protocols
Parameters: identity_provider – a base.Resource type object with Identity Provider id stored inside
-
update(identity_provider, protocol, mapping, **kwargs)¶ Update Protocol object tied to the Identity Provider.
Utilize Identity API operation: PATCH /OS-FEDERATION/identity_providers/ $identity_provider/protocols/$protocol
Parameters: - identity_provider – a base.Resource type object with Identity Provider id stored inside
- protocol – a base.Resource type object with federation protocol id stored inside
- mapping – a base.Resource object with federation mapping id
-
keystoneclient.v3.contrib.federation.saml module¶
-
class
keystoneclient.v3.contrib.federation.saml.SamlManager(client)¶ Bases:
keystoneclient.base.ManagerManager class for creating SAML assertions.
-
create_ecp_assertion(service_provider, token_id)¶ Create an ECP wrapped SAML assertion from a token.
Equivalent Identity API call: POST /auth/OS-FEDERATION/saml2/ecp
Parameters: Returns: SAML representation of token_id, wrapped in ECP envelope
Return type:
-
create_saml_assertion(service_provider, token_id)¶ Create a SAML assertion from a token.
Equivalent Identity API call: POST /auth/OS-FEDERATION/saml2
Parameters: Returns: SAML representation of token_id
Return type:
-
keystoneclient.v3.contrib.federation.service_providers module¶
-
class
keystoneclient.v3.contrib.federation.service_providers.ServiceProvider(manager, info, loaded=False)¶ Bases:
keystoneclient.base.ResourceObject representing Service Provider container.
- Attributes:
- id: user-defined unique string identifying Service Provider.
- sp_url: the shibboleth endpoint of a Service Provider.
- auth_url: the authentication url of Service Provider.
-
class
keystoneclient.v3.contrib.federation.service_providers.ServiceProviderManager(client)¶ Bases:
keystoneclient.base.CrudManagerManager class for manipulating Service Providers.
-
base_url= ‘OS-FEDERATION’¶
-
collection_key= ‘service_providers’¶
-
create(id, **kwargs)¶ Create Service Provider object.
Utilize Keystone URI:
PUT /OS-FEDERATION/service_providers/{id}Parameters: id – unique id of the service provider.
-
delete(service_provider)¶ Delete Service Provider object.
Utilize Keystone URI:
DELETE /OS-FEDERATION/service_providers/{id}Parameters: service_provider – an object with service_provider_id stored inside.
-
get(service_provider)¶ Fetch Service Provider object.
Utilize Keystone URI:
GET /OS-FEDERATION/service_providers/{id}Parameters: service_provider – an object with service_provider_id stored inside.
-
key= ‘service_provider’¶
-
list(**kwargs)¶ List all Service Providers.
Utilize Keystone URI:
GET /OS-FEDERATION/service_providers
-
resource_class¶ alias of
ServiceProvider
-
update(service_provider, **kwargs)¶ Update the existing Service Provider object on the server.
Only properties provided to the function are being updated.
Utilize Keystone URI:
PATCH /OS-FEDERATION/service_providers/{id}Parameters: service_provider – an object with service_provider_id stored inside.
-