keystoneclient.v3.contrib.federation package¶
Submodules¶
keystoneclient.v3.contrib.federation.base module¶
keystoneclient.v3.contrib.federation.core module¶
keystoneclient.v3.contrib.federation.domains module¶
- class keystoneclient.v3.contrib.federation.domains.DomainManager(client)¶
Bases:
EntityManager
- object_type = 'domains'¶
keystoneclient.v3.contrib.federation.identity_providers module¶
- class keystoneclient.v3.contrib.federation.identity_providers.IdentityProvider(manager, info, loaded=False)¶
Bases:
Resource
Object representing Identity Provider container.
- Attributes:
id: user-defined unique string identifying Identity Provider.
- class keystoneclient.v3.contrib.federation.identity_providers.IdentityProviderManager(client)¶
Bases:
CrudManager
Manager class for manipulating Identity Providers.
- base_url = 'OS-FEDERATION'¶
- collection_key = 'identity_providers'¶
- create(id, **kwargs)¶
Create Identity Provider object.
Utilize Keystone URI: PUT /OS-FEDERATION/identity_providers/$identity_provider
- Parameters:
id – unique id of the identity provider.
kwargs – optional attributes: description (str), domain_id (str), enabled (boolean) and remote_ids (list).
- Returns:
an IdentityProvider resource object.
- Return type:
keystoneclient.v3.federation.IdentityProvider
- delete(identity_provider)¶
Delete Identity Provider object.
Utilize Keystone URI: DELETE /OS-FEDERATION/identity_providers/$identity_provider
- Parameters:
identity_provider – the Identity Provider ID itself or an object with it stored inside.
- get(identity_provider)¶
Fetch Identity Provider object.
Utilize Keystone URI: GET /OS-FEDERATION/identity_providers/$identity_provider
- Parameters:
identity_provider – an object with identity_provider_id stored inside.
- Returns:
an IdentityProvider resource object.
- Return type:
keystoneclient.v3.federation.IdentityProvider
- key = 'identity_provider'¶
- list(**kwargs)¶
List all Identity Providers.
Utilize Keystone URI: GET /OS-FEDERATION/identity_providers
- Returns:
a list of IdentityProvider resource objects.
- Return type:
List
- resource_class¶
alias of
IdentityProvider
- update(identity_provider, **kwargs)¶
Update Identity Provider object.
Utilize Keystone URI: PATCH /OS-FEDERATION/identity_providers/$identity_provider
- Parameters:
identity_provider – an object with identity_provider_id stored inside.
- Returns:
an IdentityProvider resource object.
- Return type:
keystoneclient.v3.federation.IdentityProvider
keystoneclient.v3.contrib.federation.mappings module¶
- class keystoneclient.v3.contrib.federation.mappings.Mapping(manager, info, loaded=False)¶
Bases:
Resource
An object representing mapping container.
- Attributes:
id: user defined unique string identifying mapping.
- class keystoneclient.v3.contrib.federation.mappings.MappingManager(client)¶
Bases:
CrudManager
Manager class for manipulating federation mappings.
- base_url = 'OS-FEDERATION'¶
- collection_key = 'mappings'¶
- create(mapping_id, **kwargs)¶
Create federation mapping.
Utilize Identity API operation: PUT /OS-FEDERATION/mappings/$mapping_id
- Parameters:
mapping_id – user defined string identifier of the federation mapping.
rules – a list of mapping rules.
Example of the
rules
parameter:[ { "local": [ { "group": { "id": "0cd5e9" } } ], "remote": [ { "type": "orgPersonType", "not_any_of": [ "Contractor", "Guest" ] } ] } ]
- delete(mapping)¶
Delete federation mapping identified by mapping id.
Utilize Identity API operation: DELETE /OS-FEDERATION/mappings/$mapping_id
- Parameters:
mapping – a Mapping type object with mapping id stored inside.
- get(mapping)¶
Fetch federation mapping identified by mapping id.
Utilize Identity API operation: GET /OS-FEDERATION/mappings/$mapping_id
- Parameters:
mapping – a Mapping type object with mapping id stored inside.
- key = 'mapping'¶
- list(**kwargs)¶
List all federation mappings.
Utilize Identity API operation: GET /OS-FEDERATION/mappings
- update(mapping, **kwargs)¶
Update federation mapping identified by mapping id.
Utilize Identity API operation: PATCH /OS-FEDERATION/mappings/$mapping_id
- Parameters:
mapping – a Mapping type object with mapping id stored inside.
rules – a list of mapping rules.
Example of the
rules
parameter:[ { "local": [ { "group": { "id": "0cd5e9" } } ], "remote": [ { "type": "orgPersonType", "not_any_of": [ "Contractor", "Guest" ] } ] } ]
keystoneclient.v3.contrib.federation.projects module¶
- class keystoneclient.v3.contrib.federation.projects.ProjectManager(client)¶
Bases:
EntityManager
- object_type = 'projects'¶
keystoneclient.v3.contrib.federation.protocols module¶
- class keystoneclient.v3.contrib.federation.protocols.Protocol(manager, info, loaded=False)¶
Bases:
Resource
An object representing federation protocol container.
- Attributes:
- id: user-defined unique per Identity Provider string identifying
federation protocol.
- class keystoneclient.v3.contrib.federation.protocols.ProtocolManager(client)¶
Bases:
CrudManager
Manager class for manipulating federation protocols.
- base_url = 'OS-FEDERATION/identity_providers'¶
- build_url(dict_args_in_out=None)¶
Build URL for federation protocols.
- collection_key = 'protocols'¶
- create(protocol_id, identity_provider, mapping, **kwargs)¶
Create federation protocol object and tie to the Identity Provider.
Utilize Identity API operation: PUT /OS-FEDERATION/identity_providers/ $identity_provider/protocols/$protocol
- Parameters:
protocol_id – a string type parameter identifying a federation protocol
identity_provider – a string type parameter identifying an Identity Provider
mapping – a base.Resource object with federation mapping id
- delete(identity_provider, protocol)¶
Delete Protocol object tied to the Identity Provider.
Utilize Identity API operation: DELETE /OS-FEDERATION/identity_providers/ $identity_provider/protocols/$protocol
- Parameters:
identity_provider – a base.Resource type object with Identity Provider id stored inside
protocol – a base.Resource type object with federation protocol id stored inside
- get(identity_provider, protocol, **kwargs)¶
Fetch federation protocol object tied to the Identity Provider.
Utilize Identity API operation: GET /OS-FEDERATION/identity_providers/ $identity_provider/protocols/$protocol
- Parameters:
identity_provider – a base.Resource type object with Identity Provider id stored inside
protocol – a base.Resource type object with federation protocol id stored inside
- key = 'protocol'¶
- list(identity_provider, **kwargs)¶
List all federation protocol objects tied to the Identity Provider.
Utilize Identity API operation: GET /OS-FEDERATION/identity_providers/ $identity_provider/protocols
- Parameters:
identity_provider – a base.Resource type object with Identity Provider id stored inside
- update(identity_provider, protocol, mapping, **kwargs)¶
Update Protocol object tied to the Identity Provider.
Utilize Identity API operation: PATCH /OS-FEDERATION/identity_providers/ $identity_provider/protocols/$protocol
- Parameters:
identity_provider – a base.Resource type object with Identity Provider id stored inside
protocol – a base.Resource type object with federation protocol id stored inside
mapping – a base.Resource object with federation mapping id
keystoneclient.v3.contrib.federation.saml module¶
- class keystoneclient.v3.contrib.federation.saml.SamlManager(client)¶
Bases:
Manager
Manager class for creating SAML assertions.
- create_ecp_assertion(service_provider, token_id)¶
Create an ECP wrapped SAML assertion from a token.
Equivalent Identity API call: POST /auth/OS-FEDERATION/saml2/ecp
- Parameters:
service_provider (string) – Service Provider resource.
token_id (string) – Token to transform to SAML assertion.
- Returns:
SAML representation of token_id, wrapped in ECP envelope
- Return type:
string
- create_saml_assertion(service_provider, token_id)¶
Create a SAML assertion from a token.
Equivalent Identity API call: POST /auth/OS-FEDERATION/saml2
- Parameters:
service_provider (string) – Service Provider resource.
token_id (string) – Token to transform to SAML assertion.
- Returns:
SAML representation of token_id
- Return type:
string
keystoneclient.v3.contrib.federation.service_providers module¶
- class keystoneclient.v3.contrib.federation.service_providers.ServiceProvider(manager, info, loaded=False)¶
Bases:
Resource
Object representing Service Provider container.
- Attributes:
id: user-defined unique string identifying Service Provider.
sp_url: the shibboleth endpoint of a Service Provider.
auth_url: the authentication url of Service Provider.
- class keystoneclient.v3.contrib.federation.service_providers.ServiceProviderManager(client)¶
Bases:
CrudManager
Manager class for manipulating Service Providers.
- base_url = 'OS-FEDERATION'¶
- collection_key = 'service_providers'¶
- create(id, **kwargs)¶
Create Service Provider object.
Utilize Keystone URI:
PUT /OS-FEDERATION/service_providers/{id}
- Parameters:
id – unique id of the service provider.
- delete(service_provider)¶
Delete Service Provider object.
Utilize Keystone URI:
DELETE /OS-FEDERATION/service_providers/{id}
- Parameters:
service_provider – an object with service_provider_id stored inside.
- get(service_provider)¶
Fetch Service Provider object.
Utilize Keystone URI:
GET /OS-FEDERATION/service_providers/{id}
- Parameters:
service_provider – an object with service_provider_id stored inside.
- key = 'service_provider'¶
- list(**kwargs)¶
List all Service Providers.
Utilize Keystone URI:
GET /OS-FEDERATION/service_providers
- resource_class¶
alias of
ServiceProvider
- update(service_provider, **kwargs)¶
Update the existing Service Provider object on the server.
Only properties provided to the function are being updated.
Utilize Keystone URI:
PATCH /OS-FEDERATION/service_providers/{id}
- Parameters:
service_provider – an object with service_provider_id stored inside.