Bases: tuple
Alias for field number 1
Alias for field number 2
Alias for field number 0
Bases: ProviderAPIMixin
, object
Abstract base class for an authentication plugin.
Authenticate user and return an authentication context.
auth_payload (dict) – the payload content of the authentication request for a given method
If successful, plugin must set user_id
in response_data
.
method_name
is used to convey any additional authentication methods
in case authentication is for re-scoping. For example, if the
authentication is for re-scoping, plugin must append the previous
method names into method_names
; NOTE: This behavior is exclusive
to the re-scope type action. Here’s an example of response_data
on
successful authentication:
{
"methods": [
"password",
"token"
],
"user_id": "abc123"
}
Plugins are invoked in the order in which they are specified in the
methods
attribute of the identity
object. For example,
custom-plugin
is invoked before password
, which is invoked
before token
in the following authentication request:
{
"auth": {
"identity": {
"custom-plugin": {
"custom-data": "sdfdfsfsfsdfsf"
},
"methods": [
"custom-plugin",
"password",
"token"
],
"password": {
"user": {
"id": "s23sfad1",
"password": "secret"
}
},
"token": {
"id": "sdfafasdfsfasfasdfds"
}
}
}
}
AuthHandlerResponse with status set to True
if auth was
successful. If status is False
and this is a multi-step
auth, the response_body
can be in a form of a dict for
the next step in authentication.
keystone.exception.Unauthorized – for authentication failure
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.