keystone.federation.backends.base module¶

class keystone.federation.backends.base.FederationDriverBase[source]¶

Bases: object

abstract create_idp(idp_id, idp)[source]¶

Create an identity provider.

Parameters:

• idp_id (string) – ID of IdP object

• idp (dict) – idp object

Returns:

idp ref

Return type:

dict

abstract create_mapping(mapping_id, mapping)[source]¶

Create a mapping.

Parameters:

• mapping_id (string) – ID of mapping object

• mapping (dict) – mapping ref with mapping name

Returns:

mapping ref

Return type:

dict

abstract create_protocol(idp_id, protocol_id, protocol)[source]¶

Add an IdP-Protocol configuration.

Parameters:

• idp_id (string) – ID of IdP object

• protocol_id (string) – ID of protocol object

• protocol (dict) – protocol object

Raises:

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

Returns:

protocol ref

Return type:

dict

abstract create_sp(sp_id, sp)[source]¶

Create a service provider.

Parameters:

• sp_id (string) – id of the service provider

• sp (dict) – service provider object

Returns:

service provider ref

Return type:

dict

abstract delete_idp(idp_id)[source]¶

Delete an identity provider.

Parameters:

idp_id (string) – ID of IdP object

Raises:

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

abstract delete_mapping(mapping_id)[source]¶

Delete a mapping.

Parameters:

mapping_id – id of mapping to delete

Returns:

None

abstract delete_protocol(idp_id, protocol_id)[source]¶

Delete an IdP-Protocol configuration.

Parameters:

• idp_id (string) – ID of IdP object

• protocol_id (string) – ID of protocol object

Raises:

• keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

• keystone.exception.FederatedProtocolNotFound – If the federated protocol cannot be found.

abstract delete_sp(sp_id)[source]¶

Delete a service provider.

Parameters:

sp_id (string) – id of the service provider

Raises:

keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.

abstract get_enabled_service_providers()[source]¶

List enabled service providers for Service Catalog.

Service Provider in a catalog contains three attributes: id, auth_url, sp_url, where:

• id is a unique, user defined identifier for service provider object

• auth_url is an authentication URL of remote Keystone

• sp_url a URL accessible at the remote service provider where SAML assertion is transmitted.

Returns:

list of dictionaries with enabled service providers

Return type:

list of dicts

abstract get_idp(idp_id)[source]¶

Get an identity provider by ID.

Parameters:

idp_id (string) – ID of IdP object

Raises:

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

Returns:

idp ref

Return type:

dict

abstract get_idp_from_remote_id(remote_id)[source]¶

Get an identity provider by remote ID.

Parameters:

remote_id – ID of remote IdP

Raises:

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

Returns:

idp ref

Return type:

dict

abstract get_mapping(mapping_id)[source]¶

Get a mapping, returns the mapping based on mapping_id.

Parameters:

mapping_id – id of mapping to get

Raises:

keystone.exception.MappingNotFound – If the mapping cannot be found.

Returns:

mapping ref

Return type:

dict

abstract get_mapping_from_idp_and_protocol(idp_id, protocol_id)[source]¶

Get mapping based on idp_id and protocol_id.

Parameters:

• idp_id (string) – id of the identity provider

• protocol_id (string) – id of the protocol

Raises:

• keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

• keystone.exception.FederatedProtocolNotFound – If the federated protocol cannot be found.

Returns:

mapping ref

Return type:

dict

abstract get_protocol(idp_id, protocol_id)[source]¶

Get an IdP-Protocol configuration.

Parameters:

• idp_id (string) – ID of IdP object

• protocol_id (string) – ID of protocol object

Raises:

• keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

• keystone.exception.FederatedProtocolNotFound – If the federated protocol cannot be found.

Returns:

protocol ref

Return type:

dict

abstract get_sp(sp_id)[source]¶

Get a service provider.

Parameters:

sp_id (string) – id of the service provider

Returns:

service provider ref

Return type:

dict

Raises:

keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.

abstract list_idps(hints)[source]¶

List all identity providers.

Parameters:

hints – filter hints which the driver should implement if at all possible.

Returns:

list of idp refs

Return type:

list of dicts

Raises:

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

abstract list_mappings()[source]¶

List all mappings.

Returns:

list of mapping refs

Return type:

list of dicts

abstract list_protocols(idp_id)[source]¶

List an IdP’s supported protocols.

Parameters:

idp_id (string) – ID of IdP object

Raises:

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

Returns:

list of protocol ref

Return type:

list of dict

abstract list_sps(hints)[source]¶

List all service providers.

Parameters:

hints – filter hints which the driver should implement if at all possible.

Returns:

List of service provider ref objects

Return type:

list of dicts

Raises:

keystone.exception.ServiceProviderNotFound – If the SP doesn’t exist.

abstract update_idp(idp_id, idp)[source]¶

Update an identity provider by ID.

Parameters:

• idp_id (string) – ID of IdP object

• idp (dict) – idp object

Raises:

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

Returns:

idp ref

Return type:

dict

abstract update_mapping(mapping_id, mapping_ref)[source]¶

Update a mapping.

Parameters:

• mapping_id (string) – id of mapping to update

• mapping_ref (dict) – new mapping ref

Returns:

mapping ref

Return type:

dict

abstract update_protocol(idp_id, protocol_id, protocol)[source]¶

Change an IdP-Protocol configuration.

Parameters:

• idp_id (string) – ID of IdP object

• protocol_id (string) – ID of protocol object

• protocol (dict) – protocol object

Raises:

• keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

• keystone.exception.FederatedProtocolNotFound – If the federated protocol cannot be found.

Returns:

protocol ref

Return type:

dict

abstract update_sp(sp_id, sp)[source]¶

Update a service provider.

Parameters:

• sp_id (string) – id of the service provider

• sp (dict) – service prvider object

Returns:

service provider ref

Return type:

dict

Raises:

keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.