keystoneauth1.identity.v3.tokenless_auth module

keystoneauth1.identity.v3.tokenless_auth module

class keystoneauth1.identity.v3.tokenless_auth.TokenlessAuth(auth_url, domain_id=None, domain_name=None, project_id=None, project_name=None, project_domain_id=None, project_domain_name=None)

Bases: keystoneauth1.plugin.BaseAuthPlugin

A plugin for authenticating with Tokenless Auth.

This is for Tokenless Authentication. Scoped information like domain name and project ID will be passed in the headers and token validation request will be authenticated based on the provided HTTPS certificate along with the scope information.

get_endpoint(session, service_type=None, **kwargs)

Return a valid endpoint for a service.

Parameters
  • session (keystoneauth1.session.Session) – A session object that can be used for communication.

  • service_type (string) – The type of service to lookup the endpoint for. This plugin will return None (failure) if service_type is not provided.

Returns

A valid endpoint URL or None if not available.

Return type

string or None

get_headers(session, **kwargs)

Fetch authentication headers for message.

This is to override the default get_headers method to provide tokenless auth scope headers if token is not provided in the session.

Parameters

session (keystoneauth1.session.Session) – The session object that the auth_plugin belongs to.

Returns

Headers that are set to authenticate a message or None for failure. Note that when checking this value that the empty dict is a valid, non-failure response.

Return type

dict

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.