keystoneclient.v3.contrib.federation package

keystoneclient.v3.contrib.federation package

Submodules

keystoneclient.v3.contrib.federation.base module

class keystoneclient.v3.contrib.federation.base.EntityManager(client)

Bases: Manager

Manager class for listing federated accessible objects.

list()
abstract property object_type
resource_class = None

keystoneclient.v3.contrib.federation.core module

class keystoneclient.v3.contrib.federation.core.FederationManager(api)

Bases: object

keystoneclient.v3.contrib.federation.domains module

class keystoneclient.v3.contrib.federation.domains.DomainManager(client)

Bases: EntityManager

object_type = 'domains'
resource_class

alias of Domain

keystoneclient.v3.contrib.federation.identity_providers module

class keystoneclient.v3.contrib.federation.identity_providers.IdentityProvider(manager, info, loaded=False)

Bases: Resource

Object representing Identity Provider container.

Attributes:
  • id: user-defined unique string identifying Identity Provider.

class keystoneclient.v3.contrib.federation.identity_providers.IdentityProviderManager(client)

Bases: CrudManager

Manager class for manipulating Identity Providers.

base_url = 'OS-FEDERATION'
collection_key = 'identity_providers'
create(id, **kwargs)

Create Identity Provider object.

Utilize Keystone URI: PUT /OS-FEDERATION/identity_providers/$identity_provider

Parameters
  • id – unique id of the identity provider.

  • kwargs – optional attributes: description (str), domain_id (str), enabled (boolean) and remote_ids (list).

Returns

an IdentityProvider resource object.

Return type

keystoneclient.v3.federation.IdentityProvider

delete(identity_provider)

Delete Identity Provider object.

Utilize Keystone URI: DELETE /OS-FEDERATION/identity_providers/$identity_provider

Parameters

identity_provider – the Identity Provider ID itself or an object with it stored inside.

get(identity_provider)

Fetch Identity Provider object.

Utilize Keystone URI: GET /OS-FEDERATION/identity_providers/$identity_provider

Parameters

identity_provider – an object with identity_provider_id stored inside.

Returns

an IdentityProvider resource object.

Return type

keystoneclient.v3.federation.IdentityProvider

key = 'identity_provider'
list(**kwargs)

List all Identity Providers.

Utilize Keystone URI: GET /OS-FEDERATION/identity_providers

Returns

a list of IdentityProvider resource objects.

Return type

List

resource_class

alias of IdentityProvider

update(identity_provider, **kwargs)

Update Identity Provider object.

Utilize Keystone URI: PATCH /OS-FEDERATION/identity_providers/$identity_provider

Parameters

identity_provider – an object with identity_provider_id stored inside.

Returns

an IdentityProvider resource object.

Return type

keystoneclient.v3.federation.IdentityProvider

keystoneclient.v3.contrib.federation.mappings module

class keystoneclient.v3.contrib.federation.mappings.Mapping(manager, info, loaded=False)

Bases: Resource

An object representing mapping container.

Attributes:
  • id: user defined unique string identifying mapping.

class keystoneclient.v3.contrib.federation.mappings.MappingManager(client)

Bases: CrudManager

Manager class for manipulating federation mappings.

base_url = 'OS-FEDERATION'
collection_key = 'mappings'
create(mapping_id, **kwargs)

Create federation mapping.

Utilize Identity API operation: PUT /OS-FEDERATION/mappings/$mapping_id

Parameters
  • mapping_id – user defined string identifier of the federation mapping.

  • rules – a list of mapping rules.

Example of the rules parameter:

[
    {
        "local": [
            {
                "group": {
                    "id": "0cd5e9"
                }
            }
        ],
        "remote": [
            {
                "type": "orgPersonType",
                "not_any_of": [
                    "Contractor",
                    "Guest"
                ]
            }
        ]
    }
]
delete(mapping)

Delete federation mapping identified by mapping id.

Utilize Identity API operation: DELETE /OS-FEDERATION/mappings/$mapping_id

Parameters

mapping – a Mapping type object with mapping id stored inside.

get(mapping)

Fetch federation mapping identified by mapping id.

Utilize Identity API operation: GET /OS-FEDERATION/mappings/$mapping_id

Parameters

mapping – a Mapping type object with mapping id stored inside.

key = 'mapping'
list(**kwargs)

List all federation mappings.

Utilize Identity API operation: GET /OS-FEDERATION/mappings

resource_class

alias of Mapping

update(mapping, **kwargs)

Update federation mapping identified by mapping id.

Utilize Identity API operation: PATCH /OS-FEDERATION/mappings/$mapping_id

Parameters
  • mapping – a Mapping type object with mapping id stored inside.

  • rules – a list of mapping rules.

Example of the rules parameter:

[
    {
        "local": [
            {
                "group": {
                    "id": "0cd5e9"
                }
            }
        ],
        "remote": [
            {
                "type": "orgPersonType",
                "not_any_of": [
                    "Contractor",
                    "Guest"
                ]
            }
        ]
    }
]

keystoneclient.v3.contrib.federation.projects module

class keystoneclient.v3.contrib.federation.projects.ProjectManager(client)

Bases: EntityManager

object_type = 'projects'
resource_class

alias of Project

keystoneclient.v3.contrib.federation.protocols module

class keystoneclient.v3.contrib.federation.protocols.Protocol(manager, info, loaded=False)

Bases: Resource

An object representing federation protocol container.

Attributes:
  • id: user-defined unique per Identity Provider string identifying

    federation protocol.

class keystoneclient.v3.contrib.federation.protocols.ProtocolManager(client)

Bases: CrudManager

Manager class for manipulating federation protocols.

base_url = 'OS-FEDERATION/identity_providers'
build_url(dict_args_in_out=None)

Build URL for federation protocols.

collection_key = 'protocols'
create(protocol_id, identity_provider, mapping, **kwargs)

Create federation protocol object and tie to the Identity Provider.

Utilize Identity API operation: PUT /OS-FEDERATION/identity_providers/ $identity_provider/protocols/$protocol

Parameters
  • protocol_id – a string type parameter identifying a federation protocol

  • identity_provider – a string type parameter identifying an Identity Provider

  • mapping – a base.Resource object with federation mapping id

delete(identity_provider, protocol)

Delete Protocol object tied to the Identity Provider.

Utilize Identity API operation: DELETE /OS-FEDERATION/identity_providers/ $identity_provider/protocols/$protocol

Parameters
  • identity_provider – a base.Resource type object with Identity Provider id stored inside

  • protocol – a base.Resource type object with federation protocol id stored inside

get(identity_provider, protocol, **kwargs)

Fetch federation protocol object tied to the Identity Provider.

Utilize Identity API operation: GET /OS-FEDERATION/identity_providers/ $identity_provider/protocols/$protocol

Parameters
  • identity_provider – a base.Resource type object with Identity Provider id stored inside

  • protocol – a base.Resource type object with federation protocol id stored inside

key = 'protocol'
list(identity_provider, **kwargs)

List all federation protocol objects tied to the Identity Provider.

Utilize Identity API operation: GET /OS-FEDERATION/identity_providers/ $identity_provider/protocols

Parameters

identity_provider – a base.Resource type object with Identity Provider id stored inside

resource_class

alias of Protocol

update(identity_provider, protocol, mapping, **kwargs)

Update Protocol object tied to the Identity Provider.

Utilize Identity API operation: PATCH /OS-FEDERATION/identity_providers/ $identity_provider/protocols/$protocol

Parameters
  • identity_provider – a base.Resource type object with Identity Provider id stored inside

  • protocol – a base.Resource type object with federation protocol id stored inside

  • mapping – a base.Resource object with federation mapping id

keystoneclient.v3.contrib.federation.saml module

class keystoneclient.v3.contrib.federation.saml.SamlManager(client)

Bases: Manager

Manager class for creating SAML assertions.

create_ecp_assertion(service_provider, token_id)

Create an ECP wrapped SAML assertion from a token.

Equivalent Identity API call: POST /auth/OS-FEDERATION/saml2/ecp

Parameters
  • service_provider (string) – Service Provider resource.

  • token_id (string) – Token to transform to SAML assertion.

Returns

SAML representation of token_id, wrapped in ECP envelope

Return type

string

create_saml_assertion(service_provider, token_id)

Create a SAML assertion from a token.

Equivalent Identity API call: POST /auth/OS-FEDERATION/saml2

Parameters
  • service_provider (string) – Service Provider resource.

  • token_id (string) – Token to transform to SAML assertion.

Returns

SAML representation of token_id

Return type

string

keystoneclient.v3.contrib.federation.service_providers module

class keystoneclient.v3.contrib.federation.service_providers.ServiceProvider(manager, info, loaded=False)

Bases: Resource

Object representing Service Provider container.

Attributes:
  • id: user-defined unique string identifying Service Provider.

  • sp_url: the shibboleth endpoint of a Service Provider.

  • auth_url: the authentication url of Service Provider.

class keystoneclient.v3.contrib.federation.service_providers.ServiceProviderManager(client)

Bases: CrudManager

Manager class for manipulating Service Providers.

base_url = 'OS-FEDERATION'
collection_key = 'service_providers'
create(id, **kwargs)

Create Service Provider object.

Utilize Keystone URI: PUT /OS-FEDERATION/service_providers/{id}

Parameters

id – unique id of the service provider.

delete(service_provider)

Delete Service Provider object.

Utilize Keystone URI: DELETE /OS-FEDERATION/service_providers/{id}

Parameters

service_provider – an object with service_provider_id stored inside.

get(service_provider)

Fetch Service Provider object.

Utilize Keystone URI: GET /OS-FEDERATION/service_providers/{id}

Parameters

service_provider – an object with service_provider_id stored inside.

key = 'service_provider'
list(**kwargs)

List all Service Providers.

Utilize Keystone URI: GET /OS-FEDERATION/service_providers

resource_class

alias of ServiceProvider

update(service_provider, **kwargs)

Update the existing Service Provider object on the server.

Only properties provided to the function are being updated.

Utilize Keystone URI: PATCH /OS-FEDERATION/service_providers/{id}

Parameters

service_provider – an object with service_provider_id stored inside.

Module contents

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.

Page Contents