Source code for keystone.application_credential.backends.base
# Copyright 2018 SUSE Linux GmbH
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import abc
from keystone import exception
[docs]
class ApplicationCredentialDriverBase(object, metaclass=abc.ABCMeta):
[docs]
@abc.abstractmethod
def authenticate(self, application_credential_id, secret):
"""Validate an application credential.
:param str application_credential_id: Application Credential ID
:param str secret: Secret
:raises AssertionError: If id or secret is invalid.
"""
raise exception.NotImplemented() # pragma: no cover
[docs]
@abc.abstractmethod
def create_application_credential(self, application_credential, roles):
"""Create a new application credential.
:param dict application_credential: Application Credential data
:param list roles: A list of roles that apply to the
application_credential.
:returns: a new application credential
"""
raise exception.NotImplemented() # pragma: no cover
[docs]
@abc.abstractmethod
def get_application_credential(self, application_credential_id):
"""Get an application credential by the credential id.
:param str application_credential_id: Application Credential ID
"""
raise exception.NotImplemented() # pragma: no cover
[docs]
@abc.abstractmethod
def list_application_credentials_for_user(self, user_id, hints):
"""List application credentials for a user.
:param str user_id: User ID
:param hints: contains the list of filters yet to be satisfied.
Any filters satisfied here will be removed so that
the caller will know if any filters remain.
"""
raise exception.NotImplemented() # pragma: no cover
[docs]
@abc.abstractmethod
def delete_application_credential(self, application_credential_id):
"""Delete a single application credential.
:param str application_credential_id: ID of the application credential
to delete.
"""
raise exception.NotImplemented() # pragma: no cover
[docs]
@abc.abstractmethod
def delete_application_credentials_for_user(self, user_id):
"""Delete all application credentials for a user.
:param user_id: ID of a user to whose application credentials should
be deleted.
"""
raise exception.NotImplemented() # pragma: no cover
[docs]
@abc.abstractmethod
def delete_application_credentials_for_user_on_project(self, user_id,
project_id):
"""Delete all application credentials for a user on a given project.
:param str user_id: ID of a user to whose application credentials
should be deleted.
:param str project_id: ID of a project on which to filter application
credentials.
"""
raise exception.NotImplemented() # pragma: no cover
[docs]
@abc.abstractmethod
def get_access_rule(self, access_rule_id):
"""Get an access rule by its ID.
:param str access_rule_id: Access Rule ID
"""
raise exception.NotImplemented() # pragma: no cover
[docs]
@abc.abstractmethod
def list_access_rules_for_user(self, user_id):
"""List the access rules that a user has created.
Access rules are only created as attributes of application credentials,
they cannot be created independently.
:param str user_id: User ID
"""
raise exception.NotImplemented() # pragma: no cover
[docs]
@abc.abstractmethod
def delete_access_rule(self, access_rule_id):
"""Delete one access rule.
:param str access_rule_id: Access Rule ID
"""
raise exception.NotImplemented() # pragma: no cover
[docs]
@abc.abstractmethod
def delete_access_rules_for_user(self, user_id):
"""Delete all access rules for user.
This is called when the user itself is deleted.
:param str user_id: User ID
"""
raise exception.NotImplemented() # pragma: no cover
