keystone.federation.core module

Main entry point into the Federation service.

class keystone.federation.core.Manager[source]

Bases: Manager

Default pivot point for the Federation backend.

See keystone.common.manager.Manager for more details on how this dynamically calls the backend.

create_idp(idp_id, idp)[source]
create_protocol(idp_id, protocol_id, protocol)[source]
create_sp(sp_id, service_provider)[source]
delete_idp(idp_id)[source]
delete_protocol(idp_id, protocol_id)[source]
delete_sp(sp_id)[source]
driver_namespace = 'keystone.federation'
evaluate(idp_id, protocol_id, assertion_data)[source]
get_enabled_service_providers()[source]

List enabled service providers for Service Catalog.

Service Provider in a catalog contains three attributes: id, auth_url, sp_url, where:

  • id is a unique, user defined identifier for service provider object

  • auth_url is an authentication URL of remote Keystone

  • sp_url a URL accessible at the remote service provider where SAML assertion is transmitted.

Returns:

list of dictionaries with enabled service providers

Return type:

list of dicts

update_protocol(idp_id, protocol_id, protocol)[source]
update_sp(sp_id, service_provider)[source]