keystone.identity.shadow_backends.base module

class keystone.identity.shadow_backends.base.ShadowUsersDriverBase[source]

Bases: object

Interface description for an Shadow Users driver.

abstract create_federated_object(fed_dict)[source]

Create a new federated object.

Parameters:

federated_dict (dict) – Reference to the federated user

abstract create_federated_user(domain_id, federated_dict, email=None)[source]

Create a new user with the federated identity.

Parameters:
  • domain_id – The domain ID of the IdP used for the federated user

  • federated_dict (dict) – Reference to the federated user

  • email – Federated user’s email

Returns dict:

Containing the user reference

abstract create_nonlocal_user(user_dict)[source]

Create a new non-local user.

Parameters:

user_dict (dict) – Reference to the non-local user

Returns dict:

Containing the user reference

delete_federated_object(user_id)[source]

Delete a user’s federated objects.

Parameters:

user_id – Unique identifier of the user

abstract get_federated_objects(user_id)[source]

Get all federated objects for a user.

Parameters:

user_id – Unique identifier of the user

Returns list:

Containing the user’s federated objects

abstract get_federated_user(idp_id, protocol_id, unique_id)[source]

Return the found user for the federated identity.

Parameters:
  • idp_id – The identity provider ID

  • protocol_id – The federation protocol ID

  • unique_id – The unique ID for the user

Returns dict:

Containing the user reference

abstract get_user(user_id)[source]

Return the found user.

Parameters:

user_id – Unique identifier of the user

Returns dict:

Containing the user reference

abstract list_federated_users_info(hints=None)[source]

Get the shadow users info with the specified filters.

Parameters:

hints – contains the list of filters yet to be satisfied. Any filters satisfied here will be removed so that the caller will know if any filters remain.

Returns list:

A list of objects that containing the shadow users reference.

abstract set_last_active_at(user_id)[source]

Set the last active at date for the user.

Parameters:

user_id – Unique identifier of the user

abstract update_federated_user_display_name(idp_id, protocol_id, unique_id, display_name)[source]

Update federated user’s display name if changed.

Parameters:
  • idp_id – The identity provider ID

  • protocol_id – The federation protocol ID

  • unique_id – The unique ID for the user

  • display_name – The user’s display name

keystone.identity.shadow_backends.base.federated_objects_to_list(fed_ref)[source]

Create a new reformatted federated object list using the one passed in.

When returning federated objects with a user we only need the attributes idp_id, protocol_id, and unique_id. Therefore, we pull these elements out of the fed_ref and create a newly formatted list with the needed information. We simply group each federated object’s protocol_ids and unique_ids under the corresponding idp_id.

Returns list:

Containing the user’s federated objects