keystone.token.persistence.backends package

Submodules

keystone.token.persistence.backends.kvs module

class keystone.token.persistence.backends.kvs.Token(*args, **kwargs)[source]

Bases: keystone.token.persistence.core.TokenDriverBase

KeyValueStore backend for tokens.

This is the base implementation for any/all key-value-stores (e.g. memcached) for the Token backend. It is recommended to only use the base in-memory implementation for testing purposes.

create_token(token_id, data)[source]

Create a token by id and data.

It is assumed the caller has performed data validation on the “data” parameter.

delete_token(token_id)[source]
delete_tokens(user_id, tenant_id=None, trust_id=None, consumer_id=None)[source]
flush_expired_tokens()[source]

Archive or delete tokens that have expired.

get_token(token_id)[source]
kvs_backend = 'openstack.kvs.Memory'
list_revoked_tokens()[source]
revocation_key = 'revocation-list'

keystone.token.persistence.backends.sql module

class keystone.token.persistence.backends.sql.Token[source]

Bases: keystone.token.persistence.core.TokenDriverBase

create_token(token_id, data)[source]
delete_token(token_id)[source]
delete_tokens(user_id, tenant_id=None, trust_id=None, consumer_id=None)[source]

Delete all tokens in one session.

The user_id will be ignored if the trust_id is specified. user_id will always be specified. If using a trust, the token’s user_id is set to the trustee’s user ID or the trustor’s user ID, so will use trust_id to query the tokens.

flush_expired_tokens()[source]
get_token(token_id)[source]
list_revoked_tokens()[source]
class keystone.token.persistence.backends.sql.TokenModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.DictBase

attributes = ['id', 'expires', 'user_id', 'trust_id']
expires
extra
id
trust_id
user_id
valid

Module contents