keystone package¶

Subpackages¶

Submodules¶

keystone.exception module¶

exception keystone.exception.AccountLocked(message=None, **kwargs)[source]¶

Bases: keystone.exception.Unauthorized

message_format = u'The account is locked for user: %(user_id)s.'¶

exception keystone.exception.AdditionalAuthRequired(auth_response=None, **kwargs)[source]¶

Bases: keystone.exception.AuthPluginException

message_format = u'Additional authentications steps required.'¶

exception keystone.exception.AmbiguityError(message=None, **kwargs)[source]¶

Bases: keystone.exception.ValidationError

message_format = u"There are multiple %(resource)s entities named '%(name)s'. Please use ID instead of names to resolve the ambiguity."¶

exception keystone.exception.ApplicationCredentialAuthError(*args, **kwargs)[source]¶

Bases: keystone.exception.AuthPluginException

message_format = u'Error authenticating with application credential: %(detail)s'¶

exception keystone.exception.ApplicationCredentialLimitExceeded(message=None, **kwargs)[source]¶

Bases: keystone.exception.ForbiddenNotSecurity

message_format = u'Unable to create additional application credentials, maximum of %(limit)d already exceeded for user.'¶

exception keystone.exception.ApplicationCredentialNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find Application Credential: %(application_credential_id)s.'¶

exception keystone.exception.ApplicationCredentialValidationError(message=None, **kwargs)[source]¶

Bases: keystone.exception.ValidationError

message_format = u'Invalid application credential: %(detail)s'¶

exception keystone.exception.AssignmentTypeCalculationError(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Unexpected combination of grant attributes - User: %(user_id)s, Group: %(group_id)s, Project: %(project_id)s, Domain: %(domain_id)s.'¶

exception keystone.exception.AuthMethodNotSupported(*args, **kwargs)[source]¶

Bases: keystone.exception.AuthPluginException

message_format = u'Attempted to authenticate with an unsupported method.'¶

exception keystone.exception.AuthPluginException(*args, **kwargs)[source]¶

Bases: keystone.exception.Unauthorized

message_format = u'Authentication plugin error.'¶

exception keystone.exception.CertificateFilesUnavailable(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Expected signing certificates are not available on the server. Please check Keystone configuration.'¶

exception keystone.exception.CircularRegionHierarchyError(message=None, **kwargs)[source]¶

Bases: keystone.exception.Error

code = 400¶

message_format = u'The specified parent region %(parent_region_id)s would create a circular region hierarchy.'¶

title = 'Bad Request'¶

exception keystone.exception.ConfigFileNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u'The Keystone configuration file %(config_file)s could not be found.'¶

exception keystone.exception.ConfigRegistrationNotFound[source]¶

Bases: exceptions.Exception

exception keystone.exception.Conflict(message=None, **kwargs)[source]¶

Bases: keystone.exception.Error

code = 409¶

message_format = u'Conflict occurred attempting to store %(type)s - %(details)s.'¶

title = 'Conflict'¶

exception keystone.exception.CredentialEncryptionError[source]¶

Bases: exceptions.Exception

message_format = u'An unexpected error prevented the server from accessing encrypted credentials.'¶

exception keystone.exception.CredentialNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find credential: %(credential_id)s.'¶

exception keystone.exception.CrossBackendNotAllowed(message=None, **kwargs)[source]¶

Bases: keystone.exception.Forbidden

message_format = u'Group membership across backend boundaries is not allowed. Group in question is %(group_id)s, user is %(user_id)s.'¶

exception keystone.exception.DirectMappingError(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u"Local section in mapping %(mapping_id)s refers to a remote match that doesn't exist (e.g. {0} in a local section)."¶

exception keystone.exception.DomainConfigNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find %(group_or_option)s in domain configuration for domain %(domain_id)s.'¶

exception keystone.exception.DomainNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find domain: %(domain_id)s.'¶

exception keystone.exception.DomainSpecificRoleMismatch(message=None, **kwargs)[source]¶

Bases: keystone.exception.Forbidden

message_format = u'Project %(project_id)s must be in the same domain as the role %(role_id)s being assigned.'¶

exception keystone.exception.DomainSpecificRoleNotWithinIdPDomain(message=None, **kwargs)[source]¶

Bases: keystone.exception.Forbidden

message_format = u'role: %(role_name)s must be within the same domain as the identity provider: %(identity_provider)s.'¶

exception keystone.exception.EndpointGroupNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find Endpoint Group: %(endpoint_group_id)s.'¶

exception keystone.exception.EndpointNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find endpoint: %(endpoint_id)s.'¶

exception keystone.exception.Error(message=None, **kwargs)[source]¶

Bases: exceptions.Exception

Base error class.

Child classes should define an HTTP status code, title, and a message_format.

code = None¶

message_format = None¶

title = None¶

exception keystone.exception.FederatedProtocolNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find federated protocol %(protocol_id)s for Identity Provider: %(idp_id)s.'¶

exception keystone.exception.Forbidden(message=None, **kwargs)[source]¶

Bases: keystone.exception.SecurityError

code = 403¶

message_format = u'You are not authorized to perform the requested action.'¶

title = 'Forbidden'¶

exception keystone.exception.ForbiddenAction(message=None, **kwargs)[source]¶

Bases: keystone.exception.Forbidden

message_format = u'You are not authorized to perform the requested action: %(action)s.'¶

exception keystone.exception.ForbiddenNotSecurity(message=None, **kwargs)[source]¶

Bases: keystone.exception.Error

When you want to return a 403 Forbidden response but not security.

Use this for errors where the message is always safe to present to the user and won’t give away extra information.

code = 403¶

title = 'Forbidden'¶

exception keystone.exception.Gone(message=None, **kwargs)[source]¶

Bases: keystone.exception.Error

code = 410¶

message_format = u'The service you have requested is no longer available on this server.'¶

title = 'Gone'¶

exception keystone.exception.GroupNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find group: %(group_id)s.'¶

exception keystone.exception.IdentityProviderNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find Identity Provider: %(idp_id)s.'¶

exception keystone.exception.ImpliedRoleNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'%(prior_role_id)s does not imply %(implied_role_id)s.'¶

exception keystone.exception.InsufficientAuthMethods(message=None, **kwargs)[source]¶

Bases: keystone.exception.Error

code = 401¶

message_format = u'Insufficient auth methods received for %(user_id)s. Auth Methods Provided: %(methods)s.'¶

title = 'Unauthorized'¶

exception keystone.exception.InvalidDomainConfig(message=None, **kwargs)[source]¶

Bases: keystone.exception.Forbidden

message_format = u'Invalid domain specific configuration: %(reason)s.'¶

exception keystone.exception.InvalidImpliedRole(message=None, **kwargs)[source]¶

Bases: keystone.exception.Forbidden

message_format = u'%(role_id)s cannot be an implied roles.'¶

exception keystone.exception.InvalidOperatorError(message=None, **kwargs)[source]¶

Bases: keystone.exception.ValidationError

message_format = u"The given operator %(_op)s is not valid. It must be one of the following: 'eq', 'neq', 'lt', 'lte', 'gt', or 'gte'."¶

exception keystone.exception.InvalidPolicyAssociation(message=None, **kwargs)[source]¶

Bases: keystone.exception.Forbidden

message_format = u'Invalid mix of entities for policy association: only Endpoint, Service, or Region+Service allowed. Request was - Endpoint: %(endpoint_id)s, Service: %(service_id)s, Region: %(region_id)s.'¶

exception keystone.exception.KeysNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u'No encryption keys found; run keystone-manage fernet_setup to bootstrap one.'¶

exception keystone.exception.LDAPInvalidCredentialsError(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

message_format = u'Unable to authenticate against Identity backend - Invalid username or password'¶

exception keystone.exception.LDAPServerConnectionError(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Unable to establish a connection to LDAP Server (%(url)s).'¶

exception keystone.exception.LDAPSizeLimitExceeded(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

message_format = u'Number of User/Group entities returned by LDAP exceeded size limit. Contact your LDAP administrator.'¶

exception keystone.exception.LimitNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find limit for %(id)s.'¶

exception keystone.exception.MalformedEndpoint(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Malformed endpoint URL (%(endpoint)s), see ERROR log for details.'¶

exception keystone.exception.MappedGroupNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Group %(group_id)s returned by mapping %(mapping_id)s was not found in the backend.'¶

exception keystone.exception.MappingNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find mapping: %(mapping_id)s.'¶

exception keystone.exception.MetadataFileError(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Error while reading metadata file: %(reason)s.'¶

exception keystone.exception.MigrationNotProvided(mod_name, path)[source]¶

Bases: exceptions.Exception

exception keystone.exception.MultipleSQLDriversInConfig(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u'The Keystone domain-specific configuration has specified more than one SQL driver (only one is permitted): %(source)s.'¶

exception keystone.exception.NoLimitReference(message=None, **kwargs)[source]¶

Bases: keystone.exception.Forbidden

message_format = u'Unable to create a limit that has no corresponding registered limit.'¶

exception keystone.exception.NotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.Error

code = 404¶

message_format = u'Could not find: %(target)s.'¶

title = 'Not Found'¶

exception keystone.exception.NotImplemented(message=None, **kwargs)[source]¶

Bases: keystone.exception.Error

code = 501¶

message_format = u'The action you have requested has not been implemented.'¶

title = 'Not Implemented'¶

exception keystone.exception.OAuthHeadersMissingError(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u'No Authorization headers found, cannot proceed with OAuth related calls. If running under HTTPd or Apache, ensure WSGIPassAuthorization is set to On.'¶

exception keystone.exception.PasswordAgeValidationError(message=None, **kwargs)[source]¶

Bases: keystone.exception.PasswordValidationError

message_format = u'You cannot change your password at this time due to the minimum password age. Once you change your password, it must be used for %(min_age_days)d day(s) before it can be changed. Please try again in %(days_left)d day(s) or contact your administrator to reset your password.'¶

exception keystone.exception.PasswordExpired(message=None, **kwargs)[source]¶

Bases: keystone.exception.Unauthorized

message_format = u'The password is expired and needs to be changed for user: %(user_id)s.'¶

exception keystone.exception.PasswordHistoryValidationError(message=None, **kwargs)[source]¶

Bases: keystone.exception.PasswordValidationError

message_format = u'The new password cannot be identical to a previous password. The total number whichincludes the new password must be unique is %(unique_count)s.'¶

exception keystone.exception.PasswordRequirementsValidationError(message=None, **kwargs)[source]¶

Bases: keystone.exception.PasswordValidationError

message_format = u'The password does not match the requirements: %(detail)s.'¶

exception keystone.exception.PasswordValidationError(message=None, **kwargs)[source]¶

Bases: keystone.exception.ValidationError

message_format = u'Password validation error: %(detail)s.'¶

exception keystone.exception.PasswordVerificationError(message=None, **kwargs)[source]¶

Bases: keystone.exception.ForbiddenNotSecurity

message_format = u'The password length must be less than or equal to %(size)i. The server could not comply with the request because the password is invalid.'¶

exception keystone.exception.PolicyAssociationNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find policy association.'¶

exception keystone.exception.PolicyNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find policy: %(policy_id)s.'¶

exception keystone.exception.ProjectNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find project: %(project_id)s.'¶

exception keystone.exception.ProjectTagNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find project tag: %(project_tag)s.'¶

exception keystone.exception.PublicIDNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = '%(id)s'¶

exception keystone.exception.RegionDeletionError(message=None, **kwargs)[source]¶

Bases: keystone.exception.ForbiddenNotSecurity

message_format = u'Unable to delete region %(region_id)s because it or its child regions have associated endpoints.'¶

exception keystone.exception.RegionNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find region: %(region_id)s.'¶

exception keystone.exception.RegisteredLimitError(message=None, **kwargs)[source]¶

Bases: keystone.exception.ForbiddenNotSecurity

message_format = u'Unable to update or delete registered limit %(id)s because there are project limits associated with it.'¶

exception keystone.exception.RegisteredLimitNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find registered limit for %(id)s.'¶

exception keystone.exception.RoleAssignmentNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find role assignment with role: %(role_id)s, user or group: %(actor_id)s, project, domain, or system: %(target_id)s.'¶

exception keystone.exception.RoleNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find role: %(role_id)s.'¶

exception keystone.exception.SAMLSigningError(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Unable to sign SAML assertion. It is likely that this server does not have xmlsec1 installed or this is the result of misconfiguration. Reason %(reason)s.'¶

exception keystone.exception.SchemaValidationError(message=None, **kwargs)[source]¶

Bases: keystone.exception.ValidationError

message_format = u'%(detail)s'¶

exception keystone.exception.SecurityError(message=None, **kwargs)[source]¶

Bases: keystone.exception.Error

Security error exception.

Avoids exposing details of security errors, unless in insecure_debug mode.

amendment = u'(Disable insecure_debug mode to suppress these details.)'¶

exception keystone.exception.ServiceNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find service: %(service_id)s.'¶

exception keystone.exception.ServiceProviderNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find Service Provider: %(sp_id)s.'¶

exception keystone.exception.StringLengthExceeded(message=None, **kwargs)[source]¶

Bases: keystone.exception.ValidationError

message_format = u"String length exceeded. The length of string '%(string)s' exceeds the limit of column %(type)s(CHAR(%(length)d))."¶

exception keystone.exception.TokenNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find token: %(token_id)s.'¶

exception keystone.exception.TokenlessAuthConfigError(message=None, **kwargs)[source]¶

Bases: keystone.exception.ValidationError

message_format = u'Could not determine Identity Provider ID. The configuration option %(issuer_attribute)s was not found in the request environment.'¶

exception keystone.exception.TrustConsumeMaximumAttempt(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Unable to consume trust %(trust_id)s. Unable to acquire lock.'¶

exception keystone.exception.TrustNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find trust: %(trust_id)s.'¶

exception keystone.exception.TrustUseLimitReached(message=None, **kwargs)[source]¶

Bases: keystone.exception.Forbidden

message_format = u'No remaining uses for trust: %(trust_id)s.'¶

exception keystone.exception.URLValidationError(message=None, **kwargs)[source]¶

Bases: keystone.exception.ValidationError

message_format = u'Cannot create an endpoint with an invalid URL: %(url)s.'¶

exception keystone.exception.Unauthorized(message=None, **kwargs)[source]¶

Bases: keystone.exception.SecurityError

code = 401¶

message_format = u'The request you have made requires authentication.'¶

title = 'Unauthorized'¶

exception keystone.exception.UnexpectedError(message=None, **kwargs)[source]¶

Bases: keystone.exception.SecurityError

Avoids exposing details of failures, unless in insecure_debug mode.

code = 500¶

debug_message_format = u'An unexpected error prevented the server from fulfilling your request: %(exception)s.'¶

message_format = u'An unexpected error prevented the server from fulfilling your request.'¶

title = 'Internal Server Error'¶

exception keystone.exception.UnsupportedTokenVersionException(message=None, **kwargs)[source]¶

Bases: keystone.exception.UnexpectedError

debug_message_format = u'Token version is unrecognizable or unsupported.'¶

exception keystone.exception.UserDisabled(message=None, **kwargs)[source]¶

Bases: keystone.exception.Unauthorized

message_format = u'The account is disabled for user: %(user_id)s.'¶

exception keystone.exception.UserNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find user: %(user_id)s.'¶

exception keystone.exception.ValidationError(message=None, **kwargs)[source]¶

Bases: keystone.exception.Error

code = 400¶

message_format = u'Expecting to find %(attribute)s in %(target)s. The server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error.'¶

title = 'Bad Request'¶

exception keystone.exception.ValidationExpirationError(message=None, **kwargs)[source]¶

Bases: keystone.exception.Error

code = 400¶

message_format = u"The 'expires_at' must not be before now. The server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error."¶

title = 'Bad Request'¶

exception keystone.exception.ValidationSizeError(message=None, **kwargs)[source]¶

Bases: keystone.exception.Error

code = 400¶

message_format = u'Request attribute %(attribute)s must be less than or equal to %(size)i. The server could not comply with the request because the attribute size is invalid (too large). The client is assumed to be in error.'¶

title = 'Bad Request'¶

exception keystone.exception.ValidationTimeStampError(message=None, **kwargs)[source]¶

Bases: keystone.exception.Error

code = 400¶

message_format = u'Timestamp not in expected format. The server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error.'¶

title = 'Bad Request'¶

exception keystone.exception.VersionNotFound(message=None, **kwargs)[source]¶

Bases: keystone.exception.NotFound

message_format = u'Could not find version: %(version)s.'¶

keystone.i18n module¶

oslo.i18n integration module.

See https://docs.openstack.org/oslo.i18n/latest/user/usage.html .

keystone.notifications module¶

Notifications module for OpenStack Identity Service resources.

keystone.notifications.ACTIONS = NotificationActions(created='created', deleted='deleted', disabled='disabled', updated='updated', internal='internal')¶

The actions on resources.

class keystone.notifications.Audit[source]¶

Bases: object

Namespace for audit notification functions.

This is a namespace object to contain all of the direct notification functions utilized for Manager methods.

classmethod added_to(target_type, target_id, actor_type, actor_id, initiator=None, public=True, reason=None)[source]¶

classmethod created(resource_type, resource_id, initiator=None, public=True, reason=None)[source]¶

classmethod deleted(resource_type, resource_id, initiator=None, public=True, reason=None)[source]¶

classmethod disabled(resource_type, resource_id, initiator=None, public=True, reason=None)[source]¶

classmethod internal(resource_type, resource_id, reason=None)[source]¶

classmethod removed_from(target_type, target_id, actor_type, actor_id, initiator=None, public=True, reason=None)[source]¶

classmethod updated(resource_type, resource_id, initiator=None, public=True, reason=None)[source]¶

class keystone.notifications.CadfNotificationWrapper(operation)[source]¶

Bases: object

Send CADF event notifications for various methods.

This function is only used for Authentication events. Its action and event_type are dictated below.

• action: authenticate
• event_type: identity.authenticate

Sends CADF notifications for events such as whether an authentication was successful or not.

Parameters:	operation – The authentication related action being performed

class keystone.notifications.CadfRoleAssignmentNotificationWrapper(operation)[source]¶

Bases: object

Send CADF notifications for role_assignment methods.

This function is only used for role assignment events. Its action and event_type are dictated below.

• action: created.role_assignment or deleted.role_assignment

• event_type: identity.role_assignment.created or

  identity.role_assignment.deleted

Sends a CADF notification if the wrapped method does not raise an Exception (such as keystone.exception.NotFound).

Parameters:	operation – one of the values from ACTIONS (created or deleted)

ROLE_ASSIGNMENT = 'role_assignment'¶

keystone.notifications.clear_subscribers()[source]¶

Empty subscribers dictionary.

This effectively stops notifications since there will be no subscribers to publish to.

keystone.notifications.emit_event¶

alias of CadfNotificationWrapper

keystone.notifications.listener(cls)[source]¶

A class decorator to declare a class to be a notification listener.

A notification listener must specify the event(s) it is interested in by defining a event_callbacks attribute or property. event_callbacks is a dictionary where the key is the type of event and the value is a dictionary containing a mapping of resource types to callback(s).

ACTIONS contains constants for the currently supported events. There is currently no single place to find constants for the resource types.

Example:

@listener
class Something(object):

    def __init__(self):
        self.event_callbacks = {
            notifications.ACTIONS.created: {
                'user': self._user_created_callback,
            },
            notifications.ACTIONS.deleted: {
                'project': [
                    self._project_deleted_callback,
                    self._do_cleanup,
                ]
            },
        }

keystone.notifications.notify_event_callbacks(service, resource_type, operation, payload)[source]¶

Send a notification to registered extensions.

keystone.notifications.register_event_callback(event, resource_type, callbacks)[source]¶

Register each callback with the event.

Parameters:	event (keystone.notifications.ACTIONS) – Action being registered resource_type (str) – Type of resource being operated on callbacks (list) – Callback items to be registered with event
Raises:	ValueError – If event is not a valid ACTION TypeError – If callback is not callable

keystone.notifications.reset_notifier()[source]¶

Reset the notifications internal state.

This is used only for testing purposes.

keystone.notifications.role_assignment¶

alias of CadfRoleAssignmentNotificationWrapper

keystone.notifications.send_saml_audit_notification(action, request, user_id, group_ids, identity_provider, protocol, token_id, outcome)[source]¶

Send notification to inform observers about SAML events.

Parameters:

action (str) – Action being audited request (keystone.common.request.Request) – Current request to collect request info from user_id (str) – User ID from Keystone token group_ids (list) – List of Group IDs from Keystone token identity_provider (str or None) – ID of the IdP from the Keystone token protocol (str) – Protocol ID for IdP from the Keystone token token_id (str or None) – audit_id from Keystone token outcome (str) – One of pycadf.cadftaxonomy

Module contents¶