keystone.federation.idp module

keystone.federation.idp module

class keystone.federation.idp.ECPGenerator[source]

Bases: object

A class for generating an ECP assertion.

static generate_ecp(saml_assertion, relay_state_prefix)[source]
class keystone.federation.idp.MetadataGenerator[source]

Bases: object

A class for generating SAML IdP Metadata.


Generate Identity Provider Metadata.

Generate and format metadata into XML that can be exposed and consumed by a federated Service Provider.

Returns:XML <EntityDescriptor> object.
Raises:keystone.exception.ValidationError – If the required config options aren’t set.
class keystone.federation.idp.SAMLGenerator[source]

Bases: object

A class to generate SAML assertions.

samlize_token(issuer, recipient, user, user_domain_name, roles, project, project_domain_name, expires_in=None)[source]

Convert Keystone attributes to a SAML assertion.

  • issuer (string) – URL of the issuing party
  • recipient (string) – URL of the recipient
  • user (string) – User name
  • user_domain_name (string) – User Domain name
  • roles (list) – List of role names
  • project (string) – Project name
  • project_domain_name (string) – Project Domain name
  • expires_in (int) – Sets how long the assertion is valid for, in seconds

XML <Response> object

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.