keystone.federation.backends.sql module

keystone.federation.backends.sql module

class keystone.federation.backends.sql.Federation[source]

Bases: keystone.federation.backends.base.FederationDriverBase

create_idp(idp_id, idp)[source]

Create an identity provider.

Parameters:
  • idp_id (string) – ID of IdP object
  • idp (dict) – idp object
Returns:

idp ref

Return type:

dict

create_mapping(mapping_id, mapping)[source]

Create a mapping.

Parameters:
  • mapping_id (string) – ID of mapping object
  • mapping (dict) – mapping ref with mapping name
Returns:

mapping ref

Return type:

dict

create_protocol(idp_id, protocol_id, protocol)[source]

Add an IdP-Protocol configuration.

Parameters:
  • idp_id (string) – ID of IdP object
  • protocol_id (string) – ID of protocol object
  • protocol (dict) – protocol object
Raises:

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

Returns:

protocol ref

Return type:

dict

create_sp(sp_id, sp)[source]

Create a service provider.

Parameters:
  • sp_id (string) – id of the service provider
  • sp (dict) – service provider object
Returns:

service provider ref

Return type:

dict

delete_idp(idp_id)[source]

Delete an identity provider.

Parameters:idp_id (string) – ID of IdP object
Raises:keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
delete_mapping(mapping_id)[source]

Delete a mapping.

Parameters:mapping_id – id of mapping to delete
Returns:None
delete_protocol(idp_id, protocol_id)[source]

Delete an IdP-Protocol configuration.

Parameters:
  • idp_id (string) – ID of IdP object
  • protocol_id (string) – ID of protocol object
Raises:
delete_sp(sp_id)[source]

Delete a service provider.

Parameters:sp_id (string) – id of the service provider
Raises:keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.
get_enabled_service_providers()[source]

List enabled service providers for Service Catalog.

Service Provider in a catalog contains three attributes: id, auth_url, sp_url, where:

  • id is a unique, user defined identifier for service provider object
  • auth_url is an authentication URL of remote Keystone
  • sp_url a URL accessible at the remote service provider where SAML assertion is transmitted.
Returns:list of dictionaries with enabled service providers
Return type:list of dicts
get_idp(idp_id)[source]

Get an identity provider by ID.

Parameters:idp_id (string) – ID of IdP object
Raises:keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
Returns:idp ref
Return type:dict
get_idp_from_remote_id(remote_id)[source]

Get an identity provider by remote ID.

Parameters:remote_id – ID of remote IdP
Raises:keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
Returns:idp ref
Return type:dict
get_mapping(mapping_id)[source]

Get a mapping, returns the mapping based on mapping_id.

Parameters:mapping_id – id of mapping to get
Raises:keystone.exception.MappingNotFound – If the mapping cannot be found.
Returns:mapping ref
Return type:dict
get_mapping_from_idp_and_protocol(idp_id, protocol_id)[source]

Get mapping based on idp_id and protocol_id.

Parameters:
  • idp_id (string) – id of the identity provider
  • protocol_id (string) – id of the protocol
Raises:
Returns:

mapping ref

Return type:

dict

get_protocol(idp_id, protocol_id)[source]

Get an IdP-Protocol configuration.

Parameters:
  • idp_id (string) – ID of IdP object
  • protocol_id (string) – ID of protocol object
Raises:
Returns:

protocol ref

Return type:

dict

get_sp(sp_id)[source]

Get a service provider.

Parameters:sp_id (string) – id of the service provider
Returns:service provider ref
Return type:dict
Raises:keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.
list_idps(hints=None)[source]

List all identity providers.

Parameters:hints – filter hints which the driver should implement if at all possible.
Returns:list of idp refs
Return type:list of dicts
Raises:keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
list_mappings()[source]

List all mappings.

Returns:list of mapping refs
Return type:list of dicts
list_protocols(idp_id)[source]

List an IdP’s supported protocols.

Parameters:idp_id (string) – ID of IdP object
Raises:keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.
Returns:list of protocol ref
Return type:list of dict
list_sps(hints=None)[source]

List all service providers.

Parameters:hints – filter hints which the driver should implement if at all possible.
Returns:List of service provider ref objects
Return type:list of dicts
Raises:keystone.exception.ServiceProviderNotFound – If the SP doesn’t exist.
update_idp(idp_id, idp)[source]

Update an identity provider by ID.

Parameters:
  • idp_id (string) – ID of IdP object
  • idp (dict) – idp object
Raises:

keystone.exception.IdentityProviderNotFound – If the IdP doesn’t exist.

Returns:

idp ref

Return type:

dict

update_mapping(mapping_id, mapping)[source]

Update a mapping.

Parameters:
  • mapping_id (string) – id of mapping to update
  • mapping_ref (dict) – new mapping ref
Returns:

mapping ref

Return type:

dict

update_protocol(idp_id, protocol_id, protocol)[source]

Change an IdP-Protocol configuration.

Parameters:
  • idp_id (string) – ID of IdP object
  • protocol_id (string) – ID of protocol object
  • protocol (dict) – protocol object
Raises:
Returns:

protocol ref

Return type:

dict

update_sp(sp_id, sp)[source]

Update a service provider.

Parameters:
  • sp_id (string) – id of the service provider
  • sp (dict) – service prvider object
Returns:

service provider ref

Return type:

dict

Raises:

keystone.exception.ServiceProviderNotFound – If the service provider doesn’t exist.

class keystone.federation.backends.sql.FederationProtocolModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['id', 'idp_id', 'mapping_id']
classmethod from_dict(dictionary)[source]

Return a model instance from a dictionary.

id
idp_id
mapping_id
mutable_attributes = frozenset({'mapping_id'})
to_dict()[source]

Return a dictionary with model’s attributes.

class keystone.federation.backends.sql.IdPRemoteIdsModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['idp_id', 'remote_id']
classmethod from_dict(dictionary)[source]

Return a model instance from a dictionary.

idp_id
mutable_attributes = frozenset({'idp_id', 'remote_id'})
remote_id
to_dict()[source]

Return a dictionary with model’s attributes.

class keystone.federation.backends.sql.IdentityProviderModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['id', 'domain_id', 'enabled', 'description', 'remote_ids']
description
domain_id
enabled
classmethod from_dict(dictionary)[source]

Return a model instance from a dictionary.

id
mutable_attributes = frozenset({'enabled', 'description', 'remote_ids'})
remote_ids
to_dict()[source]

Return a dictionary with model’s attributes.

class keystone.federation.backends.sql.MappingModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['id', 'rules']
classmethod from_dict(dictionary)[source]

Return a model instance from a dictionary.

id
rules
to_dict()[source]

Return a dictionary with model’s attributes.

class keystone.federation.backends.sql.ServiceProviderModel(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['auth_url', 'id', 'enabled', 'description', 'relay_state_prefix', 'sp_url']
auth_url
description
enabled
classmethod from_dict(dictionary)[source]

Return a model instance from a dictionary.

id
mutable_attributes = frozenset({'relay_state_prefix', 'sp_url', 'auth_url', 'enabled', 'description'})
relay_state_prefix
sp_url
to_dict()[source]

Return a dictionary with model’s attributes.

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.