keystone.server.flask.request_processing.middleware.auth_context module

class keystone.server.flask.request_processing.middleware.auth_context.AuthContextMiddleware(app)[source]

Bases: keystone.common.provider_api.ProviderAPIMixin, keystonemiddleware.auth_token.BaseAuthProtocol

Build the authentication context from the request auth token.

classmethod factory(global_config, **local_config)[source]

Used for loading in middleware (holdover from paste.deploy).

fetch_token(token, **kwargs)[source]

Fetch the token data based on the value in the header.

Retrieve the data associated with the token value that was in the header. This can be from PKI, contacting the identity server or whatever is required.

  • token (str) – The token present in the request header.

  • kwargs (dict) – Additional keyword arguments may be passed through here to support new features. If an implementation is not aware of how to use these arguments it should ignore them.


exc.InvalidToken – if token is invalid.


The token data

Return type


kwargs_to_fetch_token = True

Process request.

If this method returns a value then that value will be used as the response. The next application down the stack will not be executed and process_response will not be called.

Otherwise, the next application down the stack will be executed and process_response will be called with the generated response.

By default this method does not return a value.


request (_request.AuthTokenRequest) – Incoming request