keystoneauth1.identity.v2 module

class keystoneauth1.identity.v2.Auth(auth_url, trust_id=None, tenant_id=None, tenant_name=None, reauthenticate=True)

Bases: BaseIdentityPlugin

Identity V2 Authentication Plugin.

Parameters:

• auth_url (string) – Identity service endpoint for authorization.

• trust_id (string) – Trust ID for trust scoping.

• tenant_id (string) – Tenant ID for project scoping.

• tenant_name (string) – Tenant name for project scoping.

• reauthenticate (bool) – Allow fetching a new token if the current one is going to expire. (optional) default True

abstract get_auth_data(headers=None)

Return the authentication section of an auth plugin.

Parameters:

headers (dict) – The headers that will be sent with the auth request if a plugin needs to add to them.

Returns:

A dict of authentication data for the auth type.

Return type:

dict

get_auth_ref(session, **kwargs)

Obtain a token from an OpenStack Identity Service.

This method is overridden by the various token version plugins.

This function should not be called independently and is expected to be invoked via the do_authenticate function.

This function will be invoked if the AcessInfo object cached by the plugin is not valid. Thus plugins should always fetch a new AccessInfo when invoked. If you are looking to just retrieve the current auth data then you should use get_access.

Parameters:

session (keystoneauth1.session.Session) – A session object that can be used for communication.

Raises:

• keystoneauth1.exceptions.response.InvalidResponse – The response returned wasn’t appropriate.

• keystoneauth1.exceptions.http.HttpError – An error from an invalid HTTP response.

Returns:

Token access information.

Return type:

keystoneauth1.access.AccessInfo

property has_scope_parameters

Return true if parameters can be used to create a scoped token.

class keystoneauth1.identity.v2.Password(auth_url, username=<object object>, password=None, user_id=<object object>, **kwargs)

Bases: Auth

A plugin for authenticating with a username and password.

A username or user_id must be provided.

Parameters:

• auth_url (string) – Identity service endpoint for authorization.

• username (string) – Username for authentication.

• password (string) – Password for authentication.

• user_id (string) – User ID for authentication.

• trust_id (string) – Trust ID for trust scoping.

• tenant_id (string) – Tenant ID for tenant scoping.

• tenant_name (string) – Tenant name for tenant scoping.

• reauthenticate (bool) – Allow fetching a new token if the current one is going to expire. (optional) default True

Raises:

TypeError – if a user_id or username is not provided.

get_auth_data(headers=None)

Return the authentication section of an auth plugin.

Parameters:

headers (dict) – The headers that will be sent with the auth request if a plugin needs to add to them.

Returns:

A dict of authentication data for the auth type.

Return type:

dict

get_cache_id_elements()

Get the elements for this auth plugin that make it unique.

As part of the get_cache_id requirement we need to determine what aspects of this plugin and its values that make up the unique elements.

This should be overridden by plugins that wish to allow caching.

Returns:

The unique attributes and values of this plugin.

Return type:

A flat dict with a str key and str or None value. This is required as we feed these values into a hash. Pairs where the value is None are ignored in the hashed id.

class keystoneauth1.identity.v2.Token(auth_url, token, **kwargs)

Bases: Auth

A plugin for authenticating with an existing token.

Parameters:

• auth_url (string) – Identity service endpoint for authorization.

• token (string) – Existing token for authentication.

• tenant_id (string) – Tenant ID for tenant scoping.

• tenant_name (string) – Tenant name for tenant scoping.

• trust_id (string) – Trust ID for trust scoping.

• reauthenticate (bool) – Allow fetching a new token if the current one is going to expire. (optional) default True

get_auth_data(headers=None)

Return the authentication section of an auth plugin.

Parameters:

headers (dict) – The headers that will be sent with the auth request if a plugin needs to add to them.

Returns:

A dict of authentication data for the auth type.

Return type:

dict

get_cache_id_elements()

Get the elements for this auth plugin that make it unique.

As part of the get_cache_id requirement we need to determine what aspects of this plugin and its values that make up the unique elements.

This should be overridden by plugins that wish to allow caching.

Returns:

The unique attributes and values of this plugin.

Return type:

A flat dict with a str key and str or None value. This is required as we feed these values into a hash. Pairs where the value is None are ignored in the hashed id.