keystoneauth1.identity.v3.oauth2_client_credential module

exception keystoneauth1.identity.v3.oauth2_client_credential.ClientException(message: str | None = None)

Bases: Exception

The base exception for everything to do with clients.

__annotations__ = {}
__doc__ = 'The base exception for everything to do with clients.'
__init__(message: str | None = None)
__module__ = 'keystoneauth1.exceptions.base'
__weakref__

list of weak references to the object (if defined)

message = 'ClientException'
class keystoneauth1.identity.v3.oauth2_client_credential.OAuth2ClientCredential(auth_url: str, oauth2_endpoint: str, oauth2_client_id: str, oauth2_client_secret: str, *, trust_id: str | None = None, system_scope: str | None = None, domain_id: str | None = None, domain_name: str | None = None, project_id: str | None = None, project_name: str | None = None, project_domain_id: str | None = None, project_domain_name: str | None = None, reauthenticate: bool = True, include_catalog: bool = True)

Bases: AuthConstructor

A plugin for authenticating via an OAuth2.0 client credential.

Parameters:
  • auth_url (string) – Identity service endpoint for authentication.

  • oauth2_endpoint (string) – OAuth2.0 endpoint.

  • oauth2_client_id (string) – OAuth2.0 client credential id.

  • oauth2_client_secret (string) – OAuth2.0 client credential secret.

__abstractmethods__ = frozenset({})
__annotations__ = {'MIN_TOKEN_LIFE_SECONDS': 'int', '_auth_method_class': 'ty.Type[AuthMethod]', '_discovery_cache': 'ty.Dict[str, discover.Discover]', 'auth_ref': 'ty.Optional[access.AccessInfo]', 'auth_url': 'str', 'reauthenticate': 'bool'}
__doc__ = 'A plugin for authenticating via an OAuth2.0 client credential.\n\n    :param string auth_url: Identity service endpoint for authentication.\n    :param string oauth2_endpoint: OAuth2.0 endpoint.\n    :param string oauth2_client_id: OAuth2.0 client credential id.\n    :param string oauth2_client_secret: OAuth2.0 client credential secret.\n    '
__init__(auth_url: str, oauth2_endpoint: str, oauth2_client_id: str, oauth2_client_secret: str, *, trust_id: str | None = None, system_scope: str | None = None, domain_id: str | None = None, domain_name: str | None = None, project_id: str | None = None, project_name: str | None = None, project_domain_id: str | None = None, project_domain_name: str | None = None, reauthenticate: bool = True, include_catalog: bool = True)
__module__ = 'keystoneauth1.identity.v3.oauth2_client_credential'
_abc_impl = <_abc._abc_data object>
_auth_method_class

alias of OAuth2ClientCredentialMethod

_discovery_cache: ty.Dict[str, discover.Discover]
auth_ref: ty.Optional[access.AccessInfo]
auth_url: str
get_headers(session: Session, **kwargs: Any) Dict[str, str] | None

Fetch authentication headers for message.

Parameters:

session (keystoneauth1.session.Session) – The session object that the auth_plugin belongs to.

Returns:

Headers that are set to authenticate a message or None for failure. Note that when checking this value that the empty dict is a valid, non-failure response.

Return type:

dict

reauthenticate: bool
class keystoneauth1.identity.v3.oauth2_client_credential.OAuth2ClientCredentialMethod(**kwargs: object)

Bases: AuthMethod

An auth method to fetch a token via an OAuth2.0 client credential.

Parameters:
  • oauth2_endpoint (string) – OAuth2.0 endpoint.

  • oauth2_client_id (string) – OAuth2.0 client credential id.

  • oauth2_client_secret (string) – OAuth2.0 client credential secret.

__abstractmethods__ = frozenset({})
__annotations__ = {'_method_parameters': 'ty.List[str]', 'oauth2_client_id': <class 'str'>, 'oauth2_client_secret': <class 'str'>, 'oauth2_endpoint': <class 'str'>}
__doc__ = 'An auth method to fetch a token via an OAuth2.0 client credential.\n\n    :param string oauth2_endpoint: OAuth2.0 endpoint.\n    :param string oauth2_client_id: OAuth2.0 client credential id.\n    :param string oauth2_client_secret: OAuth2.0 client credential secret.\n    '
__module__ = 'keystoneauth1.identity.v3.oauth2_client_credential'
_abc_impl = <_abc._abc_data object>
_method_parameters: List[str] = ['oauth2_endpoint', 'oauth2_client_id', 'oauth2_client_secret']
get_auth_data(session: Session, auth: Auth, headers: Dict[str, str], request_kwargs: Dict[str, object], **kwargs: Any) Tuple[None, None] | Tuple[str, Mapping[str, object]]

Return the authentication section of an auth plugin.

Parameters:
  • session (keystoneauth1.session.Session) – The communication session.

  • auth (base.Auth) – The auth plugin calling the method.

  • headers (dict) – The headers that will be sent with the auth request if a plugin needs to add to them.

Returns:

The identifier of this plugin and a dict of authentication data for the auth type.

Return type:

tuple(string, dict)

get_cache_id_elements() Dict[str, str | None]

Get the elements for this auth method that make it unique.

These elements will be used as part of the keystoneauth1.plugin.BaseIdentityPlugin.get_cache_id() to allow caching of the auth plugin.

Plugins should override this if they want to allow caching of their state.

To avoid collision or overrides the keys of the returned dictionary should be prefixed with the plugin identifier. For example the password plugin returns its username value as ‘password_username’.

oauth2_client_id: str
oauth2_client_secret: str
oauth2_endpoint: str