keystoneauth1.identity.v3.oauth2_mtls_client_credential module¶
- class keystoneauth1.identity.v3.oauth2_mtls_client_credential.OAuth2mTlsClientCredential(auth_url, oauth2_endpoint, oauth2_client_id, *args, **kwargs)
Bases:
BaseAuthA plugin for authenticating via an OAuth2.0 mTLS client credential.
- Parameters:
auth_url (string) – keystone authorization endpoint.
oauth2_endpoint (string) – OAuth2.0 endpoint.
oauth2_client_id (string) – OAuth2.0 client credential id.
- get_auth_ref(session, **kwargs)
Obtain a token from an OpenStack Identity Service.
This method is overridden by the various token version plugins.
This function should not be called independently and is expected to be invoked via the do_authenticate function.
This function will be invoked if the AcessInfo object cached by the plugin is not valid. Thus plugins should always fetch a new AccessInfo when invoked. If you are looking to just retrieve the current auth data then you should use get_access.
- Parameters:
session (keystoneauth1.session.Session) – A session object that can be used for communication.
- Raises:
keystoneauth1.exceptions.response.InvalidResponse – The response returned wasn’t appropriate.
keystoneauth1.exceptions.http.HttpError – An error from an invalid HTTP response.
keystoneauth1.exceptions.ClientException – An error from getting OAuth2.0 access token.
- Returns:
Token access information.
- Return type:
keystoneauth1.access.AccessInfo
- get_headers(session, **kwargs)
Fetch authentication headers for message.
- Parameters:
session (keystoneauth1.session.Session) – The session object that the auth_plugin belongs to.
- Returns:
Headers that are set to authenticate a message or None for failure. Note that when checking this value that the empty dict is a valid, non-failure response.
- Return type:
