keystoneauth1.identity.v3.oauth2_mtls_client_credential module¶
- class keystoneauth1.identity.v3.oauth2_mtls_client_credential.OAuth2mTlsClientCredential(auth_url: str, oauth2_endpoint: str, oauth2_client_id: str, *, trust_id: str | None = None, system_scope: str | None = None, domain_id: str | None = None, domain_name: str | None = None, project_id: str | None = None, project_name: str | None = None, project_domain_id: str | None = None, project_domain_name: str | None = None, reauthenticate: bool = True, include_catalog: bool = True)
Bases:
BaseAuth
A plugin for authenticating via an OAuth2.0 mTLS client credential.
- Parameters:
auth_url (string) – keystone authorization endpoint.
oauth2_endpoint (string) – OAuth2.0 endpoint.
oauth2_client_id (string) – OAuth2.0 client credential id.
- __abstractmethods__ = frozenset({})
- __annotations__ = {'MIN_TOKEN_LIFE_SECONDS': 'int', '_discovery_cache': 'ty.Dict[str, discover.Discover]', 'auth_ref': 'ty.Optional[access.AccessInfo]', 'auth_url': 'str', 'reauthenticate': 'bool'}
- __doc__ = 'A plugin for authenticating via an OAuth2.0 mTLS client credential.\n\n :param string auth_url: keystone authorization endpoint.\n :param string oauth2_endpoint: OAuth2.0 endpoint.\n :param string oauth2_client_id: OAuth2.0 client credential id.\n '
- __init__(auth_url: str, oauth2_endpoint: str, oauth2_client_id: str, *, trust_id: str | None = None, system_scope: str | None = None, domain_id: str | None = None, domain_name: str | None = None, project_id: str | None = None, project_name: str | None = None, project_domain_id: str | None = None, project_domain_name: str | None = None, reauthenticate: bool = True, include_catalog: bool = True)
- __module__ = 'keystoneauth1.identity.v3.oauth2_mtls_client_credential'
- _abc_impl = <_abc._abc_data object>
- _discovery_cache: ty.Dict[str, discover.Discover]
- auth_ref: ty.Optional[access.AccessInfo]
- auth_url: str
- get_auth_ref(session: Session, **kwargs: Any) AccessInfoV3
Obtain a token from an OpenStack Identity Service.
This method is overridden by the various token version plugins.
This function should not be called independently and is expected to be invoked via the do_authenticate function.
This function will be invoked if the AcessInfo object cached by the plugin is not valid. Thus plugins should always fetch a new AccessInfo when invoked. If you are looking to just retrieve the current auth data then you should use get_access.
- Parameters:
session (keystoneauth1.session.Session) – A session object that can be used for communication.
- Raises:
keystoneauth1.exceptions.response.InvalidResponse – The response returned wasn’t appropriate.
keystoneauth1.exceptions.http.HttpError – An error from an invalid HTTP response.
keystoneauth1.exceptions.ClientException – An error from getting OAuth2.0 access token.
- Returns:
Token access information.
- Return type:
keystoneauth1.access.AccessInfo
- get_headers(session: Session, **kwargs: Any) Dict[str, str] | None
Fetch authentication headers for message.
- Parameters:
session (keystoneauth1.session.Session) – The session object that the auth_plugin belongs to.
- Returns:
Headers that are set to authenticate a message or None for failure. Note that when checking this value that the empty dict is a valid, non-failure response.
- Return type:
- reauthenticate: bool