keystoneauth1.identity.v3.tokenless_auth module

class keystoneauth1.identity.v3.tokenless_auth.TokenlessAuth(auth_url: str, domain_id: str | None = None, domain_name: str | None = None, project_id: str | None = None, project_name: str | None = None, project_domain_id: str | None = None, project_domain_name: str | None = None)

Bases: BaseAuthPlugin

A plugin for authenticating with Tokenless Auth.

This is for Tokenless Authentication. Scoped information like domain name and project ID will be passed in the headers and token validation request will be authenticated based on the provided HTTPS certificate along with the scope information.

__abstractmethods__ = frozenset({})
__annotations__ = {'_discovery_cache': 'ty.Dict[str, discover.Discover]'}
__doc__ = 'A plugin for authenticating with Tokenless Auth.\n\n    This is for Tokenless Authentication. Scoped information\n    like domain name and project ID will be passed in the headers and\n    token validation request will be authenticated based on\n    the provided HTTPS certificate along with the scope information.\n    '
__init__(auth_url: str, domain_id: str | None = None, domain_name: str | None = None, project_id: str | None = None, project_name: str | None = None, project_domain_id: str | None = None, project_domain_name: str | None = None)

A init method for TokenlessAuth.

Parameters:
  • auth_url (string) – Identity service endpoint for authentication. The URL must include a version or any request will result in a 404 NotFound error.

  • domain_id (string) – Domain ID for domain scoping.

  • domain_name (string) – Domain name for domain scoping.

  • project_id (string) – Project ID for project scoping.

  • project_name (string) – Project name for project scoping.

  • project_domain_id (string) – Project’s domain ID for project.

  • project_domain_name (string) – Project’s domain name for project.

__module__ = 'keystoneauth1.identity.v3.tokenless_auth'
_abc_impl = <_abc._abc_data object>
_discovery_cache: ty.Dict[str, discover.Discover]
get_endpoint(session: ks_session.Session, service_type: str | None = None, **kwargs: Any) str | None

Return a valid endpoint for a service.

Parameters:
  • session (keystoneauth1.session.Session) – A session object that can be used for communication.

  • service_type (string) – The type of service to lookup the endpoint for. This plugin will return None (failure) if service_type is not provided.

Returns:

A valid endpoint URL or None if not available.

Return type:

string or None

get_headers(session: ks_session.Session, **kwargs: Any) Dict[str, str] | None

Fetch authentication headers for message.

This is to override the default get_headers method to provide tokenless auth scope headers if token is not provided in the session.

Parameters:

session (keystoneauth1.session.Session) – The session object that the auth_plugin belongs to.

Returns:

Headers that are set to authenticate a message or None for failure. Note that when checking this value that the empty dict is a valid, non-failure response.

Return type:

dict