Identity v3 Authorization Plugin

Identity v3 authorization plugins. The plugin must be constructed with an auhorization URL and a user id, user name or token. A user id or user name would also require a password. For example:

from openstack.auth.identity import v3
from openstack import transport

args = {
    'password': 'openSesame',
    'auth_url': 'https://10.1.1.1:5000/v3/',
    'user_name': 'alibaba',
}
auth = v3.Auth(**args)
xport = transport.Transport()
accessInfo = auth.authorize(xport)

Identity v3 Auhorization

class openstack.auth.identity.v3.Auth(auth_url, access_info=None, domain_id=None, domain_name=None, password='', project_domain_id=None, project_domain_name=None, project_id=None, project_name=None, reauthenticate=True, token=None, trust_id=None, user_domain_id=None, user_domain_name=None, user_id=None, user_name=None)

Construct an Identity V3 Authentication Plugin.

This authorization plugin should be constructed with a password and user_id or user_name. It may also be constructed with a token. More detailed information on some of the methods can be found in the base class BaseIdentityPlugin.

Parameters:
  • auth_url (string) – Identity service endpoint for authentication.
  • access_info (string) – Access info including service catalog.
  • domain_id (string) – Domain ID for domain scoping.
  • domain_name (string) – Domain name for domain scoping.
  • password (string) – User password for authentication.
  • project_domain_id (string) – Project’s domain ID for project.
  • project_domain_name (string) – Project’s domain name for project.
  • project_id (string) – Project ID for project scoping.
  • project_name (string) – Project name for project scoping.
  • reauthenticate (bool) – Get new token if token expires.
  • token (string) – Token to use for authentication.
  • trust_id (string) – Trust ID for trust scoping.
  • user_domain_id (string) – User’s domain ID for authentication.
  • user_domain_name (string) – User’s domain name for authentication.
  • user_name (string) – User name for authentication.
  • user_id (string) – User ID for authentication.

:raises AuthorizationFailure: if a user_id, user_name or token is not provided.

valid_options = ['access_info', 'auth_url', 'domain_id', 'domain_name', 'password', 'project_domain_id', 'project_domain_name', 'project_id', 'project_name', 'reauthenticate', 'token', 'trust_id', 'user_domain_id', 'user_domain_name', 'user_id', 'user_name']

Valid options for this plugin

token_url

The full URL where we will send authentication data.

authorize(transport, **kwargs)

Obtain access information from an OpenStack Identity Service.

invalidate()

Invalidate the current authentication data.

Identity v3 Method Base

class openstack.auth.identity.v3.AuthMethod(**kwargs)

One part of a V3 Authentication strategy.

V3 Tokens allow multiple methods to be presented when authentication against the server. Each one of these methods is implemented by an AuthMethod.

get_auth_data(transport, auth, headers, **kwargs)

Return the authentication section of an auth plugin.

Parameters:
  • transport (Transport) – The communication transport.
  • auth (Auth) – The auth plugin calling the method.
  • headers (dict) – The headers that will be sent with the auth request if a plugin needs to add to them.
Return tuple(string, dict):
 

The identifier of this plugin and a dict of authentication data for the auth type.

Identity v3 Password Method

class openstack.auth.identity.v3.PasswordMethod(**kwargs)

Identity v3 password authentication method.

The identity v3 authorization password method derived from AuthMethod.

get_auth_data(transport, auth, headers, **kwargs)

Identity v3 password authentication data.

Identity v3 Token Method

class openstack.auth.identity.v3.TokenMethod(**kwargs)

Identity v3 token authentication method.

The identity v3 authorization token method derived from AuthMethod.

get_auth_data(transport, auth, headers, **kwargs)

Identity v3 token authentication data.

Table Of Contents

Previous topic

Identity v2 Authorization Plugin

Next topic

Resource

This Page