Identity v3 Authorization Plugin
Identity v3 authorization plugins. The plugin must be constructed with an
auhorization URL and a user id, user name or token. A user id or user name
would also require a password. For example:
from openstack.auth.identity import v3
from openstack import transport
args = {
'password': 'openSesame',
'auth_url': 'https://10.1.1.1:5000/v3/',
'user_name': 'alibaba',
}
auth = v3.Auth(**args)
xport = transport.Transport()
accessInfo = auth.authorize(xport)
Identity v3 Auhorization
-
class openstack.auth.identity.v3.Auth(auth_url, access_info=None, domain_id=None, domain_name=None, password='', project_domain_id=None, project_domain_name=None, project_id=None, project_name=None, reauthenticate=True, token=None, trust_id=None, user_domain_id=None, user_domain_name=None, user_id=None, user_name=None)
Construct an Identity V3 Authentication Plugin.
This authorization plugin should be constructed with a password
and user_id or user_name. It may also be constructed with a token.
More detailed information on some of the methods can be found in the
base class BaseIdentityPlugin.
Parameters: |
- auth_url (string) – Identity service endpoint for authentication.
- access_info (string) – Access info including service catalog.
- domain_id (string) – Domain ID for domain scoping.
- domain_name (string) – Domain name for domain scoping.
- password (string) – User password for authentication.
- project_domain_id (string) – Project’s domain ID for project.
- project_domain_name (string) – Project’s domain name for project.
- project_id (string) – Project ID for project scoping.
- project_name (string) – Project name for project scoping.
- reauthenticate (bool) – Get new token if token expires.
- token (string) – Token to use for authentication.
- trust_id (string) – Trust ID for trust scoping.
- user_domain_id (string) – User’s domain ID for authentication.
- user_domain_name (string) – User’s domain name for authentication.
- user_name (string) – User name for authentication.
- user_id (string) – User ID for authentication.
|
:raises AuthorizationFailure: if a
user_id, user_name or token is not provided.
-
valid_options = ['access_info', 'auth_url', 'domain_id', 'domain_name', 'password', 'project_domain_id', 'project_domain_name', 'project_id', 'project_name', 'reauthenticate', 'token', 'trust_id', 'user_domain_id', 'user_domain_name', 'user_id', 'user_name']
Valid options for this plugin
-
token_url
The full URL where we will send authentication data.
-
authorize(transport, **kwargs)
Obtain access information from an OpenStack Identity Service.
-
invalidate()
Invalidate the current authentication data.
Identity v3 Method Base
-
class openstack.auth.identity.v3.AuthMethod(**kwargs)
One part of a V3 Authentication strategy.
V3 Tokens allow multiple methods to be presented when authentication
against the server. Each one of these methods is implemented by an
AuthMethod.
-
get_auth_data(transport, auth, headers, **kwargs)
Return the authentication section of an auth plugin.
Parameters: |
- transport (Transport) – The communication transport.
- auth (Auth) – The auth plugin calling the method.
- headers (dict) – The headers that will be sent with the auth
request if a plugin needs to add to them.
|
Return tuple(string, dict): |
| The identifier of this plugin and a dict
of authentication data for the auth type.
|
Identity v3 Password Method
-
class openstack.auth.identity.v3.PasswordMethod(**kwargs)
Identity v3 password authentication method.
The identity v3 authorization password method derived from
AuthMethod.
-
get_auth_data(transport, auth, headers, **kwargs)
Identity v3 password authentication data.
Identity v3 Token Method
-
class openstack.auth.identity.v3.TokenMethod(**kwargs)
Identity v3 token authentication method.
The identity v3 authorization token method derived from
AuthMethod.
-
get_auth_data(transport, auth, headers, **kwargs)
Identity v3 token authentication data.