keystone.federation.idp.
ECPGenerator
[source]¶Bases: object
A class for generating an ECP assertion.
keystone.federation.idp.
MetadataGenerator
[source]¶Bases: object
A class for generating SAML IdP Metadata.
generate_metadata
()[source]¶Generate Identity Provider Metadata.
Generate and format metadata into XML that can be exposed and consumed by a federated Service Provider.
XML <EntityDescriptor> object.
keystone.exception.ValidationError – If the required config options aren’t set.
keystone.federation.idp.
SAMLGenerator
[source]¶Bases: object
A class to generate SAML assertions.
samlize_token
(issuer, recipient, user, user_domain_name, roles, project, project_domain_name, groups, expires_in=None)[source]¶Convert Keystone attributes to a SAML assertion.
issuer (string) – URL of the issuing party
recipient (string) – URL of the recipient
user (string) – User name
user_domain_name (string) – User Domain name
roles (list) – List of role names
project (string) – Project name
project_domain_name (string) – Project Domain name
groups (list) – List of strings of user groups and domain name, where strings are serialized dictionaries.
expires_in (int) – Sets how long the assertion is valid for, in seconds
XML <Response> object
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.