keystonemiddleware package

Subpackages

Submodules

keystonemiddleware.audit module

Build open standard audit information based on incoming requests

AuditMiddleware filter should be placed after keystonemiddleware.auth_token in the pipeline so that it can utilise the information the Identity server provides.

class keystonemiddleware.audit.AuditMap(path_kw, custom_actions, service_endpoints, default_target_endpoint_type)

Bases: tuple

custom_actions

Alias for field number 1

default_target_endpoint_type

Alias for field number 3

path_kw

Alias for field number 0

service_endpoints

Alias for field number 2

class keystonemiddleware.audit.AuditMiddleware(app, **conf)

Bases: object

Create an audit event based on request/response.

The audit middleware takes in various configuration options such as the ability to skip audit of certain requests. The full list of options can be discovered here: http://docs.openstack.org/developer/keystonemiddleware/audit.html

class keystonemiddleware.audit.ClientResource(project_id=None, **kwargs)

Bases: pycadf.resource.Resource

class keystonemiddleware.audit.KeystoneCredential(identity_status=None, **kwargs)

Bases: pycadf.credential.Credential

class keystonemiddleware.audit.OpenStackAuditApi(cfg_file)

Bases: object

get_action(req)

Take a given Request, parse url path to calculate action type.

Depending on req.method:

if POST:

  • path ends with ‘action’, read the body and use as action;
  • path ends with known custom_action, take action from config;
  • request ends with known path, assume is create action;
  • request ends with unknown path, assume is update action.

if GET:

  • request ends with known path, assume is list action;
  • request ends with unknown path, assume is read action.

if PUT, assume update action. if DELETE, assume delete action. if HEAD, assume read action.

get_target_resource(req)

Retrieve target information

If discovery is enabled, target will attempt to retrieve information from service catalog. If not, the information will be taken from given config file.

exception keystonemiddleware.audit.PycadfAuditApiConfigError

Bases: exceptions.Exception

Error raised when pyCADF fails to configure correctly.

class keystonemiddleware.audit.Service(id, name, type, admin_endp, public_endp, private_endp)

Bases: tuple

admin_endp

Alias for field number 3

id

Alias for field number 0

name

Alias for field number 1

private_endp

Alias for field number 5

public_endp

Alias for field number 4

type

Alias for field number 2

keystonemiddleware.audit.filter_factory(global_conf, **local_conf)

Returns a WSGI filter app for use with paste.deploy.

keystonemiddleware.ec2_token module

Starting point for routing EC2 requests.

class keystonemiddleware.ec2_token.EC2Token(application, conf)

Bases: object

Authenticate an EC2 request with keystone and convert to token.

keystonemiddleware.ec2_token.app_factory(global_conf, **local_conf)
keystonemiddleware.ec2_token.filter_factory(global_conf, **local_conf)

Returns a WSGI filter app for use with paste.deploy.

keystonemiddleware.fixture module

class keystonemiddleware.fixture.AuthTokenFixture

Bases: fixtures.fixture.Fixture

Overrides what keystonemiddleware will return to the app behind it.

add_token_data(*args, **kwargs)

Add token data to the auth_token fixture.

fetch_token(token)

Low level replacement of fetch_token for AuthProtocol.

setUp()
tokens

keystonemiddleware.i18n module

oslo.i18n integration module.

See http://docs.openstack.org/developer/oslo.i18n/usage.html .

keystonemiddleware.opts module

keystonemiddleware.opts.list_auth_token_opts()

Return a list of oslo_config options available in auth_token middleware.

The returned list includes all oslo_config options which may be registered at runtime by the project.

Each element of the list is a tuple. The first element is the name of the group under which the list of elements in the second element will be registered. A group name of None corresponds to the [DEFAULT] group in config files.

NOTE: This function is no longer used for oslo_config sample generation. Some services rely on this function for listing ALL (including deprecated) options and registering them into their own config objects which we do not want for sample config files.

See: keystonemiddleware.auth_token._opts.list_opts() for sample config files.

Returns:a list of (group_name, opts) tuples

keystonemiddleware.s3_token module

S3 Token Middleware

This WSGI component:

  • Gets a request from the swift3 middleware with an S3 Authorization access key.
  • Validates s3 token in Keystone.
  • Transforms the account name to AUTH_%(tenant_name).
class keystonemiddleware.s3_token.S3Token(app, conf)

Bases: object

Middleware that handles S3 authentication.

exception keystonemiddleware.s3_token.ServiceError

Bases: exceptions.Exception

keystonemiddleware.s3_token.filter_factory(global_conf, **local_conf)

Returns a WSGI filter app for use with paste.deploy.

Module contents