This auth module is intended to allow Openstack client-tools to select from a
variety of authentication strategies, including NoAuth (the default), and
Keystone (an identity management system).
> auth_plugin = AuthPlugin(creds)
> auth_plugin.authenticate()
> auth_plugin.auth_token
abcdefg
> auth_plugin.management_url
http://service_endpoint/
-
class heat.common.auth.BaseStrategy[source]
Bases: object
-
authenticate()[source]
-
is_authenticated[source]
-
strategy[source]
-
class heat.common.auth.KeystoneStrategy(creds, service_type)[source]
Bases: heat.common.auth.BaseStrategy
-
MAX_REDIRECTS = 10
-
authenticate()[source]
Authenticate with the Keystone service.
There are a few scenarios to consider here:
- Which version of Keystone are we using? v1 which uses headers to
pass the credentials, or v2 which uses a JSON encoded request body?
- Keystone may respond back with a redirection using a 305 status
code.
- We may attempt a v1 auth when v2 is what’s called for. In this
case, we rewrite the url to contain /v2.0/ and retry using the v2
protocol.
-
check_auth_params()[source]
-
is_authenticated[source]
-
strategy[source]
-
class heat.common.auth.NoAuthStrategy[source]
Bases: heat.common.auth.BaseStrategy
-
authenticate()[source]
-
is_authenticated[source]
-
strategy[source]
-
heat.common.auth.get_plugin_from_strategy(strategy, creds=None, service_type=None)[source]