1# Copyright 2018 SUSE Linux GmbH 2# 3# Licensed under the Apache License, Version 2.0 (the "License"); you may 4# not use this file except in compliance with the License. You may obtain 5# a copy of the License at 6# 7# http://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 12# License for the specific language governing permissions and limitations 13# under the License. 14 15from keystoneauth1.identity.v3 import base 16 17 18__all__ = ('ApplicationCredentialMethod', 'ApplicationCredential') 19 20 21class ApplicationCredentialMethod(base.AuthMethod): 22 """Construct a User/Passcode based authentication method. 23 24 :param string application_credential_secret: Application credential secret. 25 :param string application_credential_id: Application credential id. 26 :param string application_credential_name: The name of the application 27 credential, if an ID is not 28 provided. 29 :param string username: Username for authentication, if an application 30 credential ID is not provided. 31 :param string user_id: User ID for authentication, if an application 32 credential ID is not provided. 33 :param string user_domain_id: User's domain ID for authentication, if an 34 application credential ID is not provided. 35 :param string user_domain_name: User's domain name for authentication, if 36 an application credential ID is not 37 provided. 38 """ 39 40 _method_parameters = ['application_credential_secret', 41 'application_credential_id', 42 'application_credential_name', 43 'user_id', 44 'username', 45 'user_domain_id', 46 'user_domain_name'] 47 48 def get_auth_data(self, session, auth, headers, **kwargs): 49 auth_data = {'secret': self.application_credential_secret} 50 51 if self.application_credential_id: 52 auth_data['id'] = self.application_credential_id 53 else: 54 auth_data['name'] = self.application_credential_name 55 auth_data['user'] = {} 56 if self.user_id: 57 auth_data['user']['id'] = self.user_id 58 elif self.username: 59 auth_data['user']['name'] = self.username 60 61 if self.user_domain_id: 62 auth_data['user']['domain'] = {'id': self.user_domain_id} 63 elif self.user_domain_name: 64 auth_data['user']['domain'] = { 65 'name': self.user_domain_name} 66 67 return 'application_credential', auth_data 68 69 def get_cache_id_elements(self): 70 return dict(('application_credential_%s' % p, getattr(self, p)) 71 for p in self._method_parameters) 72 73 74class ApplicationCredential(base.AuthConstructor): 75 """A plugin for authenticating with an application credential. 76 77 :param string auth_url: Identity service endpoint for authentication. 78 :param string application_credential_secret: Application credential secret. 79 :param string application_credential_id: Application credential ID. 80 :param string application_credential_name: Application credential name. 81 :param string username: Username for authentication. 82 :param string user_id: User ID for authentication. 83 :param string user_domain_id: User's domain ID for authentication. 84 :param string user_domain_name: User's domain name for authentication. 85 :param bool reauthenticate: Allow fetching a new token if the current one 86 is going to expire. (optional) default True 87 """ 88 89 _auth_method_class = ApplicationCredentialMethod 90