diff options
author | Steven Hardy <shardy@redhat.com> | 2013-08-02 11:45:38 +0100 |
---|---|---|
committer | Steven Hardy <shardy@redhat.com> | 2013-08-20 23:16:46 +0100 |
commit | 2c5ac69c8a0d88818c9c93fe2dfebb1ba8209f80 (patch) | |
tree | 09128dd97434f3900dc79111ab494c8e95d20b25 /keystoneclient/access.py | |
parent | becec90286ac3fb2f2e9a1830774b4828faf5c6d (diff) | |
download | python-keystoneclient-2c5ac69c8a0d88818c9c93fe2dfebb1ba8209f80.tar.gz |
Initial Trusts support
Implements client support for the basic trusts API operations,
note this does not include support for the roles subpath operations,
support for those can be added in a subsequent patch.
Change-Id: I0c6ba12bad5cc8f3f10697d2a3dcf4f3be8c7ece
blueprint: delegation-impersonation-support
Diffstat (limited to 'keystoneclient/access.py')
-rw-r--r-- | keystoneclient/access.py | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/keystoneclient/access.py b/keystoneclient/access.py index 6acfe24..8be7a5c 100644 --- a/keystoneclient/access.py +++ b/keystoneclient/access.py @@ -200,6 +200,23 @@ class AccessInfo(dict): raise NotImplementedError() @property + def trust_id(self): + """Returns the trust id associated with the authentication token. + + :returns: str or None (if no trust associated with the token) + """ + raise NotImplementedError() + + @property + def trust_scoped(self): + """Returns true if the authorization token was scoped as delegated in a + trust, via the OS-TRUST v3 extension. + + :returns: bool + """ + raise NotImplementedError() + + @property def project_id(self): """Returns the project ID associated with the authentication request, or None if the authentication request wasn't scoped to a @@ -331,6 +348,14 @@ class AccessInfoV2(AccessInfo): return False @property + def trust_id(self): + return None + + @property + def trust_scoped(self): + return False + + @property def project_id(self): tenant_dict = self['token'].get('tenant', None) if tenant_dict: @@ -449,6 +474,14 @@ class AccessInfoV3(AccessInfo): return 'domain' in self @property + def trust_id(self): + return self.get('OS-TRUST:trust', {}).get('id') + + @property + def trust_scoped(self): + return 'OS-TRUST:trust' in self + + @property def auth_url(self): if self.service_catalog: return self.service_catalog.get_urls(service_type='identity', |