diff options
author | Brant Knudson <bknudson@us.ibm.com> | 2014-12-16 09:56:23 -0600 |
---|---|---|
committer | Brant Knudson <bknudson@us.ibm.com> | 2015-01-30 09:58:11 -0600 |
commit | 3e159f326421b401f5b51e7ec158fcfe79d8b3ba (patch) | |
tree | 0ce5e5e809cc6073864ee3fec5d9ef72a0f7f054 /keystoneclient/v3/tokens.py | |
parent | 9a9f47b95f58e9145694e0320709d404a7779a21 (diff) | |
download | python-keystoneclient-3e159f326421b401f5b51e7ec158fcfe79d8b3ba.tar.gz |
Add validate token for v3
There was no API to validate a token using v3.
bp auth-token-use-client
Change-Id: Idcd6cedde5c485b9df7a2e056d1673d3ce6cdf90
Diffstat (limited to 'keystoneclient/v3/tokens.py')
-rw-r--r-- | keystoneclient/v3/tokens.py | 39 |
1 files changed, 35 insertions, 4 deletions
diff --git a/keystoneclient/v3/tokens.py b/keystoneclient/v3/tokens.py index aa8ccaf..77edbc0 100644 --- a/keystoneclient/v3/tokens.py +++ b/keystoneclient/v3/tokens.py @@ -12,6 +12,14 @@ from keystoneclient import access from keystoneclient import base +from keystoneclient import utils + + +def _calc_id(token): + if isinstance(token, access.AccessInfo): + return token.auth_token + + return base.getid(token) class TokenManager(object): @@ -28,10 +36,7 @@ class TokenManager(object): token_id. """ - if isinstance(token, access.AccessInfo): - token_id = token.auth_token - else: - token_id = base.getid(token) + token_id = _calc_id(token) headers = {'X-Subject-Token': token_id} return self._client.delete('/auth/tokens', headers=headers) @@ -45,3 +50,29 @@ class TokenManager(object): resp, body = self._client.get('/auth/tokens/OS-PKI/revoked') return body + + @utils.positional.method(1) + def validate(self, token, include_catalog=True): + """Validate a token. + + :param token: Token to be validated. This can be an instance of + :py:class:`keystoneclient.access.AccessInfo` or a string + token_id. + :param include_catalog: If False, the response is requested to not + include the catalog. + + :rtype: :py:class:`keystoneclient.access.AccessInfoV3` + + """ + + token_id = _calc_id(token) + headers = {'X-Subject-Token': token_id} + + url = '/auth/tokens' + if not include_catalog: + url += '?nocatalog' + + resp, body = self._client.get(url, headers=headers) + + access_info = access.AccessInfo.factory(resp=resp, body=body) + return access_info |