diff options
author | Dolph Mathews <dolph.mathews@gmail.com> | 2014-08-20 15:18:22 -0500 |
---|---|---|
committer | Dolph Mathews <dolph.mathews@gmail.com> | 2014-08-20 21:29:06 -0500 |
commit | 52727bcea3a98e72331e748ce5f9e3a111a64cd1 (patch) | |
tree | 4e88066fc188325f9e21ce30ea21285f262bd373 /pycadf/credential.py | |
parent | 9c400a7da08d14562a616357a220daa5b5df852d (diff) | |
download | pycadf-52727bcea3a98e72331e748ce5f9e3a111a64cd1.tar.gz |
add federated credential0.6.0
This is in support of bp audit-support-for-federation in Keystone.
Change-Id: Ibba203b4131a46fcfd7cc1e54b480b9c1392fe83
Closes-Bug: 1359495
Diffstat (limited to 'pycadf/credential.py')
-rw-r--r-- | pycadf/credential.py | 48 |
1 files changed, 45 insertions, 3 deletions
diff --git a/pycadf/credential.py b/pycadf/credential.py index e6e045d..45e2789 100644 --- a/pycadf/credential.py +++ b/pycadf/credential.py @@ -26,8 +26,16 @@ CRED_KEYNAMES = [CRED_KEYNAME_TYPE, CRED_KEYNAME_TOKEN] -class Credential(cadftype.CADFAbstractType): +FED_CRED_KEYNAME_IDENTITY_PROVIDER = "identity_provider" +FED_CRED_KEYNAME_USER = "user" +FED_CRED_KEYNAME_GROUPS = "groups" + +FED_CRED_KEYNAMES = CRED_KEYNAMES + [FED_CRED_KEYNAME_IDENTITY_PROVIDER, + FED_CRED_KEYNAME_USER, + FED_CRED_KEYNAME_GROUPS] + +class Credential(cadftype.CADFAbstractType): type = cadftype.ValidatorDescriptor( CRED_KEYNAME_TYPE, lambda x: isinstance(x, six.string_types)) @@ -51,7 +59,41 @@ class Credential(cadftype.CADFAbstractType): # TODO(mrutkows): validate this cadf:Credential type against schema def is_valid(self): - """Validation to ensure Credential required attributes are set. - """ + """Validation to ensure Credential required attributes are set.""" # TODO(mrutkows): validate specific attribute type/format return self._isset(CRED_KEYNAME_TOKEN) + + +class FederatedCredential(Credential): + identity_provider = cadftype.ValidatorDescriptor( + FED_CRED_KEYNAME_IDENTITY_PROVIDER, + lambda x: isinstance(x, six.string_types)) + user = cadftype.ValidatorDescriptor( + FED_CRED_KEYNAME_USER, + lambda x: isinstance(x, six.string_types)) + groups = cadftype.ValidatorDescriptor( + FED_CRED_KEYNAME_GROUPS, + lambda x: isinstance(x, list)) + + def __init__(self, token, type, identity_provider, user, groups): + super(FederatedCredential, self).__init__( + token=token, + type=type) + + # FederatedCredential.identity_provider + setattr(self, FED_CRED_KEYNAME_IDENTITY_PROVIDER, identity_provider) + + # FederatedCredential.user + setattr(self, FED_CRED_KEYNAME_USER, user) + + # FederatedCredential.groups + setattr(self, FED_CRED_KEYNAME_GROUPS, groups) + + def is_valid(self): + """Validation to ensure Credential required attributes are set.""" + return ( + super(FederatedCredential, self).is_valid() + and self._isset(CRED_KEYNAME_TYPE) + and self._isset(FED_CRED_KEYNAME_IDENTITY_PROVIDER) + and self._isset(FED_CRED_KEYNAME_USER) + and self._isset(FED_CRED_KEYNAME_GROUPS)) |