keystone  18.0.0
About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Victoria" series (maintained release).
  Fossies Dox: keystone-18.0.0.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

context.py
Go to the documentation of this file.
1 # Licensed under the Apache License, Version 2.0 (the "License"); you may
2 # not use this file except in compliance with the License. You may obtain
3 # a copy of the License at
4 #
5 # http://www.apache.org/licenses/LICENSE-2.0
6 #
7 # Unless required by applicable law or agreed to in writing, software
8 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
9 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
10 # License for the specific language governing permissions and limitations
11 # under the License.
12 
13 from oslo_context import context as oslo_context
14 
15 
16 REQUEST_CONTEXT_ENV = 'keystone.oslo_request_context'
17 
18 
19 def _prop(name):
20  return property(lambda x: getattr(x, name),
21  lambda x, y: setattr(x, name, y))
22 
23 
24 class RequestContext(oslo_context.RequestContext):
25 
26  def __init__(self, **kwargs):
27  self.username = kwargs.pop('username', None)
28  self.project_tag_name = kwargs.pop('project_tag_name', None)
29 
30  self.is_delegated_auth = kwargs.pop('is_delegated_auth', False)
31 
32  self.trust_id = kwargs.pop('trust_id', None)
33  self.trustor_id = kwargs.pop('trustor_id', None)
34  self.trustee_id = kwargs.pop('trustee_id', None)
35 
36  self.oauth_consumer_id = kwargs.pop('oauth_consumer_id', None)
37  self.oauth_access_token_id = kwargs.pop('oauth_access_token_id', None)
38 
39  self.authenticated = kwargs.pop('authenticated', False)
40  super(RequestContext, self).__init__(**kwargs)
41 
42  def to_policy_values(self):
43  """Add keystone-specific policy values to policy representation.
44 
45  This method converts generic policy values to a dictionary form using
46  the base implementation from oslo_context.context.RequestContext.
47  Afterwards, it is going to pull keystone-specific values off the
48  context and represent them as items in the policy values dictionary.
49  This is because keystone uses default policies that rely on these
50  values, so we need to guarantee they are present during policy
51  enforcement if they are present on the context object.
52 
53  This method is automatically called in
54  oslo_policy.policy.Enforcer.enforce() if oslo.policy knows it's dealing
55  with a context object.
56 
57  """
58  # TODO(morgan): Rework this to not need an explicit token render as
59  # this is a generally poorly designed behavior. The enforcer should not
60  # rely on a contract of the token's rendered JSON form. This likely
61  # needs reworking of how we handle the context in oslo.policy. Until
62  # this is reworked, it is not possible to merge the token render
63  # function into keystone.api
64  values = super(RequestContext, self).to_policy_values()
65  values['token'] = self.token_reference['token']
66  values['domain_id'] = self.domain_id if self.domain_id else None
67  return values
keystone.common.context.RequestContext.__init__
def __init__(self, **kwargs)
Definition: context.py:26
keystone.common.context.RequestContext.username
username
Definition: context.py:27
keystone.common.context.RequestContext.oauth_access_token_id
oauth_access_token_id
Definition: context.py:37
keystone.common.context.RequestContext.project_tag_name
project_tag_name
Definition: context.py:28
keystone.common.context.RequestContext.trustor_id
trustor_id
Definition: context.py:33
keystone.common.context.RequestContext.oauth_consumer_id
oauth_consumer_id
Definition: context.py:36
keystone.common.context.RequestContext.authenticated
authenticated
Definition: context.py:39
keystone.common.context.RequestContext.trustee_id
trustee_id
Definition: context.py:34
keystone.common.context.RequestContext.trust_id
trust_id
Definition: context.py:32
keystone.common.context.RequestContext.is_delegated_auth
is_delegated_auth
Definition: context.py:30
keystone.common.context.RequestContext.to_policy_values
def to_policy_values(self)
Definition: context.py:42
keystone.common.context._prop
def _prop(name)
Definition: context.py:19
keystone.common.context.RequestContext
Definition: context.py:24