keystonemiddleware.external_oauth2_token module¶

class keystonemiddleware.external_oauth2_token.AbstractAuthClient(session, introspect_endpoint, audience, client_id, func_get_config_option, logger)¶

Bases: object

Abstract http client using to access the OAuth2.0 Server.

abstract introspect(access_token)¶: Access the introspect API.

class keystonemiddleware.external_oauth2_token.ClientSecretBasicAuthClient(session, introspect_endpoint, audience, client_id, func_get_config_option, logger)¶

Bases: keystonemiddleware.external_oauth2_token.AbstractAuthClient

Http client with the auth method ‘client_secret_basic’.

introspect(access_token)¶

Access the introspect API.

Access the Introspect API to verify the access token by the auth method ‘client_secret_basic’.

class keystonemiddleware.external_oauth2_token.ClientSecretJwtAuthClient(session, introspect_endpoint, audience, client_id, func_get_config_option, logger)¶

Bases: keystonemiddleware.external_oauth2_token.AbstractAuthClient

Http client with the auth method ‘client_secret_jwt’.

introspect(access_token)¶

Access the introspect API.

Access the Introspect API to verify the access token by the auth method ‘client_secret_jwt’.

class keystonemiddleware.external_oauth2_token.ClientSecretPostAuthClient(session, introspect_endpoint, audience, client_id, func_get_config_option, logger)¶

Bases: keystonemiddleware.external_oauth2_token.AbstractAuthClient

Http client with the auth method ‘client_secret_post’.

introspect(access_token)¶

Access the introspect API.

Access the Introspect API to verify the access token by the auth method ‘client_secret_post’.

class keystonemiddleware.external_oauth2_token.ExternalAuth2Protocol(application, conf)¶

Bases: object

Middleware that handles External Server OAuth2.0 authentication.

process_request(request)¶

Process request.

Parameters: request (_request.AuthTokenRequest) – Incoming request

process_response(response)¶

Process Response.

Add WWW-Authenticate headers to requests that failed with 401 Unauthenticated so users know where to authenticate for future requests.

exception keystonemiddleware.external_oauth2_token.ForbiddenToken¶

Bases: keystonemiddleware.exceptions.KeystoneMiddlewareException

Raise a ForbiddenToken Error.

When can not get necessary information from the token, this error will be thrown.

exception keystonemiddleware.external_oauth2_token.InvalidToken¶

Bases: keystonemiddleware.exceptions.KeystoneMiddlewareException

Raise an InvalidToken Error.

When can not get necessary information from the token, this error will be thrown.

class keystonemiddleware.external_oauth2_token.PrivateKeyJwtAuthClient(session, introspect_endpoint, audience, client_id, func_get_config_option, logger)¶

Bases: keystonemiddleware.external_oauth2_token.AbstractAuthClient

Http client with the auth method ‘private_key_jwt’.

introspect(access_token)¶

Access the introspect API.

Access the Introspect API to verify the access token by the auth method ‘private_key_jwt’.

exception keystonemiddleware.external_oauth2_token.ServiceError¶

Bases: keystonemiddleware.exceptions.KeystoneMiddlewareException

Raise a ServiceError.

When can not verify any tokens, this error will be thrown.

class keystonemiddleware.external_oauth2_token.TlsClientAuthClient(session, introspect_endpoint, audience, client_id, func_get_config_option, logger)¶

Bases: keystonemiddleware.external_oauth2_token.AbstractAuthClient

Http client with the auth method ‘tls_client_auth’.

introspect(access_token)¶

Access the introspect API.

Access the Introspect API to verify the access token by the auth method ‘tls_client_auth’.

keystonemiddleware.external_oauth2_token.filter_factory(global_conf, **local_conf)¶: Return a WSGI filter app for use with paste.deploy.

keystonemiddleware.external_oauth2_token module

keystonemiddleware.external_oauth2_token module¶

keystonemiddleware 10.7.1