openstack-attic/identity-api
Code Issues Proposed changes

Clean up naming to match new conventions

Browse Source 
Identity Service -> Identity

Change-Id: I3cd9d1d643e4a34da0ec607747e7efa31e537ef9
author: diane fleming
This commit is contained in:
Diane Fleming
2014-03-17 15:49:36 -05:00
parent 19006e6097
commit 89d7f812a4
41 changed files with 468 additions and 511 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
openstack-identity-api/v3/src/docbkx/xsd/endpoints.xsd
View File

@@ -1,135 +1,105 @@
<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type="text/xsl" href="../xslt/schema.xslt"?>
<!-- (C) 2011-2013 OpenStack Foundation, All Rights Reserved -->
<!-- (C) 2011-2014 OpenStack Foundation, All Rights Reserved -->
<schema
elementFormDefault="qualified"
attributeFormDefault="unqualified"
xmlns="http://www.w3.org/2001/XMLSchema"
xmlns:identity="http://docs.openstack.org/identity/api/v3"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:vc="http://www.w3.org/2007/XMLSchema-versioning"
xmlns:xsdxt="http://docs.rackspacecloud.com/xsd-ext/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
targetNamespace="http://docs.openstack.org/identity/api/v3"
>
<schema elementFormDefault="qualified"
attributeFormDefault="unqualified"
xmlns="http://www.w3.org/2001/XMLSchema"
xmlns:identity="http://docs.openstack.org/identity/api/v3"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:vc="http://www.w3.org/2007/XMLSchema-versioning"
xmlns:xsdxt="http://docs.rackspacecloud.com/xsd-ext/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
targetNamespace="http://docs.openstack.org/identity/api/v3">
<include schemaLocation="entity.xsd"/>
<!-- Import ATOM specific schema definitions -->
<import vc:minVersion="1.1" namespace="http://www.w3.org/2005/Atom"
schemaLocation="atom/atom.xsd" />
<import vc:minVersion="1.1"
namespace="http://www.w3.org/2005/Atom"
schemaLocation="atom/atom.xsd"/>
<!-- Complex Types -->
<complexType name="EndpointType">
<sequence>
<element ref="identity:links" />
<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
<element ref="identity:links"/>
<any namespace="##other" processContents="lax"
minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="id" type="xsd:string" use="required">
<annotation>
<xsd:documentation
xml:lang="EN"
xmlns="http://www.w3.org/1999/xhtml">
<p>
An ID uniquely identifying the Endpoint.
</p>
<xsd:documentation xml:lang="EN"
xmlns="http://www.w3.org/1999/xhtml">
<p>An unique ID that identifies the endpoint.</p>
</xsd:documentation>
</annotation>
</attribute>
<attribute name="name" type="xsd:string" use="required">
<attribute name="name" type="xsd:string" use="required">
<annotation>
<xsd:documentation
xml:lang="EN"
xmlns="http://www.w3.org/1999/xhtml">
<p>
An internal name for the endPoint.
</p>
<xsd:documentation xml:lang="EN"
xmlns="http://www.w3.org/1999/xhtml">
<p>An internal name for the endpoint.</p>
</xsd:documentation>
</annotation>
</attribute>
<attribute name="interface" type="xsd:string" use="optional">
<annotation>
<xsd:documentation
xml:lang="EN"
<xsd:documentation xml:lang="EN"
xmlns="http://www.w3.org/1999/xhtml">
<p>
Public/Internal/Admin
</p>
<p>Public/Internal/Admin.</p>
</xsd:documentation>
</annotation>
</attribute>
<attribute name="region" type="xsd:string" use="optional">
<annotation>
<xsd:documentation
xml:lang="EN"
<xsd:documentation xml:lang="EN"
xmlns="http://www.w3.org/1999/xhtml">
<p>
The region of Endpoint Template.
</p>
<p>The region of endpoint template.</p>
</xsd:documentation>
</annotation>
</attribute>
<attribute name="url" type="xsd:anyURI" use="required">
<annotation>
<xsd:documentation
xml:lang="EN"
<xsd:documentation xml:lang="EN"
xmlns="http://www.w3.org/1999/xhtml">
<p>
The URL to access represented service.
</p>
<p>The URL to access represented service.</p>
</xsd:documentation>
</annotation>
</attribute>
<attribute name="service_id" type="xsd:string" use="optional">
<annotation>
<xsd:documentation
xml:lang="EN"
<xsd:documentation xml:lang="EN"
xmlns="http://www.w3.org/1999/xhtml">
<p>
Service Id whose endpoint is represented.
</p>
<p>Service ID whose endpoint is represented.</p>
</xsd:documentation>
</annotation>
</attribute>
<anyAttribute namespace="##other" processContents="lax"/>
</complexType>
<complexType name="EndpointsType">
<sequence>
<element name="endpoint" type="identity:EndpointType" minOccurs="0" maxOccurs="unbounded"/>
<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded" />
<element name="endpoint" type="identity:EndpointType"
minOccurs="0" maxOccurs="unbounded"/>
<any namespace="##other" processContents="lax"
minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<anyAttribute namespace="##other" processContents="lax"/>
</complexType>
<element name="endpoint" type="identity:EndpointType">
<annotation>
<xsd:documentation
xml:lang="EN"
xmlns="http://www.w3.org/1999/xhtml">
<p>
An Endpoint.
</p>
<xsd:documentation xml:lang="EN"
xmlns="http://www.w3.org/1999/xhtml">
<p>An endpoint.</p>
</xsd:documentation>
</annotation>
</element>
<element name="endpoints" type="identity:EndpointsType">
<annotation>
<xsd:documentation
xml:lang="EN"
xmlns="http://www.w3.org/1999/xhtml">
<p>
A list of Endpoints.
</p>
<xsd:documentation xml:lang="EN"
xmlns="http://www.w3.org/1999/xhtml">
<p>List of endpoints.</p>
</xsd:documentation>
</annotation>
</element>
</schema>

8
openstack-identity-api/v3/src/markdown/identity-api-v3-os-federation-ext.md
View File

@@ -8,10 +8,10 @@ attributes. This extension requires v3.0+ of the Identity API.
Definitions
-----------
- *Trusted Identity Provider*: An identity provider setup within the Identity
Service API that is trusted to provide authenticated user information.
- *Trusted Identity Provider*: An identity provider set up within the Identity
API that is trusted to provide authenticated user information.
- *Service Provider*: A system entity that provides services to principals or
other system entities, in this case, the OpenStack Identity Service API is
other system entities, in this case, the OpenStack Identity API is
the Service Provider.
- *Attribute Mapping*: The user information passed by a federation protocol for
an already authenticated identity are called `attributes`. Those `attributes`
@@ -25,7 +25,7 @@ API Resources
### Identity Providers: `/OS-FEDERATION/identity_providers`
An Identity Provider is a third party service that is trusted by the Identity
Service to authenticate identities.
API to authenticate identities.
Optional attributes:

20
openstack-identity-api/v3/src/markdown/identity-api-v3-os-kds-ext.md
View File

@@ -60,7 +60,7 @@ that the destination party uses to derive the shared signing and encryption
keys. When an individual destination party needs to decrypt the payload that it
receives from the source party as a part of a group message, it makes an
authenticated request to KDS to obtain the short-lived group key. If the
requestor is a member of the target group, KDS provides the short-lived group
requester is a member of the target group, KDS provides the short-lived group
key encrypted with the long term shared key associated with the individual
destination party. The group key can then be decrypted by the individual
destination party, allowing it to decrypt the payload and derive the shared
@@ -218,7 +218,7 @@ A base64 encoded JSON object containing the following key/value pairs:
- `source` - The identity requesting a ticket.
- `destination` - The target for which the ticket will be valid.
- `timestamp` - Current timestamp from the requestor.
- `timestamp` - Current timestamp from the requester.
- `nonce` - Random single use data.
A timestamp and a nonce are necessary to avoid replay attacks.
@@ -236,7 +236,7 @@ A base64 encoded HMAC Signature over the base64 encoded request metadata object.
Base64encode(HMAC(SigningKey, RequestMetadata))
The key used for the signature is the requestor's long term key. The KDS
The key used for the signature is the requester's long term key. The KDS
should verify the signature upon receipt of the request. This requires that the
KDS access the `source` from the request metadata in order to lookup the
associated long term key that can be used to verify the signature. The KDS
@@ -261,7 +261,7 @@ Metadata:
A base64 encoded JSON object containing the following key/value pairs:
- `source` - The identity of the requestor.
- `source` - The identity of the requester.
- `destination` - The target for which the ticket is valid.
- `expiration` - Timestamp of when the ticket expires.
@@ -313,10 +313,10 @@ response metadata object and base64 encoded ticket object.
Base64encode(HMAC(SigningKey, ResponseMetadata + Ticket))
The key used for the signature is the requestor's long term key. The requestor
The key used for the signature is the requester's long term key. The requester
should verify the signature upon receipt of the response before accessing any
data contained in the response metadata or the ticket. Failure to verify the
signature leaves the requestor open to using metadata that was not actually
signature leaves the requester open to using metadata that was not actually
issued by the KDS.
@@ -387,7 +387,7 @@ Metadata:
A base64 encoded JSON object containing the following key/value pairs:
- `source` - The identity of the requestor.
- `source` - The identity of the requester.
- `destination` - The target for which the ticket is valid.
- `expiration` - Timestamp of when the ticket expires.
@@ -399,7 +399,7 @@ A base64 encoded JSON object containing the following key/value pairs:
Group key:
The group key is encrypted with the requestor's long term key.
The group key is encrypted with the requester's long term key.
Signature:
@@ -408,10 +408,10 @@ response metadata object and the group key.
Base64encode(HMAC(SigningKey, ResponseMetadata + GroupKey))
The key used for the signature is the requestor's long term key. The requestor
The key used for the signature is the requester's long term key. The requester
should verify the signature upon receipt of the response before accessing any
data contained in the response metadata or the group key. Failure to verify the
signature leaves the requestor open to using data that was not actually issued
signature leaves the requester open to using data that was not actually issued
by the KDS.

8
openstack-identity-api/v3/src/markdown/identity-api-v3-os-oauth1-ext.md
View File

@@ -208,9 +208,9 @@ Response:
Response Parameters:
- `oauth_token`: The Request Token key that the Identity Service returns.
- `oauth_token`: The Request Token key that the Identity API returns.
- `oauth_token_secret`: The secret associated with the Request Token.
- `oauth_expires_at` (optional): The ISO 8601 datetime at which a Request Token will expire.
- `oauth_expires_at` (optional): The ISO 8601 date time at which a Request Token will expire.
### Authorize Request Token: `PUT /OS-OAUTH1/authorize/{request_token_id}`
@@ -261,9 +261,9 @@ Response:
Response Parameters:
- `oauth_token`: The Access Token key that the Identity Service returns.
- `oauth_token`: The Access Token key that the Identity API returns.
- `oauth_token_secret`: The secret associated with the Access Token.
- `oauth_expires_at` (optional): The ISO 8601 datetime at which an Access Token will expire.
- `oauth_expires_at` (optional): The ISO 8601 date time when an Access Token expires.
### Request an Identity API Token: `POST /auth/tokens`