Merge "Improve os-federation docs"
This commit is contained in:
commit
4a8298d5b8
|
@ -65,7 +65,7 @@ Identity Providers
|
|||
|
||||
::
|
||||
|
||||
/OS-FEDERATION/identity_providers
|
||||
/v3/OS-FEDERATION/identity_providers
|
||||
|
||||
An Identity Provider (IdP) is a third party service that is trusted by the
|
||||
Identity API to authenticate identities.
|
||||
|
@ -97,7 +97,7 @@ Protocols
|
|||
|
||||
::
|
||||
|
||||
/OS-FEDERATION/identity_providers/{idp_id}/protocols
|
||||
/v3/OS-FEDERATION/identity_providers/{idp_id}/protocols
|
||||
|
||||
A protocol entry contains information that dictates which mapping rules to use
|
||||
for a given incoming request. An IdP may have multiple supported protocols.
|
||||
|
@ -114,7 +114,7 @@ Mappings
|
|||
|
||||
::
|
||||
|
||||
/OS-FEDERATION/mappings
|
||||
/v3/OS-FEDERATION/mappings
|
||||
|
||||
A ``mapping`` is a set of rules to map federation protocol attributes to
|
||||
Identity API objects. An Identity Provider can have a single ``mapping``
|
||||
|
@ -230,7 +230,7 @@ Required attributes:
|
|||
<http://docs.python.org/2/library/re.html>`__ search against the remote
|
||||
attribute ``type``.
|
||||
|
||||
The ``blacklist`` and ``whitelist`` rules are always used in conjuction with
|
||||
The ``blacklist`` and ``whitelist`` rules are always used in conjunction with
|
||||
``type``.
|
||||
|
||||
- ``blacklist`` (list of strings)
|
||||
|
@ -252,7 +252,7 @@ Service Providers
|
|||
|
||||
::
|
||||
|
||||
/OS-FEDERATION/service_providers
|
||||
/v3/OS-FEDERATION/service_providers
|
||||
|
||||
A service provider is a third party service that is trusted by the Identity
|
||||
Service.
|
||||
|
@ -299,7 +299,7 @@ to ``ss:mem:``.
|
|||
Register an Identity Provider
|
||||
=============================
|
||||
|
||||
.. rest_method:: PUT /OS-FEDERATION/identity_providers/{idp_id}
|
||||
.. rest_method:: PUT /v3/OS-FEDERATION/identity_providers/{idp_id}
|
||||
|
||||
Normal response codes: 201
|
||||
Error response codes: 409
|
||||
|
@ -320,7 +320,7 @@ Response Example
|
|||
List identity providers
|
||||
=======================
|
||||
|
||||
.. rest_method:: GET /OS-FEDERATION/identity_providers
|
||||
.. rest_method:: GET /v3/OS-FEDERATION/identity_providers
|
||||
|
||||
Normal response codes: 200
|
||||
|
||||
|
@ -334,7 +334,7 @@ Response Example
|
|||
Get Identity provider
|
||||
=====================
|
||||
|
||||
.. rest_method:: GET /OS-FEDERATION/identity_providers/{idp_id}
|
||||
.. rest_method:: GET /v3/OS-FEDERATION/identity_providers/{idp_id}
|
||||
|
||||
Normal response codes: 200
|
||||
|
||||
|
@ -348,7 +348,7 @@ Response Example
|
|||
Delete identity provider
|
||||
========================
|
||||
|
||||
.. rest_method:: DELETE /OS-FEDERATION/identity_providers/{idp_id}
|
||||
.. rest_method:: DELETE /v3/OS-FEDERATION/identity_providers/{idp_id}
|
||||
|
||||
When an identity provider is deleted, any tokens generated by that identity
|
||||
provider will be revoked.
|
||||
|
@ -359,7 +359,7 @@ Normal response codes: 204
|
|||
Update identity provider
|
||||
========================
|
||||
|
||||
.. rest_method:: PATCH /OS-FEDERATION/identity_providers/{idp_id}
|
||||
.. rest_method:: PATCH /v3/OS-FEDERATION/identity_providers/{idp_id}
|
||||
|
||||
When an identity provider is disabled, any tokens generated by that identity
|
||||
provider will be revoked.
|
||||
|
@ -383,7 +383,7 @@ Response Example
|
|||
Add a protocol and attribute mapping to an identity provider
|
||||
============================================================
|
||||
|
||||
.. rest_method:: PUT /OS-FEDERATION/identity_providers/{idp_id}/protocols/{protocol_id}
|
||||
.. rest_method:: PUT /v3/OS-FEDERATION/identity_providers/{idp_id}/protocols/{protocol_id}
|
||||
|
||||
Normal response codes: 201
|
||||
|
||||
|
@ -403,7 +403,7 @@ Response Example
|
|||
List all protocol and attribute mappings of an identity provider
|
||||
================================================================
|
||||
|
||||
.. rest_method:: GET /OS-FEDERATION/identity_providers/{idp_id}/protocols
|
||||
.. rest_method:: GET /v3/OS-FEDERATION/identity_providers/{idp_id}/protocols
|
||||
|
||||
Normal response codes: 200
|
||||
|
||||
|
@ -417,7 +417,7 @@ Response Example
|
|||
Get a protocol and attribute mapping for an identity provider
|
||||
=============================================================
|
||||
|
||||
.. rest_method:: GET /OS-FEDERATION/identity_providers/{idp_id}/protocols/{protocol_id}
|
||||
.. rest_method:: GET /v3/OS-FEDERATION/identity_providers/{idp_id}/protocols/{protocol_id}
|
||||
|
||||
Normal response codes: 200
|
||||
|
||||
|
@ -431,7 +431,7 @@ Response Example
|
|||
Update the attribute mapping for an identity provider and protocol
|
||||
==================================================================
|
||||
|
||||
.. rest_method:: PATCH /OS-FEDERATION/identity_providers/{idp_id}/protocols/{protocol_id}
|
||||
.. rest_method:: PATCH /v3/OS-FEDERATION/identity_providers/{idp_id}/protocols/{protocol_id}
|
||||
|
||||
Normal response codes: 200
|
||||
|
||||
|
@ -451,7 +451,7 @@ Response Example
|
|||
Delete a protocol and attribute mapping from an identity provider
|
||||
=================================================================
|
||||
|
||||
.. rest_method:: DELETE /OS-FEDERATION/identity_providers/{idp_id}/protocols/{protocol_id}
|
||||
.. rest_method:: DELETE /v3/OS-FEDERATION/identity_providers/{idp_id}/protocols/{protocol_id}
|
||||
|
||||
Normal response codes: 204
|
||||
|
||||
|
@ -461,7 +461,7 @@ Normal response codes: 204
|
|||
Create a mapping
|
||||
================
|
||||
|
||||
.. rest_method:: PUT /OS-FEDERATION/mappings/{mapping_id}
|
||||
.. rest_method:: PUT /v3/OS-FEDERATION/mappings/{mapping_id}
|
||||
|
||||
Normal response codes: 201
|
||||
|
||||
|
@ -481,7 +481,7 @@ Response Example
|
|||
Get a mapping
|
||||
=============
|
||||
|
||||
.. rest_method:: GET /OS-FEDERATION/mappings/{mapping_id}
|
||||
.. rest_method:: GET /v3/OS-FEDERATION/mappings/{mapping_id}
|
||||
|
||||
Normal response codes: 200
|
||||
|
||||
|
@ -495,7 +495,7 @@ Response Example
|
|||
Update a mapping
|
||||
================
|
||||
|
||||
.. rest_method:: PATCH /OS-FEDERATION/mappings/{mapping_id}
|
||||
.. rest_method:: PATCH /v3/OS-FEDERATION/mappings/{mapping_id}
|
||||
|
||||
Normal response codes: 200
|
||||
|
||||
|
@ -515,7 +515,7 @@ Response Example
|
|||
List all mappings
|
||||
=================
|
||||
|
||||
.. rest_method:: GET /OS-FEDERATION/mappings
|
||||
.. rest_method:: GET /v3/OS-FEDERATION/mappings
|
||||
|
||||
Normal response codes: 200
|
||||
|
||||
|
@ -529,7 +529,7 @@ Response Example
|
|||
Delete a mapping
|
||||
================
|
||||
|
||||
.. rest_method:: DELETE /OS-FEDERATION/mappings/{mapping_id}
|
||||
.. rest_method:: DELETE /v3/OS-FEDERATION/mappings/{mapping_id}
|
||||
|
||||
Normal response codes: 204
|
||||
|
||||
|
@ -539,7 +539,7 @@ Normal response codes: 204
|
|||
Register a Service Provider
|
||||
===========================
|
||||
|
||||
.. rest_method:: PUT /OS-FEDERATION/service_providers/{sp_id}
|
||||
.. rest_method:: PUT /v3/OS-FEDERATION/service_providers/{sp_id}
|
||||
|
||||
Normal response codes: 201
|
||||
Error response codes: 400 Bad Request when registering a service provider with
|
||||
|
@ -561,7 +561,7 @@ Response Example
|
|||
Listing Service Providers
|
||||
=========================
|
||||
|
||||
.. rest_method:: GET /OS-FEDERATION/service_providers
|
||||
.. rest_method:: GET /v3/OS-FEDERATION/service_providers
|
||||
|
||||
Normal response codes: 200
|
||||
|
||||
|
@ -575,7 +575,7 @@ Response Example
|
|||
Get Service Provider
|
||||
====================
|
||||
|
||||
.. rest_method:: GET /OS-FEDERATION/service_providers/{sp_id}
|
||||
.. rest_method:: GET /v3/OS-FEDERATION/service_providers/{sp_id}
|
||||
|
||||
Normal response codes: 200
|
||||
|
||||
|
@ -589,7 +589,7 @@ Response Example
|
|||
Delete Service Provider
|
||||
=======================
|
||||
|
||||
.. rest_method:: DELETE /OS-FEDERATION/service_providers/{sp_id}
|
||||
.. rest_method:: DELETE /v3/OS-FEDERATION/service_providers/{sp_id}
|
||||
|
||||
Normal response codes: 204
|
||||
|
||||
|
@ -597,7 +597,7 @@ Normal response codes: 204
|
|||
Update Service Provider
|
||||
=======================
|
||||
|
||||
.. rest_method:: PATCH /OS-FEDERATION/service_providers/{sp_id}
|
||||
.. rest_method:: PATCH /v3/OS-FEDERATION/service_providers/{sp_id}
|
||||
|
||||
Normal response codes: 200
|
||||
Error response codes: 400 Bad Request when updating a service provider with
|
||||
|
@ -624,7 +624,7 @@ Response Example
|
|||
List projects a federated user can access
|
||||
=========================================
|
||||
|
||||
.. rest_method:: GET /OS-FEDERATION/projects
|
||||
.. rest_method:: GET /v3/OS-FEDERATION/projects
|
||||
|
||||
Normal response codes: 200
|
||||
|
||||
|
@ -646,7 +646,7 @@ Response Example
|
|||
List domains a federated user can access
|
||||
========================================
|
||||
|
||||
.. rest_method:: GET /OS-FEDERATION/domains
|
||||
.. rest_method:: GET /v3/OS-FEDERATION/domains
|
||||
|
||||
Normal response codes: 200
|
||||
|
||||
|
@ -670,7 +670,7 @@ Response Example
|
|||
Request an unscoped OS-FEDERATION token
|
||||
=======================================
|
||||
|
||||
.. rest_method:: GET /OS-FEDERATION/identity_providers/{identity_provider}/protocols/{protocol}/auth
|
||||
.. rest_method:: GET /v3/OS-FEDERATION/identity_providers/{identity_provider}/protocols/{protocol}/auth
|
||||
|
||||
A federated ephemeral user may request an unscoped token, which can be used to
|
||||
get a scoped token.
|
||||
|
@ -702,7 +702,7 @@ Response Example
|
|||
Request a scoped OS-FEDERATION token
|
||||
====================================
|
||||
|
||||
.. rest_method:: POST /auth/tokens
|
||||
.. rest_method:: POST /v3/auth/tokens
|
||||
|
||||
A federated user may request a scoped token, by using the unscoped token. A
|
||||
project or domain may be specified by either id or name. An id is sufficient to
|
||||
|
@ -727,7 +727,7 @@ Response Example
|
|||
Web Single Sign On authentication (New in version 1.2)
|
||||
======================================================
|
||||
|
||||
.. rest_method:: GET /auth/OS-FEDERATION/websso/{protocol}?origin=https%3A//horizon.example.com
|
||||
.. rest_method:: GET /v3/auth/OS-FEDERATION/websso/{protocol}?origin=https%3A//horizon.example.com
|
||||
|
||||
For Web Single Sign On (WebSSO) authentication, users are expected to enter
|
||||
another URL endpoint. Upon successful authentication, instead of issuing a
|
||||
|
@ -739,7 +739,7 @@ be included in the form being sent.
|
|||
Web Single Sign On authentication (New in version 1.3)
|
||||
======================================================
|
||||
|
||||
.. rest_method:: GET /auth/OS-FEDERATION/identity_providers/{idp_id}/protocol/{protocol_id}/websso?origin=https%3A//horizon.example.com
|
||||
.. rest_method:: GET /v3/auth/OS-FEDERATION/identity_providers/{idp_id}/protocol/{protocol_id}/websso?origin=https%3A//horizon.example.com
|
||||
|
||||
In contrast to the above route, this route begins a Web Single Sign On request
|
||||
that is specific to the supplied Identity Provider and Protocol. Keystone will
|
||||
|
@ -754,7 +754,7 @@ An unscoped federated token will be included in the form being sent.
|
|||
Generate a SAML assertion
|
||||
=========================
|
||||
|
||||
.. rest_method:: POST /auth/OS-FEDERATION/saml2
|
||||
.. rest_method:: POST /v3/auth/OS-FEDERATION/saml2
|
||||
|
||||
A user may generate a SAML assertion document based on the scoped token that is
|
||||
used in the request.
|
||||
|
@ -788,7 +788,7 @@ For more information about how a SAML assertion is structured, refer to the
|
|||
Generate an ECP wrapped SAML assertion
|
||||
======================================
|
||||
|
||||
.. rest_method:: POST /auth/OS-FEDERATION/saml2/ecp
|
||||
.. rest_method:: POST /v3/auth/OS-FEDERATION/saml2/ecp
|
||||
|
||||
A user may generate a SAML assertion document to work with the
|
||||
*Enhanced Client or Proxy* (ECP) profile based on the scoped token that is
|
||||
|
@ -821,7 +821,7 @@ Response Example
|
|||
Retrieve Metadata properties
|
||||
============================
|
||||
|
||||
.. rest_method:: GET /OS-FEDERATION/saml2/metadata
|
||||
.. rest_method:: GET /v3/OS-FEDERATION/saml2/metadata
|
||||
|
||||
A user may retrieve Metadata about an Identity Service acting as an Identity
|
||||
Provider.
|
||||
|
|
|
@ -5,13 +5,13 @@
|
|||
"enabled": true,
|
||||
"id": "37ef61",
|
||||
"links": {
|
||||
"self": "http://identity:35357/v3/domains/37ef61"
|
||||
"self": "http://example.com/identity/v3/domains/37ef61"
|
||||
},
|
||||
"name": "my domain"
|
||||
}
|
||||
],
|
||||
"links": {
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/domains",
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/domains",
|
||||
"previous": null,
|
||||
"next": null
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Headers:
|
||||
Content-Type: text/xml
|
||||
X-sp-url: http://beta.example.com/Shibboleth.sso/POST/ECP
|
||||
X-auth-url: http://beta.example.com:5000/v3/OS-FEDERATION/identity_providers/beta/protocols/auth
|
||||
X-auth-url: http://beta.example.com/identity/v3/OS-FEDERATION/identity_providers/beta/protocols/auth
|
||||
|
||||
<?xml version='1.0' encoding='UTF-8'?>
|
||||
<ns0:Envelope
|
||||
|
|
|
@ -2,8 +2,8 @@
|
|||
"protocol": {
|
||||
"id": "saml2",
|
||||
"links": {
|
||||
"identity_provider": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME",
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME/protocols/saml2"
|
||||
"identity_provider": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME",
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME/protocols/saml2"
|
||||
},
|
||||
"mapping_id": "xyz234"
|
||||
}
|
||||
|
|
|
@ -2,8 +2,8 @@
|
|||
"protocol": {
|
||||
"id": "saml2",
|
||||
"links": {
|
||||
"identity_provider": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME",
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME/protocols/saml2"
|
||||
"identity_provider": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME",
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME/protocols/saml2"
|
||||
},
|
||||
"mapping_id": "xyz234"
|
||||
}
|
||||
|
|
|
@ -5,8 +5,8 @@
|
|||
"enabled": false,
|
||||
"id": "ACME",
|
||||
"links": {
|
||||
"protocols": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME/protocols",
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME"
|
||||
"protocols": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME/protocols",
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -2,14 +2,14 @@
|
|||
"links": {
|
||||
"next": null,
|
||||
"previous": null,
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME/protocols"
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME/protocols"
|
||||
},
|
||||
"protocols": [
|
||||
{
|
||||
"id": "saml2",
|
||||
"links": {
|
||||
"identity_provider": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME",
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME/protocols/saml2"
|
||||
"identity_provider": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME",
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME/protocols/saml2"
|
||||
},
|
||||
"mapping_id": "xyz234"
|
||||
}
|
||||
|
|
|
@ -6,8 +6,8 @@
|
|||
"enabled": true,
|
||||
"id": "ACME",
|
||||
"links": {
|
||||
"protocols": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME/protocols",
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME"
|
||||
"protocols": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME/protocols",
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME"
|
||||
}
|
||||
},
|
||||
{
|
||||
|
@ -16,14 +16,14 @@
|
|||
"enabled": false,
|
||||
"id": "ACME-contractors",
|
||||
"links": {
|
||||
"protocols": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME-contractors/protocols",
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME-contractors"
|
||||
"protocols": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME-contractors/protocols",
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME-contractors"
|
||||
}
|
||||
}
|
||||
],
|
||||
"links": {
|
||||
"next": null,
|
||||
"previous": null,
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/identity_providers"
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/identity_providers"
|
||||
}
|
||||
}
|
|
@ -5,8 +5,8 @@
|
|||
"enabled": true,
|
||||
"id": "ACME",
|
||||
"links": {
|
||||
"protocols": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME/protocols",
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME"
|
||||
"protocols": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME/protocols",
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -2,8 +2,8 @@
|
|||
"protocol": {
|
||||
"id": "saml2",
|
||||
"links": {
|
||||
"identity_provider": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME",
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME/protocols/saml2"
|
||||
"identity_provider": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME",
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME/protocols/saml2"
|
||||
},
|
||||
"mapping_id": "xyz234"
|
||||
}
|
||||
|
|
|
@ -5,8 +5,8 @@
|
|||
"enabled": true,
|
||||
"id": "ACME",
|
||||
"links": {
|
||||
"protocols": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME/protocols",
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/identity_providers/ACME"
|
||||
"protocols": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME/protocols",
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/identity_providers/ACME"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -2,7 +2,7 @@
|
|||
"mapping": {
|
||||
"id": "ACME",
|
||||
"links": {
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/mappings/ACME"
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/mappings/ACME"
|
||||
},
|
||||
"rules": [
|
||||
{
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
"mapping": {
|
||||
"id": "ACME",
|
||||
"links": {
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/mappings/ACME"
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/mappings/ACME"
|
||||
},
|
||||
"rules": [
|
||||
{
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
"links": {
|
||||
"next": null,
|
||||
"previous": null,
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/mappings"
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/mappings"
|
||||
},
|
||||
"mappings": [
|
||||
{
|
||||
"id": "ACME",
|
||||
"links": {
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/mappings/ACME"
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/mappings/ACME"
|
||||
},
|
||||
"rules": [
|
||||
{
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
"mapping": {
|
||||
"id": "ACME",
|
||||
"links": {
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/mappings/ACME"
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/mappings/ACME"
|
||||
},
|
||||
"rules": [
|
||||
{
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
"enabled": true,
|
||||
"id": "12d706",
|
||||
"links": {
|
||||
"self": "http://identity:35357/v3/projects/12d706"
|
||||
"self": "http://example.com/identity/v3/projects/12d706"
|
||||
},
|
||||
"name": "a project name"
|
||||
},
|
||||
|
@ -14,13 +14,13 @@
|
|||
"enabled": true,
|
||||
"id": "9ca0eb",
|
||||
"links": {
|
||||
"self": "http://identity:35357/v3/projects/9ca0eb"
|
||||
"self": "http://example.com/identity/v3/projects/9ca0eb"
|
||||
},
|
||||
"name": "another project"
|
||||
}
|
||||
],
|
||||
"links": {
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/projects",
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/projects",
|
||||
"previous": null,
|
||||
"next": null
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Headers:
|
||||
Content-Type: text/xml
|
||||
X-sp-url: http://beta.example.com/Shibboleth.sso/POST/ECP
|
||||
X-auth-url: http://beta.example.com:5000/v3/OS-FEDERATION/identity_providers/beta/protocols/auth
|
||||
X-auth-url: http://beta.example.com/identity/v3/OS-FEDERATION/identity_providers/beta/protocols/auth
|
||||
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<ns0:Response xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xmldsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Destination="http://beta.example.com/Shibboleth.sso/POST/ECP" ID="818dee98a5d44a238ae3038d26cbebb6" IssueInstant="2015-05-27T13:23:48Z" Version="2.0">
|
||||
|
|
|
@ -14,13 +14,13 @@
|
|||
"domain": {
|
||||
"id": "1789d1",
|
||||
"links": {
|
||||
"self": "http://identity:35357/v3/domains/1789d1"
|
||||
"self": "http://example.com/identity/v3/domains/1789d1"
|
||||
},
|
||||
"name": "example.com"
|
||||
},
|
||||
"id": "263fd9",
|
||||
"links": {
|
||||
"self": "http://identity:35357/v3/projects/263fd9"
|
||||
"self": "http://example.com/identity/v3/projects/263fd9"
|
||||
},
|
||||
"name": "project-x"
|
||||
},
|
||||
|
@ -31,19 +31,19 @@
|
|||
"id": "39dc322ce86c4111b4f06c2eeae0841b",
|
||||
"interface": "public",
|
||||
"region": "RegionOne",
|
||||
"url": "http://localhost:5000"
|
||||
"url": "http://example.com/identity"
|
||||
},
|
||||
{
|
||||
"id": "ec642f27474842e78bf059f6c48f4e99",
|
||||
"interface": "internal",
|
||||
"region": "RegionOne",
|
||||
"url": "http://localhost:5000"
|
||||
"url": "http://example.com/identity"
|
||||
},
|
||||
{
|
||||
"id": "c609fc430175452290b62a4242e8a7e8",
|
||||
"interface": "admin",
|
||||
"region": "RegionOne",
|
||||
"url": "http://localhost:35357"
|
||||
"url": "http://example.com/identity"
|
||||
}
|
||||
],
|
||||
"id": "266c2aa381ea46df81bb05ddb02bd14a",
|
||||
|
|
|
@ -1,13 +1,13 @@
|
|||
{
|
||||
"service_provider": {
|
||||
"auth_url": "https://example.com:5000/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
|
||||
"auth_url": "https://example.com/identity/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
|
||||
"description": "Remote Service Provider",
|
||||
"enabled": true,
|
||||
"id": "ACME",
|
||||
"links": {
|
||||
"self": "https://identity:35357/v3/OS-FEDERATION/service_providers/ACME"
|
||||
"self": "https://example.com/identity/v3/OS-FEDERATION/service_providers/ACME"
|
||||
},
|
||||
"relay_state_prefix": "ss:mem:",
|
||||
"sp_url": "https://example.com:5000/Shibboleth.sso/SAML2/ECP"
|
||||
"sp_url": "https://example.com/identity/Shibboleth.sso/SAML2/ECP"
|
||||
}
|
||||
}
|
|
@ -2,30 +2,30 @@
|
|||
"links": {
|
||||
"next": null,
|
||||
"previous": null,
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/service_providers"
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/service_providers"
|
||||
},
|
||||
"service_providers": [
|
||||
{
|
||||
"auth_url": "https://example.com:5000/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
|
||||
"auth_url": "https://example.com/identity/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
|
||||
"description": "Stores ACME identities",
|
||||
"enabled": true,
|
||||
"id": "ACME",
|
||||
"links": {
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/service_providers/ACME"
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/service_providers/ACME"
|
||||
},
|
||||
"relay_state_prefix": "ss:mem:",
|
||||
"sp_url": "https://example.com:5000/Shibboleth.sso/SAML2/ECP"
|
||||
"sp_url": "https://example.com/identity/Shibboleth.sso/SAML2/ECP"
|
||||
},
|
||||
{
|
||||
"auth_url": "https://other.example.com:5000/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
|
||||
"auth_url": "https://other.example.com/identity/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
|
||||
"description": "Stores contractor identities",
|
||||
"enabled": false,
|
||||
"id": "ACME-contractors",
|
||||
"links": {
|
||||
"self": "http://identity:35357/v3/OS-FEDERATION/service_providers/ACME-contractors"
|
||||
"self": "http://example.com/identity/v3/OS-FEDERATION/service_providers/ACME-contractors"
|
||||
},
|
||||
"relay_state_prefix": "ss:mem:",
|
||||
"sp_url": "https://other.example.com:5000/Shibboleth.sso/SAML2/ECP"
|
||||
"sp_url": "https://other.example.com/identity/Shibboleth.sso/SAML2/ECP"
|
||||
}
|
||||
]
|
||||
}
|
|
@ -1,8 +1,8 @@
|
|||
{
|
||||
"service_provider": {
|
||||
"auth_url": "https://example.com:5000/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
|
||||
"auth_url": "https://example.com/identity/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
|
||||
"description": "Remote Service Provider",
|
||||
"enabled": true,
|
||||
"sp_url": "https://example.com:5000/Shibboleth.sso/SAML2/ECP"
|
||||
"sp_url": "https://example.com/identity/Shibboleth.sso/SAML2/ECP"
|
||||
}
|
||||
}
|
|
@ -1,13 +1,13 @@
|
|||
{
|
||||
"service_provider": {
|
||||
"auth_url": "https://example.com:5000/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
|
||||
"auth_url": "https://example.com/identity/v3/OS-FEDERATION/identity_providers/acme/protocols/saml2/auth",
|
||||
"description": "Remote Service Provider",
|
||||
"enabled": true,
|
||||
"id": "ACME",
|
||||
"links": {
|
||||
"self": "https://identity:35357/v3/OS-FEDERATION/service_providers/ACME"
|
||||
"self": "https://example.com/identity/v3/OS-FEDERATION/service_providers/ACME"
|
||||
},
|
||||
"relay_state_prefix": "ss:mem:",
|
||||
"sp_url": "https://example.com:5000/Shibboleth.sso/SAML2/ECP"
|
||||
"sp_url": "https://example.com/identity/Shibboleth.sso/SAML2/ECP"
|
||||
}
|
||||
}
|
|
@ -1,8 +1,8 @@
|
|||
{
|
||||
"service_provider": {
|
||||
"auth_url": "https://new.example.com:5000/v3/OS-FEDERATION/identity_providers/protocol/saml2/auth",
|
||||
"auth_url": "https://new.example.com/identity/v3/OS-FEDERATION/identity_providers/protocol/saml2/auth",
|
||||
"enabled": true,
|
||||
"relay_state_prefix": "ss:temp:",
|
||||
"sp_auth": "https://new.example.com:5000/Shibboleth.sso/SAML2/ECP"
|
||||
"sp_auth": "https://new.example.com/identity/Shibboleth.sso/SAML2/ECP"
|
||||
}
|
||||
}
|
|
@ -1,13 +1,13 @@
|
|||
{
|
||||
"service_provider": {
|
||||
"auth_url": "https://new.example.com:5000/v3/OS-FEDERATION/identity_providers/protocol/saml2/auth",
|
||||
"auth_url": "https://new.example.com/identity/v3/OS-FEDERATION/identity_providers/protocol/saml2/auth",
|
||||
"description": "Remote Service Provider",
|
||||
"enabled": true,
|
||||
"id": "ACME",
|
||||
"links": {
|
||||
"self": "https://identity:35357/v3/OS-FEDERATION/service_providers/ACME"
|
||||
"self": "https://example.com/identity/v3/OS-FEDERATION/service_providers/ACME"
|
||||
},
|
||||
"relay_state_prefix": "ss:temp:",
|
||||
"sp_url": "https://new.example.com:5000/Shibboleth.sso/SAML2/ECP"
|
||||
"sp_url": "https://new.example.com/identity/Shibboleth.sso/SAML2/ECP"
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue