api-ref: Correcting V3 Authentication APIs

http://developer.openstack.org/api-ref/identity/v3/index.html#authentication-and-token-management

Change-Id: I17a3a974c36c0992c681100833f0443963edbf69
Partial-Bug: #1610777
This commit is contained in:
Anh Tran 2016-08-08 16:30:13 +07:00
parent 8d5926a962
commit b3c838153f
2 changed files with 112 additions and 100 deletions

View File

@ -104,15 +104,15 @@ Request
.. rest_parameters:: parameters.yaml .. rest_parameters:: parameters.yaml
- nocatalog: nocatalog
- domain: domain - domain: domain
- name: name - name: user_name
- auth: auth - auth: auth
- user: user - user: user
- password: password - password: password
- id: id - id: user_id
- identity: identity - identity: identity
- methods: methods - methods: auth_methods_passwd
- nocatalog: nocatalog
Request Example Request Example
--------------- ---------------
@ -127,15 +127,15 @@ Response Parameters
- X-Subject-Token: X-Subject-Token - X-Subject-Token: X-Subject-Token
- domain: domain - domain: domain
- methods: methods - methods: auth_methods_passwd
- expires_at: expires_at - expires_at: expires_at
- token: token - token: token
- extras: extras - extras: extras
- user: user - user: user
- audit_ids: audit_ids - audit_ids: audit_ids
- issued_at: issued_at - issued_at: issued_at
- id: id - id: user_id
- name: name - name: user_name
Password authentication with scoped authorization Password authentication with scoped authorization
@ -157,15 +157,15 @@ Request
.. rest_parameters:: parameters.yaml .. rest_parameters:: parameters.yaml
- name: name - nocatalog: nocatalog
- name: user_name
- auth: auth - auth: auth
- user: user - user: user
- scope: scope - scope: scope
- password: password - password: password
- id: id - id: user_id
- identity: identity - identity: identity
- methods: methods - methods: auth_methods_passwd
- nocatalog: nocatalog
Request Example Request Example
--------------- ---------------
@ -181,7 +181,7 @@ Response Parameters
- X-Subject-Token: X-Subject-Token - X-Subject-Token: X-Subject-Token
- domain: domain - domain: domain
- region_id: region_id - region_id: region_id
- methods: methods - methods: auth_methods_passwd
- roles: roles - roles: roles
- url: endpoint_url - url: endpoint_url
- region: endpoint_region - region: endpoint_region
@ -195,9 +195,9 @@ Response Parameters
- audit_ids: audit_ids - audit_ids: audit_ids
- interface: endpoint_interface - interface: endpoint_interface
- endpoints: endpoints - endpoints: endpoints
- type: type - type: endpoint_type
- id: id - id: user_id
- name: name - name: user_name
Password authentication with explicit unscoped authorization Password authentication with explicit unscoped authorization
@ -219,15 +219,15 @@ Request
.. rest_parameters:: parameters.yaml .. rest_parameters:: parameters.yaml
- name: name - nocatalog: nocatalog
- name: user_name
- auth: auth - auth: auth
- user: user - user: user
- scope: scope - scope: scope
- password: password - password: password
- id: id - id: user_id
- identity: identity - identity: identity
- methods: methods - methods: auth_methods_passwd
- nocatalog: nocatalog
Request Example Request Example
--------------- ---------------
@ -242,7 +242,7 @@ Response Parameters
- X-Subject-Token: X-Subject-Token - X-Subject-Token: X-Subject-Token
- domain: domain - domain: domain
- methods: methods - methods: auth_methods_passwd
- roles: roles - roles: roles
- expires_at: expires_at - expires_at: expires_at
- token: token - token: token
@ -250,8 +250,8 @@ Response Parameters
- user: user - user: user
- audit_ids: audit_ids - audit_ids: audit_ids
- issued_at: issued_at - issued_at: issued_at
- id: id - id: user_id
- name: name - name: user_name
Token authentication with unscoped authorization Token authentication with unscoped authorization
@ -271,12 +271,12 @@ Request
.. rest_parameters:: parameters.yaml .. rest_parameters:: parameters.yaml
- identity: identity
- token: token
- id: id
- auth: auth
- methods: methods
- nocatalog: nocatalog - nocatalog: nocatalog
- identity: identity
- token: auth_token
- id: auth_token_id
- auth: auth
- methods: auth_methods_token
Request Example Request Example
--------------- ---------------
@ -311,14 +311,14 @@ Request
.. rest_parameters:: parameters.yaml .. rest_parameters:: parameters.yaml
- methods: methods - nocatalog: nocatalog
- methods: auth_methods_token
- auth: auth - auth: auth
- token: token - token: auth_token
- audit_ids: audit_ids - audit_ids: audit_ids
- scope: scope - scope: scope
- id: id - id: auth_token_id
- identity: identity - identity: identity
- nocatalog: nocatalog
Request Example Request Example
--------------- ---------------
@ -367,8 +367,8 @@ Response Parameters
- X-Subject-Token: X-Subject-Token - X-Subject-Token: X-Subject-Token
- X-Auth-Token: X-Auth-Token - X-Auth-Token: X-Auth-Token
- domain: domain - domain: domain
- methods: methods - methods: auth_methods
- links: links - links: domain_link_response_body
- user: user - user: user
- token: token - token: token
- expires_at: expires_at - expires_at: expires_at
@ -378,8 +378,8 @@ Response Parameters
- roles: roles - roles: roles
- audit_ids: audit_ids - audit_ids: audit_ids
- issued_at: issued_at - issued_at: issued_at
- id: id - id: user_id
- name: name - name: user_name
Response Example Response Example
---------------- ----------------

View File

@ -116,12 +116,6 @@ service_id_path:
in: path in: path
required: false required: false
type: string type: string
user_id:
description: |
The user ID.
in: path
required: true
type: string
user_id_path: user_id_path:
description: | description: |
The user ID. The user ID.
@ -402,6 +396,58 @@ auth:
in: body in: body
required: true required: true
type: object type: object
auth_domain_id:
description: |
The ID of the domain. If you specify a user
name, you must specify either a domain ID or domain name.
in: body
required: false
type: string
auth_methods:
description: |
The authentication method, which is ``password``,
``token``, or both methods. Indicates the accumulated set of
authentication methods that were used to obtain the token. For
example, if the token was obtained by password authentication, it
contains ``password``. Later, if the token is exchanged by using
the token authentication method one or more times, the
subsequently created tokens contain both ``password`` and
``token`` in their ``methods`` attribute. Unlike multi-factor
authentication, the ``methods`` attribute merely indicates the
methods that were used to authenticate the user in exchange for a
token. The client is responsible for determining the total number
of authentication factors.
in: body
required: true
type: array
auth_methods_passwd:
description: |
The authentication method. For password
authentication, specify ``password``.
in: body
required: true
type: array
auth_methods_token:
description: |
The authentication method. For token
authentication, specify ``token``.
in: body
required: true
type: array
auth_token:
description: |
A ``token`` object. The token authentication
method is used. This method is typically used in combination with
a request to change authorization scope.
in: body
required: true
type: object
auth_token_id:
description: |
A token ID.
in: body
required: true
type: string
blob: blob:
description: | description: |
The credential itself, as a serialized blob. The credential itself, as a serialized blob.
@ -865,6 +911,12 @@ endpoint_region:
in: body in: body
required: true required: true
type: string type: string
endpoint_type:
description: |
The endpoint type.
in: body
required: true
type: string
endpoint_url: endpoint_url:
description: | description: |
The endpoint URL. The endpoint URL.
@ -985,15 +1037,7 @@ groups:
type: array type: array
id: id:
description: | description: |
The ID of the user. Required if you do not [WIP]
specify the user name.
in: body
required: false
type: string
id_1:
description: |
The ID of the domain. If you specify a user
name, you must specify either a domain ID or domain name.
in: body in: body
required: false required: false
type: string type: string
@ -1197,45 +1241,6 @@ links_user:
in: body in: body
required: true required: true
type: object type: object
methods:
description: |
The authentication method. For password
authentication, specify ``password``.
in: body
required: true
type: array
methods_1:
description: |
The authentication method. For token
authentication, specify ``token``.
in: body
required: true
type: array
methods_2:
description: |
The authentication method, which is ``password``,
``token``, or both methods. Indicates the accumulated set of
authentication methods that were used to obtain the token. For
example, if the token was obtained by password authentication, it
contains ``password``. Later, if the token is exchanged by using
the token authentication method one or more times, the
subsequently created tokens contain both ``password`` and
``token`` in their ``methods`` attribute. Unlike multi-factor
authentication, the ``methods`` attribute merely indicates the
methods that were used to authenticate the user in exchange for a
token. The client is responsible for determining the total number
of authentication factors.
in: body
required: true
type: array
name:
description: |
The user name. Required if you do not specify
the ID of the user. If you specify the user name, you must also
specify the domain, by ID or name.
in: body
required: false
type: string
name_1: name_1:
description: | description: |
The name of the domain. If you specify a user The name of the domain. If you specify a user
@ -1335,10 +1340,10 @@ parent_region_id_response_body:
type: string type: string
password: password:
description: | description: |
The user password. The ``password`` object, contains the authentication information.
in: body in: body
required: true required: true
type: string type: object
password_expires_at: password_expires_at:
description: | description: |
The date and time when the password expires. The time zone The date and time when the password expires. The time zone
@ -1682,17 +1687,9 @@ token:
in: body in: body
required: true required: true
type: object type: object
token_1:
description: |
A ``token`` object. The token authentication
method is used. This method is typically used in combination with
a request to change authorization scope.
in: body
required: true
type: object
type: type:
description: | description: |
The endpoint type. [WIP]
in: body in: body
required: true required: true
type: string type: string
@ -1745,6 +1742,13 @@ user_domain_id_update_body:
in: body in: body
required: false required: false
type: string type: string
user_id:
description: |
The ID of the user. Required if you do not
specify the user name.
in: body
required: false
type: string
user_id_1: user_id_1:
description: | description: |
The ID of the user who owns the credential. The ID of the user who owns the credential.
@ -1769,6 +1773,14 @@ user_id_5:
in: body in: body
required: false required: false
type: string type: string
user_name:
description: |
The user name. Required if you do not specify
the ID of the user. If you specify the user name, you must also
specify the domain, by ID or name.
in: body
required: false
type: string
user_name_create_request_body: user_name_create_request_body:
description: | description: |
The user name. Must be unique within the owning domain. The user name. Must be unique within the owning domain.