diff --git a/doc/source/conf.py b/doc/source/conf.py index b1b2e6a3..6fcb1bcb 100644 --- a/doc/source/conf.py +++ b/doc/source/conf.py @@ -103,7 +103,7 @@ add_module_names = True pygments_style = 'sphinx' # A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] +modindex_common_prefix = ['keystoneauth1.'] # Grouping the document tree for man pages. # List of tuples 'sourcefile', 'target', 'title', 'Authors name', 'manual' diff --git a/doc/source/using-sessions.rst b/doc/source/using-sessions.rst index 301f2a56..b0bf5f08 100644 --- a/doc/source/using-sessions.rst +++ b/doc/source/using-sessions.rst @@ -165,11 +165,11 @@ While authentication plugins will endeavour to maintain a consistent set of arguments for an ``endpoint_filter`` the concept of an authentication plugin is purposefully generic and a specific mechanism may not know how to interpret certain arguments and ignore them. For example the -:py:class:`keystoneauth1.auth.token_endpoint.Token` plugin (which is used when -you want to always use a specific endpoint and token combination) will always -return the same endpoint regardless of the parameters to ``endpoint_filter`` or -a custom OpenStack authentication mechanism may not have the concept of -multiple ``interface`` options and choose to ignore that parameter. +:class:`keystoneauth1.token_endpoint.Token` plugin (which is used when you want +to always use a specific endpoint and token combination) will always return the +same endpoint regardless of the parameters to ``endpoint_filter`` or a custom +OpenStack authentication mechanism may not have the concept of multiple +``interface`` options and choose to ignore that parameter. There is some expectation on the user that they understand the limitations of the authentication system they are using. diff --git a/keystoneauth1/adapter.py b/keystoneauth1/adapter.py index fa170c4a..69f7e0aa 100644 --- a/keystoneauth1/adapter.py +++ b/keystoneauth1/adapter.py @@ -25,7 +25,7 @@ class Adapter(object): of client local data around the global session object. :param session: The session object to wrap. - :type session: keystonauth.session.Session + :type session: keystoneauth1.session.Session :param str service_type: The default service_type for URL discovery. :param str service_name: The default service_name for URL discovery. :param str interface: The default interface for URL discovery. @@ -34,7 +34,7 @@ class Adapter(object): for this client. :param tuple version: The version that this API targets. :param auth: An auth plugin to use instead of the session one. - :type auth: keystonauth.auth.base.BaseAuthPlugin + :type auth: keystoneauth1.plugin.BaseAuthPlugin :param str user_agent: The User-Agent string to set. :param int connect_retries: the maximum number of retries that should be attempted for connection errors. @@ -102,13 +102,13 @@ class Adapter(object): :param auth: The auth plugin to use for token. Overrides the plugin on the session. (optional) - :type auth: :class:`keystonauth.auth.base.BaseAuthPlugin` + :type auth: keystoneauth1.plugin.BaseAuthPlugin - :raises keystonauth.exceptions.AuthorizationFailure: if a new token - fetch fails. + :raises keystoneauth1.exceptions.auth.AuthorizationFailure: if a new + token fetch fails. :returns: A valid token. - :rtype: string + :rtype: :class:`str` """ return self.session.get_token(auth or self.auth) @@ -117,13 +117,13 @@ class Adapter(object): :param auth: The auth plugin to use for token. Overrides the plugin on the session. (optional) - :type auth: :class:`keystonauth.auth.base.BaseAuthPlugin` + :type auth: keystoneauth1.plugin.BaseAuthPlugin - :raises keystonauth.exceptions.MissingAuthPlugin: if a plugin is not - available. + :raises keystoneauth1.exceptions.auth_plugins.MissingAuthPlugin: if a + plugin is not available. :returns: An endpoint if available or None. - :rtype: string + :rtype: :class:`str` """ if self.endpoint_override: return self.endpoint_override @@ -140,15 +140,15 @@ class Adapter(object): :param auth: The auth plugin to use for token. Overrides the plugin on the session. (optional) - :type auth: keystonauth.auth.base.BaseAuthPlugin + :type auth: keystoneauth1.plugin.BaseAuthPlugin - :raises keystonauth.exceptions.AuthorizationFailure: + :raises keystoneauth1.exceptions.auth.AuthorizationFailure: if a new token fetch fails. - :raises keystonauth.exceptions.MissingAuthPlugin: + :raises keystoneauth1.exceptions.auth_plugins.MissingAuthPlugin: if a plugin is not available. :returns: Current `user_id` or None if not supported by plugin. - :rtype: string + :rtype: :class:`str` """ return self.session.get_user_id(auth or self.auth) @@ -157,15 +157,15 @@ class Adapter(object): :param auth: The auth plugin to use for token. Overrides the plugin on the session. (optional) - :type auth: keystonauth.auth.base.BaseAuthPlugin + :type auth: keystoneauth1.plugin.BaseAuthPlugin - :raises keystonauth.exceptions.AuthorizationFailure: + :raises keystoneauth1.exceptions.auth.AuthorizationFailure: if a new token fetch fails. - :raises keystonauth.exceptions.MissingAuthPlugin: + :raises keystoneauth1.exceptions.auth_plugins.MissingAuthPlugin: if a plugin is not available. :returns: Current `project_id` or None if not supported by plugin. - :rtype: string + :rtype: :class:`str` """ return self.session.get_project_id(auth or self.auth) diff --git a/keystoneauth1/identity/v3/k2k.py b/keystoneauth1/identity/v3/k2k.py index 64e4da07..5e34f78f 100644 --- a/keystoneauth1/identity/v3/k2k.py +++ b/keystoneauth1/identity/v3/k2k.py @@ -30,17 +30,17 @@ class Keystone2Keystone(federation._Rescoped): :param base_plugin: Auth plugin already authenticated against the keystone IdP. - :type base_plugin: ``keystoneauth1.v3.base.BaseAuth`` + :type base_plugin: keystoneauth1.identity.v3.base.BaseAuth :param service_provider: The Service Provider ID as returned by ServiceProviderManager.list() - :type service_provider: string + :type service_provider: str """ - # Path where the ECP wrapped SAML assertion should be presented to - # the Keystone Service Provider. REQUEST_ECP_URL = '/auth/OS-FEDERATION/saml2/ecp' + """Path where the ECP wrapped SAML assertion should be presented to the + Keystone Service Provider.""" def __init__(self, base_plugin, service_provider, **kwargs): super(Keystone2Keystone, self).__init__(auth_url=None, **kwargs) @@ -63,11 +63,11 @@ class Keystone2Keystone(federation._Rescoped): function will simply return whole string. :param auth_url: auth_url of the remote cloud - :type auth_url: string + :type auth_url: str :returns: auth_url of remote cloud where a token can be validated or scoped. - :rtype: string + :rtype: str """ PATTERN = '/OS-FEDERATION/' @@ -131,13 +131,13 @@ class Keystone2Keystone(federation._Rescoped): :param sp_url: URL where the ECP wrapped SAML assertion will be presented to the keystone SP. Usually, something like: https://sp.com/Shibboleth.sso/SAML2/ECP - :type sp_url: string + :type sp_url: str :param sp_auth_url: Federated authentication URL of the keystone SP. It is specified by IdP, for example: https://sp.com/v3/OS-FEDERATION/identity_providers/ idp_id/protocols/protocol_id/auth - :type sp_auth_url: string + :type sp_auth_url: str """ diff --git a/keystoneauth1/plugin.py b/keystoneauth1/plugin.py index 977223f6..cad12708 100644 --- a/keystoneauth1/plugin.py +++ b/keystoneauth1/plugin.py @@ -43,7 +43,7 @@ class BaseAuthPlugin(object): the `get_headers` method instead. :param session: A session object so the plugin can make HTTP calls. - :type session: keystonauth.session.Session + :type session: keystoneauth1.session.Session :return: A token to use. :rtype: string @@ -74,7 +74,7 @@ class BaseAuthPlugin(object): achieved by returning an empty dictionary. :param session: The session object that the auth_plugin belongs to. - :type session: keystonauth.session.Session + :type session: keystoneauth1.session.Session :returns: Headers that are set to authenticate a message or None for failure. Note that when checking this value that the empty @@ -102,7 +102,7 @@ class BaseAuthPlugin(object): - ``region_name``: the region the endpoint exists in. :param session: The session object that the auth_plugin belongs to. - :type session: keystonauth.session.Session + :type session: keystoneauth1.session.Session :returns: The base URL that will be used to talk to the required service or None if not available. @@ -147,7 +147,7 @@ class BaseAuthPlugin(object): currently authenticated user id. :param session: A session object so the plugin can make HTTP calls. - :type session: keystonauth.session.Session + :type session: keystoneauth1.session.Session :returns: A user identifier or None if one is not available. :rtype: str @@ -162,7 +162,7 @@ class BaseAuthPlugin(object): the currently authenticated project id. :param session: A session object so the plugin can make HTTP calls. - :type session: keystonauth.session.Session + :type session: keystoneauth1.session.Session :returns: A project identifier or None if one is not available. :rtype: str @@ -224,15 +224,15 @@ class BaseAuthPlugin(object): This should not fetch any new data if it is not present. - :raises: keystoneclient.exceptions.NotImplementedError: - if the plugin does not support this feature. + :raises NotImplementedError: if the plugin does not support this + feature. :returns: raw python data (which can be JSON serialized) that can be moved into another plugin (of the same type) to have the same authenticated state. :rtype: object or None if unauthenticated. """ - return NotImplementedError() + raise NotImplementedError() def set_auth_state(self, data): """Install existing authentication state for a plugin. @@ -240,7 +240,7 @@ class BaseAuthPlugin(object): Take the output of get_auth_state and install that authentication state into the current authentication plugin. - :raises: keystoneclient.exceptions.NotImplementedError: - if the plugin does not support this feature. + :raises NotImplementedError: if the plugin does not support this + feature. """ - return NotImplementedError() + raise NotImplementedError()