Documentation ¶
Overview ¶
Package tokens provides information and interaction with the token API resource for the OpenStack Identity service.
For more information, see: http://developer.openstack.org/api-ref-identity-v3.html#tokens-v3
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrAPIKeyProvided indicates that an APIKey was provided but can't be used. ErrAPIKeyProvided = unacceptedAttributeErr("APIKey") // ErrTenantIDProvided indicates that a TenantID was provided but can't be used. ErrTenantIDProvided = unacceptedAttributeErr("TenantID") // ErrTenantNameProvided indicates that a TenantName was provided but can't be used. ErrTenantNameProvided = unacceptedAttributeErr("TenantName") // ErrUsernameWithToken indicates that a Username was provided, but token authentication is being used instead. ErrUsernameWithToken = redundantWithTokenErr("Username") // ErrUserIDWithToken indicates that a UserID was provided, but token authentication is being used instead. ErrUserIDWithToken = redundantWithTokenErr("UserID") // ErrDomainIDWithToken indicates that a DomainID was provided, but token authentication is being used instead. ErrDomainIDWithToken = redundantWithTokenErr("DomainID") // ErrDomainNameWithToken indicates that a DomainName was provided, but token authentication is being used instead.s ErrDomainNameWithToken = redundantWithTokenErr("DomainName") // ErrUsernameOrUserID indicates that neither username nor userID are specified, or both are at once. ErrUsernameOrUserID = errors.New("Exactly one of Username and UserID must be provided for password authentication") // ErrDomainIDWithUserID indicates that a DomainID was provided, but unnecessary because a UserID is being used. ErrDomainIDWithUserID = redundantWithUserID("DomainID") // ErrDomainNameWithUserID indicates that a DomainName was provided, but unnecessary because a UserID is being used. ErrDomainNameWithUserID = redundantWithUserID("DomainName") // ErrDomainIDOrDomainName indicates that a username was provided, but no domain to scope it. // It may also indicate that both a DomainID and a DomainName were provided at once. ErrDomainIDOrDomainName = errors.New("You must provide exactly one of DomainID or DomainName to authenticate by Username") // ErrMissingPassword indicates that no password was provided and no token is available. ErrMissingPassword = errors.New("You must provide a password to authenticate") // ErrScopeDomainIDOrDomainName indicates that a domain ID or Name was required in a Scope, but not present. ErrScopeDomainIDOrDomainName = errors.New("You must provide exactly one of DomainID or DomainName in a Scope with ProjectName") // ErrScopeProjectIDOrProjectName indicates that both a ProjectID and a ProjectName were provided in a Scope. ErrScopeProjectIDOrProjectName = errors.New("You must provide at most one of ProjectID or ProjectName in a Scope") // ErrScopeProjectIDAlone indicates that a ProjectID was provided with other constraints in a Scope. ErrScopeProjectIDAlone = errors.New("ProjectID must be supplied alone in a Scope") // ErrScopeDomainName indicates that a DomainName was provided alone in a Scope. ErrScopeDomainName = errors.New("DomainName must be supplied with a ProjectName or ProjectID in a Scope.") // ErrScopeEmpty indicates that no credentials were provided in a Scope. ErrScopeEmpty = errors.New("You must provide either a Project or Domain in a Scope") )
Functions ¶
func Validate ¶
func Validate(c *gophercloud.ServiceClient, token string) (bool, error)
Validate determines if a specified token is valid or not.
Types ¶
type CatalogEntry ¶ added in v0.3.0
type CatalogEntry struct { // Service ID ID string `mapstructure:"id"` // Name will contain the provider-specified name for the service. Name string `mapstructure:"name"` // Type will contain a type string if OpenStack defines a type for the service. // Otherwise, for provider-specific services, the provider may assign their own type strings. Type string `mapstructure:"type"` // Endpoints will let the caller iterate over all the different endpoints that may exist for // the service. Endpoints []Endpoint `mapstructure:"endpoints"` }
CatalogEntry provides a type-safe interface to an Identity API V3 service catalog listing. Each class of service, such as cloud DNS or block storage services, could have multiple CatalogEntry representing it (one by interface type, e.g public, admin or internal).
Note: when looking for the desired service, try, whenever possible, to key off the type field. Otherwise, you'll tie the representation of the service to a specific provider.
type CreateResult ¶
type CreateResult struct {
// contains filtered or unexported fields
}
CreateResult defers the interpretation of a created token. Use ExtractToken() to interpret it as a Token, or ExtractServiceCatalog() to interpret it as a service catalog.
func Create ¶
func Create(c *gophercloud.ServiceClient, options gophercloud.AuthOptions, scope *Scope) CreateResult
Create authenticates and either generates a new token, or changes the Scope of an existing token.
func (CreateResult) Extract ¶
Extract is a shortcut for ExtractToken. This function is deprecated and still present for backward compatibility.
func (CreateResult) ExtractServiceCatalog ¶ added in v0.3.0
func (result CreateResult) ExtractServiceCatalog() (*ServiceCatalog, error)
ExtractServiceCatalog returns the ServiceCatalog that was generated along with the user's Token.
func (CreateResult) ExtractToken ¶ added in v0.3.0
ExtractToken interprets a commonResult as a Token.
type Endpoint ¶ added in v0.3.0
type Endpoint struct { ID string `mapstructure:"id"` Region string `mapstructure:"region"` Interface string `mapstructure:"interface"` URL string `mapstructure:"url"` }
Endpoint represents a single API endpoint offered by a service. It matches either a public, internal or admin URL. If supported, it contains a region specifier, again if provided. The significance of the Region field will depend upon your provider.
type GetResult ¶
type GetResult struct {
// contains filtered or unexported fields
}
GetResult is the deferred response from a Get call.
func Get ¶
func Get(c *gophercloud.ServiceClient, token string) GetResult
Get validates and retrieves information about another token.
func (GetResult) Extract ¶
Extract is a shortcut for ExtractToken. This function is deprecated and still present for backward compatibility.
func (GetResult) ExtractToken ¶ added in v0.3.0
ExtractToken interprets a commonResult as a Token.
type RevokeResult ¶
type RevokeResult struct {
// contains filtered or unexported fields
}
RevokeResult is the deferred response from a Revoke call.
func Revoke ¶
func Revoke(c *gophercloud.ServiceClient, token string) RevokeResult
Revoke immediately makes specified token invalid.
func (RevokeResult) Extract ¶
Extract is a shortcut for ExtractToken. This function is deprecated and still present for backward compatibility.
func (RevokeResult) ExtractToken ¶ added in v0.3.0
ExtractToken interprets a commonResult as a Token.
type ServiceCatalog ¶ added in v0.3.0
type ServiceCatalog struct {
Entries []CatalogEntry
}
ServiceCatalog provides a view into the service catalog from a previous, successful authentication.
type Token ¶
type Token struct { // ID is the issued token. ID string // ExpiresAt is the timestamp at which this token will no longer be accepted. ExpiresAt time.Time }
Token is a string that grants a user access to a controlled set of services in an OpenStack provider. Each Token is valid for a set length of time.