Skip to main content

Platform9 SAML Authentication Library for OpenStack Identity

Project description

pf9-saml-auth

pf9-saml-auth is a set of OpenStack Keystone authentication plugins for enabling federated authentication against non-ECP compliant SAML identity providers.

Supported providers

Installation

pip install pf9-saml-auth

Example CLI Usage

OpenStack RC

export OS_AUTH_URL="https://<hostname>/keystone/v3"
export OS_REGION_NAME="<region>"
export OS_USERNAME="<IdP username>"
export OS_PASSWORD="<IdP password>"
export OS_TENANT_NAME="<tenant>"
export OS_PROJECT_DOMAIN_ID=${OS_PROJECT_DOMAIN_ID:-"default"}
export OS_IDENTITY_API_VERSION=3
export OS_IDENTITY_PROVIDER=${OS_IDENTITY_PROVIDER:-"IDP1"}
export OS_PROTOCOL=saml2
export OS_AUTH_TYPE=v3pf9samlokta

Then execute the openstack CLI utility in interactive mode.

$ openstack
(openstack)
server list

Example Python program

import pf9_saml_auth
from keystoneauth1 import session
from novaclient import client as nova_client


def main():
    auth = pf9_saml_auth.V3Pf9SamlOkta(
        auth_url='https://<hostname>/keystone/v3',
        username='<IdP username>',
        password='<IdP password>',
        protocol='saml2',
        identity_provider='IDP1',
        project_name='<tenant>',
        project_domain_name='default',
    )

    # Create Keystone authentication session
    sess = session.Session(auth=auth)

    # Create OpenStack service clients
    nova = nova_client.Client(2, session=sess)


if __name__ == '__main__':
    main()

Project details


Release history Release notifications

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
pf9_saml_auth-0.0.2-py2-none-any.whl (13.7 kB) Copy SHA256 hash SHA256 Wheel py2 Jan 27, 2018
pf9-saml-auth-0.0.2.tar.gz (11.6 kB) Copy SHA256 hash SHA256 Source None Jan 27, 2018

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page