Skip to main content

Platform9 SAML Authentication Library for OpenStack Identity

Project description

pf9-saml-auth

pf9-saml-auth is a set of OpenStack Keystone authentication plugins for enabling federated authentication against non-ECP compliant SAML identity providers.

Supported providers

Installation

pip install pf9-saml-auth

Example CLI Usage

OpenStack RC

export OS_AUTH_URL="https://<hostname>/keystone/v3"
export OS_REGION_NAME="<region>"
export OS_USERNAME="<IdP username>"
export OS_PASSWORD="<IdP password>"
export OS_TENANT_NAME="<tenant>"
export OS_PROJECT_DOMAIN_ID=${OS_PROJECT_DOMAIN_ID:-"default"}
export OS_IDENTITY_API_VERSION=3
export OS_IDENTITY_PROVIDER=${OS_IDENTITY_PROVIDER:-"IDP1"}
export OS_PROTOCOL=saml2
export OS_AUTH_TYPE=v3pf9samlokta

Then execute the openstack CLI utility in interactive mode.

$ openstack
(openstack)
server list

Example Python program

import pf9_saml_auth
from keystoneauth1 import session
from novaclient import client as nova_client


def main():
    auth = pf9_saml_auth.V3Pf9SamlOkta(
        auth_url='https://<hostname>/keystone/v3',
        username='<IdP username>',
        password='<IdP password>',
        protocol='saml2',
        identity_provider='IDP1',
        project_name='<tenant>',
        project_domain_name='default',
    )

    # Create Keystone authentication session
    sess = session.Session(auth=auth)

    # Create OpenStack service clients
    nova = nova_client.Client(2, session=sess)


if __name__ == '__main__':
    main()

Project details


Release history Release notifications

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for pf9-saml-auth, version 0.0.2
Filename, size File type Python version Upload date Hashes
Filename, size pf9_saml_auth-0.0.2-py2-none-any.whl (13.7 kB) File type Wheel Python version py2 Upload date Hashes View
Filename, size pf9-saml-auth-0.0.2.tar.gz (11.6 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page