[Openstack] [Keystone] API Question
Adam Young
ayoung at redhat.com
Wed Jul 18 02:04:19 UTC 2012
On 07/17/2012 06:06 PM, Matt Joyce wrote:
> Anyone by any chance know how to read out the auth_token or raw_token
> that is acquired in keystoneclient when it performs a client.Client()
> Authenticate?
The token is just a UUID, randomly generated.
In the PKI proposal, it is a base64 encoding of a Signed document in CMS
format.
>
> I'd love to be able to read that. And it's totally not documented
> anywhere if it exists.
>
> -Matt
>
> On Tue, Jul 17, 2012 at 2:19 PM, Matt Joyce
> <matt.joyce at cloudscaling.com <mailto:matt.joyce at cloudscaling.com>> wrote:
>
> Works for me. =D
>
>
> On Tue, Jul 17, 2012 at 1:51 PM, Dolph Mathews
> <dolph.mathews at gmail.com <mailto:dolph.mathews at gmail.com>> wrote:
>
> Adam speaks lies ;)
>
> Here's a regular user requesting a list of tenants on port
> 5000 (notice they only get back 1 tenant):
>
> GET http://localhost:5000/v2.0/tenants
> ======================================
>
> X-Auth-Token: a6094f62e38c4fafa57e6edf7bd04961
>
>
> 200 OK
> ======
>
> Status: 200
> Content-Length: 133
> Content-Location: http://localhost:5000/v2.0/tenants
> Vary: X-Auth-Token
> Date: Tue, 17 Jul 2012 20:49:16 GMT
> Content-Type: application/json
>
> {
> "tenants": [
> {
> "enabled": true,
> "description": null,
> "name": "my-project",
> "id": "2cf2efb1da5c4d5b8c97d8055ff3b5d8"
> }
> ],
> "tenants_links": []
> }
>
>
> Here's an admin API call for all tenants in the system (notice
> there is an additional tenant the above user did not have
> access to):
>
> GET http://localhost:35357/v2.0/tenants
> =======================================
>
> X-Auth-Token: ADMIN
>
>
> 200 OK
> ======
>
> Status: 200
> Content-Length: 236
> Content-Location: http://localhost:35357/v2.0/tenants
> Vary: X-Auth-Token
> Date: Tue, 17 Jul 2012 20:49:22 GMT
> Content-Type: application/json
>
> {
> "tenants": [
> {
> "enabled": true,
> "description": null,
> "name": "my-project",
> "id": "2cf2efb1da5c4d5b8c97d8055ff3b5d8"
> },
> {
> "enabled": true,
> "description": null,
> "name": "project-x",
> "id": "1213c2511f364264b1dfea9a56a225e0"
> }
> ],
> "tenants_links": []
> }
>
>
> -Dolph
>
> On Tue, Jul 17, 2012 at 2:55 PM, Matt Joyce
> <matt.joyce at cloudscaling.com
> <mailto:matt.joyce at cloudscaling.com>> wrote:
>
> On Tue, Jul 17, 2012 at 12:55 PM, Adam Young
> <ayoung at redhat.com <mailto:ayoung at redhat.com>> wrote:
>
> On 07/17/2012 03:47 PM, Matt Joyce wrote:
>
> As a non admin user. Querying the keystone v2 API
> is there a way for me to get a list of the tenants
> that I am a member of? Or is that only a v3 thing?
>
> -Matt
>
>
> I was just looking into it, and there is no such API
> yet. The underlying Identity provider call is
> get_tenants_for_user and there does not seem to be a
> route set up that calls that.
>
>
>
> 8( <--- sad panda face.
>
> That would have been a very useful call for me right now.
> I hope we have something by folsom ( albeit
> s/tenant/project/ig )
>
> -Matt
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> <https://launchpad.net/%7Eopenstack>
> Post to : openstack at lists.launchpad.net
> <mailto:openstack at lists.launchpad.net>
> Unsubscribe : https://launchpad.net/~openstack
> <https://launchpad.net/%7Eopenstack>
> More help : https://help.launchpad.net/ListHelp
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120717/451fafdb/attachment.html>
More information about the Openstack
mailing list