cfme.utils.auth package¶
Module contents¶
-
class
cfme.utils.auth.ActiveDirectoryAuthProvider(key, host1, bind_password, host2=None, host3=None, ports=None, user_types=None, domain_prefix=None, base_dn=None, bind_dn=None, get_groups=False, get_roles=False, follow_referrals=False, domain_name=None, cert_filename=None, cert_filepath=None, ipaddress=None, ldap_conf=None, sssd_conf=None)[source]¶ Bases:
cfme.utils.auth.MIQAuthProvideropenldap auth provider, WITH SSL
-
auth_type= 'ad'¶
-
view_class¶ alias of
LdapAuthenticationView
-
-
class
cfme.utils.auth.AmazonAuthProvider(key, username, password, get_groups=False)[source]¶ Bases:
cfme.utils.auth.BaseAuthProviderAWS IAM auth provider
-
auth_type= 'amazon'¶
-
get_groups= Attribute(name='get_groups', default=False, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
password= Attribute(name='password', default=NOTHING, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
username= Attribute(name='username', default=NOTHING, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
view_class¶ alias of
AmazonAuthenticationView
-
-
class
cfme.utils.auth.BaseAuthProvider(key)[source]¶ Bases:
objectBase class for authentication provider objects
-
as_fill_external_value()[source]¶ openLDAP and FreeIPA providers can be configured for external auth Same view for all auth provider types
-
as_fill_value(user_type=None, auth_mode=None)[source]¶ Basic implementation matches instance attributes to view form attributes
-
auth_type= None¶
-
data¶
-
classmethod
from_config(prov_config, prov_key)[source]¶ Returns an object using the passed yaml config Sets defaults for yaml configured objects separate from attr.ib definitions
-
key= Attribute(name='key', default=NOTHING, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
user_data¶ Pull users from auth_data if provider key is in items providers list
-
view_class= None¶
-
-
class
cfme.utils.auth.FreeIPAAuthProvider(key, host1, bind_password, host2=None, host3=None, ports=None, user_types=None, domain_prefix=None, base_dn=None, bind_dn=None, get_groups=False, get_roles=False, follow_referrals=False, domain_name=None, cert_filename=None, cert_filepath=None, ipaddress=None, ldap_conf=None, sssd_conf=None, ipaprincipal=None, iparealm=None, ipadomain=None)[source]¶ Bases:
cfme.utils.auth.MIQAuthProviderfreeipa can be used with ldap auth config or external
For ldap config:
- 3 hosts can be configured
- bind_dn is used for admin user validation
- ipa realm and ipadomain are not part of config
- user_type will use the cfme.utils.auth.USER_TYPES dict
For external config:
- 1 host is configured as –ipaserver
- realm and domain are optional params
- all user type, suffix, base/bind_dn, get_groups/roles/referrals args are not used
-
as_external_value()[source]¶ return a dictionary that can be used with appliance_console_cli.configure_ipa
-
auth_type= 'freeipa'¶
-
ipadomain= Attribute(name='ipadomain', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
ipaprincipal= Attribute(name='ipaprincipal', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
iparealm= Attribute(name='iparealm', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
view_class¶ alias of
LdapAuthenticationView
-
class
cfme.utils.auth.MIQAuthProvider(key, host1, bind_password, host2=None, host3=None, ports=None, user_types=None, domain_prefix=None, base_dn=None, bind_dn=None, get_groups=False, get_roles=False, follow_referrals=False, domain_name=None, cert_filename=None, cert_filepath=None, ipaddress=None, ldap_conf=None, sssd_conf=None)[source]¶ Bases:
cfme.utils.auth.BaseAuthProviderbase class for miq auth providers (ldap/ldaps modes in UI) Intended to be used for freeipa, AD, openldap and openldaps type providers
-
as_fill_value(user_type='upn', auth_mode='ldap')[source]¶ miqldap config can have multiple settings per-provider based on user_type and auth_mode
Parameters: - user_type – key for USER_TYPES, used to lookup user_suffix
- auth_mode – key for AUTH_MODES, used to lookup port
-
base_dn= Attribute(name='base_dn', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
bind_dn= Attribute(name='bind_dn', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
bind_password= Attribute(name='bind_password', default=NOTHING, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
cert_filename= Attribute(name='cert_filename', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
cert_filepath= Attribute(name='cert_filepath', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
domain_name= Attribute(name='domain_name', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
domain_prefix= Attribute(name='domain_prefix', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
follow_referrals= Attribute(name='follow_referrals', default=False, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
get_groups= Attribute(name='get_groups', default=False, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
get_roles= Attribute(name='get_roles', default=False, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
host1= Attribute(name='host1', default=NOTHING, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
host2= Attribute(name='host2', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
host3= Attribute(name='host3', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
ipaddress= Attribute(name='ipaddress', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
ldap_conf= Attribute(name='ldap_conf', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
ports= Attribute(name='ports', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
sssd_conf= Attribute(name='sssd_conf', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
user_types= Attribute(name='user_types', default=None, validator=None, repr=True, cmp=True, hash=None, init=True, convert=None, metadata=mappingproxy({}))¶
-
-
class
cfme.utils.auth.OpenLDAPAuthProvider(key, host1, bind_password, host2=None, host3=None, ports=None, user_types=None, domain_prefix=None, base_dn=None, bind_dn=None, get_groups=False, get_roles=False, follow_referrals=False, domain_name=None, cert_filename=None, cert_filepath=None, ipaddress=None, ldap_conf=None, sssd_conf=None)[source]¶ Bases:
cfme.utils.auth.MIQAuthProvideropenldap auth provider, NO SSL No attributes beyond MIQAuthProvider
-
auth_type= 'openldap'¶
-
view_class¶ alias of
LdapAuthenticationView
-
-
class
cfme.utils.auth.OpenLDAPSAuthProvider(key, host1, bind_password, host2=None, host3=None, ports=None, user_types=None, domain_prefix=None, base_dn=None, bind_dn=None, get_groups=False, get_roles=False, follow_referrals=False, domain_name=None, cert_filename=None, cert_filepath=None, ipaddress=None, ldap_conf=None, sssd_conf=None)[source]¶ Bases:
cfme.utils.auth.MIQAuthProvideropenldap auth provider, WITH SSL
-
auth_type= 'openldaps'¶
-
view_class¶ alias of
LdapsAuthenticationView
-
-
cfme.utils.auth.auth_class_from_type(auth_prov_type)[source]¶ Using the registered auth provider classes, fetch a class by its type key
Parameters: auth_prov_type – string key matching a registered type in entry_points Raises: UnknownProviderType when the given type isn’t registered in entry_points
-
cfme.utils.auth.auth_provider_types()[source]¶ Fetch the registered classes from entry_points manageiq.auth_provider_categories
-
cfme.utils.auth.get_auth_crud(auth_prov_key)[source]¶ Get a BaseAuthProvider derived class with the auth_data.yaml configuration for the key
Parameters: auth_prov_key – string key matching one in conf/auth_data.yaml ‘auth_providers’ dict Raises: ValueError if the yaml type for given key doesn’t match auth_type on fetched class