openstack-attic/identity-api
Code Issues Proposed changes

Updates to Identity Service API Ref to add back client calls and extensions

Browse Source 
bug: #1015119

Change-Id: I9f7ed84a6cba11543f6ccb00aef16d11635a748f
author: diane fleming
This commit is contained in:
Diane Fleming 2013-05-23 00:46:22 -05:00
parent 194acd2ec2
commit 5d13780192
216 changed files with 4485 additions and 5157 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openstack-identity-api/.gitignore vendored
View File

@ -1,4 +1,4 @@
*.DS_Store
.DS_Store
.DS_Store?
target/
*.bak

512
openstack-identity-api/pom.xml
View File

@ -1,395 +1,117 @@
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/maven-4.0.0.xsd">
<!-- POM Build file for the Keystone Developer Guide -->
<modelVersion>4.0.0</modelVersion>
<groupId>org.openstack.identity</groupId>
<artifactId>docs</artifactId>
<version>1.0.0</version>
<packaging>jar</packaging>
<name>OpenStack Specifications</name>
<build>
<plugins>
<plugin>
<groupId>com.rackspace.cloud.api</groupId>
<artifactId>clouddocs-maven-plugin</artifactId>
<version>1.8.0</version>
<executions>
<execution>
<id>identity-dev-guide</id>
<goals>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<disqusShortname>os-identitydevguide</disqusShortname>
<enableGoogleAnalytics>1</enableGoogleAnalytics>
<googleAnalyticsId>UA-17511903-6</googleAnalyticsId>
<sourceDirectory>src/docbkx/common</sourceDirectory>
<includes>identity-dev-guide.xml</includes>
<tocSectionDepth>1</tocSectionDepth>
<targetDirectory>target/docbkx/webhelp/api/openstack-identity-service</targetDirectory>
<webhelpDirname>2.0</webhelpDirname>
<pdfFilenameBase>identity-dev-guide-2.0</pdfFilenameBase>
<preProcess>
<mkdir
dir="${basedir}/target/docbkx/webhelp/api/openstack-identity-service/2.0/"/>
<!-- Copies schema to a folder and styling for the schemas so a browser can display them -->
<copy
todir="${basedir}/target/docbkx/webhelp/api/openstack-identity-service/2.0/xsd">
<fileset
dir="${basedir}/src/docbkx/common">
<include name="**/*.*"/>
<exclude name="*.xml"/>
</fileset>
</copy>
</preProcess>
</configuration>
</execution>
<execution>
<id>OS-KSS3</id>
<goals>
<goal>generate-pdf</goal>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<includes>src/docbkx/extensions/OS-KSS3/OS-KSS3-admin-devguide.xml</includes>
<trimWadlUriCount>1</trimWadlUriCount>
<pdfUrl>OS-KSS3-admin-devguide.pdf</pdfUrl>
<canonicalUrlBase>http://docs.rackspacecloud.com/openstack-extensions/auth/OS-KSS3/content</canonicalUrlBase>
<chunkSectionDepth>0</chunkSectionDepth>
<postProcess>
<mkdir
dir="${basedir}/target/docbkx/pdf/extensions/OS-KSS3/"/>
<copy
todir="target/docbkx/webhelp/extensions/OS-KSS3/OS-KSS3-admin-devguide/content/">
<fileset
dir="target/docbkx/pdf/extensions/OS-KSS3">
<include name="**/OS-KSS3-admin-devguide.pdf"/>
</fileset>
</copy>
</postProcess>
</configuration>
</execution>
<execution>
<id>OS-KSADM</id>
<goals>
<goal>generate-pdf</goal>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<includes>src/docbkx/extensions/OS-KSADM/OS-KSADM-admin-devguide.xml</includes>
<trimWadlUriCount>1</trimWadlUriCount>
<pdfUrl>OS-KSADM-admin-devguide.pdf</pdfUrl>
<canonicalUrlBase>http://docs.rackspacecloud.com/openstack-extensions/auth/OS-KSADM/content</canonicalUrlBase>
<chunkSectionDepth>0</chunkSectionDepth>
<postProcess>
<mkdir
dir="${basedir}/target/docbkx/pdf/extensions/OS-KSADM/"/>
<copy
todir="target/docbkx/webhelp/extensions/OS-KSADM/OS-KSADM-admin-devguide/content/">
<fileset
dir="target/docbkx/pdf/extensions/OS-KSADM">
<include name="**/OS-KSADM-admin-devguide.pdf"/>
</fileset>
</copy>
</postProcess>
</configuration>
</execution>
<execution>
<id>OS-KSVALIDATE</id>
<goals>
<goal>generate-pdf</goal>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<includes>src/docbkx/extensions/OS-KSVALIDATE/OS-KSVALIDATE-admin-devguide.xml</includes>
<trimWadlUriCount>1</trimWadlUriCount>
<pdfUrl>OS-KSVALIDATE-admin-devguide.pdf</pdfUrl>
<canonicalUrlBase>http://docs.rackspacecloud.com/openstack-extensions/auth/OS-KSVALIDATE/content</canonicalUrlBase>
<chunkSectionDepth>0</chunkSectionDepth>
<postProcess>
<mkdir
dir="${basedir}/target/docbkx/pdf/extensions/OS-KSVALIDATE/"/>
<copy
todir="target/docbkx/webhelp/extensions/OS-KSVALIDATE/OS-KSVALIDATE-admin-devguide/content/">
<fileset
dir="target/docbkx/pdf/extensions/OS-KSVALIDATE">
<include name="**/OS-KSVALIDATE-admin-devguide.pdf"/>
</fileset>
</copy>
</postProcess>
</configuration>
</execution>
<execution>
<id>OS-KSCATALOG</id>
<goals>
<goal>generate-pdf</goal>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<includes>src/docbkx/extensions/OS-KSCATALOG/OS-KSCATALOG-admin-devguide.xml</includes>
<trimWadlUriCount>1</trimWadlUriCount>
<pdfUrl>OS-KSCATALOG-admin-devguide.pdf</pdfUrl>
<canonicalUrlBase>http://docs.rackspacecloud.com/openstack-extensions/auth/OS-KSCATALOG/content</canonicalUrlBase>
<chunkSectionDepth>0</chunkSectionDepth>
<postProcess>
<mkdir
dir="${basedir}/target/docbkx/pdf/extensions/OS-KSCATALOG/"/>
<copy
todir="target/docbkx/webhelp/extensions/OS-KSCATALOG/OS-KSCATALOG-admin-devguide/content/">
<fileset
dir="target/docbkx/pdf/extensions/OS-KSCATALOG">
<include name="**/OS-KSCATALOG-admin-devguide.pdf"/>
</fileset>
</copy>
</postProcess>
</configuration>
</execution>
<execution>
<id>RAX-KSGRP</id>
<goals>
<goal>generate-pdf</goal>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<includes>src/docbkx/extensions/RAX-KSGRP/RAX-KSGRP-service-devguide.xml</includes>
<trimWadlUriCount>1</trimWadlUriCount>
<pdfUrl>RAX-KSGRP-service-devguide.pdf</pdfUrl>
<canonicalUrlBase>http://docs.rackspacecloud.com/openstack-extensions/auth/RAX-KSGRP/content</canonicalUrlBase>
<chunkSectionDepth>0</chunkSectionDepth>
<postProcess>
<mkdir
dir="${basedir}/target/docbkx/pdf/extensions/RAX-KSGRP/"/>
<copy
todir="target/docbkx/webhelp/extensions/RAX-KSGRP/RAX-KSGRP-service-devguide/content/">
<fileset
dir="target/docbkx/pdf/extensions/RAX-KSGRP">
<include name="**/RAX-KSGRP-service-devguide.pdf"/>
</fileset>
</copy>
</postProcess>
</configuration>
</execution>
<execution>
<id>HP-IDM</id>
<goals>
<goal>generate-pdf</goal>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<includes>src/docbkx/extensions/HP-IDM/HP-IDM.xml</includes>
<trimWadlUriCount>1</trimWadlUriCount>
<pdfUrl>hp-idm.pdf</pdfUrl>
<canonicalUrlBase>http://docs.rackspacecloud.com/openstack-extensions/auth/hp-idm/content</canonicalUrlBase>
<chunkSectionDepth>0</chunkSectionDepth>
<postProcess>
<mkdir
dir="${basedir}/target/docbkx/pdf/extensions/HP-IDM/"/>
<copy
todir="target/docbkx/webhelp/extensions/HP-IDM/HP-IDM/content/">
<fileset
dir="target/docbkx/pdf/extensions/HP-IDM">
<include name="**/*.pdf"/>
</fileset>
</copy>
</postProcess>
</configuration>
</execution>
<execution>
<id>RAX-KSKEY</id>
<goals>
<goal>generate-pdf</goal>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<includes>src/docbkx/extensions/RAX-KSKEY/RAX-KSKEY-service-devguide.xml</includes>
<trimWadlUriCount>1</trimWadlUriCount>
<pdfUrl>RAX-KSKEY-service-devguide.pdf</pdfUrl>
<canonicalUrlBase>http://docs.rackspacecloud.com/openstack-extensions/auth/RAX-KSKEY-service-devguide/content</canonicalUrlBase>
<chunkSectionDepth>0</chunkSectionDepth>
<postProcess>
<mkdir
dir="${basedir}/target/docbkx/pdf/extensions/RAX-KSKEY/"/>
<copy
todir="target/docbkx/webhelp/extensions/RAX-KSKEY/RAX-KSKEY-service-devguide/content/">
<fileset
dir="target/docbkx/pdf/extensions/RAX-KSKEY">
<include name="**/RAX-KSKEY-service-devguide.pdf"/>
</fileset>
</copy>
</postProcess>
</configuration>
</execution>
<execution>
<id>RAX-KSKEY-admin</id>
<goals>
<goal>generate-pdf</goal>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<includes>src/docbkx/extensions/RAX-KSKEY/RAX-KSKEY-admin-devguide.xml</includes>
<trimWadlUriCount>1</trimWadlUriCount>
<pdfUrl>RAX-KSKEY-admin-devguide.pdf</pdfUrl>
<canonicalUrlBase>http://docs.rackspacecloud.com/openstack-extensions/auth/RAX-KSKEY-admin-devguide/content</canonicalUrlBase>
<chunkSectionDepth>0</chunkSectionDepth>
<postProcess>
<copy
todir="target/docbkx/webhelp/extensions/RAX-KSKEY/RAX-KSKEY-admin-devguide/content/">
<fileset
dir="target/docbkx/pdf/extensions/RAX-KSKEY">
<include name="**/RAX-KSKEY-admin-devguide.pdf"/>
</fileset>
</copy>
</postProcess>
</configuration>
</execution>
<execution>
<id>RAX-KSQA-admin</id>
<goals>
<goal>generate-pdf</goal>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<includes>src/docbkx/extensions/RAX-KSQA/RAX-KSQA-admin-devguide.xml</includes>
<trimWadlUriCount>1</trimWadlUriCount>
<pdfUrl>RAX-KSQA-admin-devguide.pdf</pdfUrl>
<canonicalUrlBase>http://docs.rackspacecloud.com/openstack-extensions/auth/RAX-KSQA-admin/content</canonicalUrlBase>
<chunkSectionDepth>0</chunkSectionDepth>
<postProcess>
<mkdir
dir="${basedir}/target/docbkx/pdf/extensions/RAX-KSQA/"/>
<copy
todir="target/docbkx/webhelp/extensions/RAX-KSQA/RAX-KSQA-admin-devguide/content/">
<fileset
dir="target/docbkx/pdf/extensions/RAX-KSQA">
<include name="**/RAX-KSQA-admin-devguide.pdf"/>
</fileset>
</copy>
</postProcess>
</configuration>
</execution>
<execution>
<id>RAX-GRPADM</id>
<goals>
<goal>generate-pdf</goal>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<includes>src/docbkx/extensions/RAX-GRPADM/RAX-GRPADM-devguide.xml</includes>
<trimWadlUriCount>1</trimWadlUriCount>
<pdfUrl>RAX-GRPADM-devguide.pdf</pdfUrl>
<canonicalUrlBase>http://docs.rackspacecloud.com/openstack-extensions/auth/RAX-GRPADM/content</canonicalUrlBase>
<chunkSectionDepth>0</chunkSectionDepth>
<postProcess>
<mkdir
dir="${basedir}/target/docbkx/pdf/extensions/RAX-GRPADM/"/>
<copy
todir="target/docbkx/webhelp/extensions/RAX-GRPADM/RAX-GRPADM-devguide/content/">
<fileset
dir="target/docbkx/pdf/extensions/RAX-GRPADM">
<include name="**/RAX-GRPADM-devguide.pdf"/>
</fileset>
</copy>
</postProcess>
</configuration>
</execution>
<execution>
<id>OS-KSEC2-admin</id>
<goals>
<goal>generate-pdf</goal>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<includes>src/docbkx/extensions/OS-KSEC2/OS-KSEC2-admin-devguide.xml</includes>
<trimWadlUriCount>1</trimWadlUriCount>
<pdfUrl>OS-KSEC2-admin-devguide.pdf</pdfUrl>
<canonicalUrlBase>http://docs.rackspacecloud.com/openstack-extensions/auth/OS-KSEC2-admin-devguide/content</canonicalUrlBase>
<chunkSectionDepth>0</chunkSectionDepth>
<postProcess>
<mkdir
dir="${basedir}/target/docbkx/pdf/extensions/OS-KSEC2/"/>
<copy
todir="target/docbkx/webhelp/extensions/OS-KSEC2/OS-KSEC2-admin-devguide/content/">
<fileset
dir="target/docbkx/pdf/extensions/OS-KSEC2">
<include name="**/OS-KSEC2-admin-devguide.pdf"/>
</fileset>
</copy>
</postProcess>
</configuration>
</execution>
<execution>
<id>OS-KSEC2-service</id>
<goals>
<goal>generate-pdf</goal>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<includes>src/docbkx/extensions/OS-KSEC2/OS-KSEC2-service-devguide.xml</includes>
<trimWadlUriCount>1</trimWadlUriCount>
<pdfUrl>OS-KSEC2-service-devguide.pdf</pdfUrl>
<canonicalUrlBase>http://docs.rackspacecloud.com/openstack-extensions/auth/OS-KSEC2-service-devguide/content</canonicalUrlBase>
<chunkSectionDepth>0</chunkSectionDepth>
<postProcess>
<copy
todir="target/docbkx/webhelp/extensions/OS-KSEC2/OS-KSEC2-service-devguide/content/">
<fileset
dir="target/docbkx/pdf/extensions/OS-KSEC2">
<include name="**/OS-KSEC2-service-devguide.pdf"/>
</fileset>
</copy>
</postProcess>
</configuration>
</execution>
</executions>
<configuration>
<!-- These parameters apply to all executions -->
<xincludeSupported>true</xincludeSupported>
<sourceDirectory>src/docbkx/common/</sourceDirectory>
<includes>identity-dev-guide.xml</includes>
<profileSecurity>reviewer</profileSecurity>
<branding>openstack</branding>
</configuration>
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>Rackspace Research Repositories</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<repositories>
<repository>
<id>rackspace-research</id>
<name>Rackspace Research Repository</name>
<url>http://maven.research.rackspacecloud.com/content/groups/public/</url>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>rackspace-research</id>
<name>Rackspace Research Repository</name>
<url>http://maven.research.rackspacecloud.com/content/groups/public/</url>
</pluginRepository>
</pluginRepositories>
</profile>
</profiles>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
</project>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<!-- POM Build file for the Keystone Developer Guide -->
<modelVersion>4.0.0</modelVersion>
<groupId>org.openstack.identity</groupId>
<artifactId>docs</artifactId>
<version>1.0.0</version>
<packaging>jar</packaging>
<name>OpenStack API Reference</name>
<build>
<plugins>
<plugin>
<groupId>com.rackspace.cloud.api</groupId>
<artifactId>clouddocs-maven-plugin</artifactId>
<version>1.8.0</version>
<executions>
<execution>
<id>generate-pdf</id>
<goals>
<goal>generate-pdf</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<sourceDirectory>src/docbkx/common</sourceDirectory>
<includes>identity-dev-guide.xml</includes>
<highlightSource>false</highlightSource>
</configuration>
</execution>
<execution>
<id>identity-dev-guide</id>
<goals>
<goal>generate-webhelp</goal>
</goals>
<phase>generate-sources</phase>
<configuration>
<disqusShortname>os-identitydevguide</disqusShortname>
<enableGoogleAnalytics>1</enableGoogleAnalytics>
<googleAnalyticsId>UA-17511903-6</googleAnalyticsId>
<sourceDirectory>src/docbkx/common</sourceDirectory>
<includes>identity-dev-guide.xml</includes>
<tocSectionDepth>1</tocSectionDepth>
<targetDirectory>target/docbkx/webhelp/api/openstack-identity-service</targetDirectory>
<webhelpDirname>2.0</webhelpDirname>
<generateToc>
appendix toc,title
article/appendix nop
article toc,title
book toc,title,figure,table,example,equation
chapter toc
section toc
part toc,title
preface toc
qandadiv toc
qandaset toc
reference toc,title
set toc,title
</generateToc>
<pdfFilenameBase>identity-dev-guide-2.0</pdfFilenameBase>
<preProcess>
<mkdir dir="${basedir}/target/docbkx/webhelp/api/openstack-identity-service/2.0/"/>
<!-- Copies schema to a folder and styling for the schemas so a browser can display them -->
<copy
todir="${basedir}/target/docbkx/webhelp/api/openstack-identity-service/2.0/xsd">
<fileset dir="${basedir}/src/docbkx/xsd">
<include name="**/*.*"/>
<exclude name="*.xml"/>
</fileset>
</copy>
<copy
todir="${basedir}/target/docbkx/webhelp/api/openstack-identity-service/2.0/img">
<fileset dir="${basedir}/src/docbkx/img">
<include name="**/*.*"/>
<exclude name="*.xml"/>
</fileset>
</copy>
</preProcess>
</configuration>
</execution>
</executions>
<configuration>
<!-- These parameters apply to all executions -->
<xincludeSupported>true</xincludeSupported>
<sourceDirectory>src/docbkx/common/</sourceDirectory>
<includes>identity-dev-guide.xml</includes>
<profileSecurity>reviewer</profileSecurity>
<branding>openstack</branding>
</configuration>
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>Rackspace Research Repositories</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<repositories>
<repository>
<id>rackspace-research</id>
<name>Rackspace Research Repository</name>
<url>http://maven.research.rackspacecloud.com/content/groups/public/</url>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>rackspace-research</id>
<name>Rackspace Research Repository</name>
<url>http://maven.research.rackspacecloud.com/content/groups/public/</url>
</pluginRepository>
</pluginRepositories>
</profile>
</profiles>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
</project>

14
openstack-identity-api/src/docbkx/extensions/HP-IDM/HP-IDM.xml → openstack-identity-api/src/docbkx/HP-IDM/HP-IDM.xml
View File

@ -67,7 +67,7 @@
Validate token with the optional HP-IDM-serviceId
parameter so that only the roles associated with the
given service IDs are returned. See
https://bugs.launchpad.net/keystone/+bug/890411 for more
<link xlink:href="https://bugs.launchpad.net/keystone/+bug/890411">https://bugs.launchpad.net/keystone/+bug/890411</link> for more
details.
</description>
<atom:link rel="describedby"
@ -110,8 +110,8 @@
overview of how the extensions works and what capabilities it
adds.
-->
<para>
HP-IDM Admin Extension to Keystone V2.0 API adds capability to filter roles
<section xml:id="hp-idm-overview"><title>HP-IDM Admin Extension to Identity Service API v2.0</title><para>
HP-IDM Admin Extension to Identity Service API v2.0 adds capability to filter roles
with optional service IDs for token validation to mitigate security risks
with role name conflicts.
See
@ -126,10 +126,10 @@
-->
<example>
<title>Sample Valid Token Request</title>
<programlisting language="xml"><xi:include href="samples/sample_request.txt" parse="text"/></programlisting>
<programlisting language="http"><xi:include href="samples/sample_request.txt" parse="text"/></programlisting>
</example>
<example>
<title>Sample Valid Token Request With Global Service ID Specified</title>
<title>Sample Valid Token Request with Global Service ID Specified</title>
<programlisting language="xml"><xi:include href="samples/sample_request_with_global_sid.txt" parse="text"/></programlisting>
</example>
<section xml:id="hp-idm-new-headers">
@ -169,7 +169,7 @@
(see pom.xml).
-->
<wadl:resources>
<wadl:resource href="HP-IDM-admin.wadl#tokenById"/>
<wadl:resource href="../wadl/HP-IDM-admin.wadl#tokenById"/>
</wadl:resources>
</section>
</section>
@ -186,6 +186,6 @@
Describe any new states.
-->
<para>None.</para>
</section>
</section></section>
</chapter>
</book>

0
openstack-identity-api/src/docbkx/extensions/HP-IDM/samples/sample_request.txt → openstack-identity-api/src/docbkx/HP-IDM/samples/sample_request.txt
View File

0
openstack-identity-api/src/docbkx/extensions/HP-IDM/samples/sample_request_with_global_sid.txt → openstack-identity-api/src/docbkx/HP-IDM/samples/sample_request_with_global_sid.txt
View File

40
openstack-identity-api/src/docbkx/extensions/OS-KSADM/OS-KSADM-admin-devguide.xml → openstack-identity-api/src/docbkx/OS-KSADM/OS-KSADM-admin-devguide.xml
View File

@ -42,7 +42,7 @@ format="SVG" scale="60"/>
<book xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:svg="http://www.w3.org/2000/svg"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0" status="draft"
xml:id="Keystone-Developer-Guide">
xml:id="Identity-Service-Developer-Guide-OS-KSADM">
<?rax subtitle.font.size="20px"?>
<title>OpenStack Identity OS-KSADM (Admin Operations)</title>
<titleabbrev>OS-KSADM (Admin)</titleabbrev>
@ -78,12 +78,12 @@ format="SVG" scale="60"/>
</othercredit>
<extension xmlns="http://docs.openstack.org/common/api/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
name="Openstack Keystone Admin" namespace="http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0"
name="Openstack Identity Service Admin" namespace="http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0"
alias="OS-KSADM"
updated="2011-08-14T13:25:27-06:00">
<description>
Openstack extensions to Keystone v2.0
API enabling Admin Operations.
Openstack extensions to Identity Service API v2.0
enabling Admin Operations.
</description>
<atom:link rel="describedby" type="application/pdf"
href="https://raw.github.com/openstack/identity-api/master/openstack-identity-api/src/docbkx/extensions/OS-KSADM/OS-KSADM-admin-devguide.pdf"/>
@ -92,7 +92,7 @@ format="SVG" scale="60"/>
</extension>
<abstract>
<para>This document includes details on various operations supported by the OS-KSADM extensions on top of core keystone operations.</para>
<para>This document includes details on various operations supported by the OS-KSADM extensions on top of core OpenStack Identity Service operations.</para>
</abstract>
<revhistory>
<revision>
@ -140,29 +140,29 @@ format="SVG" scale="60"/>
<section xml:id="User_Operations_OS-KSADM">
<title>User Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSADM-admin.wadl#users">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#users">
<wadl:method href="listUsers"/>
<wadl:method href="addUser"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#userById">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#userById">
<wadl:method href="updateUser"/>
<wadl:method href="deleteUser"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#enabled">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#enabled">
<wadl:method href="setUserEnabled"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#userRoles">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#userRoles">
<wadl:method href="listUserRoles"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#userRoleById">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#userRoleById">
<wadl:method href="addUserRole"/>
<wadl:method href="deleteUserRole"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#userCredentials">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#userCredentials">
<wadl:method href="addUserCredential"/>
<wadl:method href="listCredentials"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#userCredentialsByType">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#userCredentialsByType">
<wadl:method href="updateUserCredential"/>
<wadl:method href="deleteUserCredential"/>
<wadl:method href="getUserCredential"/>
@ -173,17 +173,17 @@ format="SVG" scale="60"/>
<section xml:id="Tenant_Operations_OS-KSADM">
<title>Tenant Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSADM-admin.wadl#tenants">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#tenants">
<wadl:method href="addTenant"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#tenantById">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#tenantById">
<wadl:method href="updateTenant"/>
<wadl:method href="deleteTenant"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#usersForTenant">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#usersForTenant">
<wadl:method href="listUsersForTenant"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#userSpecificRoleForTenant">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#userSpecificRoleForTenant">
<wadl:method href="addRolesToUserOnTenant"/>
<wadl:method href="deleteRoleFromUserOnTenant"/>
</wadl:resource>
@ -193,11 +193,11 @@ format="SVG" scale="60"/>
<section xml:id="Role_Operations_OS-KSADM">
<title>Role Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSADM-admin.wadl#roles">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#roles">
<wadl:method href="listRoles"/>
<wadl:method href="addRole"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#roleId">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#roleId">
<wadl:method href="getRole"/>
<wadl:method href="deleteRole"/>
</wadl:resource>
@ -207,11 +207,11 @@ format="SVG" scale="60"/>
<section xml:id="Service_Operations_OS-KSADM">
<title>Service Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSADM-admin.wadl#services">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#services">
<wadl:method href="listServices"/>
<wadl:method href="addService"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#serviceId">
<wadl:resource href="../wadl/OS-KSADM-admin.wadl#serviceId">
<wadl:method href="getService"/>
<wadl:method href="deleteService"/>
</wadl:resource>

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/credentials.json → openstack-identity-api/src/docbkx/OS-KSADM/samples/credentials.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/credentials.xml → openstack-identity-api/src/docbkx/OS-KSADM/samples/credentials.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/passwordcredentials.json → openstack-identity-api/src/docbkx/OS-KSADM/samples/passwordcredentials.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/passwordcredentials.xml → openstack-identity-api/src/docbkx/OS-KSADM/samples/passwordcredentials.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/role.json → openstack-identity-api/src/docbkx/OS-KSADM/samples/role.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/role.xml → openstack-identity-api/src/docbkx/OS-KSADM/samples/role.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/roles.json → openstack-identity-api/src/docbkx/OS-KSADM/samples/roles.json
View File

0
openstack-identity-api/src/docbkx/common/samples/roles.xml → openstack-identity-api/src/docbkx/OS-KSADM/samples/roles.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/service.json → openstack-identity-api/src/docbkx/OS-KSADM/samples/service.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/service.xml → openstack-identity-api/src/docbkx/OS-KSADM/samples/service.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/services.json → openstack-identity-api/src/docbkx/OS-KSADM/samples/services.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/services.xml → openstack-identity-api/src/docbkx/OS-KSADM/samples/services.xml
View File

0
openstack-identity-api/src/docbkx/common/samples/tenant.json → openstack-identity-api/src/docbkx/OS-KSADM/samples/tenant.json
View File

0
openstack-identity-api/src/docbkx/common/samples/tenant.xml → openstack-identity-api/src/docbkx/OS-KSADM/samples/tenant.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/tenantwithoutid.json → openstack-identity-api/src/docbkx/OS-KSADM/samples/tenantwithoutid.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/tenantwithoutid.xml → openstack-identity-api/src/docbkx/OS-KSADM/samples/tenantwithoutid.xml
View File

0
openstack-identity-api/src/docbkx/common/samples/user.json → openstack-identity-api/src/docbkx/OS-KSADM/samples/user.json
View File

0
openstack-identity-api/src/docbkx/common/samples/user.xml → openstack-identity-api/src/docbkx/OS-KSADM/samples/user.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/users.json → openstack-identity-api/src/docbkx/OS-KSADM/samples/users.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/users.xml → openstack-identity-api/src/docbkx/OS-KSADM/samples/users.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/userwithenabledonly.json → openstack-identity-api/src/docbkx/OS-KSADM/samples/userwithenabledonly.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/userwithenabledonly.xml → openstack-identity-api/src/docbkx/OS-KSADM/samples/userwithenabledonly.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/userwithoutid.json → openstack-identity-api/src/docbkx/OS-KSADM/samples/userwithoutid.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSADM/samples/userwithoutid.xml → openstack-identity-api/src/docbkx/OS-KSADM/samples/userwithoutid.xml
View File

18
openstack-identity-api/src/docbkx/extensions/OS-KSCATALOG/OS-KSCATALOG-admin-devguide.xml → openstack-identity-api/src/docbkx/OS-KSCATALOG/OS-KSCATALOG-admin-devguide.xml
View File

@ -42,7 +42,7 @@ format="SVG" scale="60"/>
<book xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:svg="http://www.w3.org/2000/svg"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0" status="draft"
xml:id="Keystone-Developer-Guide">
xml:id="Identity-Service-Developer-Guide-OS-KSCATALOG">
<title>OpenStack Identity OS-KSCATALOG Extension</title>
<titleabbrev>OS-KSCATALOG (Admin)</titleabbrev>
<info>
@ -80,14 +80,14 @@ format="SVG" scale="60"/>
name="Openstack Keystone Catalog" namespace="http://docs.openstack.org/identity/api/ext/OS-KSCATALOG/v1.0"
alias="OS-KSCATALOG"
updated="2011-08-14T13:25:27-06:00">
<description>Openstack extensions to Keystone v2.0 API enabling Admin Operations to support Catalog. Adds the capability to do CRUD on Endpoint Templates and Endpoints</description>
<description>Openstack extensions to Identity Service API v2.0 enabling Admin Operations to support Catalog. Adds the capability to do CRUD on Endpoint Templates and Endpoints</description>
<atom:link rel="describedby" type="application/pdf"
href="https://github.com/openstack/keystone/raw/master/keystone/content/admin/OS-KSCATALOG-admin-devguide.pdf"/>
<atom:link rel="describedby" type="application/vnd.sun.wadl+xml"
href="https://github.com/openstack/keystone/raw/master/keystone/content/admin/OS-KSCATALOG-admin.wadl"/>
</extension>
<abstract>
<para>This document includes details on various operations supported by the OS-KSCATALOG extensions on top of core keystone operations. </para>
<para>This document includes details on various operations supported by the OS-KSCATALOG extensions on top of core OpenStack Identity Service operations. </para>
</abstract>
<revhistory>
<revision>
@ -110,7 +110,7 @@ format="SVG" scale="60"/>
<section xmlns="http://docbook.org/ns/docbook" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Admin_API_Service_Developer_Operations-d1e1357" version="5.0" role="api-reference">
xml:id="Admin_API_Service_Developer_Operations-OS-KSCATALOG" version="5.0" role="api-reference">
<title>OS-KSCATALOG Admin Extension</title>
<para>Extension operations.</para>
@ -134,15 +134,15 @@ format="SVG" scale="60"/>
<?hard-pagebreak?>
<para>The following calls are supported by API OS-KSCATALOG Extension on top of Keystone Admin 2.0:</para>
<para>The following calls are supported by API OS-KSCATALOG Extension on top of OpenStack Identity Service Admin API v2.0:</para>
<section xml:id="Endpoint_Template_Operations_OS-KSCATALOG">
<title>Endpoint Template Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSCATALOG-admin.wadl#endpointTemplates">
<wadl:resource href="../wadl/OS-KSCATALOG-admin.wadl#endpointTemplates">
<wadl:method href="listEndpointTemplates"/>
<wadl:method href="addEndpointTemplate"/>
</wadl:resource>
<wadl:resource href="OS-KSCATALOG-admin.wadl#endpointTemplateId">
<wadl:resource href="../wadl/OS-KSCATALOG-admin.wadl#endpointTemplateId">
<wadl:method href="getEndpointTemplate"/>
<wadl:method href="deleteEndpointTemplate"/>
</wadl:resource>
@ -152,11 +152,11 @@ format="SVG" scale="60"/>
<section xml:id="Tenant_Operations_OS-KSCATALOG">
<title>Endpoint Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSCATALOG-admin.wadl#endpoints">
<wadl:resource href="../wadl/OS-KSCATALOG-admin.wadl#endpoints">
<wadl:method href="listEndpoints"/>
<wadl:method href="addEndpoint"/>
</wadl:resource>
<wadl:resource href="OS-KSCATALOG-admin.wadl#endpoint">
<wadl:resource href="../wadl/OS-KSCATALOG-admin.wadl#endpoint">
<wadl:method href="getEndpoint"/>
<wadl:method href="deleteEndpoint"/>
</wadl:resource>

0
openstack-identity-api/src/docbkx/extensions/OS-KSCATALOG/samples/endpoint.json → openstack-identity-api/src/docbkx/OS-KSCATALOG/samples/endpoint.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSCATALOG/samples/endpoint.xml → openstack-identity-api/src/docbkx/OS-KSCATALOG/samples/endpoint.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSCATALOG/samples/endpointTemplate.json → openstack-identity-api/src/docbkx/OS-KSCATALOG/samples/endpointTemplate.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSCATALOG/samples/endpointTemplate.xml → openstack-identity-api/src/docbkx/OS-KSCATALOG/samples/endpointTemplate.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSCATALOG/samples/endpointTemplateWithOnlyId.json → openstack-identity-api/src/docbkx/OS-KSCATALOG/samples/endpointTemplateWithOnlyId.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSCATALOG/samples/endpointTemplateWithOnlyId.xml → openstack-identity-api/src/docbkx/OS-KSCATALOG/samples/endpointTemplateWithOnlyId.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSCATALOG/samples/endpointTemplates.json → openstack-identity-api/src/docbkx/OS-KSCATALOG/samples/endpointTemplates.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSCATALOG/samples/endpointTemplates.xml → openstack-identity-api/src/docbkx/OS-KSCATALOG/samples/endpointTemplates.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSCATALOG/samples/endpoints.json → openstack-identity-api/src/docbkx/OS-KSCATALOG/samples/endpoints.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSCATALOG/samples/endpoints.xml → openstack-identity-api/src/docbkx/OS-KSCATALOG/samples/endpoints.xml
View File

35
openstack-identity-api/src/docbkx/extensions/OS-KSEC2/OS-KSEC2-admin-devguide.xml → openstack-identity-api/src/docbkx/OS-KSEC2/OS-KSEC2-admin-devguide.xml
View File

@ -4,23 +4,19 @@
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY VERSION "v1.0">
<!ENTITY PUB_DATE "2011-09-13">
@ -37,11 +33,10 @@ format="SVG" scale="60"/>
<!ENTITY CURRENTGUIDE "http://docs.openstack.org/api/openstack-identity-service/2.0/identity-dev-guide-2.0.pdf">
<!ENTITY CURRENTWADL "../admin/OS-KSEC2-admin.wadl">
<!ENTITY EXTENSIONXSD "xsd/OS-KSEC2-credentials.xsd">
<!ENTITY EC2CREDENTIALSEXAMPLEXML "samples/ec2Credentials.xml">
<!ENTITY EC2CREDENTIALSEXAMPLEJSON "samples/ec2Credentials.json">
<!ENTITY EXTENSIONQUERYRESPONSEXML "../../common/samples/extension.xml">
<!ENTITY EXTENSIONQUERYRESPONSEJSON "../../common/samples/extension.json">
<!ENTITY EC2CREDENTIALSEXAMPLEXML "../OS-KSEC2/samples/ec2Credentials.xml">
<!ENTITY EC2CREDENTIALSEXAMPLEJSON "../OS-KSEC2/samples/ec2Credentials.json">
<!ENTITY EXTENSIONQUERYRESPONSEXML "../../samples/extension.xml">
<!ENTITY EXTENSIONQUERYRESPONSEJSON "../../samples/extension.json">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
@ -79,8 +74,8 @@ format="SVG" scale="60"/>
<para>
This document is intended for client developers interested
in using the OpenStack EC2 Authentication Service Extension along with the
Keystone - OpenStack Identity
(<abbrev>API</abbrev>).
OpenStack Identity Service
<abbrev>API</abbrev> v2.0.
</para>
</abstract>
<extension
@ -89,11 +84,9 @@ format="SVG" scale="60"/>
namespace="http://docs.openstack.org/identity/api/ext/OS-KSEC2/v1.0"
alias="OS-KSEC2"
updated="2011-08-25T09:50:00-00:00">
<description>
Adds the capability to support EC2 style authentication.
</description>
<atom:link rel="describedby"
type="application/pdf"
href="https://github.com/openstack/keystone/raw/master/keystone/content/admin/OS-KSEC2-admin-devguide.pdf"/>
@ -151,13 +144,13 @@ format="SVG" scale="60"/>
</example>
<example>
<title>ec2Credentials JSON</title>
<programlisting language="javascript"><xi:include href="&EC2CREDENTIALSEXAMPLEJSON;" parse="text"/></programlisting>
<programlisting language="json"><xi:include href="&EC2CREDENTIALSEXAMPLEJSON;" parse="text"/></programlisting>
</example>
</section>
</section>
<section xmlns="http://docbook.org/ns/docbook" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Admin_API_Service_Developer_Operations-d1e1357" version="5.0" role="api-reference">
xml:id="Admin_API_Service_Developer_Operations-OS-KSEC2" version="5.0" role="api-reference">
<title>OS-KSEC2-admin Extension API Operations</title>
<table rules="all">
<caption>Authentication Header</caption>
@ -180,16 +173,8 @@ format="SVG" scale="60"/>
<section xml:id="User_Operations_OS-KSEC2">
<title>User Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSEC2-admin.wadl#userCredentials">
<wadl:method href="addUserCredential"/>
<wadl:method href="listCredentials"/>
</wadl:resource>
<wadl:resource href="OS-KSEC2-admin.wadl#userCredentialsByType">
<wadl:method href="listCredentialsByType"/>
<wadl:method href="updateUserCredential"/>
<wadl:method href="deleteUserCredential"/>
<wadl:method href="getUserCredential"/>
</wadl:resource>
<wadl:resource href="../wadl/OS-KSEC2-admin.wadl#userCredentials"/>
<wadl:resource href="../wadl/OS-KSEC2-admin.wadl#userCredentialsByType"/>
</wadl:resources>
</section>
</section>

201
openstack-identity-api/src/docbkx/OS-KSEC2/OS-KSEC2-service-devguide.xml Normal file
View File

@ -0,0 +1,201 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY VERSION "v1.0">
<!ENTITY PUB_DATE "2011-08-26">
<!ENTITY ALIAS "OS-KSEC2">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY EC2CREDENTIALSREQUESTXML "../OS-KSEC2/samples/auth_credentials-OS-KSEC2.xml">
<!ENTITY EC2CREDENTIALSREQUESTJSON "../OS-KSEC2/samples/auth_credentials-OS-KSEC2.json">
<!ENTITY EC2CREDENTIALSRESPONSEXML "../OS-KSEC2/samples/auth.xml">
<!ENTITY EC2CREDENTIALSRESPONSEJSON "../OS-KEC2/samples/auth.json">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0"
status="draft" xml:id="book-0001">
<?rax subtitle.font.size="12px"?>
<title>OpenStack Identity EC2 authentication Extension (Service
Operations)</title>
<titleabbrev>OS-KSEC2 (Admin)</titleabbrev>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>OpenStack</orgname>
</affiliation>
</author>
<copyright>
<year>2010</year>
<year>2011</year>
<holder>OpenStack</holder>
</copyright>
<releaseinfo>EXT v1.0</releaseinfo>
<productname>OpenStack Identity</productname>
<pubdate>&PUB_DATE;</pubdate>
<legalnotice role="apache2">
<annotation>
<remark>Copyright details are filled in by the
template.</remark>
</annotation>
</legalnotice>
<abstract>
<para> This document is intended for client developers
interested in using the OpenStack EC2 Authentication
Service Extension along with the Keystone - OpenStack
Identity (<abbrev>API</abbrev>). </para>
</abstract>
<extension xmlns="http://docs.openstack.org/common/api/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
name="OpenStack EC2 authentication Extension"
namespace="http://docs.openstack.org/identity/api/ext/OS-KSEC2/v1.0"
alias="OS-KSEC2-service"
updated="2011-08-25T09:50:00-00:00">
<description> Adds the capability to support EC2 style
authentication. </description>
<atom:link rel="describedby" type="application/pdf"
href="https://github.com/openstack/keystone/raw/master/keystone/content/service/OS-KSEC2-service-devguide.pdf"/>
<atom:link rel="describedby" type="application/xml"
href="http://docs.openstack.org/api/openstack-identity/ext/os/common/xsd/OS-KSEC2-credentials.xsd"
/>
</extension>
<revhistory>
<revision>
<date>2011-08-26</date>
<revdescription>
<itemizedlist spacing="compact">
<listitem>
<para> Initial release. </para>
</listitem>
</itemizedlist>
</revdescription>
</revision>
</revhistory>
</info>
<chapter xml:id="chapter-0001">
<title>Summary of Changes</title>
<para> The OpenStack EC2 authentication Service Extension
allows authenticate call using ec2Credentials. </para>
<section xml:id="NewHeaders-0001">
<title>New Headers</title>
<para>None.</para>
</section>
<section xml:id="NewFaults0001">
<title>New Faults</title>
<para>None.</para>
</section>
<section xml:id="NewResources-0001">
<title>New Resources</title>
<para>None.</para>
</section>
<section xml:id="NewActions0001">
<title>New Actions</title>
<para>None.</para>
</section>
<section xml:id="NewElement0001">
<title>New Element</title>
<section xml:id="RackExt-0001">
<title> Openstack extension to Identity Service v2.0
API enabling EC2 style authentication. </title>
<section xml:id="Authenticate-d1e1166">
<title>Authenticate</title>
<para>This extension allows authentication calls
to accept new type of credentials
<parameter>ec2Credentials</parameter>.
These are additional type of credentials
defined to support EC2 style authentication.
The usage of
<parameter>ec2Credentials</parameter> on a
existing call to authenticate is illustrated
below </para>
<informaltable rules="all"> &URI_REFHEAD; <tbody>
<tr>
<td colspan="1"> &POST; </td>
<td colspan="1">/tokens</td>
<td colspan="4">Authenticate to
generate a token.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>,
<returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized
(<errorcode>401</errorcode>), userDisabled
(<errorcode>403</errorcode>), badRequest
(<errorcode>400</errorcode>),
identityFault (<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
<para> This call will return a token if
successful. Clients obtain this token, along
with the URL to other service APIs, by first
authenticating against the Identity Service
and supplying valid credentials. This
extension provides support for Rackspace style
API key credentials. </para>
<para> Client authentication is provided via a
ReST interface using the POST method, with
v2.0/tokens supplied as the path. A payload of
credentials must be included in the body. </para>
<para> The Identity Service is a ReSTful web
service. It is the entry point to all service
APIs. To access the Identity Service, you must
know the URL of the Identity Service. </para>
<example>
<title>XML Auth Request using
EC2CREDENTIALS</title>
<programlisting language="xml"><xi:include href="../OS-KSEC2/samples/auth_credentials-OS-KSEC2.xml" parse="text"/></programlisting>
</example>
<example>
<title>JSON Auth Request using
EC2CREDENTIALS</title>
<programlisting language="json"><xi:include href="&EC2CREDENTIALSREQUESTJSON;" parse="text"/></programlisting>
</example>
<example>
<title>XML Auth Response</title>
<programlisting language="xml"><xi:include href="../samples/auth.xml" parse="text"/></programlisting>
</example>
<example>
<title>JSON Auth Response</title>
<programlisting language="json"><xi:include href="../samples/auth.json" parse="text"/></programlisting>
</example>
</section>
</section>
</section>
</chapter>
</book>

0
openstack-identity-api/src/docbkx/extensions/OS-KSEC2/samples/auth_credentials-OS-KSEC2.json → openstack-identity-api/src/docbkx/OS-KSEC2/samples/auth_credentials-OS-KSEC2.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSEC2/samples/auth_credentials-OS-KSEC2.xml → openstack-identity-api/src/docbkx/OS-KSEC2/samples/auth_credentials-OS-KSEC2.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSEC2/samples/credentialswithec2.json → openstack-identity-api/src/docbkx/OS-KSEC2/samples/credentialswithec2.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSEC2/samples/credentialswithec2.xml → openstack-identity-api/src/docbkx/OS-KSEC2/samples/credentialswithec2.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSEC2/samples/ec2Credentials.json → openstack-identity-api/src/docbkx/OS-KSEC2/samples/ec2Credentials.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSEC2/samples/ec2Credentials.xml → openstack-identity-api/src/docbkx/OS-KSEC2/samples/ec2Credentials.xml
View File

212
openstack-identity-api/src/docbkx/OS-KSS3/OS-KSS3-admin-devguide.xml Normal file
View File

@ -0,0 +1,212 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY VERSION "v1.0">
<!ENTITY PUB_DATE "2011-08-26">
<!ENTITY ALIAS "OS-KSS3">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY NAMESPACE "http://docs.rackspace.com/identity/api/ext/OS-KSS3/v1.0">
<!ENTITY CURRENTGUIDE "http://docs.openstack.org">
<!ENTITY S3CREDENTIALSREQUESTXML "samples/s3Credentials.xml">
<!ENTITY S3CREDENTIALSREQUESTJSON "samples/s3Credentials.json">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0"
status="draft" xml:id="book-0001">
<?rax subtitle.font.size="20px"?>
<title>OpenStack Identity OS-KSS3 Extension (Admin
Operations)</title>
<titleabbrev>OS-KSS3 (Admin)</titleabbrev>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>Rackspace Cloud</orgname>
</affiliation>
</author>
<copyright>
<year>2011</year>
<holder>Rackspace US, Inc.</holder>
</copyright>
<releaseinfo>EXT v1.0</releaseinfo>
<productname>OpenStack Identity</productname>
<pubdate>&PUB_DATE;</pubdate>
<legalnotice role="rs-api">
<annotation>
<remark>Copyright details are filled in by the
template.</remark>
</annotation>
</legalnotice>
<othercredit>
<personname>
<firstname>Joe</firstname>
<surname>Savak</surname>
</personname>
<email>joe.savak@RACKSPACE.COM</email>
</othercredit>
<extension xmlns="http://docs.openstack.org/common/api/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
name="OS-KSS3 Extensions"
namespace="http://docs.rackspace.com/identity/api/ext/OS-KSS3/v1.0"
alias="OS-KSS3" updated="2011-08-14T13:25:27-06:00">
<description> Identity Service v2.0 API extension. </description>
<atom:link rel="describedby" type="application/pdf"
href="httaw.github.com/openstack/identity-api/master/openstack-identity-api/src/docbkx/extensions/OS-KSS3/OS-KSS3-admin-devguide.pdf"/>
<atom:link rel="describedby"
type="application/vnd.sun.wadl+xml"
href="https://raw.github.com/openstack/identity-api/master/openstack-identity-api/src/docbkx/extensions/OS-KSS3/OS-KSS3-admin.wadl"
/>
</extension>
<abstract>
<para> This document is intended for client developers
interested in using the OS-KSS3 Extension (Admin)
along with the OpenStack Identity Service
(<abbrev>API</abbrev>). </para>
</abstract>
<revhistory>
<revision>
<date>2011-09-13</date>
<revdescription>
<itemizedlist spacing="compact">
<listitem>
<para> Initial release. </para>
</listitem>
</itemizedlist>
</revdescription>
</revision>
</revhistory>
</info>
<chapter xml:id="chapter-0001">
<title>Summary of Changes</title>
<para> The OS-KSS3 Extension allows crud/listing operations on
<parameter>s3Credentials</parameter>. </para>
<section xml:id="NewHeaders-0001">
<title>New Headers</title>
<para>None.</para>
</section>
<section xml:id="NewFaults0001">
<title>New Faults</title>
<para>None.</para>
</section>
<section xml:id="NewResources-0001">
<title>New Resources</title>
<para>None.</para>
</section>
<section xml:id="NewActions0001">
<title>New Actions</title>
<para>None.</para>
</section>
<section xml:id="NewElement0001">
<title>New Element</title>
<section xml:id="NewElementDetail-0001">
<title>s3Credentials</title>
<para>This extension allows authentication calls to
accept new type of credentials
<parameter>s3Credentials</parameter>. These
are additional type of credentials defined to
support Amazon's S3 style Authentication. Examples
of <parameter>s3Credentials</parameter> are
illustrated below. </para>
<example>
<title>s3Credentials XML</title>
<programlisting language="xml"><xi:include href="&S3CREDENTIALSREQUESTXML;" parse="text"/></programlisting>
</example>
<example>
<title>s3Credentials JSON</title>
<programlisting language="json"><xi:include href="&S3CREDENTIALSREQUESTJSON;" parse="text"/></programlisting>
</example>
</section>
</section>
<section xml:id="RackExt-0001">
<title>OS-KSS3 extension to Identity Service v2.0
API</title>
<section xml:id="New-Elements-details-0002">
<title>New Elements</title>
<para> This extension allows token validation and
endpoint retrieval without sending tokens in the
URI. </para>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="KSS3_OPERATIONS-token" version="5.0"
role="api-reference">
<title>OS-KSS3 Extension API Operations</title>
<table rules="all">
<caption>Authentication Header</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Name</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<tr>
<td>HTTP/1.1 Request</td>
<td>X-Auth-Token</td>
<td>txfa8426a08eaf</td>
</tr>
</tbody>
</table>
<para>Following operations are the list of operations
available in the OS-KSS3 Admin Extension:</para>
<section xml:id="OS-KSS3_OPERATIONS">
<title>API operations</title>
<wadl:resources
xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource
href="../wadl/OS-KSS3-admin.wadl#userCredentials">
<wadl:method href="listCredentials"/>
<wadl:method href="addUserCredential"/>
</wadl:resource>
<wadl:resource
href="../wadl/OS-KSS3-admin.wadl#userCredentialsByType">
<wadl:method href="getUserCredential"/>
<wadl:method href="updateUserCredential"/>
<wadl:method href="deleteUserCredential"/>
</wadl:resource>
</wadl:resources>
</section>
</section>
</section>
</chapter>
</book>

0
openstack-identity-api/src/docbkx/extensions/OS-KSS3/samples/credentialswiths3.json → openstack-identity-api/src/docbkx/OS-KSS3/samples/credentialswiths3.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSS3/samples/credentialswiths3.xml → openstack-identity-api/src/docbkx/OS-KSS3/samples/credentialswiths3.xml
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSS3/samples/s3Credentials.json → openstack-identity-api/src/docbkx/OS-KSS3/samples/s3Credentials.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSS3/samples/s3Credentials.xml → openstack-identity-api/src/docbkx/OS-KSS3/samples/s3Credentials.xml
View File

195
openstack-identity-api/src/docbkx/OS-KSVALIDATE/OS-KSVALIDATE-admin-devguide.xml Normal file
View File

@ -0,0 +1,195 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY VERSION "v1.0">
<!ENTITY PUB_DATE "2011-08-26">
<!ENTITY ALIAS "OS-KSVALIDATE">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY NAMESPACE "http://docs.rackspace.com/identity/api/ext/OS-KSVALIDATE/v1.0">
<!ENTITY CURRENTGUIDE "http://docs.openstack.org">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0"
status="draft" xml:id="book-0001">
<?rax subtitle.font.size="12px"?>
<title>OpenStack Identity OS-KSVALIDATE Extension (Service
Operations)</title>
<titleabbrev>OS-KSVALIDATE (Service)</titleabbrev>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>Rackspace Cloud</orgname>
</affiliation>
</author>
<copyright>
<year>2010</year>
<year>2011</year>
<holder>OpenStack</holder>
</copyright>
<releaseinfo>API v2.0</releaseinfo>
<productname>OpenStack Identity</productname>
<pubdate>2011-08-29</pubdate>
<legalnotice role="apache2">
<annotation>
<remark>Copyright details are filled in by the
template.</remark>
</annotation>
</legalnotice>
<othercredit>
<personname>
<firstname>Joe</firstname>
<surname>Savak</surname>
</personname>
<email>joe.savak@RACKSPACE.COM</email>
</othercredit>
<extension xmlns="http://docs.openstack.org/common/api/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
name="OS-KSVALIDATE Extensions"
namespace="http://docs.rackspace.com/identity/api/ext/OS-KSVALIDATE/v1.0"
alias="OS-KSVALIDATE" updated="2011-08-14T13:25:27-06:00">
<description> Identity Service v2.0 API extension. </description>
<atom:link rel="describedby" type="application/pdf"
href="httaw.github.com/openstack/identity-api/master/openstack-identity-api/src/docbkx/extensions/OS-KSVALIDATE/OS-KSVALIDATE-service-devguide.pdf"/>
<atom:link rel="describedby"
type="application/vnd.sun.wadl+xml"
href="https://raw.github.com/openstack/identity-api/master/openstack-identity-api/src/docbkx/extensions/OS-KSVALIDATE/OS-KSVALIDATE-admin.wadl"
/>
</extension>
<abstract>
<para> This document is intended for client developers
interested in using the OS-KSVALIDATE Extension
(Service) along with the OpenStack Identity Service
(<abbrev>API</abbrev>). </para>
</abstract>
<revhistory>
<revision>
<date>2011-09-13</date>
<revdescription>
<itemizedlist spacing="compact">
<listitem>
<para> Initial release. </para>
</listitem>
</itemizedlist>
</revdescription>
</revision>
</revhistory>
</info>
<chapter xml:id="chapter-0001">
<title>Summary of Changes</title>
<para> OS-KSVALIDATE extension allows a Token to be optionally
encrypted and passed in the 'X-Subject-Token' header for
validation, rather than in the URI. </para>
<section xml:id="NewHeaders-0001">
<title>New Headers</title>
<para>None.</para>
</section>
<section xml:id="NewFaults0001">
<title>New Faults</title>
<para>None.</para>
</section>
<section xml:id="NewResources-0001">
<title>New Resources</title>
<para>None.</para>
</section>
<section xml:id="NewActions0001">
<title>New Actions</title>
<para>None.</para>
</section>
<section xml:id="NewElement0001">
<title>New Elements</title>
<section xml:id="RackExt-0001">
<title>OS-KSVALIDATE extension to Identity Service
v2.0 API</title>
<section xml:id="New-Elements-details-0002">
<title>New Elements</title>
<para> This extension allows token validation and
endpoint retrieval without sending tokens in
the URI. </para>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="KSVALIDATE_OPERATIONS-token" version="5.0"
role="api-reference">
<title>OS-KSVALIDATE Extension API
Operations</title>
<table rules="all">
<caption>Authentication Header</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Name</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<tr>
<td>HTTP/1.1 Request</td>
<td>X-Auth-Token</td>
<td>txfa8426a08eaf</td>
</tr>
</tbody>
</table>
<para>Following operations are the list of
operations available in the OS-KSVALIDATE
Service Extension:</para>
<section xml:id="OS-KSVALIDATE_OPERATIONS">
<title>API operations</title>
<wadl:resources
xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource
href="../wadl/OS-KSVALIDATE-admin.wadl#validate">
<wadl:method href="validateToken"/>
<wadl:method href="checkToken"/>
</wadl:resource>
<wadl:resource
href="../wadl/OS-KSVALIDATE-admin.wadl#endpointsForToken">
<wadl:method
href="listEndpointsForToken"/>
</wadl:resource>
</wadl:resources>
</section>
</section>
</section>
</section>
</chapter>
</book>

0
openstack-identity-api/src/docbkx/extensions/OS-KSVALIDATE/samples/endpoints.json → openstack-identity-api/src/docbkx/OS-KSVALIDATE/samples/endpoints.json
View File

0
openstack-identity-api/src/docbkx/extensions/OS-KSVALIDATE/samples/endpoints.xml → openstack-identity-api/src/docbkx/OS-KSVALIDATE/samples/endpoints.xml
View File

0
openstack-identity-api/src/docbkx/common/samples/validatetoken.json → openstack-identity-api/src/docbkx/OS-KSVALIDATE/samples/validatetoken.json
View File

0
openstack-identity-api/src/docbkx/common/samples/validatetoken.xml → openstack-identity-api/src/docbkx/OS-KSVALIDATE/samples/validatetoken.xml
View File

219
openstack-identity-api/src/docbkx/RAX-GRPADM/RAX-GRPADM-devguide.xml Normal file
View File

@ -0,0 +1,219 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY PUB_DATE "2011-09-13">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY GROUPSREQUESTXML "../RAX-GRPADM/samples/groups.xml">
<!ENTITY GROUPSREQUESTJSON "../RAX-GRPADM/samples/groups.json">
<!ENTITY GROUPREQUESTXML "../RAX-GRPADM/samples/group.xml">
<!ENTITY GROUPREQUESTJSON "../RAX-GRPADM/samples/group.json">
<!ENTITY UPDATEDGROUPREQUESTXML "../RAX-GRPADM/samples/group-updated.xml">
<!ENTITY UPDATEDGROUPREQUESTJSON "../RAX-GRPADM/samples/group-updated.json">
<!-- Information about the extension -->
<!ENTITY PUB_DATE "2011-01-23">
<!ENTITY ALIAS "RAX-GRPADM">
<!ENTITY NAMESPACE "http://docs.rackspace.com/identity/api/ext/RAX-KSGRP/v1.0">
<!ENTITY CURRENTGUIDE "http://docs.openstack.org/api/openstack-identity/ext/admin/RAX-GRPADM.pdf">
<!ENTITY CURRENTWADL "http://docs.openstack.org/api/openstack-identity/ext/admin/RAX-GRPADM.wadl">
<!ENTITY EXTENSIONXSD "http://docs.openstack.org/api/openstack-identity/ext/admin/common/xsd/RAX-GRPADM.xsd">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"
xmlns:rax="http://docs.rackspace.com/api"
xmlns:wadl="http://wadl.dev.java.net/2009/02" version="5.0"
xml:id="book_rax_group_admin">
<?rax subtitle.font.size="20px"?>
<title>OpenStack Identity Rackspace Group Admin Extension</title>
<titleabbrev>&ALIAS;</titleabbrev>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>Rackspace Cloud</orgname>
</affiliation>
</author>
<copyright>
<year>2011</year>
<holder>Rackspace US, Inc.</holder>
</copyright>
<productname>OpenStack Identity</productname>
<pubdate>&PUB_DATE;</pubdate>
<legalnotice role="rs-api">
<annotation>
<remark>Copyright details are filled in by the
template.</remark>
</annotation>
</legalnotice>
<othercredit>
<personname>
<firstname>Joe</firstname>
<surname>Savak</surname>
</personname>
<email>joe.savak@RACKSPACE.COM</email>
</othercredit>
<extension xmlns="http://docs.openstack.org/common/api/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
name="OpenStack Identity Rackspace Group Admin"
namespace="http://docs.rackspace.com/identity/api/ext/RAX-KSGRP/v1.0"
alias="RAX-GRPADM" updated="2011-08-14T13:25:27-06:00">
<description> Rackspace extensions to Identity Service
v2.0 API enabling Group Admin. </description>
<atom:link rel="describedby" type="application/pdf"
href="https://raw.github.com/openstack/identity-api/master/openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/RAX-GRPADM-devguide.pdf"/>
<atom:link rel="describedby"
type="application/vnd.sun.wadl+xml"
href="https://raw.github.com/openstack/identity-api/master/openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/RAX-GRPADM.wadl"
/>
</extension>
<abstract>
<para> This document is for software developers
who want to use the Group Admin Extension to the
OpenStack Identity Application Programming Interface
(<abbrev>API</abbrev>). </para>
</abstract>
<revhistory>
<revision>
<date>2012-01-23</date>
<revdescription>
<itemizedlist spacing="compact">
<listitem>
<para> Initial release. </para>
</listitem>
</itemizedlist>
</revdescription>
</revision>
</revhistory>
</info>
<chapter xml:id="chapter-0001">
<title>Summary of Changes</title>
<para> This extension adds capabilities to the RAX-KSGRP
extension. It allows for CRUD operations on
<parameter>groups</parameter> and gives the ability to
associate <parameter>groups</parameter> with
<parameter>users</parameter>. </para>
<section xml:id="NewHeaders-0001">
<title>New Headers</title>
<para>None.</para>
</section>
<section xml:id="NewFaults0001">
<title>New Faults</title>
<para>None.</para>
</section>
<section xml:id="NewResources-0001">
<title>New Resources</title>
<para>None.</para>
</section>
<section xml:id="NewActions0001">
<title>New Actions</title>
<para>None.</para>
</section>
<section xml:id="NewElement0001">
<title>New Element</title>
<section xml:id="RackExt-0001">
<title>groups</title>
<para> This extension adds capabilities to the
RAX-KSGRP extension. It allows for CRUD operations
on <parameter>groups</parameter> and gives the
ability to associate <parameter>groups</parameter>
with <parameter>users</parameter>. </para>
<example>
<title>group XML</title>
<programlisting language="xml"><xi:include href="&GROUPREQUESTXML;" parse="text"/></programlisting>
</example>
<example>
<title>groups JSON</title>
<programlisting language="json"><xi:include href="&GROUPREQUESTJSON;" parse="text"/></programlisting>
</example>
</section>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Admin_API_Service_Developer_Operations-RAX-GRPADM"
version="5.0" role="api-reference">
<title>RAX-GRPADM Extension API Operations</title>
<table rules="all">
<caption>Authentication Header</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Name</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<tr>
<td>HTTP/1.1 Request</td>
<td>X-Auth-Token</td>
<td>txfa8426a08eaf</td>
</tr>
</tbody>
</table>
<para>A new resource is created at /RAX-GRPADM/groups that
allows for the management of groups. </para>
<section xml:id="User_Operations_RAX_KSGRPADM">
<title>User Operations</title>
<wadl:resources
xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource
href="../wadl/RAX-GRPADM.wadl#groups">
<wadl:method href="addGroup"/>
</wadl:resource>
<wadl:resource
href="../wadl/RAX-GRPADM.wadl#group">
<wadl:method href="getGroup"/>
<wadl:method href="updateGroup"/>
<wadl:method href="getUsersForGroup"/>
<wadl:method href="deleteGroup"/>
</wadl:resource>
<wadl:resource href="../wadl/RAX-GRPADM.wadl#user">
<wadl:method href="addUserToGroup"/>
<wadl:method href="removeUserFromGroup"/>
</wadl:resource>
</wadl:resources>
</section>
</section>
</chapter>
</book>

0
openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/samples/group-for-create.json → openstack-identity-api/src/docbkx/RAX-GRPADM/samples/group-for-create.json
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/samples/group-for-create.xml → openstack-identity-api/src/docbkx/RAX-GRPADM/samples/group-for-create.xml
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/samples/group-for-update.json → openstack-identity-api/src/docbkx/RAX-GRPADM/samples/group-for-update.json
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/samples/group-for-update.xml → openstack-identity-api/src/docbkx/RAX-GRPADM/samples/group-for-update.xml
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/samples/group-updated.json → openstack-identity-api/src/docbkx/RAX-GRPADM/samples/group-updated.json
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/samples/group-updated.xml → openstack-identity-api/src/docbkx/RAX-GRPADM/samples/group-updated.xml
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/samples/group.json → openstack-identity-api/src/docbkx/RAX-GRPADM/samples/group.json
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/samples/group.xml → openstack-identity-api/src/docbkx/RAX-GRPADM/samples/group.xml
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/samples/groups.json → openstack-identity-api/src/docbkx/RAX-GRPADM/samples/groups.json
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/samples/groups.xml → openstack-identity-api/src/docbkx/RAX-GRPADM/samples/groups.xml
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/samples/users.json → openstack-identity-api/src/docbkx/RAX-GRPADM/samples/users.json
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-GRPADM/samples/users.xml → openstack-identity-api/src/docbkx/RAX-GRPADM/samples/users.xml
View File

208
openstack-identity-api/src/docbkx/RAX-KSGRP/RAX-KSGRP-service-devguide.xml Normal file
View File

@ -0,0 +1,208 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY VERSION "v1.0">
<!ENTITY PUB_DATE "2011-08-26">
<!ENTITY ALIAS "RAX-KSGRP">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY NAMESPACE "http://docs.rackspace.com/identity/api/ext/RAX-KSGRP/v1.0">
<!ENTITY CURRENTGUIDE "http://docs.rackspace.com/api">
<!ENTITY EXTENSIONXSD "xsd/RAX-KSGRP-groups.xsd">
<!ENTITY GROUPSXML "samples/RAX-KSGRP-groups.xml">
<!ENTITY GROUPSJSON "samples/RAX-KSGRP-groups.json">
<!ENTITY GROUPXML "samples/RAX-KSGRP-group.xml">
<!ENTITY GROUPJSON "samples/RAX-KSGRP-group.json">
<!ENTITY GROUPREQUESTXML "../../common/samples/auth_credentials.xml">
<!ENTITY GROUPREQUESTJSON "../../common/samples/auth_credentials.json">
<!ENTITY GROUPRESPONSEXML "../../common/samples/authwithgroups.xml">
<!ENTITY GROUPRESPONSEJSON "../../common/samples/authwithgroups.json">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0"
status="draft" xml:id="book-0001">
<?rax subtitle.font.size="12px"?>
<title>OpenStack Identity Rackspace Group Extension (Service
Operations)</title>
<titleabbrev>RAX-KSGRP (Service)</titleabbrev>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>Rackspace Cloud</orgname>
</affiliation>
</author>
<copyright>
<year>2011</year>
<holder>Rackspace US, Inc.</holder>
</copyright>
<releaseinfo>EXT v1.0</releaseinfo>
<productname>OpenStack Identity</productname>
<pubdate>&PUB_DATE;</pubdate>
<legalnotice role="rs-api">
<annotation>
<remark>Copyright details are filled in by the
template.</remark>
</annotation>
</legalnotice>
<othercredit>
<personname>
<firstname>Joe</firstname>
<surname>Savak</surname>
</personname>
<email>joe.savak@RACKSPACE.COM</email>
</othercredit>
<extension xmlns="http://docs.openstack.org/common/api/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
name="Rackspace Identity Service Group Extensions"
namespace="http://docs.rackspace.com/identity/api/ext/RAX-KSGRP/v1.0"
alias="RAX-KSGRP" updated="2011-08-14T13:25:27-06:00">
<description>Rackspace extensions to Identity Service v2.0
API enabling groups.</description>
<atom:link rel="describedby" type="application/pdf"
href="httaw.github.com/openstack/identity-api/master/openstack-identity-api/src/docbkx/extensions/RAX-KSGRP/RAX-KSGRP-devguide.pdf"/>
<atom:link rel="describedby"
type="application/vnd.sun.wadl+xml"
href="https://raw.github.com/openstack/identity-api/master/openstack-identity-api/src/docbkx/extensions/RAX-KSGRP/RAX-KSGRP.wadl"
/>
</extension>
<abstract>
<para> This document is intended for client developers
interested in using the Rackspace Identity Service
Group Extension (Service) along with the OpenStack
Identity Service (<abbrev>API</abbrev>). </para>
</abstract>
<revhistory>
<revision>
<date>2011-09-13</date>
<revdescription>
<itemizedlist spacing="compact">
<listitem>
<para> Initial release. </para>
</listitem>
</itemizedlist>
</revdescription>
</revision>
</revhistory>
</info>
<chapter xml:id="chapter-0001">
<title>Summary of Changes</title>
<para> Rackspace extensions to Identity Service v2.0 API
allows authenticate call to also return information about
group memberships of the user. </para>
<section xml:id="NewHeaders-0001">
<title>New Headers</title>
<para>None.</para>
</section>
<section xml:id="NewFaults0001">
<title>New Faults</title>
<para>None.</para>
</section>
<section xml:id="NewResources-0001">
<title>New Resources</title>
<para>None.</para>
</section>
<section xml:id="NewActions0001">
<title>New Actions</title>
<para>None.</para>
</section>
<section xml:id="NewElement0001">
<title>New Elements</title>
<section xml:id="RackExt-0001">
<title>Rackspace extensions to Identity Service v2.0
API enabling groups.</title>
<section xml:id="New-Elements-details-0002">
<title>New Elements</title>
<para> This extension starts returning groups as a
part of response when an authenticate call is
made. The samples of new elements that are
defined as a part of this extension are listed
below. </para>
<example>
<title>Groups Sample XML</title>
<programlisting language="xml"><xi:include href="&GROUPSXML;" parse="text"/></programlisting>
</example>
<example>
<title>Groups Sample JSON</title>
<programlisting language="json"><xi:include href="&GROUPSJSON;" parse="text"/></programlisting>
</example>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Admin_API_Service_Developer_Operations-RAX-KSGRP"
version="5.0" role="api-reference">
<title>RAX-KSGRP Extension API Operations</title>
<table rules="all">
<caption>Authentication Header</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Name</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<tr>
<td>HTTP/1.1 Request</td>
<td>X-Auth-Token</td>
<td>txfa8426a08eaf</td>
</tr>
</tbody>
</table>
<para>Following operations are the list of
operations whose behavior is altered by
Rackspace API Groups Service Extension:</para>
<section xml:id="User_Operations_RAX_KSGRP">
<title>User Operations</title>
<wadl:resources
xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource
href="../wadl/RAX-KSGRP.wadl#user-groups-RAX-KSGRP">
<wadl:method href="listUserGroups"/>
</wadl:resource>
</wadl:resources>
</section>
</section>
</section>
</section>
</chapter>
</book>

0
openstack-identity-api/src/docbkx/extensions/RAX-KSGRP/samples/RAX-KSGRP-group.json → openstack-identity-api/src/docbkx/RAX-KSGRP/samples/RAX-KSGRP-group.json
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-KSGRP/samples/RAX-KSGRP-group.xml → openstack-identity-api/src/docbkx/RAX-KSGRP/samples/RAX-KSGRP-group.xml
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-KSGRP/samples/RAX-KSGRP-groups.json → openstack-identity-api/src/docbkx/RAX-KSGRP/samples/RAX-KSGRP-groups.json
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-KSGRP/samples/RAX-KSGRP-groups.xml → openstack-identity-api/src/docbkx/RAX-KSGRP/samples/RAX-KSGRP-groups.xml
View File

203
openstack-identity-api/src/docbkx/RAX-KSKEY/RAX-KSKEY-admin-devguide.xml Normal file
View File

@ -0,0 +1,203 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY PUB_DATE "2011-09-13">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY APIKEYCREDENTIALSREQUESTXML "samples/apiKeyCredentials.xml">
<!ENTITY APIKEYCREDENTIALSREQUESTJSON "samples/apiKeyCredentials.json">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0"
status="draft" xml:id="RAX-KSKEY-admin">
<?rax subtitle.font.size="12px"?>
<title>OpenStack Identity Rackspace API Key Authentication
Extension (Admin Operations)</title>
<titleabbrev>RAX-KSKEY (Admin)</titleabbrev>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>Rackspace Cloud</orgname>
</affiliation>
</author>
<copyright>
<year>2011</year>
<holder>Rackspace US, Inc.</holder>
</copyright>
<productname>OpenStack Identity</productname>
<pubdate>&PUB_DATE;</pubdate>
<legalnotice role="rs-api">
<annotation>
<remark>Copyright details are filled in by the
template.</remark>
</annotation>
</legalnotice>
<othercredit>
<personname>
<firstname>Joe</firstname>
<surname>Savak</surname>
</personname>
<email>joe.savak@RACKSPACE.COM</email>
</othercredit>
<extension xmlns="http://docs.openstack.org/common/api/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
name="Rackspace API Key authentication"
namespace="http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0"
alias="RAX-KSKEY" updated="2011-08-14T13:25:27-06:00">
<description> Rackspace extensions to Identity Service
v2.0 API enabling API Key authentication. </description>
<atom:link rel="describedby" type="application/pdf"
href="https://raw.github.com/openstack/identity-api/master/openstack-identity-api/src/docbkx/extensions/RAX-KSKEY/RAX-KSKEY-admin-devguide.pdf"/>
<atom:link rel="describedby"
type="application/vnd.sun.wadl+xml"
href="https://raw.github.com/openstack/identity-api/master/openstack-identity-api/src/docbkx/extensions/RAX-KSKEY/RAX-KSKEY-admin.wadl"
/>
</extension>
<abstract>
<para> This document is intended for service developers
interested in using the Rackspace API Key
Authentication Admin Extension along with the
OpenStack Identity Service (<abbrev>API</abbrev>).
</para>
</abstract>
<revhistory>
<revision>
<date>2011-09-13</date>
<revdescription>
<itemizedlist spacing="compact">
<listitem>
<para> Initial release. </para>
</listitem>
</itemizedlist>
</revdescription>
</revision>
</revhistory>
</info>
<chapter xml:id="chapter-0001">
<title>Summary of Changes</title>
<para> The Rackspace API Key Authentication Admin Extension
allows crud/listing operations on
<parameter>apikeyCredentials</parameter>. </para>
<section xml:id="NewHeaders-0001">
<title>New Headers</title>
<para>None.</para>
</section>
<section xml:id="NewFaults0001">
<title>New Faults</title>
<para>None.</para>
</section>
<section xml:id="NewResources-0001">
<title>New Resources</title>
<para>None.</para>
</section>
<section xml:id="NewActions0001">
<title>New Actions</title>
<para>None.</para>
</section>
<section xml:id="NewElement0001">
<title>New Element</title>
<section xml:id="RackExt-0001">
<title>apikeyCredentials</title>
<para>This extension allows authentication calls to
accept new type of credentials
<parameter>apikeyCredentials</parameter>.
These are additional type of credentials defined
to support rackspace style authentication.
Examples of
<parameter>apikeyCredentials</parameter> are
illustrated below </para>
<example>
<title>apikeyCredentials XML</title>
<programlisting language="xml"><xi:include href="&APIKEYCREDENTIALSREQUESTXML;" parse="text"/></programlisting>
</example>
<example>
<title>apikeyCredentials JSON</title>
<programlisting language="json"><xi:include href="&APIKEYCREDENTIALSREQUESTJSON;" parse="text"/></programlisting>
</example>
</section>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Admin_API_Service_Developer_Operations-RAX-KSKEY-admin"
version="5.0" role="api-reference">
<title>RAX-KSKEY-admin Extension API Operations</title>
<table rules="all">
<caption>Authentication Header</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Name</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<tr>
<td>HTTP/1.1 Request</td>
<td>X-Auth-Token</td>
<td>txfa8426a08eaf</td>
</tr>
</tbody>
</table>
<para>Following operations are the list of operations
whose behavior is altered by Rackspace API Key
Authentication Extension:</para>
<section xml:id="User_Operations_RAX_KSKEY">
<title>User Operations</title>
<wadl:resources
xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource
href="../wadl/RAX-KSKEY-admin.wadl#userCredentials">
<wadl:method href="addUserCredential"/>
<wadl:method href="listCredentials"/>
</wadl:resource>
<wadl:resource
href="../wadl/RAX-KSKEY-admin.wadl#userCredentialsByType">
<wadl:method href="updateUserCredential"/>
<wadl:method href="deleteUserCredential"/>
<wadl:method href="getUserCredential"/>
</wadl:resource>
</wadl:resources>
</section>
</section>
</chapter>
</book>

211
openstack-identity-api/src/docbkx/RAX-KSKEY/RAX-KSKEY-service-devguide.xml Normal file
View File

@ -0,0 +1,211 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY PUB_DATE "2011-08-26">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY NAMESPACE "http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0">
<!ENTITY EXTENSIONXSD "xsd/RAX-KSKEY-credentials.xsd">
<!ENTITY APIKEYCREDENTIALSREQUESTXML "../RAX-KSKEY/samples/apiKeyCredentials.xml">
<!ENTITY APIKEYCREDENTIALSREQUESTJSON "../RAX-KSKEY/samples/apiKeyCredentials.json">
<!ENTITY APIKEYCREDENTIALSRESPONSEXML "../samples/auth.xml">
<!ENTITY APIKEYCREDENTIALSRESPONSEJSON "../samples/auth.json">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0"
status="draft" xml:id="RAX-KSKEY">
<?rax subtitle.font.size="12px"?>
<title>OpenStack Identity Rackspace API Key Authentication
Extension (Service Operations)</title>
<titleabbrev>RAX-KSKEY (Service)</titleabbrev>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>Rackspace Cloud</orgname>
</affiliation>
</author>
<copyright>
<year>2011</year>
<holder>Rackspace US, Inc.</holder>
</copyright>
<productname>OpenStack Identity</productname>
<pubdate>&PUB_DATE;</pubdate>
<legalnotice role="rs-api">
<annotation>
<remark>Copyright details are filled in by the
template.</remark>
</annotation>
</legalnotice>
<abstract>
<para> This document is intended for client developers
interested in using the Rackspace API Key
Authentication Service Extension along with the
OpenStack Identity Service (<abbrev>API</abbrev>).
</para>
</abstract>
<othercredit>
<personname>
<firstname>Joe</firstname>
<surname>Savak</surname>
</personname>
<email>joe.savak@RACKSPACE.COM</email>
</othercredit>
<extension xmlns="http://docs.openstack.org/common/api/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
name="Rackspace API Key authentication"
namespace="http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0"
alias="RAX-KSKEY" updated="2011-08-14T13:25:27-06:00">
<description> Rackspace extensions to Identity Service v2.0 API
enabling API Key authentication. </description>
<atom:link rel="describedby" type="application/pdf"
href="http://docs.rackspacecloud.com/auth/api/v2.0/RAX-KSKEY/RAX-KSKEY-service-devguide.pdf"/>
<atom:link rel="describedby" type="application/xml"
href="http://docs.rackspacecloud.com/auth/api/v2.0/RAX-KSKEY/xsd/RAX-KSKEY-credentials.xsd"/>
</extension>
<revhistory>
<revision>
<date>2011-08-24</date>
<revdescription>
<itemizedlist spacing="compact">
<listitem>
<para> Initial release. </para>
</listitem>
</itemizedlist>
</revdescription>
</revision>
</revhistory>
</info>
<chapter xml:id="chapter-0001">
<title>Summary of Changes</title>
<para>The Rackspace API Key Authentication Service Extension
allows authenticate call to happen using
apikeyCredentials. </para>
<section xml:id="NewHeaders-0001">
<title>New Headers</title>
<para>None.</para>
</section>
<section xml:id="NewFaults0001">
<title>New Faults</title>
<para>None.</para>
</section>
<section xml:id="NewResources-0001">
<title>New Resources</title>
<para>None.</para>
</section>
<section xml:id="NewActions0001">
<title>New Actions</title>
<para>None.</para>
</section>
<section xml:id="NewElement0001">
<title>New Element</title>
<section xml:id="RackExt-0001">
<title> Rackspace extensions to Identity Service v2.0 API
enabling API Key authentication. </title>
<section xml:id="Authenticate-d1e1166">
<title>RAX-KSKEY apikeyCredentials Extension</title>
<para>This extension allows authentication calls
to accept new type of credentials
<parameter>apikeyCredentials</parameter>.
These are additional type of credentials
defined to support Rackspace style
authentication. The usage of
<parameter>apikeyCredentials</parameter>
on an existing call to authenticate is
illustrated below. </para>
<informaltable rules="all">
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<th>Verb</th>
<th>URI</th>
<th>Description</th>
</tr>
</thead> <tbody>
<tr>
<td> &POST; </td>
<td>/tokens</td>
<td>Authenticate to
generate a token.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>,
<returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized
(<errorcode>401</errorcode>), userDisabled
(<errorcode>403</errorcode>), badRequest
(<errorcode>400</errorcode>),
identityFault (<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
<para> This call will return a token if
successful. Clients obtain this token, along
with the URL to other service APIs, by first
authenticating against the OpenStack Identity Service
and supplying valid credentials. This
extension provides support for Rackspace style
API Key credentials. </para>
<para> Client authentication is provided via a
ReST interface using the POST method, with
v2.0/tokens supplied as the path. A payload of
credentials must be included in the body. </para>
<para> The Identity Service is a ReSTful web
service. It is the entry point to all service
APIs. To access the Identity Service, you must
know the URL of the Identity Service. </para>
<example>
<title>XML Auth Request using
apikeyCredentials</title>
<programlisting language="xml"><xi:include href="&APIKEYCREDENTIALSREQUESTXML;" parse="text"/></programlisting>
</example>
<example>
<title>JSON Auth Request using
apikeyCredentials</title>
<programlisting language="json"><xi:include href="&APIKEYCREDENTIALSREQUESTJSON;" parse="text"/></programlisting>
</example>
<example>
<title>XML Auth Response</title>
<programlisting language="xml"><xi:include href="&APIKEYCREDENTIALSRESPONSEXML;" parse="text"/></programlisting>
</example>
<example>
<title>JSON Auth Response</title>
<programlisting language="json"><xi:include href="&APIKEYCREDENTIALSRESPONSEJSON;" parse="text"/></programlisting>
</example>
</section>
</section>
</section>
</chapter>
</book>

0
openstack-identity-api/src/docbkx/extensions/RAX-KSKEY/samples/apiKeyCredentials.json → openstack-identity-api/src/docbkx/RAX-KSKEY/samples/apiKeyCredentials.json
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-KSKEY/samples/apiKeyCredentials.xml → openstack-identity-api/src/docbkx/RAX-KSKEY/samples/apiKeyCredentials.xml
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-KSKEY/samples/auth_credentials-RAX-KSKEY.json → openstack-identity-api/src/docbkx/RAX-KSKEY/samples/auth_credentials-RAX-KSKEY.json
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-KSKEY/samples/auth_credentials-RAX-KSKEY.xml → openstack-identity-api/src/docbkx/RAX-KSKEY/samples/auth_credentials-RAX-KSKEY.xml
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-KSKEY/samples/credentials.json → openstack-identity-api/src/docbkx/RAX-KSKEY/samples/credentials.json
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-KSKEY/samples/credentials.xml → openstack-identity-api/src/docbkx/RAX-KSKEY/samples/credentials.xml
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-KSKEY/samples/credentialswithapikey.json → openstack-identity-api/src/docbkx/RAX-KSKEY/samples/credentialswithapikey.json
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-KSKEY/samples/credentialswithapikey.xml → openstack-identity-api/src/docbkx/RAX-KSKEY/samples/credentialswithapikey.xml
View File

185
openstack-identity-api/src/docbkx/RAX-KSQA/RAX-KSQA-admin-devguide.xml Normal file
View File

@ -0,0 +1,185 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY PUB_DATE "2011-09-13">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY SECRETQAREQUESTXML "samples/RAX-KSQA-secretQA.xml">
<!ENTITY SECRETQAREQUESTJSON "samples/RAX-KSQA-secretQA.json">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0"
status="draft" xml:id="RAX-KSQA">
<?rax subtitle.font.size="12px"?>
<title>OpenStack Identity Rackspace API Secret Question and Answer
(Admin Operations)</title>
<titleabbrev>RAX-KSQA (Admin)</titleabbrev>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>Rackspace Cloud</orgname>
</affiliation>
</author>
<copyright>
<year>2011</year>
<holder>Rackspace US, Inc.</holder>
</copyright>
<productname>OpenStack Identity</productname>
<pubdate>2012-01-23</pubdate>
<legalnotice role="rs-api">
<annotation>
<remark>Copyright details are filled in by the
template.</remark>
</annotation>
</legalnotice>
<abstract>
<para> This document is intended for client developers
interested in using the Rackspace API Secret Question
and Answer Extension. </para>
</abstract>
<othercredit>
<personname>
<firstname>Joe</firstname>
<surname>Savak</surname>
</personname>
<email>joe.savak@RACKSPACE.COM</email>
</othercredit>
<extension xmlns="http://docs.openstack.org/common/api/v1.0"
xmlns:atom="http://www.w3.org/2005/Atom"
name="Rackspace QAstone Secret Question and Answer"
namespace="http://docs.rackspace.com/identity/api/ext/RAX-KSQA/v1.0"
alias="RAX-KSQA" updated="2012-01-23T10:40:00-04:00">
<description>Allows the management of a User's Secret
Question and Answer.</description>
<atom:link rel="describedby"
type="application/vnd.sun.wadl+xml"
href="http://docs.rackspacecloud.com/auth/api/v2.0/RAX-KSQA/RAX-KSQA-admin.wadl"
/>
</extension>
<revhistory>
<revision>
<date>2011-01-23</date>
<revdescription>
<itemizedlist spacing="compact">
<listitem>
<para> Initial release. </para>
</listitem>
</itemizedlist>
</revdescription>
</revision>
</revhistory>
</info>
<chapter xml:id="chapter-0001">
<title>Summary of Changes</title>
<para> The Rackspace API Secret Question and Answer Extension
allows the management of a User's Secret Question and
Answer. </para>
<section xml:id="NewHeaders-0001">
<title>New Headers</title>
<para>None.</para>
</section>
<section xml:id="NewFaults0001">
<title>New Faults</title>
<para>None.</para>
</section>
<section xml:id="NewResources-0001">
<title>New Resources</title>
<para>None.</para>
</section>
<section xml:id="NewActions0001">
<title>New Actions</title>
<para>None.</para>
</section>
<section xml:id="NewElement0001">
<title>New Element</title>
<section xml:id="RackExt-0001">
<title>secretQA</title>
<para> A <parameter>secretQA</parameter> element is
added that allows the management of a user's
secret question and answer. </para>
<example>
<title>secretQA XML</title>
<programlisting language="xml"><xi:include href="&SECRETQAREQUESTXML;" parse="text"/></programlisting>
</example>
<example>
<title>secretQA JSON</title>
<programlisting language="json"><xi:include href="&SECRETQAREQUESTJSON;" parse="text"/></programlisting>
</example>
</section>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Admin_API_Service_Developer_Operations-RAX-KSQA"
version="5.0" role="api-reference">
<title>RAX-KSQA Extension API Operations</title>
<table rules="all">
<caption>Authentication Header</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Name</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<tr>
<td>HTTP/1.1 Request</td>
<td>X-Auth-Token</td>
<td>txfa8426a08eaf</td>
</tr>
</tbody>
</table>
<para>Following operations are the list of operations
supported by Rackspace Secret Question and Answer
Extension:</para>
<section xml:id="User_Operations_RAX_KSQA">
<title>User Operations</title>
<wadl:resources
xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource
href="../wadl/RAX-KSQA-admin.wadl#secretqa"/>
</wadl:resources>
</section>
</section>
</chapter>
</book>

0
openstack-identity-api/src/docbkx/extensions/RAX-KSQA/samples/RAX-KSQA-secretQA.json → openstack-identity-api/src/docbkx/RAX-KSQA/samples/RAX-KSQA-secretQA.json
View File

0
openstack-identity-api/src/docbkx/extensions/RAX-KSQA/samples/RAX-KSQA-secretQA.xml → openstack-identity-api/src/docbkx/RAX-KSQA/samples/RAX-KSQA-secretQA.xml
View File

509
openstack-identity-api/src/docbkx/admin/identity-admin.wadl
View File

@ -1,509 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--*******************************************************-->
<!-- Import Common XML Entities -->
<!-- -->
<!-- You can resolve the entites with xmllint -->
<!-- -->
<!-- xmllint -noent identity-admin.wadl -->
<!--*******************************************************-->
<!DOCTYPE application [
<!ENTITY % common SYSTEM "../common/common.ent">
%common;
]>
<application xmlns="http://wadl.dev.java.net/2009/02"
xmlns:identity="http://docs.openstack.org/identity/api/v2.0"
xmlns:capi="http://docs.openstack.org/common/api/v1.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsdxt="http://docs.rackspacecloud.com/xsd-ext/v1.0"
xsi:schemaLocation="http://docs.openstack.org/identity/api/v2.0 ../common/xsd/api.xsd
http://docs.openstack.org/common/api/v1.0 ../common/xsd/api-common.xsd
http://wadl.dev.java.net/2009/02 http://www.w3.org/Submission/wadl/wadl.xsd
">
<grammars>
<include href="../common/xsd/api.xsd"/>
<include href="../common/xsd/api-common.xsd"/>
</grammars>
<!--*******************************************************-->
<!-- All Resources -->
<!--*******************************************************-->
<!-- We should use SSL in production -->
<resources base="http://localhost:35357">
<resource id="version" path="v2.0">
<method href="#getVersionInfo"/>
<resource id="extensions" path="extensions">
<method href="#listExtensions"/>
<resource id="extension" path="{alias}">
<param name="alias" style="template" type="xsd:string"/>
<method href="#getExtension"/>
</resource>
</resource>
<resource id="tokens" path="tokens">
<method href="#authenticate"/>
<resource id="tokenById" path="{tokenId}">
<param name="X-Auth-Token" style="header" type="xsd:string" required="true">
<doc>You need a valid admin token for access.</doc>
</param>
<param name="tokenId" style="template" type="xsd:string" required="true"/>
<param name="belongsTo" style="query" type="xsd:string" required="false"/>
<method href="#validateToken"/>
<method href="#checkToken"/>
<resource id="endpointsForToken" path="endpoints">
<method href="#listEndpointsForToken"/>
</resource>
</resource>
</resource>
<resource id="users" path="users">
<param name="X-Auth-Token" style="header" type="xsd:string" required="true">
<doc>You need a valid admin token for access.</doc>
</param>
<method href="#getUserByName"/>
<resource id="userid" path="{user_id}">
<param name="user_id" style="template" type="xsd:string" required="true"/>
<method href="#getUserById"/>
<resource id="userRoles" path="roles">
<method href="#listUserGlobalRoles"/>
</resource>
</resource>
</resource>
<resource id="tenants" path="tenants">
<param name="X-Auth-Token" style="header" type="xsd:string" required="true">
<doc>
<p xmlns="http://www.w3.org/1999/xhtml">
You need a valid admin token for access.
</p>
</doc>
</param>
<method href="#listTenants"/>
<method href="#getTenantByName"/>
<resource id="tenantById" path="{tenantId}">
<param name="tenantId" style="template" type="xsd:string" required="true"/>
<method href="#getTenantById"/>
<resource id="usersForTenant" path="users">
<resource id="getTenantUser" path="{user_id}">
<param name="user_id" style="template" type="xsd:string" required="true"/>
<resource id="userRolesForTenant" path="roles">
<method href="#listRolesForUserOnTenant"/>
</resource>
</resource>
</resource>
</resource>
</resource>
</resource>
</resources>
<!--*******************************************************-->
<!-- Resource Types -->
<!--*******************************************************-->
<resource_type id="VersionDetails">
<method href="#getVersionInfo"/>
</resource_type>
<resource_type id="ExtensionList">
<doc xml:lang="EN" title="Extension List">
<p xmlns="http://www.w3.org/1999/xhtml">
A list of supported extensions.
</p>
</doc>
<method href="#listExtensions"/>
</resource_type>
<!--*******************************************************-->
<!-- All Methods -->
<!--*******************************************************-->
<!-- Version -->
<method name="GET" id="getVersionInfo">
<doc xml:lang="EN" title="Version Details">
<p xmlns="http://www.w3.org/1999/xhtml">
Returns detailed information about this specific version of the API.
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="capi:version">
<param name="location" style="plain" type="xsd:anyURI" required="true" path="/capi:version/atom:link[@rel='self']/@href">
<link resource_type="#VersionDetails" rel="self"/>
</param>
</representation>
<representation mediaType="application/json"/>
</response>
&commonFaults;
&getFaults;
</method>
<!-- Extensions -->
<method name="GET" id="listExtensions">
<doc xml:lang="EN" title="List Extensions">
<p xmlns="http://www.w3.org/1999/xhtml">
Lists supported extensions.
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="capi:extensions">
<param name="next" style="plain" type="xsd:anyURI" path="/capi:extensions/atom:link[@rel='next']/@href">
<link resource_type="#ExtensionList" rel="next"/>
</param>
<param name="previous" style="plain" type="xsd:anyURI" path="/capi:extensions/atom:link[@rel='previous']/@href">
<link resource_type="#ExtensionList" rel="previous"/>
</param>
</representation>
<representation mediaType="application/json"/>
</response>
&commonFaults;
</method>
<method name="GET" id="getExtension">
<doc xml:lang="EN" title="Get Extension Details">
<p xmlns="http://www.w3.org/1999/xhtml">
Gets details about a specific extension.
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="capi:extension"/>
<representation mediaType="application/json"/>
</response>
&commonFaults;
&getFaults;
</method>
<!-- Token Operations -->
<method name="POST" id="authenticate">
<doc xml:lang="EN" title="Authenticate for Service API">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Authenticate to generate a token.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
This call will return a token if successful. Each ReST request against other services (or other
calls on Keystone such as the GET /tenants call)
requires the inclusion of a specific authorization token HTTP x-header, defined as X-Auth-Token.
Clients obtain
this token, along with the URL to other service APIs, by first authenticating against the
Keystone Service and supplying valid credentials.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
Client authentication is provided via a ReST interface using the POST method,
with v2.0/tokens supplied as the path. A payload of credentials must be included
in the body.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
The Keystone Service is a ReSTful web service. It is the entry point to all service APIs.
To access the Keystone Service, you must know URL of the Keystone service.
</p>
</doc>
<request>
<representation mediaType="application/xml" element="identity:auth">
<doc>
<xsdxt:code href="../common/samples/auth_credentials.xml"/>
<xsdxt:code href="../common/samples/auth_with_token.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="../common/samples/auth_credentials.json"/>
<xsdxt:code href="../common/samples/auth_with_token.json"/>
</doc>
</representation>
</request>
<response status="200 203">
<representation mediaType="application/xml" element="identity:access">
<doc>
<xsdxt:code href="../common/samples/auth.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="../common/samples/auth.json"/>
</doc>
</representation>
</response>
<response status="403">
<representation mediaType="application/xml" element="identity:userDisabled"/>
<representation mediaType="application/json"/>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="validateToken">
<doc xml:lang="EN" title="Validate Token">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Check that a token is valid and that it belongs to a supplied tenant
and return the permissions relevant to a particular client.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
Valid tokens will exist in the
<code>/tokens/{tokenId}</code> path and invalid
tokens will not. In other words, a user should expect an
itemNotFound (<code>404</code>) fault for an
invalid token.
</p>
</doc>
<request>
<param name="belongsTo" style="query" required="false" type="xsd:string">
<doc xml:lang="EN">
<p xmlns="http://www.w3.org/1999/xhtml">
Validates a token has the supplied tenant in scope.
</p>
</doc>
</param>
</request>
<response status="200 203">
<representation mediaType="application/xml" element="identity:access">
<doc>
<xsdxt:code href="../common/samples/validatetoken.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="../common/samples/validatetoken.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="HEAD" id="checkToken">
<doc xml:lang="EN" title="Check Token">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Check that a token is valid and that it belongs to a particular tenant
(For performance).
</p>
</doc>
<request>
<param name="belongsTo" style="query" required="false" type="xsd:string">
<doc xml:lang="EN">
<p xmlns="http://www.w3.org/1999/xhtml">
Validates a token has the supplied tenant in scope. (for performance).
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
Valid tokens will exist in the
<code>/tokens/{tokenId}</code> path and invalid
tokens will not. In other words, a user should expect an
itemNotFound (<code>404</code>) fault for an
invalid token.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
If `belongsTo` is provided, validates that a token has a specific tenant in scope.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
No response body is returned for this method.
</p>
</doc>
</param>
</request>
<response status="200 203"/>
&commonFaults;
&getFaults;
</method>
<!--User Operations-->
<method name="GET" id="getUserByName">
<doc xml:lang="EN" title="Get a User by Name">
<p xmlns="http://www.w3.org/1999/xhtml">
Returns detailed information about a specific user, by user name.
</p>
</doc>
<request>
<param name="name" style="query" type="xsd:string" required="true"/>
</request>
<response status="200 203">
<representation mediaType="application/xml" element="identity:user">
<doc>
<xsdxt:code href="../common/samples/user.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="../common/samples/user.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="getUserById">
<doc xml:lang="EN" title="Get a User by ID">
<p xmlns="http://www.w3.org/1999/xhtml">
Returns detailed information about a specific user, by user id.
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="identity:user">
<doc>
<xsdxt:code href="../common/samples/user.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="../common/samples/user.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="listUserGlobalRoles">
<doc xml:lang="EN" title="List User Global Roles">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Returns global roles for a specific user (excludes tenant roles).
</p>
<p xmlns="http://www.w3.org/1999/xhtml">Returns a list of global roles associated with a specific
user (excludes tenant roles).</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="identity:roles">
<doc>
<xsdxt:code href="../common/samples/roles.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="../common/samples/roles.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<!-- Tenant Operations -->
<method name="GET" id="listTenants">
<doc xml:lang="EN" title="Get Tenants">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Get a list of tenants.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
The operation returns a list of tenants which the supplied token provides
access to. This call must be authenticated, so a valid token must
be passed in as a header.
</p>
<xsdxt:samples>
<xsdxt:sample xmlns="http://docs.rackspace.com/api" title="Tenants Request with Auth Token">
<xsdxt:code href="../common/samples/tenants-request.txt" language="text"/>
</xsdxt:sample>
</xsdxt:samples>
</doc>
<request>
<param name="marker" style="query" required="false" type="xsd:string"/>
<param name="limit" style="query" required="false" type="xsd:int"/>
</request>
<response status="200 203">
<representation mediaType="application/xml" element="identity:tenants">
<doc>
<xsdxt:code href="../common/samples/tenants.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="../common/samples/tenants.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="getTenantByName">
<doc xml:lang="EN" title="Get tenants by name">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Returns detailed information about a tenant, by name.
</p>
</doc>
<request>
<param name="name" style="query" type="xsd:string" required="true"/>
</request>
<response status="200 203">
<representation mediaType="application/xml" element="identity:tenant">
<doc>
<xsdxt:code href="../common/samples/tenant.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="../common/samples/tenant.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="getTenantById">
<doc xml:lang="EN" title="Get Tenants by ID">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Returns detailed information about a tenant, by id.
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="identity:tenant">
<doc>
<xsdxt:code href="../common/samples/tenant.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="../common/samples/tenant.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="listEndpointsForToken">
<doc xml:lang="EN" title="List Endpoints for a Token">
<p xmlns="http://www.w3.org/1999/xhtml">
Returns a list of endpoints associated with a specific token.
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="identity:endpoints">
<doc>
<xsdxt:code href="../common/samples/endpoints.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="../common/samples/endpoints.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="listRolesForUserOnTenant">
<doc xml:lang="EN" title="List Roles for User on Tenant">
<p xmlns="http://www.w3.org/1999/xhtml">
Returns roles for a specific user on a specific tenant (excludes global roles).
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="identity:roles">
<doc>
<xsdxt:code href="../common/samples/roles.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="../common/samples/roles.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
</application>

73
openstack-identity-api/src/docbkx/admin/identity-service-api.xml Normal file
View File

@ -0,0 +1,73 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE chapter [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!ENTITY plusmn "&#xB1;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
]>
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Admin_API_Service_Developer_Operations-d1e1356"
version="5.0" role="api-reference">
<title>Administrative API Operations</title>
<para>The OpenStack Identity Service administrative API operations
enable service developers to get and validate access tokens,
manage users, tenants, roles, and service endpoints. </para>
<para>Most administrative API calls require authentication. The
only calls available without authentication are the calls to
discover the service &ndash; getting version info, WADL
contract, dev guide, help, and so on &ndash; and the call to
authenticate and get a token.</para>
<para>Authentication is performed by passing in a valid token in
the <code>X-Auth-Token</code> header on the request from the
client. The Identity Service will verify the token has (or
belongs to a user that has) the <code>Admin</code> role. </para>
<para>See the readme file or administrator guides for how to
bootstrap the Identity Service and create your first
administrator. </para>
<table rules="all">
<caption>Authentication Header</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Name</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<tr>
<td>HTTP/1.1 Request</td>
<td>X-Auth-Token</td>
<td>txfa8426a08eaf</td>
</tr>
</tbody>
</table>
<para>The following calls are core for the OpenStack Identity
Service administrative APIs v2.0:</para>
<section xml:id="Token_Operations">
<title>Token Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="../wadl/identity-admin.wadl#tokens"/>
<wadl:resource
href="../wadl/identity-admin.wadl#tokenById"/>
<wadl:resource
href="../wadl/identity-admin.wadl#endpointsForToken"/>
</wadl:resources>
</section>
<section xml:id="User_Operations">
<title>User Operations</title>
<para>See <xref linkend="User_Operations_OS-KSADM"/>.</para>
</section>
<section xml:id="Tenant_Operations">
<title>Tenant Operations</title>
<para>See <xref linkend="Tenant_Operations_OS-KSADM"/>.</para>
</section>
</chapter>

36
openstack-identity-api/src/docbkx/client/identity-client-api.xml
View File

@ -1,18 +1,20 @@
<?xml version='1.0' encoding='UTF-8'?>
<section
xmlns="http://docbook.org/ns/docbook"
xml:id="Service_API_Client_Operations"
version="5.0">
<title>Service API (Client Operations)</title>
<para>The operations described in this chapter allow clients tokens
authenticate and get access tokens and service endpoints. The following
calls are core Keystone Service APIs in version 2.0:</para>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="../admin/identity-admin.wadl#tokens" >
<wadl:method href="authenticate"/>
</wadl:resource>
<wadl:resource href="../admin/identity-admin.wadl#tenants" >
<wadl:method href="listTenants"/>
</wadl:resource>
</wadl:resources>
</section>
<chapter xmlns="http://docbook.org/ns/docbook"
xml:id="Service_API_Client_Operations" version="5.0"
role="api-reference">
<title>Client API Operations</title>
<para>These operations enable clients to get authentication tokens and list tenants. </para>
<section xml:id="client_token"><title>Token Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="../wadl/identity.wadl#tokens"/>
<!--<wadl:resource
href="../wadl/identity-admin.wadl#endpointsForToken"/>
</wadl:resources> --></wadl:resources>
</section>
<section xml:id="client_tenant"><title>Tenant Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource
href="../wadl/identity.wadl#tenants"/>
</wadl:resources>
</section>
</chapter>

10
openstack-identity-api/src/docbkx/common/ch_hp_extensions.xml Normal file
View File

@ -0,0 +1,10 @@
<?xml version='1.0' encoding='UTF-8'?>
<chapter xmlns="http://docbook.org/ns/docbook"
xml:id="hp_identity_extensions" version="5.0"
xmlns:xi="http://www.w3.org/2001/XInclude"
role="api-reference">
<title>HP Identity Service Extensions</title>
<xi:include href="../HP-IDM/HP-IDM.xml"
xpointer="element(hp-idm-validate-tokens)"/>
</chapter>

19
openstack-identity-api/src/docbkx/common/ch_os_extensions.xml Normal file
View File

@ -0,0 +1,19 @@
<?xml version='1.0' encoding='UTF-8'?>
<chapter xmlns="http://docbook.org/ns/docbook"
xml:id="openstack_identity_extensions" version="5.0"
xmlns:xi="http://www.w3.org/2001/XInclude"
role="api-reference">
<title>OpenStack Identity Service Extensions</title>
<xi:include href="../OS-KSADM/OS-KSADM-admin-devguide.xml"
xpointer="element(Admin_API_Service_Developer_Operations-d1e1357)"/>
<xi:include href="../OS-KSCATALOG/OS-KSCATALOG-admin-devguide.xml"
xpointer="element(Admin_API_Service_Developer_Operations-OS-KSCATALOG)"/>
<xi:include href="../OS-KSEC2/OS-KSEC2-admin-devguide.xml"
xpointer="element(Admin_API_Service_Developer_Operations-OS-KSEC2)"/>
<xi:include href="../OS-KSS3/OS-KSS3-admin-devguide.xml"
xpointer="element(KSS3_OPERATIONS-token)"/>
<xi:include href="../OS-KSVALIDATE/OS-KSVALIDATE-admin-devguide.xml"
xpointer="element(KSVALIDATE_OPERATIONS-token)"/>
</chapter>

18
openstack-identity-api/src/docbkx/common/ch_rax_extensions.xml Normal file
View File

@ -0,0 +1,18 @@
<?xml version='1.0' encoding='UTF-8'?>
<chapter xmlns="http://docbook.org/ns/docbook"
xml:id="rax_identity_extensions" version="5.0"
xmlns:xi="http://www.w3.org/2001/XInclude"
role="api-reference">
<title>Rackspace Identity Service Extensions</title>
<xi:include href="../RAX-GRPADM/RAX-GRPADM-devguide.xml"
xpointer="element(Admin_API_Service_Developer_Operations-RAX-GRPADM)"/>
<xi:include href="../RAX-KSGRP/RAX-KSGRP-service-devguide.xml"
xpointer="element(Admin_API_Service_Developer_Operations-RAX-KSGRP)"/>
<xi:include href="../RAX-KSKEY/RAX-KSKEY-admin-devguide.xml"
xpointer="element(Admin_API_Service_Developer_Operations-RAX-KSKEY-admin)"/>
<xi:include href="../RAX-KSKEY/RAX-KSKEY-service-devguide.xml"
xpointer="element(Authenticate-d1e1166)"/>
<xi:include href="../RAX-KSQA/RAX-KSQA-admin-devguide.xml"
xpointer="element(Admin_API_Service_Developer_Operations-RAX-KSQA)"/>
</chapter>

10
openstack-identity-api/src/docbkx/common/ch_rax_identity_extensions.xml Normal file
View File

@ -0,0 +1,10 @@
<?xml version='1.0' encoding='UTF-8'?>
<chapter xmlns="http://docbook.org/ns/docbook"
xml:id="rax_identity_extensions" version="5.0"
xmlns:xi="http://www.w3.org/2001/XInclude"
role="api-reference">
<title>Identity Service API Extensions - Rackspace</title>
<xi:include href="../HP-IDM/HP-IDM.xml"
xpointer="element(hp-idm-validate-tokens)"/>
</chapter>

508
openstack-identity-api/src/docbkx/common/identity-admin.wadl
View File

@ -1,508 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--*******************************************************-->
<!-- Import Common XML Entities -->
<!-- -->
<!-- You can resolve the entites with xmllint -->
<!-- -->
<!-- xmllint -noent identity-admin.wadl -->
<!--*******************************************************-->
<!DOCTYPE application [
<!ENTITY % common SYSTEM "common.ent">
%common;
]>
<application xmlns="http://wadl.dev.java.net/2009/02"
xmlns:identity="http://docs.openstack.org/identity/api/v2.0"
xmlns:capi="http://docs.openstack.oapi/v1.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsdxt="http://docs.rackspacecloud.com/xsd-ext/v1.0"
xsi:schemaLocation="http://docs.openstack.org/identity/api/v2.0 xsd/api.xsd
http://docs.openstack.oapi/v1.0 xsd/api-common.xsd
http://wadl.dev.java.net/2009/02 http://www.w3.org/Submission/wadl/wadl.xsd
">
<grammars>
<include href="xsd/api.xsd"/>
<include href="xsd/api-common.xsd"/>
</grammars>
<!--*******************************************************-->
<!-- All Resources -->
<!--*******************************************************-->
<!-- We should use SSL in production -->
<resources base="http://localhost:35357">
<resource id="version" path="v2.0">
<method href="#getVersionInfo"/>
<resource id="extensions" path="extensions">
<method href="#listExtensions"/>
<resource id="extension" path="{alias}">
<param name="alias" style="template" type="xsd:string"/>
<method href="#getExtension"/>
</resource>
</resource>
<resource id="tokens" path="tokens">
<method href="#authenticate"/>
<resource id="tokenById" path="{tokenId}">
<param name="X-Auth-Token" style="header" type="xsd:string" required="true">
<doc>You need a valid admin token for access.</doc>
</param>
<param name="tokenId" style="template" type="xsd:string" required="true"/>
<param name="belongsTo" style="query" type="xsd:string" required="false"/>
<method href="#validateToken"/>
<method href="#checkToken"/>
<resource id="endpointsForToken" path="endpoints">
<method href="#listEndpointsForToken"/>
</resource>
</resource>
</resource>
<resource id="users" path="users">
<param name="X-Auth-Token" style="header" type="xsd:string" required="true">
<doc>You need a valid admin token for access.</doc>
</param>
<method href="#getUserByName"/>
<resource id="userid" path="{user_id}">
<param name="user_id" style="template" type="xsd:string" required="true"/>
<method href="#getUserById"/>
<resource id="userRoles" path="roles">
<method href="#listUserGlobalRoles"/>
</resource>
</resource>
</resource>
<resource id="tenants" path="tenants">
<param name="X-Auth-Token" style="header" type="xsd:string" required="true">
<doc>
<p xmlns="http://www.w3.org/1999/xhtml">
You need a valid admin token for access.
</p>
</doc>
</param>
<method href="#listTenants"/>
<method href="#getTenantByName"/>
<resource id="tenantById" path="{tenantId}">
<param name="tenantId" style="template" type="xsd:string" required="true"/>
<method href="#getTenantById"/>
<resource id="usersForTenant" path="users">
<resource id="getTenantUser" path="{user_id}">
<param name="user_id" style="template" type="xsd:string" required="true"/>
<resource id="userRolesForTenant" path="roles">
<method href="#listRolesForUserOnTenant"/>
</resource>
</resource>
</resource>
</resource>
</resource>
</resource>
</resources>
<!--*******************************************************-->
<!-- Resource Types -->
<!--*******************************************************-->
<resource_type id="VersionDetails">
<method href="#getVersionInfo"/>
</resource_type>
<resource_type id="ExtensionList">
<doc xml:lang="EN" title="Extension List">
<p xmlns="http://www.w3.org/1999/xhtml">
A list of supported extensions.
</p>
</doc>
<method href="#listExtensions"/>
</resource_type>
<!--*******************************************************-->
<!-- All Methods -->
<!--*******************************************************-->
<!-- Version -->
<method name="GET" id="getVersionInfo">
<doc xml:lang="EN" title="Version Details">
<p xmlns="http://www.w3.org/1999/xhtml">
Returns detailed information about this specific version of the API.
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="capi:version">
<param name="location" style="plain" type="xsd:anyURI" required="true" path="/capi:version/atom:link[@rel='self']/@href">
<link resource_type="#VersionDetails" rel="self"/>
</param>
</representation>
<representation mediaType="application/json"/>
</response>
&commonFaults;
&getFaults;
</method>
<!-- Extensions -->
<method name="GET" id="listExtensions">
<doc xml:lang="EN" title="List Extensions">
<p xmlns="http://www.w3.org/1999/xhtml">
Lists supported extensions.
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="capi:extensions">
<param name="next" style="plain" type="xsd:anyURI" path="/capi:extensions/atom:link[@rel='next']/@href">
<link resource_type="#ExtensionList" rel="next"/>
</param>
<param name="previous" style="plain" type="xsd:anyURI" path="/capi:extensions/atom:link[@rel='previous']/@href">
<link resource_type="#ExtensionList" rel="previous"/>
</param>
</representation>
<representation mediaType="application/json"/>
</response>
&commonFaults;
</method>
<method name="GET" id="getExtension">
<doc xml:lang="EN" title="Get Extension Details">
<p xmlns="http://www.w3.org/1999/xhtml">
Gets details about a specific extension.
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="capi:extension"/>
<representation mediaType="application/json"/>
</response>
&commonFaults;
&getFaults;
</method>
<!-- Token Operations -->
<method name="POST" id="authenticate">
<doc xml:lang="EN" title="Authenticate for Service API">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Authenticate to generate a token.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
This call will return a token if successful. Each ReST request against other services (or other
calls on Keystone such as the GET /tenants call)
requires the inclusion of a specific authorization token HTTP x-header, defined as X-Auth-Token.
Clients obtain
this token, along with the URL to other service APIs, by first authenticating against the
Keystone Service and supplying valid credentials.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
Client authentication is provided via a ReST interface using the POST method,
with v2.0/tokens supplied as the path. A payload of credentials must be included
in the body.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
The Keystone Service is a ReSTful web service. It is the entry point to all service APIs.
To access the Keystone Service, you must know URL of the Keystone service.
</p>
</doc>
<request>
<representation mediaType="application/xml" element="identity:auth">
<doc>
<xsdxt:code href="samples/auth_credentials.xml"/>
<xsdxt:code href="samples/auth_with_token.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="samples/auth_credentials.json"/>
<xsdxt:code href="samples/auth_with_token.json"/>
</doc>
</representation>
</request>
<response status="200 203">
<representation mediaType="application/xml" element="identity:access">
<doc>
<xsdxt:code href="samples/auth.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="samples/auth.json"/>
</doc>
</representation>
</response>
<response status="403">
<representation mediaType="application/xml" element="identity:userDisabled"/>
<representation mediaType="application/json"/>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="validateToken">
<doc xml:lang="EN" title="Validate Token">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Check that a token is valid and that it belongs to a supplied tenant
and return the permissions relevant to a particular client.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
Valid tokens will exist in the
<code>/tokens/{tokenId}</code> path and invalid
tokens will not. In other words, a user should expect an
itemNotFound (<code>404</code>) fault for an
invalid token.
</p>
</doc>
<request>
<param name="belongsTo" style="query" required="false" type="xsd:string">
<doc xml:lang="EN">
<p xmlns="http://www.w3.org/1999/xhtml">
Validates a token has the supplied tenant in scope.
</p>
</doc>
</param>
</request>
<response status="200 203">
<representation mediaType="application/xml" element="identity:access">
<doc>
<xsdxt:code href="samples/validatetoken.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="samples/validatetoken.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="HEAD" id="checkToken">
<doc xml:lang="EN" title="Check Token">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Check that a token is valid and that it belongs to a particular tenant
(For performance).
</p>
</doc>
<request>
<param name="belongsTo" style="query" required="false" type="xsd:string">
<doc xml:lang="EN">
<p xmlns="http://www.w3.org/1999/xhtml">
Validates a token has the supplied tenant in scope. (for performance).
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
Valid tokens will exist in the
<code>/tokens/{tokenId}</code> path and invalid
tokens will not. In other words, a user should expect an
itemNotFound (<code>404</code>) fault for an
invalid token.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
If `belongsTo` is provided, validates that a token has a specific tenant in scope.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
No response body is returned for this method.
</p>
</doc>
</param>
</request>
<response status="200 203"/>
&commonFaults;
&getFaults;
</method>
<!--User Operations-->
<method name="GET" id="getUserByName">
<doc xml:lang="EN" title="Get a User by Name">
<p xmlns="http://www.w3.org/1999/xhtml">
Returns detailed information about a specific user, by user name.
</p>
</doc>
<request>
<param name="name" style="query" type="xsd:string" required="true"/>
</request>
<response status="200 203">
<representation mediaType="application/xml" element="identity:user">
<doc>
<xsdxt:code href="samples/user.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="samples/user.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="getUserById">
<doc xml:lang="EN" title="Get a User by ID">
<p xmlns="http://www.w3.org/1999/xhtml">
Returns detailed information about a specific user, by user id.
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="identity:user">
<doc>
<xsdxt:code href="samples/user.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="samples/user.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="listUserGlobalRoles">
<doc xml:lang="EN" title="List User Global Roles">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Returns global roles for a specific user (excludes tenant roles).
</p>
<p xmlns="http://www.w3.org/1999/xhtml">Returns a list of global roles associated with a specific
user (excludes tenant roles).</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="identity:roles">
<doc>
<xsdxt:code href="samples/roles.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="samples/roles.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<!-- Tenant Operations -->
<method name="GET" id="listTenants">
<doc xml:lang="EN" title="Get Tenants">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Get a list of tenants.
</p>
<p xmlns="http://www.w3.org/1999/xhtml">
The operation returns a list of tenants which the supplied token provides
access to. This call must be authenticated, so a valid token must
be passed in as a header.
</p>
<xsdxt:samples>
<xsdxt:sample xmlns="http://docs.rackspace.com/api" title="Tenants Request with Auth Token">
<xsdxt:code href="samples/tenants-request.txt" language="text"/>
</xsdxt:sample>
</xsdxt:samples>
</doc>
<request>
<param name="marker" style="query" required="false" type="xsd:string"/>
<param name="limit" style="query" required="false" type="xsd:int"/>
</request>
<response status="200 203">
<representation mediaType="application/xml" element="identity:tenants">
<doc>
<xsdxt:code href="samples/tenants.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="samples/tenants.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="getTenantByName">
<doc xml:lang="EN" title="Get tenants by name">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Returns detailed information about a tenant, by name.
</p>
</doc>
<request>
<param name="name" style="query" type="xsd:string" required="true"/>
</request>
<response status="200 203">
<representation mediaType="application/xml" element="identity:tenant">
<doc>
<xsdxt:code href="samples/tenant.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="samples/tenant.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="getTenantById">
<doc xml:lang="EN" title="Get Tenants by ID">
<p xmlns="http://www.w3.org/1999/xhtml" class="shortdesc">
Returns detailed information about a tenant, by id.
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="identity:tenant">
<doc>
<xsdxt:code href="samples/tenant.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="samples/tenant.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="listEndpointsForToken">
<doc xml:lang="EN" title="List Endpoints for a Token">
<p xmlns="http://www.w3.org/1999/xhtml">
Returns a list of endpoints associated with a specific token.
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="identity:endpoints">
<doc>
<xsdxt:code href="samples/endpoints.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="samples/endpoints.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
<method name="GET" id="listRolesForUserOnTenant">
<doc xml:lang="EN" title="List Roles for User on Tenant">
<p xmlns="http://www.w3.org/1999/xhtml">
Returns roles for a specific user on a specific tenant (excludes global roles).
</p>
</doc>
<response status="200 203">
<representation mediaType="application/xml" element="identity:roles">
<doc>
<xsdxt:code href="samples/roles.xml"/>
</doc>
</representation>
<representation mediaType="application/json">
<doc>
<xsdxt:code href="samples/roles.json"/>
</doc>
</representation>
</response>
&commonFaults;
&getFaults;
</method>
</application>

164
openstack-identity-api/src/docbkx/common/identity-concepts.xml
View File

@ -1,96 +1,130 @@
<?xml version="1.0" encoding="UTF-8"?>
<chapter xmlns="http://docbook.org/ns/docbook"
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="Identity-Service-Concepts-e1362">
<title>Identity Service Concepts</title>
<para>
The Keystone Identity Service has several key concepts, which are
important to understand:
</para>
<para>The OpenStack Identity Service has the following key
concepts: </para>
<variablelist>
<varlistentry>
<term>User</term>
<listitem><para>A digital representation of a person, system, or service who uses OpenStack cloud services.
Keystone authentication services will validate that incoming request are being made by the user
who claims to be making the call. Users have a login and may be assigned tokens to access
resources. Users may be directly assigned to a particular tenant and
behave as if they are contained in that tenant.</para></listitem>
<listitem>
<para>A digital representation of a person, system, or
service that uses OpenStack cloud services.
OpenStack Identity authentication services
validate that an incoming request is being made by
the user who claims to be making the call. Users
have a login and may be assigned tokens to access
resources. Users may be directly assigned to a
particular tenant and behave as if they are
contained in that tenant.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Credentials</term>
<listitem><para>
Data that belongs to, is owned by, and generally only known by a user that the user can present
to prove they are who they are (since nobody else should know that data).
</para><para>Examples are:
<itemizedlist>
<listitem><para>a matching username and password</para></listitem>
<listitem><para>a matching username and API key</para></listitem>
<listitem><para>yourself and a driver's license with a picture of you</para></listitem>
<listitem><para>a token that was issued to you that nobody else knows of</para></listitem>
</itemizedlist>
</para></listitem>
<listitem>
<para>Data that belongs to, is owned by, and generally
only known by a user that the user can present to
prove their identity. </para>
<para>Examples include: <itemizedlist>
<listitem>
<para>A matching username and
password</para>
</listitem>
<listitem>
<para>A matching username and API
key</para>
</listitem>
<listitem>
<para>A token that was issued to you
</para>
</listitem>
</itemizedlist></para>
</listitem>
</varlistentry>
<varlistentry>
<term>Authentication</term>
<listitem><para>
In the context of Keystone, the act of confirming the identity of a
user or the truth of a claim.
Keystone will confirm that incoming request are being made by the user
who claims to be making the call by validating a set of claims that the user is making.
These claims are initially in the form of a set of credentials (username &amp; password,
or username and API key). After initial confirmation, Keystone will issue the user a token
which the user can then provide to demonstrate that their identity has been authenticated
when making subsequent requests.
</para></listitem>
<listitem>
<para>In the context of OpenStack Identity Service,
the act of confirming the identity of a user or
the truth of a claim. OpenStack Identity Service
confirms that an incoming request is being made by
the user who claims to be making the call by
validating a set of claims that the user is
making. These claims are initially in the form of
a set of credentials (username &amp; password, or
username and API key). After initial confirmation,
OpenStack Identity Service issues the user a
token, which the user can then provide to
demonstrate that their identity has been
authenticated when making subsequent requests.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Token</term>
<listitem><para>
An arbitrary bit of text that is used to access
resources. Each token has a scope which describes which
resources are accessible with it. A token may be
revoked at anytime and is valid for a finite duration.
</para>
<para>
While Keystone supports token-based authentication in this release,
the intention is for it to support additional protocols in the
future. The intent is for it to be an integration service foremost, and not
a aspire to be a full-fledged identity store and management solution.
</para></listitem>
<listitem>
<para>An arbitrary bit of text that is used to access
resources. Each token has a scope that describes
which resources are accessible with it. A token
may be revoked at anytime and is valid for a
finite duration. </para>
<para>While OpenStack Identity Service supports
token-based authentication in this release, the
intention is for it to support additional
protocols in the future. The intent is for it to
be an integration service foremost, and not a
aspire to be a full-fledged identity store and
management solution. </para>
</listitem>
</varlistentry>
<varlistentry>
<term>Tenant</term>
<listitem><para>
A container used to group or isolate resources and/or identity
objects. Depending on the service operator, a tenant may map to a customer,
account, organization, or project.
</para></listitem>
<listitem>
<para>A container used to group or isolate resources
and/or identity objects. Depending on the service
operator, a tenant can map to a customer, account,
organization, or project. </para>
</listitem>
</varlistentry>
<varlistentry>
<term>Service</term>
<listitem><para>
An OpenStack service, such as Compute (Nova), Object Storage (Swift), or Image Service (Glance). A service provides
one or more endpoints through which users can access resources and perform
(presumably useful) operations.
</para></listitem>
<listitem>
<para>An OpenStack service, such as Compute (Nova),
Object Storage (Swift), or Image Service (Glance).
A service provides one or more endpoints through
which users can access resources and perform
operations. </para>
</listitem>
</varlistentry>
<varlistentry>
<term>Endpoint</term>
<listitem> <para>
An network-accessible address, usually described by URL, where a service may be accessed. If using an extension for templates, you can create an endpoint template, which represents the templates of all the consumable services that are available across the regions.
</para></listitem>
<listitem>
<para>An network-accessible address, usually described
by a URL, where a service may be accessed. If
using an extension for templates, you can create
an endpoint template, which represents the
templates of all the consumable services that are
available across the regions. </para>
</listitem>
</varlistentry>
<varlistentry>
<term>Role</term>
<listitem><para>A personality that a user assumes when performing a specific set of operations.
A role includes a set of right and privileges. A user assuming that role inherits
those rights and privileges.
</para><para>
In Keystone, a token that is issued to a user includes the list of roles that user
can assume. Services that are being called by that user determine how they interpret the set
of roles a user has and which operations or resources each roles grants access to.
</para></listitem>
<listitem>
<para>A personality that a user assumes when
performing a specific set of operations. A role
includes a set of right and privileges. A user
assuming that role inherits those rights and
privileges. </para>
<para>In OpenStack Identity Service, a token that is
issued to a user includes the list of roles that
user can assume. Services that are being called by
that user determine how they interpret the set of
roles a user has and which operations or resources
each roles grants access to. </para>
</listitem>
</varlistentry>
</variablelist>
</chapter>
</section>

45
openstack-identity-api/src/docbkx/common/identity-dev-guide.xml
View File

@ -4,9 +4,9 @@
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0"
xml:id="Keystone-Developer-Guide">
xml:id="Identity-Service-Developer-Guide">
<title>OpenStack Identity Service API v2.0 Reference</title>
<?rax title.font.size="28px" subtitle.font.size="28px"?>
<?rax title.font.size="26px" subtitle.font.size="26px"?>
<titleabbrev>Identity Service API Reference</titleabbrev>
<info>
<author>
@ -35,15 +35,42 @@
</annotation>
</legalnotice>
<abstract>
<para>This document describes how to develop
applications that use the OpenStack Identity Service API v2.0
for authentication. This document also describes how
to integrate services with the OpenStack Identity
Service API v2.0. </para>
<para>This document describes how to develop applications
that use the OpenStack Identity Service API v2.0 for
authentication. This document also describes how to
integrate services with the OpenStack Identity Service
API v2.0. </para>
</abstract>
<revhistory>
<revision>
<date>2013-05-30</date>
<revdescription>
<itemizedlist>
<listitem>
<para>Added back missing client operations
and extensions.</para>
</listitem>
</itemizedlist>
</revdescription>
</revision>
<revision>
<date>2011-09-13</date>
<revdescription>
<itemizedlist>
<listitem>
<para>Initial release.</para>
</listitem>
</itemizedlist>
</revdescription>
</revision>
</revhistory>
</info>
<!-- Chapters are referred from the book file through these include statements. You can add additional chapters using these types of statements. -->
<xi:include href="identity-concepts.xml"/>
<xi:include href="preface.xml"/>
<xi:include href="identity-general-api-info.xml"/>
<xi:include href="identity-service-api.xml"/>
<xi:include href="../client/identity-client-api.xml"/>
<xi:include href="../admin/identity-service-api.xml"/>
<xi:include href="ch_os_extensions.xml"/>
<xi:include href="ch_hp_extensions.xml"/>
<xi:include href="ch_rax_extensions.xml"/>
</book>

Some files were not shown because too many files have changed in this diff Show More