openstack-attic/identity-api
Code Issues Proposed changes

Changes to support extensions document.Also bringing cramers wadltodocbook

Browse Source 
changes.Changes to extension names.

Change-Id: I21928c9313999cd8670e382ef259db7d85a1c370
This commit is contained in:
Yogeshwar Srikrishnan 2011-09-16 09:51:49 -05:00
parent 23ef2ee0c6
commit 0b9f92cbfa
13 changed files with 2099 additions and 816 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
openstack-identity-api/pom.xml
View File

@ -117,9 +117,44 @@
jar="${net.sourceforge.saxon:saxon:jar}"
fork="true">
<arg value="-u"/>
<arg value="-s:https://raw.github.com/openstack/keystone/master/keystone/content/service/identity.wadl"/>
<arg value="-s:https://raw.github.com/openstack/keystone/master/keystone/content/admin/identity-admin.wadl"/>
<arg value="-xsl:${project.build.directory}/generated-resources/cloud/normalizeWadl/normalizeWadl.xsl"/>
<arg value="-o:${project.build.directory}/generated-resources/xml/xslt/identity.wadl"/>
<arg value="-o:${project.build.directory}/generated-resources/xml/xslt/identity-admin.wadl"/>
</java>
<java
jar="${net.sourceforge.saxon:saxon:jar}"
fork="true">
<arg value="-u"/>
<arg value="-s:https://raw.github.com/openstack/keystone/master/keystone/content/admin/OS-KSADM-admin.wadl"/>
<arg value="-xsl:${project.build.directory}/generated-resources/cloud/normalizeWadl/normalizeWadl.xsl"/>
<arg value="-o:${project.build.directory}/generated-resources/xml/xslt/OS-KSADM-admin.wadl"/>
</java>
<java
jar="${net.sourceforge.saxon:saxon:jar}"
fork="true">
<arg value="-u"/>
<arg value="-s:https://raw.github.com/openstack/keystone/master/keystone/content/admin/OS-KSCATALOG-admin.wadl"/>
<arg value="-xsl:${project.build.directory}/generated-resources/cloud/normalizeWadl/normalizeWadl.xsl"/>
<arg value="-o:${project.build.directory}/generated-resources/xml/xslt/OS-KSCATALOG-admin.wadl"/>
</java>
<java
jar="${net.sourceforge.saxon:saxon:jar}"
fork="true">
<arg value="-u"/>
<arg value="-s:https://raw.github.com/openstack/keystone/master/keystone/content/admin/RAX-KSKEY-admin.wadl"/>
<arg value="-xsl:${project.build.directory}/generated-resources/cloud/normalizeWadl/normalizeWadl.xsl"/>
<arg value="-o:${project.build.directory}/generated-resources/xml/xslt/RAX-KSKEY-admin.wadl"/>
</java>
<java
jar="${net.sourceforge.saxon:saxon:jar}"
fork="true">
<arg value="-u"/>
<arg value="-s:https://raw.github.com/openstack/keystone/master/keystone/content/admin/OS-KSEC2-admin.wadl"/>
<arg value="-xsl:${project.build.directory}/generated-resources/cloud/normalizeWadl/normalizeWadl.xsl"/>
<arg value="-o:${project.build.directory}/generated-resources/xml/xslt/OS-KSEC2-admin.wadl"/>
</java>
</target>
</configuration>
@ -180,7 +215,30 @@
<move failonerror="false"
file="${basedir}/target/docbkx/pdf/identity-dev-guide.pdf"
tofile="${basedir}/target/docbkx/webhelp/identity-dev-guide/identity-dev-guide.pdf"/>
<move failonerror="false"
file="${basedir}/target/docbkx/pdf/RAX-KSKEY-service-devguide.pdf"
tofile="${basedir}/target/docbkx/webhelp/identitydevguide/service/RAX-KSKEY-service-devguide.pdf"/>
<move failonerror="false"
file="${basedir}/target/docbkx/pdf/OS-KSADM-admin-devguide.pdf"
tofile="${basedir}/target/docbkx/webhelp/identitydevguide/admin/OS-KSADM-admin-devguide.pdf"/>
<move failonerror="false"
file="${basedir}/target/docbkx/pdf/OS-KSCATALOG-admin-devguide.pdf"
tofile="${basedir}/target/docbkx/webhelp/identitydevguide/admin/OS-KSCATALOG-admin-devguide.pdf"/>
<move failonerror="false"
file="${basedir}/target/docbkx/pdf/OS-KSEC2-service-devguide.pdf"
tofile="${basedir}/target/docbkx/webhelp/identitydevguide/service/OS-KSEC2-service-devguide.pdf"/>
<move failonerror="false"
file="${basedir}/target/docbkx/pdf/OS-KSEC2-service-devguide.pdf"
tofile="${basedir}/target/docbkx/webhelp/identitydevguide/service/OS-KSEC2-service-devguide.pdf"/>
<move failonerror="false"
file="${basedir}/target/docbkx/pdf/RAX-KSGRP-service-devguide.pdf"
tofile="${basedir}/target/docbkx/webhelp/identitydevguide/service/RAX-KSGRP-service-devguide.pdf"/>
<move failonerror="false"
file="${basedir}/target/docbkx/pdf/RAX-KSKEY-admin-devguide.pdf"
tofile="${basedir}/target/docbkx/webhelp/identitydevguide/admin/RAX-KSKEY-admin-devguide.pdf"/>
<move failonerror="false"
file="${basedir}/target/docbkx/pdf/OS-KSEC2-admin-devguide.pdf"
tofile="${basedir}/target/docbkx/webhelp/identitydevguide/admin/OS-KSEC2-admin-devguide.pdf"/>
</postProcess>
</configuration>
</execution>
@ -190,7 +248,8 @@
<xincludeSupported>true</xincludeSupported>
<sourceDirectory>src/docbkx</sourceDirectory>
<includes>
identity-dev-guide.xml
identity-dev-guide.xml,,OS-KSADM-admin-devguide.xml,OS-KSCATALOG-admin-devguide.xml,RAX-KSKEY-service-devguide.xml,
OS-KSEC2-service-devguide.xml,RAX-KSGRP-service-devguide.xml,RAX-KSKEY-admin-devguide.xml,OS-KSEC2-admin-devguide.xml
</includes>
<profileSecurity>reviewer</profileSecurity>
<branding>openstack</branding>

177
openstack-identity-api/src/docbkx/OS-KSADM-admin-devguide.xml Normal file
View File

@ -0,0 +1,177 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY VERSION "v1.0">
<!ENTITY PUB_DATE "2011-08-26">
<!ENTITY ALIAS "OS-KSADM">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY NAMESPACE "http://docs.openstack.org/identity/api/ext/OS-KSADM/v1.0">
<!ENTITY CURRENTGUIDE "https://github.com/openstack/keystone/raw/master/keystone/content/admin/OS-KSADM-admin-devguide.pdf">
<!ENTITY CURRENTWADL "https://raw.github.com/openstack/keystone/master/keystone/content/admin/OS-KSADM-admin.wadl">
<!ENTITY EXTENSIONXSD "https://raw.github.com/openstack/keystone/master/keystone/content/common/xsd/OS-KSADM.xsd">
]>
<book xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:svg="http://www.w3.org/2000/svg"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0" status="draft"
xml:id="Keystone-Developer-Guide">
<title>OS-KSADM Extension</title>
<titleabbrev>OS-KSADM Extension Document</titleabbrev>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>OpenStack</orgname>
</affiliation>
</author>
<copyright>
<year>2010</year>
<year>2011</year>
<holder>OpenStack</holder>
</copyright>
<releaseinfo>API v2.0</releaseinfo>
<productname>Keystone - OpenStack OS-KSADM Extension</productname>
<pubdate>2011-08-29</pubdate>
<legalnotice role="apache2">
<annotation>
<remark>Copyright details are filled in by the template.</remark>
</annotation>
</legalnotice>
<abstract>
<para>This document includes details on various operations supported by the OS-KSADM extensions on top of core keystone operations.</para>
</abstract>
</info>
<!-- Chapters are referred from the book file through these include statements. You can add additional chapters using these types of statements. -->
<chapter xml:id="chapter-0000">
<title>About This Extension</title>
<variablelist spacing="compact">
<varlistentry>
<term>Name</term>
<listitem>
<para>OpenStack KSADM Extension</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Namespace</term>
<listitem>
<para>&NAMESPACE;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Alias</term>
<listitem>
<para>&ALIAS;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Dependencies</term>
<listitem>
<para>Keystone - OpenStack Identity</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (PDF)</term>
<listitem>
<para>
<link
xlink:href="&CURRENTGUIDE;"
>
&CURRENTGUIDE;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (WADL)</term>
<listitem>
<para>
<link
xlink:href="&CURRENTWADL;"
>
&CURRENTWADL;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (XSD)</term>
<listitem>
<para>
<link xlink:href="&EXTENSIONXSD;">
&EXTENSIONXSD;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Short Description</term>
<listitem>
<para>
OpenStack KSADM Admin Extension to Keystone v2.0 API adds the capability to do CRUD on Users, Tenants, Roles and Services.
</para>
</listitem>
</varlistentry>
</variablelist>
<?hard-pagebreak?>
<section xml:id="Doc-Change-0001">
<title>Document Change History</title>
<informaltable rules='all'>
<thead>
<tr>
<td align="center" colspan="1">Revision Date</td>
<td align="center" colspan="4">Summary of Changes</td>
</tr>
</thead>
<tbody>
<tr>
<td colspan="1" align="center">Sep. 09, 2011</td>
<td colspan="4">
<itemizedlist spacing="compact">
<listitem>
<para>
Initial release.
</para>
</listitem>
</itemizedlist>
</td>
</tr>
</tbody>
</informaltable>
</section>
</chapter>
<chapter xml:id="api_operations" role="api-reference">
<title>Extension Operations</title>
<xi:include href="identity-OS-KSADM-api.xml"/>
</chapter>
</book>

178
openstack-identity-api/src/docbkx/OS-KSCATALOG-admin-devguide.xml Normal file
View File

@ -0,0 +1,178 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY VERSION "v1.0">
<!ENTITY PUB_DATE "2011-08-26">
<!ENTITY ALIAS "OS-KSCATALOG">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY NAMESPACE "http://docs.openstack.org/identity/api/ext/OS-KSCATALOG/v1.0">
<!ENTITY CURRENTGUIDE "https://github.com/openstack/keystone/raw/master/keystone/content/admin/OS-KSCATALOG-admin-devguide.pdf">
<!ENTITY CURRENTWADL "https://raw.github.com/openstack/keystone/master/keystone/content/admin/OS-KSCATALOG-admin.wadl">
<!ENTITY EXTENSIONXSD "https://raw.github.com/openstack/keystone/master/keystone/content/common/xsd/OS-KSCATALOG.xsd">
]>
<book xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:svg="http://www.w3.org/2000/svg"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0" status="draft"
xml:id="Keystone-Developer-Guide">
<title>OS-KSCATALOG Extension</title>
<titleabbrev>Keystone OS-KSCATALOG Extension Document(Admin)</titleabbrev>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>OpenStack</orgname>
</affiliation>
</author>
<copyright>
<year>2010</year>
<year>2011</year>
<holder>OpenStack</holder>
</copyright>
<releaseinfo>API v2.0</releaseinfo>
<productname>Keystone - OpenStack OS-KSCATALOG Extension</productname>
<pubdate>2011-08-29</pubdate>
<legalnotice role="apache2">
<annotation>
<remark>Copyright details are filled in by the template.</remark>
</annotation>
</legalnotice>
<abstract>
<para>This document includes details on various operations supported by the OS-KSCATALOG extensions on top of core keystone operations. </para>
</abstract>
</info>
<chapter xml:id="chapter-0000">
<title>About This Extension</title>
<variablelist spacing="compact">
<varlistentry>
<term>Name</term>
<listitem>
<para>OpenStack KSCATALOG Extension</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Namespace</term>
<listitem>
<para>&NAMESPACE;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Alias</term>
<listitem>
<para>&ALIAS;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Dependencies</term>
<listitem>
<para>Keystone - OpenStack Identity</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (PDF)</term>
<listitem>
<para>
<link
xlink:href="&CURRENTGUIDE;"
>
&CURRENTGUIDE;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (WADL)</term>
<listitem>
<para>
<link
xlink:href="&CURRENTWADL;"
>
&CURRENTWADL;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (XSD)</term>
<listitem>
<para>
<link xlink:href="&EXTENSIONXSD;">
&EXTENSIONXSD;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Short Description</term>
<listitem>
<para>
OpenStack KSCATALOG Admin Extension to Keystone v2.0 API adds the capability to do CRUD on Endpoint Templates and Endpoints.
</para>
</listitem>
</varlistentry>
</variablelist>
<?hard-pagebreak?>
<section xml:id="Doc-Change-0001">
<title>Document Change History</title>
<informaltable rules='all'>
<thead>
<tr>
<td align="center" colspan="1">Revision Date</td>
<td align="center" colspan="4">Summary of Changes</td>
</tr>
</thead>
<tbody>
<tr>
<td colspan="1" align="center">Sep. 09, 2011</td>
<td colspan="4">
<itemizedlist spacing="compact">
<listitem>
<para>
Initial release.
</para>
</listitem>
</itemizedlist>
</td>
</tr>
</tbody>
</informaltable>
</section>
</chapter>
<chapter xml:id="api_operations" role="api-reference">
<title>Extension Operations</title>
<xi:include href="identity-OS-KSCATALOG-api.xml"/>
</chapter>
</book>

271
openstack-identity-api/src/docbkx/OS-KSEC2-admin-devguide.xml Normal file
View File

@ -0,0 +1,271 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY VERSION "v1.0">
<!ENTITY PUB_DATE "2011-09-13">
<!ENTITY ALIAS "OS-KSEC2">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY NAMESPACE "http://docs.openstack.org/identity/api/ext/OS-KSEC2/v1.0">
<!ENTITY CURRENTGUIDE "/home/yogi/keystone/keystone/content/admin/OS-KSEC2-admin-devguide.pdf">
<!ENTITY CURRENTWADL "/home/yogi/keystone/keystone/content/admin/OS-KSEC2-admin.wadl">
<!ENTITY EXTENSIONXSD "/home/yogi/keystone/keystone/content/common/xsd/OS-KSEC2-credentials.xsd">
<!ENTITY EC2CREDENTIALSEXAMPLEXML "/home/yogi/keystone/keystone/content/common/samples/ec2Credentials.xml">
<!ENTITY EC2CREDENTIALSEXAMPLEJSON "/home/yogi/keystone/keystone/content/common/samples/ec2Credentials.json">
<!ENTITY EXTENSIONQUERYRESPONSEXML "/home/yogi/keystone/keystone/contrib/extensions/admin/osec2/extension.xml">
<!ENTITY EXTENSIONQUERYRESPONSEJSON "/home/yogi/keystone/keystone/contrib/extensions/admin/osec2/extension.json">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"
version="5.0" status="draft" xml:id="book-0001">
<title>OpenStack EC2 authentication Extension (Admin Operations)</title>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>OpenStack</orgname>
</affiliation>
</author>
<copyright>
<year>2010</year>
<year>2011</year>
<holder>OpenStack</holder>
</copyright>
<releaseinfo>EXT v1.0</releaseinfo>
<productname>>Keystone - OpenStack Identity</productname>
<pubdate>&PUB_DATE;</pubdate>
<legalnotice role="apache2">
<annotation>
<remark>Copyright details are filled in by the template.</remark>
</annotation>
</legalnotice>
<abstract>
<para>
This document is intended for client developers interested
in using the OpenStack EC2 Authentication Service Extension along with the
Keystone - OpenStack Identity
(<abbrev>API</abbrev>).
</para>
</abstract>
</info>
<chapter xml:id="chapter-0000">
<title>About This Extension</title>
<variablelist spacing="compact">
<varlistentry>
<term>Name</term>
<listitem>
<para>OpenStack EC2 authentication Extension</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Namespace</term>
<listitem>
<para>&NAMESPACE;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Alias</term>
<listitem>
<para>&ALIAS;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Dependencies</term>
<listitem>
<para>Keystone - OpenStack Identity</para>
<para>OS-KSEC2 Extension</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (PDF)</term>
<listitem>
<para>
<link
xlink:href="&CURRENTGUIDE;"
>
&CURRENTGUIDE;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (WADL)</term>
<listitem>
<para>
<link
xlink:href="&CURRENTWADL;"
>
&CURRENTWADL;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (XSD)</term>
<listitem>
<para>
<link xlink:href="&EXTENSIONXSD;">
&EXTENSIONXSD;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Short Description</term>
<listitem>
<para>
OpenStack EC2 authentication Service Extension to Keystone v2.0 API adds the capability to support EC2 style authentication.
</para>
</listitem>
</varlistentry>
</variablelist>
<?hard-pagebreak?>
<example>
<title>Extension Query Response: XML</title>
<programlisting language="xml"><xi:include href="&EXTENSIONQUERYRESPONSEXML;" parse="text"/></programlisting>
</example>
<example>
<title>Extension Query Response: JSON</title>
<programlisting language="javascript"><xi:include href="&EXTENSIONQUERYRESPONSEJSON;" parse="text"/></programlisting>
</example>
<section xml:id="Doc-Change-0001">
<title>Document Change History</title>
<informaltable rules='all'>
<thead>
<tr>
<td align="center" colspan="1">Revision Date</td>
<td align="center" colspan="4">Summary of Changes</td>
</tr>
</thead>
<tbody>
<tr>
<td colspan="1" align="center">Sep. 13, 2011</td>
<td colspan="4">
<itemizedlist spacing="compact">
<listitem>
<para>
Initial release.
</para>
</listitem>
</itemizedlist>
</td>
</tr>
</tbody>
</informaltable>
</section>
</chapter>
<chapter xml:id="chapter-0001">
<title>Summary of Changes</title>
<para>
The OpenStack EC2 authentication Extension allows crud/listing operations on <parameter>ec2Credentials</parameter>.
</para>
<section xml:id="NewHeaders-0001">
<title>New Headers</title>
<para>None.</para>
</section>
<section xml:id="NewFaults0001">
<title>New Faults</title>
<para>None.</para>
</section>
<section xml:id="NewResources-0001">
<title>New Resources</title>
<para>None.</para>
</section>
<section xml:id="NewActions0001">
<title>New Actions</title>
<para>None.</para>
</section>
<section xml:id="NewElement0001">
<title>New Element</title>
<section xml:id="RackExt-0001">
<title>ec2Credentials</title>
<para>This extension allows authentication calls to accept new type of credentials <parameter>ec2Credentials</parameter>.
These are additional type of credentials defined to support ec2 style authentication.
Examples of <parameter>ec2Credentials</parameter> are illustrated below
</para>
<example>
<title>ec2Credentials XML</title>
<programlisting language="xml"><xi:include href="&EC2CREDENTIALSEXAMPLEXML;" parse="text"/></programlisting>
</example>
<example>
<title>ec2Credentials JSON</title>
<programlisting language="javascript"><xi:include href="&EC2CREDENTIALSEXAMPLEJSON;" parse="text"/></programlisting>
</example>
</section>
</section>
<section xmlns="http://docbook.org/ns/docbook" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Admin_API_Service_Developer_Operations-d1e1357" version="5.0" role="api-reference">
<title>OS-KSEC2-admin Extension API Operations</title>
<table rules="all">
<caption>Authentication Header</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Name</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<tr>
<td>HTTP/1.1 Request</td>
<td>X-Auth-Token</td>
<td>txfa8426a08eaf</td>
</tr>
</tbody>
</table>
<para>Following operations are the list of operations whose behavior is altered by OpenStack EC2 authentication Extension:</para>
<section xml:id="User_Operations_OS-KSEC2">
<title>User Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSEC2-admin.wadl#userCredentials">
<wadl:method href="addUserCredential"/>
<wadl:method href="listCredentials"/>
</wadl:resource>
<wadl:resource href="OS-KSEC2-admin.wadl#userCredentialsByType">
<wadl:method href="listCredentialsByType"/>
<wadl:method href="updateUserCredential"/>
<wadl:method href="deleteUserCredential"/>
<wadl:method href="getUserCredential"/>
</wadl:resource>
</wadl:resources>
</section>
</section>
</chapter>
</book>

271
openstack-identity-api/src/docbkx/OS-KSEC2-service-devguide.xml Normal file
View File

@ -0,0 +1,271 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY VERSION "v1.0">
<!ENTITY PUB_DATE "2011-08-26">
<!ENTITY ALIAS "OS-KSEC2">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY NAMESPACE "http://docs.openstack.org/identity/api/ext/OS-KSEC2/v1.0">
<!ENTITY CURRENTGUIDE "https://github.com/openstack/keystone/raw/master/keystone/content/service/OS-KSEC2-service-devguide.pdf">
<!ENTITY EXTENSIONXSD "https://raw.github.com/openstack/keystone/master/keystone/content/common/xsd/OS-KSEC2-credentials.xsd">
<!ENTITY EC2CREDENTIALSREQUESTXML "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/auth_credentials-OS-KSEC2.xml">
<!ENTITY EC2CREDENTIALSREQUESTJSON "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/auth_credentials-OS-KSEC2.json">
<!ENTITY EC2CREDENTIALSRESPONSEXML "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/auth.xml">
<!ENTITY EC2CREDENTIALSRESPONSEJSON "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/auth.json">
<!ENTITY EXTENSIONQUERYRESPONSEXML "https://raw.github.com/openstack/keystone/master/keystone/contrib/extensions/service/osec2/extension.xml">
<!ENTITY EXTENSIONQUERYRESPONSEJSON "https://raw.github.com/openstack/keystone/master/keystone/contrib/extensions/service/osec2/extension.json">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"
version="5.0" status="draft" xml:id="book-0001">
<title>OpenStack EC2 authentication Extension (Service Operations)</title>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>OpenStack</orgname>
</affiliation>
</author>
<copyright>
<year>2010</year>
<year>2011</year>
<holder>OpenStack</holder>
</copyright>
<releaseinfo>EXT v1.0</releaseinfo>
<productname>>Keystone - OpenStack Identity</productname>
<pubdate>&PUB_DATE;</pubdate>
<legalnotice role="apache2">
<annotation>
<remark>Copyright details are filled in by the template.</remark>
</annotation>
</legalnotice>
<abstract>
<para>
This document is intended for client developers interested
in using the OpenStack EC2 Authentication Service Extension along with the
Keystone - OpenStack Identity
(<abbrev>API</abbrev>).
</para>
</abstract>
</info>
<chapter xml:id="chapter-0000">
<title>About This Extension</title>
<variablelist spacing="compact">
<varlistentry>
<term>Name</term>
<listitem>
<para>OpenStack EC2 authentication Extension</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Namespace</term>
<listitem>
<para>&NAMESPACE;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Alias</term>
<listitem>
<para>&ALIAS;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Dependencies</term>
<listitem>
<para>Keystone - OpenStack Identity</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (PDF)</term>
<listitem>
<para>
<link
xlink:href="&CURRENTGUIDE;"
>
&CURRENTGUIDE;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (WADL)</term>
<listitem>
<para>
None, the extension makes no modification to the API WADL.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (XSD)</term>
<listitem>
<para>
<link xlink:href="&EXTENSIONXSD;">
&EXTENSIONXSD;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Short Description</term>
<listitem>
<para>
OpenStack EC2 authentication Service Extension to Keystone v2.0 API adds the capability to support EC2 style authentication..
</para>
</listitem>
</varlistentry>
</variablelist>
<?hard-pagebreak?>
<example>
<title>Extension Query Response: XML</title>
<programlisting language="xml"><xi:include href="&EXTENSIONQUERYRESPONSEXML;" parse="text"/></programlisting>
</example>
<example>
<title>Extension Query Response: JSON</title>
<programlisting language="javascript"><xi:include href="&EXTENSIONQUERYRESPONSEJSON;" parse="text"/></programlisting>
</example>
<section xml:id="Doc-Change-0001">
<title>Document Change History</title>
<informaltable rules='all'>
<thead>
<tr>
<td align="center" colspan="1">Revision Date</td>
<td align="center" colspan="4">Summary of Changes</td>
</tr>
</thead>
<tbody>
<tr>
<td colspan="1" align="center">Aug. 24, 2011</td>
<td colspan="4">
<itemizedlist spacing="compact">
<listitem>
<para>
Initial release.
</para>
</listitem>
</itemizedlist>
</td>
</tr>
</tbody>
</informaltable>
</section>
</chapter>
<chapter xml:id="chapter-0001">
<title>Summary of Changes</title>
<para> The OpenStack EC2 authentication Service Extension allows
authenticate call using ec2Credentials. </para>
<section xml:id="NewHeaders-0001">
<title>New Headers</title>
<para>None.</para>
</section>
<section xml:id="NewFaults0001">
<title>New Faults</title>
<para>None.</para>
</section>
<section xml:id="NewResources-0001">
<title>New Resources</title>
<para>None.</para>
</section>
<section xml:id="NewActions0001">
<title>New Actions</title>
<para>None.</para>
</section>
<section xml:id="NewElement0001">
<title>New Element</title>
<section xml:id="RackExt-0001">
<title>
Openstack extension to Keystone v2.0 API enabling EC2 style authentication.
</title>
<section xml:id="Authenticate-d1e1166">
<title>Authenticate</title>
<para>This extension allows authentication calls to accept new type of credentials <parameter>ec2Credentials</parameter>.
These are additional type of credentials defined to support EC2 style authentication.
The usage of <parameter>ec2Credentials</parameter> on a existing call to authenticate is illustrated below
</para>
<informaltable rules="all">
&URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &POST; </td>
<td colspan="1">/tokens</td>
<td colspan="4">Authenticate to generate a token.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>), userDisabled
(<errorcode>403</errorcode>), badRequest (<errorcode>400</errorcode>), identityFault
(<errorcode>500</errorcode>), serviceUnavailable(<errorcode>503</errorcode>)</simpara>
<para>
This call will return a token if successful.
Clients obtain
this token, along with the URL to other service APIs, by first authenticating against the
Keystone Service and supplying valid credentials.
This extension provides support for Rackspace Style API Key credentials.
</para>
<para>
Client authentication is provided via a ReST interface using the POST method,
with v2.0/tokens supplied as the path. A payload of credentials must be included
in the body.
</para>
<para>
The Keystone Service is a ReSTful web service. It is the entry point to all service APIs.
To access the Keystone Service, you must know URL of the Keystone service.
</para>
<example>
<title>XML Auth Request using EC2CREDENTIALS</title>
<programlisting language="xml"><xi:include href="&EC2CREDENTIALSREQUESTXML;" parse="text"/></programlisting>
</example>
<example>
<title>JSON Auth Request using EC2CREDENTIALS</title>
<programlisting language="javascript"><xi:include href="&EC2CREDENTIALSREQUESTJSON;" parse="text"/></programlisting>
</example>
<example>
<title>XML Auth Response</title>
<programlisting language="xml"><xi:include href="samples/auth.xml" parse="text"/></programlisting>
</example>
<example>
<title>JSON Auth Response</title>
<programlisting language="javascript"><xi:include href="&EC2CREDENTIALSRESPONSEJSON;" parse="text"/></programlisting>
</example>
</section>
</section>
</section>
</chapter>
</book>

292
openstack-identity-api/src/docbkx/RAX-KSGRP-service-devguide.xml Normal file
View File

@ -0,0 +1,292 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY VERSION "v1.0">
<!ENTITY PUB_DATE "2011-08-26">
<!ENTITY ALIAS "RAX-KSGRP">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY NAMESPACE "http://docs.rackspace.com/identity/api/ext/RAX-KSGROUP/v1.0">
<!ENTITY CURRENTGUIDE "https://github.com/openstack/keystone/raw/master/keystone/content/service/RAX-KSGRP-service-devguide.pdf">
<!ENTITY EXTENSIONXSD "https://raw.github.com/openstack/keystone/master/keystone/content/service/xsd/RAX-KSGRP-groups.xsd">
<!ENTITY GROUPSXML "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/RAX-KSGRP-groups.xml">
<!ENTITY GROUPSJSON "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/RAX-KSGRP-groups.json">
<!ENTITY GROUPXML "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/RAX-KSGRP-group.xml">
<!ENTITY GROUPJSON "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/RAX-KSGRP-group.json">
<!ENTITY GROUPREQUESTXML "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/auth_credentials.xml">
<!ENTITY GROUPREQUESTJSON "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/auth_credentials.json">
<!ENTITY GROUPRESPONSEXML "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/authwithgroups.xml">
<!ENTITY GROUPRESPONSEJSON "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/authwithgroups.json">
<!ENTITY EXTENSIONQUERYRESPONSEXML "https://raw.github.com/openstack/keystone/master/keystone/contrib/extensions/service/raxgrp/extension.xml">
<!ENTITY EXTENSIONQUERYRESPONSEJSON "https://raw.github.com/openstack/keystone/master/keystone/contrib/extensions/service/raxgrp/extension.json">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"
version="5.0" status="draft" xml:id="book-0001">
<title>Rackspace Keystone Group Extension(Service Operations)</title>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>Rackspace Cloud</orgname>
</affiliation>
</author>
<copyright>
<year>2011</year>
<holder>Rackspace US, Inc.</holder>
</copyright>
<releaseinfo>EXT v1.0</releaseinfo>
<productname>>Keystone - OpenStack Identity</productname>
<pubdate>&PUB_DATE;</pubdate>
<legalnotice role="rs-api">
<annotation>
<remark>Copyright details are filled in by the template.</remark>
</annotation>
</legalnotice>
<abstract>
<para>
This document is intended for client developers interested
in using the Rackspace Keystone Group Extension(Service) along with the
Keystone - OpenStack Identity
(<abbrev>API</abbrev>).
</para>
</abstract>
</info>
<chapter xml:id="chapter-0000">
<title>About This Extension</title>
<variablelist spacing="compact">
<varlistentry>
<term>Name</term>
<listitem>
<para>Rackspace Keystone Group Extension</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Namespace</term>
<listitem>
<para>&NAMESPACE;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Alias</term>
<listitem>
<para>&ALIAS;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Dependencies</term>
<listitem>
<para>Keystone - OpenStack Identity</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (PDF)</term>
<listitem>
<para>
<link
xlink:href="&CURRENTGUIDE;">
&CURRENTGUIDE;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (WADL)</term>
<listitem>
<para>
None, the extension makes no modification to the API WADL.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (XSD)</term>
<listitem>
<para>
<link xlink:href="&EXTENSIONXSD;">
&EXTENSIONXSD;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Short Description</term>
<listitem>
<para>
Rackspace extensions to Keystone v2.0 API enabling groups.
</para>
</listitem>
</varlistentry>
</variablelist>
<?hard-pagebreak?>
<example>
<title>Extension Query Response: XML</title>
<programlisting language="xml"><xi:include href="&EXTENSIONQUERYRESPONSEXML;" parse="text"></xi:include></programlisting>
</example>
<example>
<title>Extension Query Response: JSON</title>
<programlisting language="javascript"><xi:include href="&EXTENSIONQUERYRESPONSEJSON;" parse="text"/></programlisting>
</example>
<section xml:id="Doc-Change-0001">
<title>Document Change History</title>
<informaltable rules='all'>
<thead>
<tr>
<td align="center" colspan="1">Revision Date</td>
<td align="center" colspan="4">Summary of Changes</td>
</tr>
</thead>
<tbody>
<tr>
<td colspan="1" align="center">Aug. 24, 2011</td>
<td colspan="4">
<itemizedlist spacing="compact">
<listitem>
<para>
Initial release.
</para>
</listitem>
</itemizedlist>
</td>
</tr>
</tbody>
</informaltable>
</section>
</chapter>
<chapter xml:id="chapter-0001">
<title>Summary of Changes</title>
<para>
Rackspace extensions to Keystone v2.0 API allows authenticate call to also return information about group memberships of the user.
</para>
<section xml:id="NewHeaders-0001">
<title>New Headers</title>
<para>None.</para>
</section>
<section xml:id="NewFaults0001">
<title>New Faults</title>
<para>None.</para>
</section>
<section xml:id="NewResources-0001">
<title>New Resources</title>
<para>None.</para>
</section>
<section xml:id="NewActions0001">
<title>New Actions</title>
<para>None.</para>
</section>
<section xml:id="NewElement0001">
<title>New Elements</title>
<section xml:id="RackExt-0001">
<title>
Rackspace extensions to Keystone v2.0 API enabling groups.
</title>
<section xml:id="New-Elements-details-0002">
<title>New Elements</title>
<para>
This extension starts returning groups as a part of response when an authenticate call is made.
The samples of new elements that are defined as a part of this extension are listed below.
</para>
<example>
<title>Groups Sample XML</title>
<programlisting language="xml"><xi:include href="&GROUPSXML;" parse="text"></xi:include></programlisting>
</example>
<example>
<title>Groups Sample JSON</title>
<programlisting language="xml"><xi:include href="&GROUPSJSON;" parse="text"></xi:include></programlisting>
</example>
</section>
<section xml:id="Authenticate-d1e1166">
<title>Authenticate</title>
<para>This extension allows authentication calls to also return information about groups.
The usage of an existing call to authenticate, where it returns groups is illustrated below
</para>
<informaltable rules="all">
&URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &POST; </td>
<td colspan="1">/tokens</td>
<td colspan="4">Authenticate to generate a token.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>), userDisabled
(<errorcode>403</errorcode>), badRequest (<errorcode>400</errorcode>), identityFault
(<errorcode>500</errorcode>), serviceUnavailable(<errorcode>503</errorcode>)</simpara>
<para>
This call will return a token if successful. Each ReST request against other services (or other
calls on Keystone such as the GET /tenants call)
requires the inclusion of a specific authorization token HTTP x-header, defined as X-Auth-Token.
Clients obtain
this token, along with the URL to other service APIs, by first authenticating against the
Keystone Service and supplying valid credentials.
</para>
<para>
Client authentication is provided via a ReST interface using the POST method,
with v2.0/tokens supplied as the path. A payload of credentials must be included
in the body.
</para>
<para>
The Keystone Service is a ReSTful web service. It is the entry point to all service APIs.
To access the Keystone Service, you must know URL of the Keystone service.
</para>
<example>
<title>XML Auth Request using passwordCredentials</title>
<programlisting language="xml"><xi:include href="&GROUPREQUESTXML;" parse="text"/></programlisting>
</example>
<example>
<title>JSON Auth Request using passwordCredentials</title>
<programlisting language="javascript"><xi:include href="&GROUPREQUESTJSON;" parse="text"/></programlisting>
</example>
<example>
<title>XML Auth Response that contains Groups</title>
<programlisting language="xml"><xi:include href="&GROUPRESPONSEXML;" parse="text"><xi:fallback>Yet To Be added</xi:fallback></xi:include></programlisting>
</example>
<example>
<title>JSON Auth Response that contains Groups</title>
<programlisting language="javascript"><xi:include href="&GROUPRESPONSEJSON;" parse="text"><xi:fallback>Yet To Be added</xi:fallback></xi:include></programlisting>
</example>
</section>
</section>
</section>
</chapter>
</book>

271
openstack-identity-api/src/docbkx/RAX-KSKEY-admin-devguide.xml Normal file
View File

@ -0,0 +1,271 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY VERSION "v1.0">
<!ENTITY PUB_DATE "2011-09-13">
<!ENTITY ALIAS "RAX-KSKEY">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY NAMESPACE "http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0">
<!ENTITY CURRENTGUIDE "/home/yogi/keystone/content/admin/RAX-KSKEY-admin-devguide.pdf">
<!ENTITY EXTENSIONXSD "/home/yogi/keystone/content/service/xsd/RAX-KSKEY-credentials.xsd">
<!ENTITY CURRENTWADL "/home/yogi/keystone/keystone/content/admin/RAX-KSKEY-admin.wadl">
<!ENTITY APIKEYCREDENTIALSREQUESTXML "/home/yogi/keystone/keystone/content/common/samples/apikeyCredentials.xml">
<!ENTITY APIKEYCREDENTIALSREQUESTJSON "/home/yogi/keystone/keystone/content/common/samples/apikeyCredentials.json">
<!ENTITY APIKEYCREDENTIALSRESPONSEXML "/home/yogi/keystone/keystone/content/common/samples/auth.xml">
<!ENTITY APIKEYCREDENTIALSRESPONSEJSON "/home/yogi/keystone/keystone/content/common/samples/auth.json">
<!ENTITY EXTENSIONQUERYRESPONSEXML "/home/yogi/keystone/keystone/contrib/extensions/admin/raxkey/extension.xml">
<!ENTITY EXTENSIONQUERYRESPONSEJSON "/home/yogi/keystone/keystone/contrib/extensions/admin/raxkey/extension.json">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"
version="5.0" status="draft" xml:id="book-0001">
<title>Rackspace API Key Authentication Extension (Admin Operations)</title>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>Rackspace Cloud</orgname>
</affiliation>
</author>
<copyright>
<year>2011</year>
<holder>Rackspace US, Inc.</holder>
</copyright>
<releaseinfo>EXT v1.0</releaseinfo>
<productname>>Keystone - OpenStack Identity</productname>
<pubdate>&PUB_DATE;</pubdate>
<legalnotice role="rs-api">
<annotation>
<remark>Copyright details are filled in by the template.</remark>
</annotation>
</legalnotice>
<abstract>
<para>
This document is intended for service developers interested
in using the Rackspace API Key Authentication Admin Extension along with the
Keystone - OpenStack Identity
(<abbrev>API</abbrev>).
</para>
</abstract>
</info>
<chapter xml:id="chapter-0000">
<title>About This Extension</title>
<variablelist spacing="compact">
<varlistentry>
<term>Name</term>
<listitem>
<para>Rackspace API Key Authentication Admin Extension</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Namespace</term>
<listitem>
<para>&NAMESPACE;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Alias</term>
<listitem>
<para>&ALIAS;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Dependencies</term>
<listitem>
<para>Keystone - OpenStack Identity</para>
<para>>&ALIAS; Extension</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (PDF)</term>
<listitem>
<para>
<link
xlink:href="&CURRENTGUIDE;">
&CURRENTGUIDE;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (WADL)</term>
<listitem>
<para>
<link
xlink:href="&CURRENTWADL;"
>
&CURRENTWADL;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (XSD)</term>
<listitem>
<para>
<link xlink:href="&EXTENSIONXSD;">
&EXTENSIONXSD;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Short Description</term>
<listitem>
<para>
Rackspace extensions to Keystone v2.0 API enabling API Key authentication.
</para>
</listitem>
</varlistentry>
</variablelist>
<?hard-pagebreak?>
<example>
<title>Extension Query Response: XML</title>
<programlisting language="xml"><xi:include href="&EXTENSIONQUERYRESPONSEXML;" parse="text"></xi:include></programlisting>
</example>
<example>
<title>Extension Query Response: JSON</title>
<programlisting language="javascript"><xi:include href="&EXTENSIONQUERYRESPONSEJSON;" parse="text"/></programlisting>
</example>
<section xml:id="Doc-Change-0001">
<title>Document Change History</title>
<informaltable rules='all'>
<thead>
<tr>
<td align="center" colspan="1">Revision Date</td>
<td align="center" colspan="4">Summary of Changes</td>
</tr>
</thead>
<tbody>
<tr>
<td colspan="1" align="center">Sep. 13, 2011</td>
<td colspan="4">
<itemizedlist spacing="compact">
<listitem>
<para>
Initial release.
</para>
</listitem>
</itemizedlist>
</td>
</tr>
</tbody>
</informaltable>
</section>
</chapter>
<chapter xml:id="chapter-0001">
<title>Summary of Changes</title>
<para>
The Rackspace API Key Authentication Admin Extension allows crud/listing operations on <parameter>apikeyCredentials</parameter>.
</para>
<section xml:id="NewHeaders-0001">
<title>New Headers</title>
<para>None.</para>
</section>
<section xml:id="NewFaults0001">
<title>New Faults</title>
<para>None.</para>
</section>
<section xml:id="NewResources-0001">
<title>New Resources</title>
<para>None.</para>
</section>
<section xml:id="NewActions0001">
<title>New Actions</title>
<para>None.</para>
</section>
<section xml:id="NewElement0001">
<title>New Element</title>
<section xml:id="RackExt-0001">
<title>apikeyCredentials</title>
<para>This extension allows authentication calls to accept new type of credentials <parameter>apikeyCredentials</parameter>.
These are additional type of credentials defined to support rackspace style authentication.
Examples of <parameter>apikeyCredentials</parameter> are illustrated below
</para>
<example>
<title>apikeyCredentials XML</title>
<programlisting language="xml"><xi:include href="&APIKEYCREDENTIALSREQUESTXML;" parse="text"/></programlisting>
</example>
<example>
<title>apikeyCredentials JSON</title>
<programlisting language="javascript"><xi:include href="&APIKEYCREDENTIALSREQUESTJSON;" parse="text"/></programlisting>
</example>
</section>
</section>
<section xmlns="http://docbook.org/ns/docbook" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Admin_API_Service_Developer_Operations-d1e1357" version="5.0" role="api-reference">
<title>RAX-KSKEY-admin Extension API Operations</title>
<table rules="all">
<caption>Authentication Header</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Name</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<tr>
<td>HTTP/1.1 Request</td>
<td>X-Auth-Token</td>
<td>txfa8426a08eaf</td>
</tr>
</tbody>
</table>
<para>Following operations are the list of operations whose behavior is altered by Rackspace API Key Authentication Extension:</para>
<section xml:id="User_Operations_RAX_KSKEY">
<title>User Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="RAX-KSKEY-admin.wadl#userCredentials">
<wadl:method href="addUserCredential"/>
<wadl:method href="listCredentials"/>
</wadl:resource>
<wadl:resource href="RAX-KSKEY-admin.wadl#userCredentialsByType">
<wadl:method href="listCredentialsByType"/>
<wadl:method href="updateUserCredential"/>
<wadl:method href="deleteUserCredential"/>
<wadl:method href="getUserCredential"/>
</wadl:resource>
</wadl:resources>
</section>
</section>
</chapter>
</book>

270
openstack-identity-api/src/docbkx/RAX-KSKEY-service-devguide.xml Normal file
View File

@ -0,0 +1,270 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE book [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!-- Information about the extension -->
<!ENTITY VERSION "v1.0">
<!ENTITY PUB_DATE "2011-08-26">
<!ENTITY ALIAS "RAX-KSKEY">
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
<!ENTITY NAMESPACE "http://docs.rackspace.com/identity/api/ext/RAX-KSKEY/v1.0">
<!ENTITY CURRENTGUIDE "https://github.com/openstack/keystone/raw/master/keystone/content/service/RAX-KSKEY-service-devguide.pdf">
<!ENTITY EXTENSIONXSD "https://raw.github.com/openstack/keystone/master/keystone/content/service/xsd/RAX-KSKEY-credentials.xsd">
<!ENTITY APIKEYCREDENTIALSREQUESTXML "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/auth_credentials-RAX-KSKEY.xml">
<!ENTITY APIKEYCREDENTIALSREQUESTJSON "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/auth_credentials-RAX-KSKEY.json">
<!ENTITY APIKEYCREDENTIALSRESPONSEXML "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/auth.xml">
<!ENTITY APIKEYCREDENTIALSRESPONSEJSON "https://raw.github.com/openstack/keystone/master/keystone/content/common/samples/auth.json">
<!ENTITY EXTENSIONQUERYRESPONSEXML "https://raw.github.com/openstack/keystone/master/keystone/contrib/extensions/service/raxkey/extension.xml">
<!ENTITY EXTENSIONQUERYRESPONSEJSON "https://raw.github.com/openstack/keystone/master/keystone/contrib/extensions/service/raxkey/extension.json">
]>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"
version="5.0" status="draft" xml:id="book-0001">
<title>Rackspace API Key Authentication Extension (Service Operations)</title>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>Rackspace Cloud</orgname>
</affiliation>
</author>
<copyright>
<year>2011</year>
<holder>Rackspace US, Inc.</holder>
</copyright>
<releaseinfo>EXT v1.0</releaseinfo>
<productname>>Keystone - OpenStack Identity</productname>
<pubdate>&PUB_DATE;</pubdate>
<legalnotice role="rs-api">
<annotation>
<remark>Copyright details are filled in by the template.</remark>
</annotation>
</legalnotice>
<abstract>
<para>
This document is intended for client developers interested
in using the Rackspace API Key Authentication Service Extension along with the
Keystone - OpenStack Identity
(<abbrev>API</abbrev>).
</para>
</abstract>
</info>
<chapter xml:id="chapter-0000">
<title>About This Extension</title>
<variablelist spacing="compact">
<varlistentry>
<term>Name</term>
<listitem>
<para>Rackspace API Key Authentication Service Extension</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Namespace</term>
<listitem>
<para>&NAMESPACE;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Alias</term>
<listitem>
<para>&ALIAS;</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Dependencies</term>
<listitem>
<para>Keystone - OpenStack Identity</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (PDF)</term>
<listitem>
<para>
<link
xlink:href="&CURRENTGUIDE;">
&CURRENTGUIDE;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (WADL)</term>
<listitem>
<para>
None, the extension makes no modification to the API WADL.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Doc Link (XSD)</term>
<listitem>
<para>
<link xlink:href="&EXTENSIONXSD;">
&EXTENSIONXSD;
</link>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Short Description</term>
<listitem>
<para>
Rackspace extensions to Keystone v2.0 API enabling API Key authentication.
</para>
</listitem>
</varlistentry>
</variablelist>
<?hard-pagebreak?>
<example>
<title>Extension Query Response: XML</title>
<programlisting language="xml"><xi:include href="&EXTENSIONQUERYRESPONSEXML;" parse="text"></xi:include></programlisting>
</example>
<example>
<title>Extension Query Response: JSON</title>
<programlisting language="javascript"><xi:include href="&EXTENSIONQUERYRESPONSEJSON;" parse="text"/></programlisting>
</example>
<section xml:id="Doc-Change-0001">
<title>Document Change History</title>
<informaltable rules='all'>
<thead>
<tr>
<td align="center" colspan="1">Revision Date</td>
<td align="center" colspan="4">Summary of Changes</td>
</tr>
</thead>
<tbody>
<tr>
<td colspan="1" align="center">Aug. 24, 2011</td>
<td colspan="4">
<itemizedlist spacing="compact">
<listitem>
<para>
Initial release.
</para>
</listitem>
</itemizedlist>
</td>
</tr>
</tbody>
</informaltable>
</section>
</chapter>
<chapter xml:id="chapter-0001">
<title>Summary of Changes</title>
<para>
The Rackspace API Key Authentication Service Extension allows authenticate call to happen using apikeyCredentials.
</para>
<section xml:id="NewHeaders-0001">
<title>New Headers</title>
<para>None.</para>
</section>
<section xml:id="NewFaults0001">
<title>New Faults</title>
<para>None.</para>
</section>
<section xml:id="NewResources-0001">
<title>New Resources</title>
<para>None.</para>
</section>
<section xml:id="NewActions0001">
<title>New Actions</title>
<para>None.</para>
</section>
<section xml:id="NewElement0001">
<title>New Element</title>
<section xml:id="RackExt-0001">
<title>
Rackspace extensions to Keystone v2.0 API enabling API Key authentication.
</title>
<section xml:id="Authenticate-d1e1166">
<title>Authenticate</title>
<para>This extension allows authentication calls to accept new type of credentials <parameter>apikeyCredentials</parameter>.
These are additional type of credentials defined to support rackspace style authentication.
The usage of <parameter>apikeyCredentials</parameter> on a existing call to authenticate is illustrated below
</para>
<informaltable rules="all">
&URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &POST; </td>
<td colspan="1">/tokens</td>
<td colspan="4">Authenticate to generate a token.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>), userDisabled
(<errorcode>403</errorcode>), badRequest (<errorcode>400</errorcode>), identityFault
(<errorcode>500</errorcode>), serviceUnavailable(<errorcode>503</errorcode>)</simpara>
<para>
This call will return a token if successful.
Clients obtain
this token, along with the URL to other service APIs, by first authenticating against the
Keystone Service and supplying valid credentials.
This extension provides support for Rackspace Style API Key credentials.
</para>
<para>
Client authentication is provided via a ReST interface using the POST method,
with v2.0/tokens supplied as the path. A payload of credentials must be included
in the body.
</para>
<para>
The Keystone Service is a ReSTful web service. It is the entry point to all service APIs.
To access the Keystone Service, you must know URL of the Keystone service.
</para>
<example>
<title>XML Auth Request using apikeyCredentials</title>
<programlisting language="xml"><xi:include href="&APIKEYCREDENTIALSREQUESTXML;" parse="text"/></programlisting>
</example>
<example>
<title>JSON Auth Request using apikeyCredentials</title>
<programlisting language="javascript"><xi:include href="&APIKEYCREDENTIALSREQUESTJSON;" parse="text"/></programlisting>
</example>
<example>
<title>XML Auth Response</title>
<programlisting language="xml"><xi:include href="&APIKEYCREDENTIALSRESPONSEXML;" parse="text"/></programlisting>
</example>
<example>
<title>JSON Auth Response</title>
<programlisting language="javascript"><xi:include href="&APIKEYCREDENTIALSRESPONSEJSON;" parse="text"/></programlisting>
</example>
</section>
</section>
</section>
</chapter>
</book>

112
openstack-identity-api/src/docbkx/identity-OS-KSADM-api.xml Normal file
View File

@ -0,0 +1,112 @@
<?xml version="1.0" encoding="UTF-8"?>
<section xmlns="http://docbook.org/ns/docbook" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Admin_API_Service_Developer_Operations-d1e1357" version="5.0" role="api-reference">
<title>OS-KSADM Admin Extension API (Service Developer Operations)</title>
<para>Extension operations. </para>
<table rules="all">
<caption>Authentication Header</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Name</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<tr>
<td>HTTP/1.1 Request</td>
<td>X-Auth-Token</td>
<td>txfa8426a08eaf</td>
</tr>
</tbody>
</table>
<para>The following calls are supported by OS-KSADM-admin Extension:</para>
<section xml:id="User_Operations_OS-KSADM">
<title>User Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSADM-admin.wadl#users">
<wadl:method href="listUsers"/>
<wadl:method href="addUser"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#userById">
<wadl:method href="updateUser"/>
<wadl:method href="deleteUser"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#user-OS-KSADM">
<wadl:method href="setUserEnabled"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#userRoles">
<wadl:method href="listUserRoles"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#userRoleById">
<wadl:method href="addUserRole"/>
<wadl:method href="getUserRole"/>
<wadl:method href="deleteUserRole"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#userCredentials">
<wadl:method href="addUserCredential"/>
<wadl:method href="listCredentials"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#userCredentialsByType">
<wadl:method href="listCredentialsByType"/>
<wadl:method href="updateUserCredential"/>
<wadl:method href="deleteUserCredential"/>
<wadl:method href="getUserCredential"/>
</wadl:resource>
</wadl:resources>
</section>
<section xml:id="Tenant_Operations_OS-KSADM">
<title>Tenant Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSADM-admin.wadl#tenants">
<wadl:method href="addTenant"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#tenantById">
<wadl:method href="updateTenant"/>
<wadl:method href="deleteTenant"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#usersForTenant">
<wadl:method href="listUsersForTenant"/>
<wadl:method href="listUsersWithRoleForTenant"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#rolesForTenant">
<wadl:method href="listRolesForTenant"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#userSpecificRoleForTenant">
<wadl:method href="addRolesToUserOnTenant"/>
<wadl:method href="deleteRoleFromUserOnTenant"/>
</wadl:resource>
</wadl:resources>
</section>
<section xml:id="Role_Operations_OS-KSADM">
<title>Role Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSADM-admin.wadl#roles">
<wadl:method href="listRoles"/>
<wadl:method href="addRole"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#roleId">
<wadl:method href="getRole"/>
<wadl:method href="deleteRole"/>
</wadl:resource>
</wadl:resources>
</section>
<section xml:id="Service_Operations_OS-KSADM">
<title>Service Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSADM-admin.wadl#services">
<wadl:method href="listServices"/>
<wadl:method href="addService"/>
</wadl:resource>
<wadl:resource href="OS-KSADM-admin.wadl#serviceId">
<wadl:method href="getService"/>
<wadl:method href="deleteService"/>
</wadl:resource>
</wadl:resources>
</section>
</section>

54
openstack-identity-api/src/docbkx/identity-OS-KSCATALOG-api.xml Normal file
View File

@ -0,0 +1,54 @@
<?xml version="1.0" encoding="UTF-8"?>
<section xmlns="http://docbook.org/ns/docbook" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Admin_API_Service_Developer_Operations-d1e1357" version="5.0" role="api-reference">
<title>OS-KSCATALOG Admin Extension</title>
<para>Extension operations. </para>
<table rules="all">
<caption>Authentication Header</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Name</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<tr>
<td>HTTP/1.1 Request</td>
<td>X-Auth-Token</td>
<td>txfa8426a08eaf</td>
</tr>
</tbody>
</table>
<para>The following calls are supported by API OS-KSCATALOG Extension on top of Keystone Admin 2.0:</para>
<section xml:id="Endpoint_Template_Operations_OS-KSCATALOG">
<title>Endpoint Template Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSCATALOG-admin.wadl#endpointTemplates">
<wadl:method href="listEndpointTemplates"/>
<wadl:method href="addEndpointTemplate"/>
</wadl:resource>
<wadl:resource href="OS-KSCATALOG-admin.wadl#endpointTemplateId">
<wadl:method href="getEndpointTemplate"/>
<wadl:method href="deleteEndpointTemplate"/>
</wadl:resource>
</wadl:resources>
</section>
<section xml:id="Tenant_Operations_OS-KSCATALOG">
<title>Endpoint Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="OS-KSCATALOG-admin.wadl#endpoints">
<wadl:method href="listEndpoints"/>
<wadl:method href="addEndpoint"/>
</wadl:resource>
<wadl:resource href="OS-KSCATALOG-admin.wadl#endpoint">
<wadl:method href="getEndpoint"/>
<wadl:method href="deleteEndpoint"/>
</wadl:resource>
</wadl:resources>
</section>
</section>

194
openstack-identity-api/src/docbkx/identity-client-api.xml
View File

@ -1,175 +1,19 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE chapter [<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY HEAD '<command xmlns="http://docbook.org/ns/docbook">HEAD</command>'>
<!ENTITY CHECK '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Check_mark_23x20_02.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!ENTITY NO_REQUEST '<para xmlns="http://docbook.org/ns/docbook">
This operation does not require a request body.</para>'>
<!ENTITY LONG_URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="4">URI</td>
<td colspan="3">Description</td>
</tr>
</thead>'>
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
]>
<chapter
xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Service_API_Client_Operations-d1e1110"
version="5.0">
<title>Service API (Client Operations)</title>
<para>The operations described in this chapter allow clients to authenticate and get
access tokens and service endpoints. </para>
<section xml:id="Core_Service_API-d1e1124">
<title>Core Service API</title>
<para>The following calls are core Keystone Service APIs in version 2.0</para>
<informaltable rules="all">
&URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &POST; </td>
<td colspan="1">/tokens</td>
<td colspan="4">Authenticate to generate a token.</td>
</tr>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="1">/tenants</td>
<td colspan="4">Get a list of tenants accessible with supplied token.</td>
</tr>
</tbody>
</informaltable>
</section>
<section xml:id="Available-Operations-Service-API-d100001">
<title>Available Operations</title>
<section xml:id="Authenticate-Service-API-d1e1166">
<title>Authenticate for Service API</title>
<informaltable rules="all">
&URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &POST; </td>
<td colspan="1">/tokens</td>
<td colspan="4">Authenticate to generate a token.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>), userDisabled
(<errorcode>403</errorcode>), badRequest (<errorcode>400</errorcode>), identityFault
(<errorcode>500</errorcode>), serviceUnavailable(<errorcode>503</errorcode>)</simpara>
<para>
This call will return a token if successful. Each ReST request against other services (or other
calls on Keystone such as the GET /tenants call)
requires the inclusion of a specific authorization token HTTP x-header, defined as X-Auth-Token.
Clients obtain
this token, along with the URL to other service APIs, by first authenticating against the
Keystone Service and supplying valid credentials.
</para>
<para>
Client authentication is provided via a ReST interface using the POST method,
with v2.0/tokens supplied as the path. A payload of credentials must be included
in the body.
</para>
<para>
The Keystone Service is a ReSTful web service. It is the entry point to all service APIs.
To access the Keystone Service, you must know URL of the Keystone service.
</para>
<example>
<title>XML Auth Request</title>
<programlisting language="xml">
<xi:include href="samples/auth_credentials.xml" parse="text"/>
</programlisting>
</example>
<example>
<title>JSON Auth Request</title>
<programlisting language="javascript">
<xi:include href="samples/auth_credentials.json" parse="text"/>
</programlisting>
</example>
<example>
<title>XML Auth Response</title>
<programlisting language="xml">
<xi:include href="samples/auth.xml" parse="text"/>
</programlisting>
</example>
<example>
<title>JSON Auth Response</title>
<programlisting language="javascript">
<xi:include href="samples/auth.json" parse="text"/>
</programlisting>
</example>
</section>
<section xml:id="Get_Tenants-Service-d1e1264">
<title>Get Tenants</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/tenants</td>
<td colspan="3">Get a list of tenants.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>),
forbidden(<errorcode>403</errorcode>), overLimit(<errorcode>413</errorcode>),
badRequest (<errorcode>400</errorcode>), identityFault (<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
<para>
The operation returns a list of tenants which the supplied token provides
access to. This call must be authenticated, so a valid token must
be passed in as a header.
</para>
<example>
<title>Tenants Request with Auth Token</title>
<programlisting language="text">
<xi:include href="samples/tenants-request.txt" parse="text"/>
</programlisting>
</example>
&NO_REQUEST;
<example>
<title>JSON Tenants Response</title>
<programlisting language="javascript">
<xi:include href="samples/tenants.json" parse="text"/>
</programlisting>
</example>
<example>
<title>XML Tenants Response</title>
<programlisting language="xml">
<xi:include href="samples/tenants.xml" parse="text"/>
</programlisting>
</example>
</section>
</section>
</chapter>
<?xml version='1.0' encoding='UTF-8'?>
<section
xmlns="http://docbook.org/ns/docbook"
xml:id="Service_API_Client_Operations"
version="5.0">
<title>Service API (Client Operations)</title>
<para>The operations described in this chapter allow clients to authenticate and get access
tokens and service endpoints. The following calls are core Keystone Service APIs in version
2.0:</para>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="identity-admin.wadl#tokens" >
<wadl:method href="authenticate"/>
</wadl:resource>
<wadl:resource href="identity-admin.wadl#tenants" >
<wadl:method href="listTenants"/>
</wadl:resource>
</wadl:resources>
</section>

95
openstack-identity-api/src/docbkx/identity-dev-guide.xml Executable file → Normal file
View File

@ -1,49 +1,46 @@
<?xml version='1.0' encoding='UTF-8'?>
<book xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:html="http://www.w3.org/1999/xhtml"
xmlns:db="http://docbook.org/ns/docbook"
version="5.0"
status="draft"
xml:id="Keystone-Developer-Guide"
>
<title>Keystone Developer Guide</title>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>OpenStack</orgname>
</affiliation>
</author>
<copyright>
<year>2010</year>
<year>2011</year>
<holder>OpenStack</holder>
</copyright>
<releaseinfo>API v2.0</releaseinfo>
<productname>Keystone - OpenStack Identity</productname>
<pubdate>2011-08-29</pubdate>
<legalnotice role="apache2">
<annotation>
<remark>Copyright details are filled in by the template.</remark>
</annotation>
</legalnotice>
<abstract>
<para>This document is intended for software developers interested in developing
applications that utilize the Keystone Identity Service for authentication. This
document also includes details on how to integrate services with the Keystone
Identity Service. </para>
</abstract>
</info>
<!-- Chapters are referred from the book file through these include statements. You can add additional chapters using these types of statements. -->
<xi:include href="identity-concepts.xml"/>
<xi:include href="identity-general-api-info.xml"/>
<xi:include href="identity-client-api.xml"/>
<xi:include href="identity-service-api.xml"/>
</book>
<?xml version='1.0' encoding='UTF-8'?>
<book xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:svg="http://www.w3.org/2000/svg"
xmlns:html="http://www.w3.org/1999/xhtml" version="5.0" status="draft"
xml:id="Keystone-Developer-Guide">
<title>Keystone Developer Guide</title>
<info>
<author>
<personname>
<firstname/>
<surname/>
</personname>
<affiliation>
<orgname>OpenStack</orgname>
</affiliation>
</author>
<copyright>
<year>2010</year>
<year>2011</year>
<holder>OpenStack</holder>
</copyright>
<releaseinfo>API v2.0</releaseinfo>
<productname>Keystone - OpenStack Identity</productname>
<pubdate>2011-08-29</pubdate>
<legalnotice role="apache2">
<annotation>
<remark>Copyright details are filled in by the template.</remark>
</annotation>
</legalnotice>
<abstract>
<para>This document is intended for software developers interested in developing
applications that utilize the Keystone Identity Service for authentication. This
document also includes details on how to integrate services with the Keystone
Identity Service. </para>
</abstract>
</info>
<!-- Chapters are referred from the book file through these include statements. You can add additional chapters using these types of statements. -->
<xi:include href="identity-concepts.xml"/>
<xi:include href="identity-general-api-info.xml"/>
<chapter xml:id="api_operations" role="api-reference">
<title>API Operations</title>
<xi:include href="identity-client-api.xml"/>
<xi:include href="identity-service-api.xml"/>
</chapter>
</book>

663
openstack-identity-api/src/docbkx/identity-service-api.xml
View File

@ -1,591 +1,78 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE chapter [<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY HEAD '<command xmlns="http://docbook.org/ns/docbook">HEAD</command>'>
<!ENTITY CHECK '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="img/Check_mark_23x20_02.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY CODES 'Normal Response Code(s):'>
<!ENTITY ERROR_CODES 'Error Response Code(s):'>
<!ENTITY NO_REQUEST '<para xmlns="http://docbook.org/ns/docbook">
This operation does not require a request body.</para>'>
<!ENTITY LONG_URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="4">URI</td>
<td colspan="3">Description</td>
</tr>
</thead>'>
<!ENTITY URI_REFHEAD '
<thead xmlns="http://docbook.org/ns/docbook">
<tr>
<td colspan="1">Verb</td>
<td colspan="1">URI</td>
<td colspan="4">Description</td>
</tr>
</thead>'>
]>
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Admin_API_Service_Developer_Operations-d1e1356"
version="5.0">
<title>Admin API (Service Developer Operations)</title>
<para>The operations described in this chapter allow service developers to get and validate
<section xmlns="http://docbook.org/ns/docbook" xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="Admin_API_Service_Developer_Operations-d1e1356" version="5.0" role="api-reference">
<title>Admin API (Service Developer Operations)</title>
<para>The operations described in this chapter allow service developers to get and validate
access tokens, manage users, tenants, roles, and service endpoints. </para>
<section xml:id="Core_Admin_API-d1e1370">
<title>Core Admin API</title>
<para>The following calls are core for the Keystone Admin 2.0 APIs</para>
<section xml:id="Admin_Access-d1e1378">
<title>Admin Access</title>
<para>Most calls on the Admin API require authentication. The only calls available without authentication are the calls to discover the service (getting version info, WADL contract, dev guide, help, etc…) and the call to authenticate and get a token.</para>
<para>
Authentication is performed by passing in a valid token in the <code>X-Auth-Token</code> header on the request from the client.
Keystone will verify the token has (or belongs to a user that has) the <code>Admin</code> role.
</para>
<para>
See the readme file or administrator guides for how to bootstrap Keystone and create your first administrator.
</para>
<table rules="all">
<caption>Authentication Header</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Name</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<tr>
<td>HTTP/1.1 Request</td>
<td>X-Auth-Token</td>
<td>txfa8426a08eaf</td>
</tr>
</tbody>
</table>
</section>
<section xml:id="Tokens-d1e1565">
<title>Tokens</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &POST; </td>
<td colspan="4">/tokens</td>
<td colspan="3">Returns a token in exchange for valid credentials.</td>
</tr>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/tokens/<parameter>tokenId</parameter>?belongsTo=<parameter>tenantId</parameter></td>
<td colspan="3">Validate a token.If `belongsTo` is provided, validates that a token belongs to a specific tenant.</td>
</tr>
<tr>
<td colspan="1"> &HEAD;</td>
<td colspan="4">/tokens/<parameter>tokenId</parameter>?belongsTo=<parameter>tenantId</parameter></td>
<td colspan="3">Validate a token.(Quick check).Returns no body.
If `belongsTo` is provided, validates that a token belongs to a specific tenant.
</td>
</tr>
</tbody>
</informaltable>
</section>
<section xml:id="Users-d1e1435">
<title>Users</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/users?username=<parameter>userName</parameter></td>
<td colspan="3">Returns detailed information about a specific user, by user name.</td>
</tr>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/users/<parameter>userId</parameter></td>
<td colspan="3">Returns detailed information about a specific user, by user id.</td>
</tr>
<tr>
<td colspan="1">&GET;
</td>
<td colspan="4">/users/<parameter>userId</parameter>/roles
</td>
<td colspan="3">
Get a list of global roles for a specific user (excludes tenant roles).
</td>
</tr>
</tbody>
</informaltable>
</section>
<section xml:id="Tenants-d1e1606">
<title>Tenants</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/tenants</td>
<td colspan="3">Get a list of tenants.</td>
</tr>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/tenants/?tenantname=<parameter>tenantName</parameter></td>
<td colspan="3">Returns detailed information about a tenant, by name.</td>
</tr>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/tenants/<parameter>tenantId</parameter></td>
<td colspan="3">Returns detailed information about a tenant, by id.</td>
</tr>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/tenants/<parameter>tenantId</parameter>/roles</td>
<td colspan="3">Get roles of a tenant.</td>
</tr>
<tr>
<td colspan="1">&GET;
</td>
<td colspan="4">/tenants/<parameter>tenantId</parameter>/endpoints
</td>
<td colspan="3">
Get a list of endpoints for a tenant.
</td>
</tr>
<tr>
<td colspan="1">&GET;
</td>
<td colspan="4">/tenants/<parameter>tenantId</parameter>/users/<parameter>userId</parameter>/roles
</td>
<td colspan="3">
Returns a list of roles for a user on a specific tenant.
</td>
</tr>
</tbody>
</informaltable>
</section>
</section>
<section xml:id="Token_Operations-d1e1900">
<title>Token Operations</title>
<section xml:id="Authenticate-d1e1166">
<title>Authenticate</title>
<informaltable rules="all">
&URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &POST; </td>
<td colspan="1">/tokens</td>
<td colspan="4">Authenticate to generate a token.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>), userDisabled
(<errorcode>403</errorcode>), badRequest (<errorcode>400</errorcode>), identityFault
(<errorcode>500</errorcode>), serviceUnavailable(<errorcode>503</errorcode>)</simpara>
<para>
TenantID is optional and may be used to specify that a
token should be returned that has access to the resources
of that particular tenant.
</para>
<example>
<title>XML Auth Request</title>
<programlisting language="xml">
<xi:include href="samples/auth_credentials.xml" parse="text"/>
</programlisting>
</example>
<example>
<title>JSON Auth Request</title>
<programlisting language="javascript">
<xi:include href="samples/auth_credentials.json" parse="text"/>
</programlisting>
</example>
<example>
<title>XML Auth Response</title>
<programlisting language="xml">
<xi:include href="samples/auth.xml" parse="text"/>
</programlisting>
</example>
<example>
<title>JSON Auth Response</title>
<programlisting language="javascript">
<xi:include href="samples/auth.json" parse="text"/>
</programlisting>
</example>
</section>
<section xml:id="Validate_Token-d1e1914">
<title>Validate Token</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4"
>/tokens/<parameter>tokenId</parameter>?belongsTo=<parameter>tenantId</parameter></td>
<td colspan="3">Check that a token is valid and that it belongs to a particular user
and return the permissions relevant to a particular client.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>), forbidden
(<returnvalue>403</returnvalue>), userDisabled(<returnvalue>403</returnvalue>),
badRequest (<errorcode>400</errorcode>), itemNotFound (<errorcode>404</errorcode>),
identityFault(<returnvalue>500</returnvalue>),
serviceUnavailable(<returnvalue>503</returnvalue>)</simpara>
&NO_REQUEST;
<para>
Valid tokens will exist in the
/tokens/<parameter>tokenId</parameter> path and invalid
tokens will not. In other words, a user should expect an
itemNotFound (<errorcode>404</errorcode>) fault for an
invalid token.
</para>
<example>
<title>XML Validate Token Response</title>
<programlisting language="xml">
<xi:include href="samples/validatetoken.xml" parse="text"/>
</programlisting>
</example>
<example>
<title>JSON Validate Token Response</title>
<programlisting language="javascript">
<xi:include href="samples/validatetoken.json" parse="text"/>
</programlisting>
</example>
</section>
<section xml:id="Validate_Token-HEAD-d1e1914">
<title>Validate Token</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &HEAD; </td>
<td colspan="4"
>/tokens/<parameter>tokenId</parameter>?belongsTo=<parameter>tenantId</parameter></td>
<td colspan="3">Check that a token is valid and that it belongs to a particular user
(For perfromance).</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>), forbidden
(<returnvalue>403</returnvalue>), userDisabled(<returnvalue>403</returnvalue>),
badRequest (<errorcode>400</errorcode>), itemNotFound (<errorcode>404</errorcode>),
identityFault(<returnvalue>500</returnvalue>),
serviceUnavailable(<returnvalue>503</returnvalue>)</simpara>
&NO_REQUEST;
<para>
Valid tokens will exist in the
/tokens/<parameter>tokenId</parameter> path and invalid
tokens will not. In other words, a user should expect an
itemNotFound (<errorcode>404</errorcode>) fault for an
invalid token.
</para>
<example>
<title>XML Validate Token Response</title>
<programlisting language="xml">
No Response body is returned.
</programlisting>
</example>
<example>
<title>JSON Validate Token Response</title>
<programlisting language="javascript">
No Response body is returned.
</programlisting>
</example>
</section>
</section>
<section xml:id="User_Operations-d1e1900">
<title>User Operations</title>
<section xml:id="Get_a_User-d1e2242">
<title>Get a User</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/users/<parameter>userId</parameter></td>
<td colspan="3">Get a user by user id.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>),
forbidden(<errorcode>403</errorcode>), itemNotFound(<errorcode>404</errorcode>),
badRequest (<errorcode>400</errorcode>), identityFault (<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
&NO_REQUEST;
<example>
<title>XML User Response</title>
<programlisting language="xml">
<xi:include href="samples/user.xml" parse="text"/>
</programlisting>
</example>
<example>
<title>JSON User Response</title>
<programlisting language="javascript">
<xi:include href="samples/user.json" parse="text"/>
</programlisting>
</example>
</section>
<section xml:id="Get_a_User-By_Name-d1e2242">
<title>Get a User</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/users?username=<parameter>userName</parameter></td>
<td colspan="3">Get a user by user name.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>),
forbidden(<errorcode>403</errorcode>), itemNotFound(<errorcode>404</errorcode>),
badRequest (<errorcode>400</errorcode>), identityFault (<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
&NO_REQUEST;
<example>
<title>XML User Response</title>
<programlisting language="xml">
<xi:include href="samples/user.xml" parse="text"/>
</programlisting>
</example>
<example>
<title>JSON User Response</title>
<programlisting language="javascript">
<xi:include href="samples/user.json" parse="text"/>
</programlisting>
</example>
</section>
<section xml:id="Get_User_Roles-d1e2242">
<title>Get list of User Roles</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/users/<parameter>user_id</parameter>/roles</td>
<td colspan="3">Returns a list of global roles associated with a specific user (excludes tenant roles).</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>),
forbidden(<errorcode>403</errorcode>), itemNotFound(<errorcode>404</errorcode>),
badRequest (<errorcode>400</errorcode>), identityFault (<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
&NO_REQUEST;
<example>
<title>XML User Role Response</title>
<programlisting language="xml">
<xi:include href="samples/roles.xml" parse="text"/>
</programlisting>
</example>
<example>
<title>JSON User Role Response</title>
<programlisting language="javascript">
<xi:include href="samples/roles.json" parse="text"/>
</programlisting>
</example>
</section>
</section>
<section xml:id="Tenant_Operations-d1e1900">
<para>Most calls on the Admin API require authentication. The only calls available without
authentication are the calls to discover the service (getting version info, WADL contract,
dev guide, help, etc…) and the call to authenticate and get a token.</para>
<para> Authentication is performed by passing in a valid token in the <code>X-Auth-Token</code>
header on the request from the client. Keystone will verify the token has (or belongs to a
user that has) the <code>Admin</code> role. </para>
<para> See the readme file or administrator guides for how to bootstrap Keystone and create your
first administrator. </para>
<table rules="all">
<caption>Authentication Header</caption>
<thead>
<tr>
<td>Header Type</td>
<td>Name</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<tr>
<td>HTTP/1.1 Request</td>
<td>X-Auth-Token</td>
<td>txfa8426a08eaf</td>
</tr>
</tbody>
</table>
<para>The following calls are core for the Keystone Admin 2.0 APIs:</para>
<section xml:id="Token_Operations">
<title>Token Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="identity-admin.wadl#tokens">
<wadl:method href="authenticate"/>
</wadl:resource>
<wadl:resource href="identity-admin.wadl#tokenById">
<wadl:method href="validateToken"/>
<wadl:method href="checkToken"/>
</wadl:resource>
<wadl:resource href="identity-admin.wadl#endpointsForToken">
<wadl:method href="listEndpointsForToken"/>
</wadl:resource>
</wadl:resources>
</section>
<section xml:id="User_Operations">
<title>User Operations</title>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="identity-admin.wadl#users">
<wadl:method href="getUserByName"/>
</wadl:resource>
<wadl:resource href="identity-admin.wadl#userid">
<wadl:method href="getUserById"/>
</wadl:resource>
<wadl:resource href="identity-admin.wadl#userRoles">
<wadl:method href="listUserGlobalRoles"/>
</wadl:resource>
</wadl:resources>
</section>
<section xml:id="Tenant_Operations">
<title>Tenant Operations</title>
<section xml:id="Get_Tenants-d1e1264">
<title>Get Tenants</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/tenants</td>
<td colspan="3">Get a list of tenants.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>),
forbidden(<errorcode>403</errorcode>), overLimit(<errorcode>413</errorcode>),
badRequest (<errorcode>400</errorcode>), identityFault (<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
<para>
The operation returns a list of tenants which the caller has
access to. This call must be authenticated, so a valid token must
be passed in as a header.
</para>
<example>
<title>Tenants Request with Auth Token</title>
<programlisting language="text">
<xi:include href="samples/tenants-request.txt" parse="text"/>
</programlisting>
</example>
&NO_REQUEST;
<example>
<title>JSON Tenants Response</title>
<programlisting language="javascript">
<xi:include href="samples/tenants.json" parse="text"/>
</programlisting>
</example>
<example>
<title>XML Tenants Response</title>
<programlisting language="xml">
<xi:include href="samples/tenants.xml" parse="text"/>
</programlisting>
</example>
</section>
<section xml:id="Get_a_Tenant-d1e2242">
<title>Get a Tenant</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/tenants/<parameter>tenantId</parameter></td>
<td colspan="3">Get a tenant.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>),
forbidden(<errorcode>403</errorcode>), itemNotFound(<errorcode>404</errorcode>),
badRequest (<errorcode>400</errorcode>), identityFault (<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
&NO_REQUEST;
<example>
<title>XML Tenant Response</title>
<programlisting language="xml">
<xi:include href="samples/tenant.xml" parse="text"/>
</programlisting>
</example>
<example>
<title>JSON Tenant Response</title>
<programlisting language="javascript">
<xi:include href="samples/tenant.json" parse="text"/>
</programlisting>
</example>
</section>
<section xml:id="Get_a_Tenant-By_Name-d1e2242">
<title>Get a Tenant by Name</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/tenants?<parameter>name=tenant_name</parameter></td>
<td colspan="3">Get a tenant by name.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>),
forbidden(<errorcode>403</errorcode>), itemNotFound(<errorcode>404</errorcode>),
badRequest (<errorcode>400</errorcode>), identityFault (<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
&NO_REQUEST;
<example>
<title>XML Tenant Response</title>
<programlisting language="xml">
<xi:include href="samples/tenant.xml" parse="text"/>
</programlisting>
</example>
<example>
<title>JSON Tenant Response</title>
<programlisting language="javascript">
<xi:include href="samples/tenant.json" parse="text"/>
</programlisting>
</example>
</section>
<section xml:id="Get_Tenant_Endpoints-d1e2242">
<title>Get list of Tenant Endpoints</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/tenants/<parameter>tenantId</parameter>/endpoints</td>
<td colspan="3"> Returns a list of roles for a user on a specific tenant.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>),
forbidden(<errorcode>403</errorcode>), itemNotFound(<errorcode>404</errorcode>),
badRequest (<errorcode>400</errorcode>), identityFault (<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
&NO_REQUEST;
<example>
<title>XML Tenant Response</title>
<programlisting language="xml">
<xi:include href="samples/endpoints.xml" parse="text"/>
</programlisting>
</example>
<example>
<title>JSON Tenant Response</title>
<programlisting language="javascript">
<xi:include href="samples/endpoints.json" parse="text"/>
</programlisting>
</example>
</section>
<section xml:id="Get_Tenant_User_Roles-d1e2242">
<title>Get list of Roles assigned for a User on a Tenant</title>
<informaltable rules="all">
&LONG_URI_REFHEAD;
<tbody>
<tr>
<td colspan="1"> &GET; </td>
<td colspan="4">/tenants/<parameter>tenant_id</parameter>/users/<parameter>user_id</parameter>/roles</td>
<td colspan="3">Returns a list of roles assigned to a user for a specific tenant.</td>
</tr>
</tbody>
</informaltable>
<simpara>&CODES;<returnvalue>200</returnvalue>, <returnvalue>203</returnvalue></simpara>
<simpara>&ERROR_CODES; unauthorized (<errorcode>401</errorcode>),
forbidden(<errorcode>403</errorcode>), itemNotFound(<errorcode>404</errorcode>),
badRequest (<errorcode>400</errorcode>), identityFault (<errorcode>500</errorcode>),
serviceUnavailable(<errorcode>503</errorcode>)</simpara>
&NO_REQUEST;
<example>
<title>XML Tenant Response</title>
<programlisting language="xml">
<xi:include href="samples/roles.xml" parse="text"/>
</programlisting>
</example>
<example>
<title>JSON Tenant Response</title>
<programlisting language="javascript">
<xi:include href="samples/roles.json" parse="text"/>
</programlisting>
</example>
</section>
</section>
</chapter>
<wadl:resources xmlns:wadl="http://wadl.dev.java.net/2009/02">
<wadl:resource href="identity-admin.wadl#tenants">
<wadl:method href="listTenants"/>
<wadl:method href="getTenantByName"/>
</wadl:resource>
<wadl:resource href="identity-admin.wadl#tenantById">
<wadl:method href="getTenantById"/>
</wadl:resource>
<wadl:resource href="identity-admin.wadl#userRolesForTenant">
<wadl:method href="listRolesForUserOnTenant"/>
</wadl:resource>
</wadl:resources>
</section>
</section>