def test_convert_integer_to_methods(self): auth_methods = ['password', 'token', 'totp'] self.config_fixture.config(group='auth', methods=auth_methods) expected_methods = ['password'] methods = plugins.convert_integer_to_method_list(1) self.assertTrue(len(methods) == 1) for method in methods: self.assertIn(method, expected_methods) expected_methods = ['password', 'token'] methods = plugins.convert_integer_to_method_list(3) self.assertTrue(len(methods) == 2) for method in methods: self.assertIn(method, expected_methods) expected_methods = ['password', 'totp'] methods = plugins.convert_integer_to_method_list(5) self.assertTrue(len(methods) == 2) for method in methods: self.assertIn(method, expected_methods) expected_methods = ['token', 'totp'] methods = plugins.convert_integer_to_method_list(6) self.assertTrue(len(methods) == 2) for method in methods: self.assertIn(method, expected_methods) expected_methods = ['password', 'token', 'totp'] methods = plugins.convert_integer_to_method_list(7) self.assertTrue(len(methods) == 3) for method in methods: self.assertIn(method, expected_methods)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.convert_uuid_bytes_to_hex(user_id) else: # NOTE(cmurphy): The user ID of shadowed federated users is no # longer a UUID but a sha256 hash string, and so it should not be # converted to a byte string since it is not a UUID format. # However. on python3 msgpack returns the serialized input as a # byte string anyway. Similar to other msgpack'd values in the # payload, we need to explicitly decode it to a string value. if six.PY3 and isinstance(user_id, six.binary_type): user_id = user_id.decode('utf-8') methods = auth_plugins.convert_integer_to_method_list(payload[1]) group_ids = list(map(cls.unpack_group_id, payload[2])) (is_stored_as_bytes, idp_id) = payload[3] if is_stored_as_bytes: idp_id = cls.convert_uuid_bytes_to_hex(idp_id) else: idp_id = idp_id.decode('utf-8') protocol_id = payload[4] if isinstance(protocol_id, six.binary_type): protocol_id = protocol_id.decode('utf-8') expires_at_str = cls._convert_float_to_time_string(payload[5]) audit_ids = list(map(cls.base64_encode, payload[6])) system = None project_id = None domain_id = None trust_id = None access_token_id = None app_cred_id = None return (user_id, methods, system, project_id, domain_id, expires_at_str, audit_ids, trust_id, group_ids, idp_id, protocol_id, access_token_id, app_cred_id)
def disassemble(cls, payload): """Validate a federated paylod. :param token_string: a string representing the token :return: a tuple containing the user_id, auth methods, audit_ids, and a dictionary containing federated information such as the the group IDs, the identity provider ID, the protocol ID, and the federated domain ID """ def unpack_group_ids(group_id_in_bytes): group_id = cls.convert_uuid_bytes_to_hex(group_id_in_bytes) return {'id': group_id} user_id = cls.attempt_convert_uuid_bytes_to_hex(payload[0]) methods = auth_plugins.convert_integer_to_method_list(payload[1]) group_ids = map(unpack_group_ids, payload[2]) idp_id = cls.attempt_convert_uuid_bytes_to_hex(payload[3]) protocol_id = payload[4] expires_at_str = cls._convert_int_to_time_string(payload[5]) audit_ids = map(provider.base64_encode, payload[6]) federated_info = dict(group_ids=group_ids, idp_id=idp_id, protocol_id=protocol_id) return (user_id, methods, expires_at_str, audit_ids, federated_info)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) try: domain_id = cls.convert_uuid_bytes_to_hex(payload[2]) except ValueError: # the default domain ID is configurable, and probably isn't a UUID if six.PY3 and isinstance(payload[2], six.binary_type): payload[2] = payload[2].decode('utf-8') if payload[2] == CONF.identity.default_domain_id: domain_id = payload[2] else: raise expires_at_str = cls._convert_float_to_time_string(payload[3]) audit_ids = list(map(cls.base64_encode, payload[4])) system = None project_id = None trust_id = None federated_group_ids = None identity_provider_id = None protocol_id = None access_token_id = None app_cred_id = None return (user_id, methods, system, project_id, domain_id, expires_at_str, audit_ids, trust_id, federated_group_ids, identity_provider_id, protocol_id, access_token_id, app_cred_id)
def disassemble(cls, payload): """Validate a federated paylod. :param token_string: a string representing the token :return: a tuple containing the user_id, auth methods, audit_ids, and a dictionary containing federated information such as the the group IDs, the identity provider ID, the protocol ID, and the federated domain ID """ def unpack_group_ids(group_id_in_bytes): (is_stored_as_bytes, group_id) = group_id_in_bytes if is_stored_as_bytes: group_id = cls.attempt_convert_uuid_bytes_to_hex(group_id) return {'id': group_id} (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) group_ids = map(unpack_group_ids, payload[2]) (is_stored_as_bytes, idp_id) = payload[3] if is_stored_as_bytes: idp_id = cls.attempt_convert_uuid_bytes_to_hex(idp_id) protocol_id = payload[4] expires_at_str = cls._convert_int_to_time_string(payload[5]) audit_ids = map(provider.base64_encode, payload[6]) federated_info = dict(group_ids=group_ids, idp_id=idp_id, protocol_id=protocol_id) return (user_id, methods, expires_at_str, audit_ids, federated_info)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) (is_stored_as_bytes, project_id) = payload[2] if is_stored_as_bytes: project_id = cls.convert_uuid_bytes_to_hex(project_id) (is_stored_as_bytes, access_token_id) = payload[3] if is_stored_as_bytes: access_token_id = cls.convert_uuid_bytes_to_hex(access_token_id) expires_at_str = cls._convert_float_to_time_string(payload[4]) audit_ids = list(map(cls.base64_encode, payload[5])) system = None domain_id = None trust_id = None federated_group_ids = None identity_provider_id = None protocol_id = None app_cred_id = None return (user_id, methods, system, project_id, domain_id, expires_at_str, audit_ids, trust_id, federated_group_ids, identity_provider_id, protocol_id, access_token_id, app_cred_id)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) group_ids = list(map(cls.unpack_group_id, payload[2])) (is_stored_as_bytes, idp_id) = payload[3] if is_stored_as_bytes: idp_id = cls.convert_uuid_bytes_to_hex(idp_id) else: idp_id = idp_id.decode('utf-8') protocol_id = payload[4] if isinstance(protocol_id, six.binary_type): protocol_id = protocol_id.decode('utf-8') expires_at_str = cls._convert_float_to_time_string(payload[5]) audit_ids = list(map(cls.base64_encode, payload[6])) system = None project_id = None domain_id = None trust_id = None access_token_id = None app_cred_id = None return (user_id, methods, system, project_id, domain_id, expires_at_str, audit_ids, trust_id, group_ids, idp_id, protocol_id, access_token_id, app_cred_id)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] user_id = cls._convert_or_decode(is_stored_as_bytes, user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) (is_stored_as_bytes, scope_id) = payload[2] scope_id = cls._convert_or_decode(is_stored_as_bytes, scope_id) project_id = (scope_id if cls.version == FederatedProjectScopedPayload.version else None) domain_id = (scope_id if cls.version == FederatedDomainScopedPayload.version else None) group_ids = list(map(cls.unpack_group_id, payload[3])) (is_stored_as_bytes, idp_id) = payload[4] idp_id = cls._convert_or_decode(is_stored_as_bytes, idp_id) protocol_id = payload[5] if six.PY3 and isinstance(protocol_id, six.binary_type): protocol_id = protocol_id.decode('utf-8') expires_at_str = cls._convert_float_to_time_string(payload[6]) audit_ids = list(map(cls.base64_encode, payload[7])) system = None trust_id = None access_token_id = None app_cred_id = None return (user_id, methods, system, project_id, domain_id, expires_at_str, audit_ids, trust_id, group_ids, idp_id, protocol_id, access_token_id, app_cred_id)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) group_ids = list(map(cls.unpack_group_id, payload[2])) (is_stored_as_bytes, idp_id) = payload[3] if is_stored_as_bytes: idp_id = cls.convert_uuid_bytes_to_hex(idp_id) else: idp_id = idp_id.decode('utf-8') protocol_id = payload[4] if isinstance(protocol_id, six.binary_type): protocol_id = protocol_id.decode('utf-8') expires_at_str = cls._convert_float_to_time_string(payload[5]) audit_ids = list(map(cls.base64_encode, payload[6])) federated_info = dict(group_ids=group_ids, idp_id=idp_id, protocol_id=protocol_id) system = None project_id = None domain_id = None trust_id = None access_token_id = None app_cred_id = None return (user_id, methods, system, project_id, domain_id, expires_at_str, audit_ids, trust_id, federated_info, access_token_id, app_cred_id)
def disassemble(cls, payload): """Validate a project-scoped federated payload. :param token_string: a string representing the token :returns: a tuple containing the user_id, auth methods, scope_id, expiration time (as str), audit_ids, and a dictionary containing federated information such as the the identity provider ID, the protocol ID, the federated domain ID and group IDs """ (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) (is_stored_as_bytes, scope_id) = payload[2] if is_stored_as_bytes: scope_id = cls.attempt_convert_uuid_bytes_to_hex(scope_id) group_ids = list(map(cls.unpack_group_id, payload[3])) (is_stored_as_bytes, idp_id) = payload[4] if is_stored_as_bytes: idp_id = cls.attempt_convert_uuid_bytes_to_hex(idp_id) protocol_id = payload[5] expires_at_str = cls._convert_float_to_time_string(payload[6]) audit_ids = list(map(provider.base64_encode, payload[7])) federated_info = dict(idp_id=idp_id, protocol_id=protocol_id, group_ids=group_ids) return (user_id, methods, scope_id, expires_at_str, audit_ids, federated_info)
def disassemble(cls, payload): """Validate a project-scoped federated payload. :param token_string: a string representing the token :returns: a tuple containing the user_id, auth methods, scope_id, expiration time (as str), audit_ids, and a dictionary containing federated information such as the the identity provider ID, the protocol ID, the federated domain ID and group IDs """ (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) (is_stored_as_bytes, scope_id) = payload[2] if is_stored_as_bytes: scope_id = cls.attempt_convert_uuid_bytes_to_hex(scope_id) group_ids = list(map(cls.unpack_group_id, payload[3])) (is_stored_as_bytes, idp_id) = payload[4] if is_stored_as_bytes: idp_id = cls.attempt_convert_uuid_bytes_to_hex(idp_id) protocol_id = payload[5] expires_at_str = cls._convert_int_to_time_string(payload[6]) audit_ids = list(map(provider.base64_encode, payload[7])) federated_info = dict(idp_id=idp_id, protocol_id=protocol_id, group_ids=group_ids) return (user_id, methods, scope_id, expires_at_str, audit_ids, federated_info)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) (is_stored_as_bytes, scope_id) = payload[2] if is_stored_as_bytes: scope_id = cls.convert_uuid_bytes_to_hex(scope_id) project_id = ( scope_id if cls.version == FederatedProjectScopedPayload.version else None) domain_id = ( scope_id if cls.version == FederatedDomainScopedPayload.version else None) group_ids = list(map(cls.unpack_group_id, payload[3])) (is_stored_as_bytes, idp_id) = payload[4] if is_stored_as_bytes: idp_id = cls.convert_uuid_bytes_to_hex(idp_id) protocol_id = payload[5] expires_at_str = cls._convert_float_to_time_string(payload[6]) audit_ids = list(map(provider.base64_encode, payload[7])) federated_info = dict(idp_id=idp_id, protocol_id=protocol_id, group_ids=group_ids) trust_id = None access_token_id = None return (user_id, methods, project_id, domain_id, expires_at_str, audit_ids, trust_id, federated_info, access_token_id)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.convert_uuid_bytes_to_hex(user_id) else: # NOTE(cmurphy): The user ID of shadowed federated users is no # longer a UUID but a sha256 hash string, and so it should not be # converted to a byte string since it is not a UUID format. # However. on python3 msgpack returns the serialized input as a # byte string anyway. Similar to other msgpack'd values in the # payload, we need to explicitly decode it to a string value. if six.PY3 and isinstance(user_id, six.binary_type): user_id = user_id.decode('utf-8') methods = auth_plugins.convert_integer_to_method_list(payload[1]) (is_stored_as_bytes, scope_id) = payload[2] if is_stored_as_bytes: scope_id = cls.convert_uuid_bytes_to_hex(scope_id) else: # NOTE(lbragstad): We assembled the token payload scope as a tuple # (False, domain_id) for cases like (False, 'default'), since the # default domain ID isn't converted to a byte string when it's not # in UUID format. Despite the boolean indicator in the tuple that # denotes if the value is stored as a byte string or not, msgpack # apparently returns the serialized input as byte strings anyway. # For example, this means what we though we were passing in as # (False, 'default') during token creation actually comes out as # (False, b'default') in token validation through msgpack, which # clearly isn't correct according to our boolean indicator. This # causes comparison issues due to different string types (e.g., # b'default' != 'default') with python 3. See bug 1813085 for # details. We use this pattern for other strings in the payload # like idp_id and protocol_id for the same reason. if six.PY3 and isinstance(scope_id, six.binary_type): scope_id = scope_id.decode('utf-8') project_id = ( scope_id if cls.version == FederatedProjectScopedPayload.version else None) domain_id = ( scope_id if cls.version == FederatedDomainScopedPayload.version else None) group_ids = list(map(cls.unpack_group_id, payload[3])) (is_stored_as_bytes, idp_id) = payload[4] if is_stored_as_bytes: idp_id = cls.convert_uuid_bytes_to_hex(idp_id) else: if six.PY3 and isinstance(idp_id, six.binary_type): idp_id = idp_id.decode('utf-8') protocol_id = payload[5] if six.PY3 and isinstance(protocol_id, six.binary_type): protocol_id = protocol_id.decode('utf-8') expires_at_str = cls._convert_float_to_time_string(payload[6]) audit_ids = list(map(cls.base64_encode, payload[7])) system = None trust_id = None access_token_id = None app_cred_id = None return (user_id, methods, system, project_id, domain_id, expires_at_str, audit_ids, trust_id, group_ids, idp_id, protocol_id, access_token_id, app_cred_id)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.convert_uuid_bytes_to_hex(user_id) else: # NOTE(cmurphy): The user ID of shadowed federated users is no # longer a UUID but a sha256 hash string, and so it should not be # converted to a byte string since it is not a UUID format. # However. on python3 msgpack returns the serialized input as a # byte string anyway. Similar to other msgpack'd values in the # payload, we need to explicitly decode it to a string value. if six.PY3 and isinstance(user_id, six.binary_type): user_id = user_id.decode('utf-8') methods = auth_plugins.convert_integer_to_method_list(payload[1]) (is_stored_as_bytes, scope_id) = payload[2] if is_stored_as_bytes: scope_id = cls.convert_uuid_bytes_to_hex(scope_id) else: # NOTE(lbragstad): We assembled the token payload scope as a tuple # (False, domain_id) for cases like (False, 'default'), since the # default domain ID isn't converted to a byte string when it's not # in UUID format. Despite the boolean indicator in the tuple that # denotes if the value is stored as a byte string or not, msgpack # apparently returns the serialized input as byte strings anyway. # For example, this means what we though we were passing in as # (False, 'default') during token creation actually comes out as # (False, b'default') in token validation through msgpack, which # clearly isn't correct according to our boolean indicator. This # causes comparison issues due to different string types (e.g., # b'default' != 'default') with python 3. See bug 1813085 for # details. We use this pattern for other strings in the payload # like idp_id and protocol_id for the same reason. if six.PY3 and isinstance(scope_id, six.binary_type): scope_id = scope_id.decode('utf-8') project_id = (scope_id if cls.version == FederatedProjectScopedPayload.version else None) domain_id = (scope_id if cls.version == FederatedDomainScopedPayload.version else None) group_ids = list(map(cls.unpack_group_id, payload[3])) (is_stored_as_bytes, idp_id) = payload[4] if is_stored_as_bytes: idp_id = cls.convert_uuid_bytes_to_hex(idp_id) else: if six.PY3 and isinstance(idp_id, six.binary_type): idp_id = idp_id.decode('utf-8') protocol_id = payload[5] if six.PY3 and isinstance(protocol_id, six.binary_type): protocol_id = protocol_id.decode('utf-8') expires_at_str = cls._convert_float_to_time_string(payload[6]) audit_ids = list(map(cls.base64_encode, payload[7])) system = None trust_id = None access_token_id = None app_cred_id = None return (user_id, methods, system, project_id, domain_id, expires_at_str, audit_ids, trust_id, group_ids, idp_id, protocol_id, access_token_id, app_cred_id)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) expires_at_str = cls._convert_float_to_time_string(payload[2]) audit_ids = list(map(provider.base64_encode, payload[3])) project_id = None domain_id = None trust_id = None federated_info = None return (user_id, methods, project_id, domain_id, expires_at_str, audit_ids, trust_id, federated_info)
def disassemble(cls, payload): """Disassemble an unscoped payload into the component data. :param payload: the payload of an unscoped token :return: a tuple containing the user_id, auth methods, expires_at, and audit_ids """ user_id = cls.attempt_convert_uuid_bytes_to_hex(payload[0]) methods = auth_plugins.convert_integer_to_method_list(payload[1]) expires_at_str = cls._convert_float_to_time_string(payload[2]) audit_ids = list(map(provider.base64_encode, payload[3])) return (user_id, methods, expires_at_str, audit_ids)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) expires_at_str = cls._convert_float_to_time_string(payload[2]) audit_ids = list(map(provider.base64_encode, payload[3])) project_id = None domain_id = None trust_id = None federated_info = None return (user_id, methods, project_id, domain_id, expires_at_str, audit_ids, trust_id, federated_info)
def disassemble(cls, payload): """Validate a trust-based payload. :param token_string: a string representing the token :returns: a tuple containing the user_id, auth methods, project_id, expires_at_str, audit_ids, and trust_id """ user_id = cls.attempt_convert_uuid_bytes_to_hex(payload[0]) methods = auth_plugins.convert_integer_to_method_list(payload[1]) project_id = cls.attempt_convert_uuid_bytes_to_hex(payload[2]) expires_at_str = cls._convert_float_to_time_string(payload[3]) audit_ids = list(map(provider.base64_encode, payload[4])) trust_id = cls.convert_uuid_bytes_to_hex(payload[5]) return (user_id, methods, project_id, expires_at_str, audit_ids, trust_id)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) group_ids = list(map(cls.unpack_group_id, payload[2])) (is_stored_as_bytes, idp_id) = payload[3] if is_stored_as_bytes: idp_id = cls.convert_uuid_bytes_to_hex(idp_id) protocol_id = payload[4] expires_at_str = cls._convert_float_to_time_string(payload[5]) audit_ids = list(map(provider.base64_encode, payload[6])) federated_info = dict(group_ids=group_ids, idp_id=idp_id, protocol_id=protocol_id) project_id = None domain_id = None trust_id = None return (user_id, methods, project_id, domain_id, expires_at_str, audit_ids, trust_id, federated_info)
def disassemble(cls, payload): """Disassemble a payload into the component data. The tuple consists of:: (user_id, methods, expires_at_str) * ``methods`` are the auth methods. :param payload: this variant of payload :returns: a tuple of the payloads component data """ (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) expires_at_str = cls._convert_float_to_time_string(payload[2]) return (user_id, methods, expires_at_str)
def disassemble(cls, payload): """Disassemble a payload into the component data. :param payload: the payload of a token :return: a tuple containing the user_id, auth methods, project_id, expires_at_str, and audit_ids """ (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) (is_stored_as_bytes, project_id) = payload[2] if is_stored_as_bytes: project_id = cls.attempt_convert_uuid_bytes_to_hex(project_id) expires_at_str = cls._convert_float_to_time_string(payload[3]) audit_ids = list(map(provider.base64_encode, payload[4])) return (user_id, methods, project_id, expires_at_str, audit_ids)
def disassemble(cls, payload): """Disassemble a payload into the component data. :param payload: the payload of a token :return: a tuple containing the user_id, auth methods, project_id, expires_at_str, and audit_ids """ (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) (is_stored_as_bytes, project_id) = payload[2] if is_stored_as_bytes: project_id = cls.attempt_convert_uuid_bytes_to_hex(project_id) expires_at_str = cls._convert_int_to_time_string(payload[3]) audit_ids = list(map(provider.base64_encode, payload[4])) return (user_id, methods, project_id, expires_at_str, audit_ids)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) try: domain_id = cls.convert_uuid_bytes_to_hex(payload[2]) except ValueError: # the default domain ID is configurable, and probably isn't a UUID if payload[2] == CONF.identity.default_domain_id: domain_id = payload[2] else: raise expires_at_str = cls._convert_float_to_time_string(payload[3]) audit_ids = list(map(provider.base64_encode, payload[4])) project_id = None trust_id = None federated_info = None return (user_id, methods, project_id, domain_id, expires_at_str, audit_ids, trust_id, federated_info)
def disassemble(cls, payload): (is_stored_as_bytes, user_id) = payload[0] if is_stored_as_bytes: user_id = cls.convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) try: domain_id = cls.convert_uuid_bytes_to_hex(payload[2]) except ValueError: # the default domain ID is configurable, and probably isn't a UUID if payload[2] == CONF.identity.default_domain_id: domain_id = payload[2] else: raise expires_at_str = cls._convert_float_to_time_string(payload[3]) audit_ids = list(map(provider.base64_encode, payload[4])) project_id = None trust_id = None federated_info = None access_token_id = None return (user_id, methods, project_id, domain_id, expires_at_str, audit_ids, trust_id, federated_info, access_token_id)
def disassemble(cls, payload): """Disassemble a payload into the component data. :param payload: the payload of a token :return: a tuple containing the user_id, auth methods, domain_id, expires_at_str, and audit_ids """ user_id = cls.attempt_convert_uuid_bytes_to_hex(payload[0]) methods = auth_plugins.convert_integer_to_method_list(payload[1]) try: domain_id = cls.convert_uuid_bytes_to_hex(payload[2]) except ValueError: # the default domain ID is configurable, and probably isn't a UUID if payload[2] == CONF.identity.default_domain_id: domain_id = payload[2] else: raise expires_at_str = cls._convert_float_to_time_string(payload[3]) audit_ids = list(map(provider.base64_encode, payload[4])) return (user_id, methods, domain_id, expires_at_str, audit_ids)