Correct docstring for common.authorization

The docstring for the common.authorization module was incomplete because it was missing several fields that are put into the auth context dict. Change-Id: Ib60cfd9989d55f2be3faa122728431ca93a98813
openstack · Sep 3, 2015 · 95f6405 · 95f6405
1 parent 7f279ad
commit 95f6405
Showing 1 changed file with 11 additions and 1 deletion.
diff --git a/keystone/common/authorization.py b/keystone/common/authorization.py
@@ -29,13 +29,23 @@
 Auth context is essentially the user credential used for policy enforcement.
 It is a dictionary with the following attributes:
 
+* ``token``: Token from the request
 * ``user_id``: user ID of the principal
 * ``project_id`` (optional): project ID of the scoped project if auth is
                              project-scoped
 * ``domain_id`` (optional): domain ID of the scoped domain if auth is
                             domain-scoped
+* ``domain_name`` (optional): domain name of the scoped domain if auth is
+                              domain-scoped
+* ``is_delegated_auth``: True if this is delegated (via trust or oauth)
+* ``trust_id``: Trust ID if trust-scoped, or None
+* ``trustor_id``: Trustor ID if trust-scoped, or None
+* ``trustee_id``: Trustee ID if trust-scoped, or None
+* ``consumer_id``: OAuth consumer ID, or None
+* ``access_token_id``: OAuth access token ID, or None
 * ``roles`` (optional): list of role names for the given scope
-* ``group_ids``: list of group IDs for which the API user has membership
+* ``group_ids`` (optional): list of group IDs for which the API user has
+                            membership if token was for a federated user
 
 """