Auth Context Objects
We are currently in a weird spot amongst all the services where they each parse the headers provided by keystonemiddleware and construct customized context objects. These are what are serialized and passed between servers.
With the push towards authentication plugins we are passing down a 'ready to use' plugin that we want the services to consume when talking to each other. This plugin should also be passed around between objects - and given that it knows everything that came from auth_token middleare can essentially be a replacement for the standard features of these context objects.
To do that we will need:
- A way to make the authentication plugins serializable and passed between services.
- To add accessors for all the data related to the user's token and the service's token - rather than use the headers.
- Integration with oslo.context that is capable of using our auth plugin as the basis for it's data.
- Integration with oslo.policy because this object will contain everything policy needs to enforce it's rules without the custom glue code that is currently used.
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Jamie Lennox
- Direction:
- Needs approval
- Assignee:
- Jamie Lennox
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Turn our auth plugin into a token interface