move the auth_token middleware to the keystoneclient repository
auth_token needs to be a package separate from keystone, and keystoneclient looks to be a good repository to place it into.
So here's the High Level plan for fixing this:
1) Move auth_token from keystone to keystone client, so that other projects only need to have access to the client modules, not the server itself
2) Change the various paste files to find this in the new location.
3) Do the above in a sequence that doesn't break anything
Detail of the changes:
Unfortunately, auth_token has grown some roots in the keystone server that we need to cut, namely:
- It references some keystone.
- It also references cms, utils (and indirectly logging) from keystone.common. Now for utils, the only thing that is referenced is hash_signed_token - and nobody else in the server uses this. So I propose we move this function to keystoneclient.
Note from OpenStack Meeting (11/13) - request to please import auth_token in keystone from keystoneclient for backwards compatibility
Addressed by: https:/
Import keystoneclient auth_token back to keystone for backward compatibility
a) Update keystone client with the addition of newly required openstack.common items : DONE
b) Duplicate hash_signed_token to keystone.
c) Duplicate auth_token and cms to keystoneclient.
d) bcwaldon requested that we import auth_token from keystoneclient into where it exists today in keystone to maintain backwards compatibility through the next release : DONE
e) Change devstack and the paste files in the other projects to point keystoneclient rather than keystone for the authorization code : TODO
f) Retire the keystone version of auth_token that imports from the client at some future release : POSTPONED