python-keystoneclient

Use common connection and auth plugin

Registered by Jamie Lennox

Nova and other clients have the concept of a basic connection class that provides authorization and then can be shared amongst all clients. This provides many benefits including http sessions, easily sharing tokens between clients, caching etc.

We should do this in keystoneclient so that we can be in control of the session class for adding things like kerberos when they are required.

This is essentially the same as https://blueprints.launchpad.net/python-keystoneclient/+spec/keystoneclient-auth-system except we are currently just concerned with the architecture.

Blueprint information

Status:
Complete
Approver:
None
Priority:
Medium
Drafter:
Jamie Lennox
Direction:
Needs approval
Assignee:
Jamie Lennox
Definition:
New
Series goal:
Accepted for 0.x.x
Implementation:
Implemented
Milestone target:
milestone icon 0.7.0
Started by
Dolph Mathews
Completed by
Dolph Mathews

Related branches

Sprints

Whiteboard

Read: http://www.jamielennox.net/blog/2013/09/27/apiclient-communications/ for a justification of the design.

Gerrit topic: https://review.openstack.org/#q,topic:bp/auth-plugins,n,z

Addressed by: https://review.openstack.org/43828 (abandoned)
    Create Auth Plugins.

Addressed by: https://review.openstack.org/43829 (merged)
    Extract ClientSession communication object

Addressed by: https://review.openstack.org/43979 (abandoned)
    Shrink the parameter list.

Addressed by: https://review.openstack.org/45995 (abandoned)
    Extract a base Session object.

Addressed by: https://review.openstack.org/45996 (abandoned)
    Consolidate identity properties in HTTPClient

Addressed by: https://review.openstack.org/45997 (abandoned)
    Introduce Authentication Plugins.

Addressed by: https://review.openstack.org/45998 (abandoned)
    Create Auth Plugin out of HTTPClient.

Addressed by: https://review.openstack.org/45999 (abandoned)
    Move Auth Plugin concepts onto session.

Addressed by: https://review.openstack.org/46000 (abandoned)
    Create a Token / Endpoint Auth Plugin.

Addressed by: https://review.openstack.org/44014 (merged)
    Convert tests to HTTPretty and reorganize

Addressed by: https://review.openstack.org/48873 (merged)
    Add AssertHeader test helper and make use of it

Addressed by: https://review.openstack.org/50186 (abandoned)
    Provide a deprecated utility

Addressed by: https://review.openstack.org/60751 (merged)
    Create Authentication Plugins

Addressed by: https://review.openstack.org/60752 (abandoned)
    Handle URLs via the session and auth_plugins

Addressed by: https://review.openstack.org/60753 (abandoned)
    Modify tests to run with auth-plugins

Addressed by: https://review.openstack.org/61247 (merged)
    Make version discovery depend upon session

Gerrit topic: https://review.openstack.org/#q,topic:private-disc,n,z

Addressed by: https://review.openstack.org/65877 (merged)
    Respect region name when processing domain URL

Gerrit topic: https://review.openstack.org/#q,topic:ap,n,z

Gerrit topic: https://review.openstack.org/#q,topic:auth_plugin_rebase,n,z

Addressed by: https://review.openstack.org/68006 (merged)
    Create V2 Auth Plugin

Addressed by: https://review.openstack.org/68007 (merged)
    Create V3 Auth Plugin

Gerrit topic: https://review.openstack.org/#q,topic:bp/kerberos-authentication,n,z

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.

Nearby

This blueprint contains Public information 
Everyone can see this information.