[openstack-dev] [Keystone] Refactoring Authenticate
Adam Young
ayoung at redhat.com
Fri Aug 17 21:47:44 UTC 2012
I've started to attack the mess that is the authenticate code in service.py
https://github.com/admiyo/keystone/commit/fdd7ea535c6a6eb99c8652155e6556cf76e87723
The thing that is clear to me is that most of this code does not belong
inside service.py, but rather in some shared location. keystone/token
comes to mind. There is a note from termie that it maybe belongs in
middleware as well.
There are two things I'm trying to work out. One is that the code needs
to be shared across other calls, most specifically the extensions that ,
as of right now, don't work with PKI tokens (perhaps they don't need
to?). The other is the fact that the logic here is really not specific
to the web, but should instead be considered business logic, agnostic to
how it is called.
Any objection to moving this code into keystone/token, and separating
out web specific functionality from business logic?
More information about the OpenStack-dev
mailing list