[openstack-dev] Keystone auth_token middleware

Alan Pevec apevec at gmail.com
Mon Sep 24 10:13:42 UTC 2012

On Mon, Sep 24, 2012 at 10:45 AM, Thierry Carrez <thierry at openstack.org> wrote:
> Brian Waldon wrote:
>> The auth_token middleware shouldn't live in the Keystone source tree. It is not intended to be used alongside any of the Keystone code as it gets pulled in to every service *but* Keystone. It is super frustrating to have to install all of Keystone just to get this one piece of code. As this middleware is just a client, I am proposing we move it into the existing keystone client library - python-keystoneclient. What are the immediate feelings here?
> Distributions can solve this by creating multiple binary packages from
> the same source package,

I did that in Fedora for Essex, but it broke post folsom-2 due to new
intra-keystone dependencies in auth-token middleware:

There's also an issue with python subpackages sharing python namespace
- who owns overlapping __init__.py ?
Best would be if auth-token is moved out of keystone.middleware, there
are stuff imported[1] not required by auth-token.


[1] https://github.com/openstack/keystone/blob/master/keystone/middleware/__init__.py#L17

More information about the OpenStack-dev mailing list