From today, we all agreed that we would like an abstraction that contains, at a minimum the:
auth token
service catalog
It seems reasonable to call that Session except for the possibility of confusing that for an HTTP session. We agreed, instead, that we'd call it an IdentitySession (as it is really a session with Keystone).
The identity map would hash username + cloud (perhaps auth url here? – the point is "something to uniquely identify User A auth'd against Cloud Auth X) to the IdentitySession object. After a user successfully authenticates to a particular cloud, subsequent authentication calls can be short circuited by using the IdentitySession stored in the identity map.
The identity map would be stored in the Fog::OpenStackCommon::Identityclass to ensure that it lasts for the life of the VM.
From today, we all agreed that we would like an abstraction that contains, at a minimum the:
It seems reasonable to call that
Sessionexcept for the possibility of confusing that for an HTTP session. We agreed, instead, that we'd call it anIdentitySession(as it is really a session with Keystone).The identity map would hash username + cloud (perhaps auth url here? – the point is "something to uniquely identify User A auth'd against Cloud Auth X) to the
IdentitySessionobject. After a user successfully authenticates to a particular cloud, subsequent authentication calls can be short circuited by using theIdentitySessionstored in the identity map.The identity map would be stored in the
Fog::OpenStackCommon::Identityclass to ensure that it lasts for the life of the VM.