Rotating credentials can be easier using key authentication for two
reasons.
We read the key from disk on each authentication, allowing us to
exchange the secret without having to restart the driver.
The device allows us to populate multiple keys for the same user.
With credential rotation in mind, we implement the ability to use
multiple keys and also report if authentication with those keys have
been successful, allowing third party tooling to verify that it is safe
to rotate a key.
The _connect has also been moved from the YangConnection class to
the ASR1KContext class. This has been done, as it was only using
attributes of ASR1KContext, it was using none of the YangConnection
attributes and could have been static. I also feel that is tightly
coupled with the ASR1KContext.
Rotating credentials can be easier using key authentication for two reasons.
With credential rotation in mind, we implement the ability to use multiple keys and also report if authentication with those keys have been successful, allowing third party tooling to verify that it is safe to rotate a key.
The
_connecthas also been moved from theYangConnectionclass to theASR1KContextclass. This has been done, as it was only using attributes ofASR1KContext, it was using none of the YangConnection attributes and could have been static. I also feel that is tightly coupled with theASR1KContext.