Questions:
* The implementation is now KeyCloak specific in part of using realms
as a substition for Keystone projects (multitenancy). Based on a realm
name (in fact, project name) we build a url where we send auth requests.
Can we move away from KeyCloak specifics and provide a pure OpenID
Connect implementation?
TODO:
* Reusing existing token
* Refreshin a token
NOTE: This addition now looks slightly hacky because we try to put
all possible auth parameters into Client initializer. Ideally,
authentication method should be pluggable similar to the new Keystone
approach with separation sessions and authentication methods (see
keystoneauth project). This separation can be addressed only in Mistral
future versions because all changes in API/CLI v2 have to be backwards
compatible. API/CLI v3 must address this architectural issue.
Change-Id: I845b2bfbc1877e6f4b0c1a523d136e01c3742865
f7c04df5ec