I'm building a custom dashboard(as a replacement to horizon), but I'm having trouble managing token renewal in openstack(Icehouse). My goal is to "extend" a user's session as long as he is doing operations on the dashboard. I had two options:
If the token's expiration is near, generate a token using an existing token and use the new token moving forward -- but the problem with this is that the new token's expiration issued by openstack has the same expiration as the old one.
If the token's expiration is near, revoke the the token, query the user's credentials(i think this was still supported on keystone v2 on havana) through an admin session, and then get a token in behalf of the user and use that moving forward. But i think the ability to get a user's credential's is now not supported.
So, both can't really work -- can anybody point me to the right direction to be able to achieve what I intend to do?