If I understand the comments correctly, the issue is that the server in some cases (grizzly/memcache at least, not sure about others... please re-precise) returns full token instead of token id in the check, which breaks Keystone middleware revocation.
If that's correct, I suppose we could fix it directly on the server side because it's a bit unlikely that another client would have relied on that wrong answer.. The alternative is to not fix it in Grizzly, support both forms in the middleware/client side and introduce the fix only in Havana...
Looks like this will need an OSSA in all cases.
If I understand the comments correctly, the issue is that the server in some cases (grizzly/memcache at least, not sure about others... please re-precise) returns full token instead of token id in the check, which breaks Keystone middleware revocation.
If that's correct, I suppose we could fix it directly on the server side because it's a bit unlikely that another client would have relied on that wrong answer.. The alternative is to not fix it in Grizzly, support both forms in the middleware/client side and introduce the fix only in Havana...