Comment 2 for bug 1946117

I think that it is pretty much against the idea of (micro)services that communicate to each other via a common protocol (http).

Keystone is not aware about what validates the token, and keystonemiddleware is not aware about keystone. Keystonemiddleware makes requests to an identity server. Keystonemiddleware discovers an identity server via service catalog, included in the response to service user authentication - also a step missing in your description.

I think this should not be implemented.