1277cc065b
The new integration test shows the desired user-facing behavior, which is to make it easy to login without a tenanted URL and to jump between tenants. Note that we track two things in the identity_token cookie: a signed id, and the updated_at for the underlying Identity object. This allows us to effectively cache on the Identity without having to hit the database, by using an Identity::Mock object that is compatible with etag and cache methods.