aetos/mail-intake
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

google styled doc

Browse Source
This commit is contained in:
Vishesh 'ironeagle' Bangotra
2026-03-08 00:29:24 +05:30
parent 9f37af5761
commit 9f9e472ada
21 changed files with 593 additions and 358 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
mail_intake/credentials/store.py
View File

@@ -1,6 +1,10 @@
"""
Credential persistence abstractions for Mail Intake.
---
## Summary
This module defines the generic persistence contract used to store and
retrieve authentication credentials across Mail Intake components.
@@ -29,16 +33,18 @@ class CredentialStore(ABC, Generic[T]):
Abstract base class defining a generic persistence interface for
authentication credentials.
This interface separates *credential lifecycle management* from
*credential storage mechanics*. Implementations are responsible
only for persistence concerns, while authentication providers
retain full control over credential creation, validation, refresh,
and revocation logic.
Notes:
**Responsibilities:**
The store is intentionally agnostic to:
- The concrete credential type being stored
- The serialization format used to persist credentials
- The underlying storage backend or durability guarantees
- Provide persistent storage separating life-cycle management from storage mechanics
- Keep implementation focused only on persistence
**Constraints:**
- The store is intentionally agnostic to:
- The concrete credential type being stored
- The serialization format used to persist credentials
- The underlying storage backend or durability guarantees
"""
@abstractmethod
@@ -46,16 +52,16 @@ class CredentialStore(ABC, Generic[T]):
"""
Load previously persisted credentials.
Implementations should return ``None`` when no credentials are
present or when stored credentials cannot be successfully
decoded or deserialized.
The store must not attempt to validate, refresh, or otherwise
interpret the returned credentials.
Returns:
An instance of type ``T`` if credentials are available and
loadable; otherwise ``None``.
Optional[T]:
An instance of type ``T`` if credentials are available and
loadable; otherwise ``None``.
Notes:
**Guarantees:**
- Implementations should return ``None`` when no credentials are present or when stored credentials cannot be successfully decoded or deserialized
- The store must not attempt to validate, refresh, or otherwise interpret the returned credentials
"""
@abstractmethod
@@ -63,18 +69,20 @@ class CredentialStore(ABC, Generic[T]):
"""
Persist credentials to the underlying storage backend.
This method is invoked when credentials are newly obtained or
have been refreshed and are known to be valid at the time of
persistence.
Implementations are responsible for:
- Ensuring durability appropriate to the deployment context
- Applying encryption or access controls where required
- Overwriting any previously stored credentials
Args:
credentials:
credentials (T):
The credential object to persist.
Notes:
**Lifecycle:**
- This method is invoked when credentials are newly obtained or have been refreshed and are known to be valid at the time of persistence
**Responsibilities:**
- Ensuring durability appropriate to the deployment context
- Applying encryption or access controls where required
- Overwriting any previously stored credentials
"""
@abstractmethod
@@ -82,9 +90,13 @@ class CredentialStore(ABC, Generic[T]):
"""
Remove any persisted credentials from the store.
This method is called when credentials are known to be invalid,
revoked, corrupted, or otherwise unusable, and must ensure that
no stale authentication material remains accessible.
Notes:
**Lifecycle:**
Implementations should treat this operation as idempotent.
- This method is called when credentials are known to be invalid, revoked, corrupted, or otherwise unusable
- Must ensure that no stale authentication material remains accessible
**Guarantees:**
- Implementations should treat this operation as idempotent
"""