updated docs strings and added README.md
This commit is contained in:
@@ -2,21 +2,21 @@
|
||||
"module": "mail_intake.credentials",
|
||||
"content": {
|
||||
"path": "mail_intake.credentials",
|
||||
"docstring": "Credential persistence interfaces and implementations for Mail Intake.\n\n---\n\n## Summary\n\nThis package defines the abstractions and concrete implementations used\nto persist authentication credentials across Mail Intake components.\n\nThe credential persistence layer is intentionally decoupled from\nauthentication logic. Authentication providers are responsible for\ncredential acquisition, validation, and refresh, while implementations\nwithin this package are responsible solely for storage and retrieval.\n\nThe package provides:\n- A generic ``CredentialStore`` abstraction defining the persistence contract\n- Local filesystem–based storage for development and single-node use\n- Distributed, Redis-backed storage for production and scaled deployments\n\nCredential lifecycle management, interpretation, and security policy\ndecisions remain the responsibility of authentication providers.\n\n---\n\n## Public API\n\n CredentialStore\n PickleCredentialStore\n RedisCredentialStore\n\n---",
|
||||
"docstring": "# Summary\n\nCredential persistence interfaces and implementations for Mail Intake.\n\nThis package defines the abstractions and concrete implementations used\nto persist authentication credentials across Mail Intake components.\n\nThe credential persistence layer is intentionally decoupled from\nauthentication logic. Authentication providers are responsible for\ncredential acquisition, validation, and refresh, while implementations\nwithin this package are responsible solely for storage and retrieval.\n\nThe package provides:\n\n- A generic `CredentialStore` abstraction defining the persistence contract.\n- Local filesystem–based storage for development and single-node use.\n- Distributed, Redis-backed storage for production and scaled deployments.\n\nCredential lifecycle management, interpretation, and security policy\ndecisions remain the responsibility of authentication providers.\n\n---\n\n# Public API\n\n- `CredentialStore`\n- `PickleCredentialStore`\n- `RedisCredentialStore`\n\n---",
|
||||
"objects": {
|
||||
"CredentialStore": {
|
||||
"name": "CredentialStore",
|
||||
"kind": "class",
|
||||
"path": "mail_intake.credentials.CredentialStore",
|
||||
"signature": "<bound method Alias.signature of Alias('CredentialStore', 'mail_intake.credentials.store.CredentialStore')>",
|
||||
"docstring": "Abstract base class defining a generic persistence interface for\nauthentication credentials.\n\nNotes:\n **Responsibilities:**\n\n - Provide persistent storage separating life-cycle management from storage mechanics\n - Keep implementation focused only on persistence\n \n **Constraints:**\n \n - The store is intentionally agnostic to:\n - The concrete credential type being stored\n - The serialization format used to persist credentials\n - The underlying storage backend or durability guarantees",
|
||||
"docstring": "Abstract base class defining a generic persistence interface.\n\nUsed for authentication credentials across different backends.\n\nNotes:\n **Responsibilities:**\n\n - Provide persistent storage separating life-cycle management from\n storage mechanics.\n - Keep implementation focused only on persistence.\n\n **Constraints:**\n\n - The store is intentionally agnostic to:\n - The concrete credential type being stored.\n - The serialization format used to persist credentials.\n - The underlying storage backend or durability guarantees.",
|
||||
"members": {
|
||||
"load": {
|
||||
"name": "load",
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.CredentialStore.load",
|
||||
"signature": "<bound method Alias.signature of Alias('load', 'mail_intake.credentials.store.CredentialStore.load')>",
|
||||
"docstring": "Load previously persisted credentials.\n\nReturns:\n Optional[T]:\n An instance of type ``T`` if credentials are available and\n loadable; otherwise ``None``.\n\nNotes:\n **Guarantees:**\n\n - Implementations should return ``None`` when no credentials are present or when stored credentials cannot be successfully decoded or deserialized\n - The store must not attempt to validate, refresh, or otherwise interpret the returned credentials"
|
||||
"docstring": "Load previously persisted credentials.\n\nReturns:\n Optional[T]:\n An instance of type `T` if credentials are available and\n loadable; otherwise `None`.\n\nNotes:\n **Guarantees:**\n\n - Implementations should return `None` when no credentials are\n present or when stored credentials cannot be successfully\n decoded or deserialized.\n - The store must not attempt to validate, refresh, or otherwise\n interpret the returned credentials."
|
||||
},
|
||||
"save": {
|
||||
"name": "save",
|
||||
@@ -39,7 +39,7 @@
|
||||
"kind": "class",
|
||||
"path": "mail_intake.credentials.PickleCredentialStore",
|
||||
"signature": "<bound method Alias.signature of Alias('PickleCredentialStore', 'mail_intake.credentials.pickle.PickleCredentialStore')>",
|
||||
"docstring": "Filesystem-backed credential store using pickle serialization.\n\nThis store persists credentials as a pickled object on the local\nfilesystem. It is a simple implementation intended primarily for\ndevelopment, testing, and single-process execution contexts.\n\nNotes:\n **Guarantees:**\n\n - Stores credentials on the local filesystem\n - Uses pickle for serialization and deserialization\n - Does not provide encryption, locking, or concurrency guarantees\n\n **Constraints:**\n \n - Credential lifecycle management, validation, and refresh logic are explicitly out of scope for this class",
|
||||
"docstring": "Filesystem-backed credential store using pickle serialization.\n\nThis store persists credentials as a pickled object on the local\nfilesystem. It is a simple implementation intended primarily for\ndevelopment, testing, and single-process execution contexts.\n\nNotes:\n **Guarantees:**\n\n - Stores credentials on the local filesystem.\n - Uses `pickle` for serialization and deserialization.\n - Does not provide encryption, locking, or concurrency guarantees.\n\n **Constraints:**\n\n - Credential lifecycle management, validation, and refresh logic are\n explicitly out of scope for this class.",
|
||||
"members": {
|
||||
"path": {
|
||||
"name": "path",
|
||||
@@ -53,7 +53,7 @@
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.PickleCredentialStore.load",
|
||||
"signature": "<bound method Alias.signature of Alias('load', 'mail_intake.credentials.pickle.PickleCredentialStore.load')>",
|
||||
"docstring": "Load credentials from the local filesystem.\n\nReturns:\n Optional[T]:\n An instance of type ``T`` if credentials are present and\n successfully deserialized; otherwise ``None``.\n\nNotes:\n **Guarantees:**\n\n - If the credential file does not exist or cannot be successfully deserialized, this method returns ``None``\n - The store does not attempt to validate or interpret the returned credentials"
|
||||
"docstring": "Load credentials from the local filesystem.\n\nReturns:\n Optional[T]:\n An instance of type `T` if credentials are present and\n successfully deserialized; otherwise `None`.\n\nNotes:\n **Guarantees:**\n\n - If the credential file does not exist or cannot be successfully\n deserialized, this method returns `None`.\n - The store does not attempt to validate or interpret the\n returned credentials."
|
||||
},
|
||||
"save": {
|
||||
"name": "save",
|
||||
@@ -76,7 +76,7 @@
|
||||
"kind": "class",
|
||||
"path": "mail_intake.credentials.RedisCredentialStore",
|
||||
"signature": "<bound method Alias.signature of Alias('RedisCredentialStore', 'mail_intake.credentials.redis.RedisCredentialStore')>",
|
||||
"docstring": "Redis-backed implementation of ``CredentialStore``.\n\nThis store persists credentials in Redis and is suitable for\ndistributed and horizontally scaled deployments where credentials\nmust be shared across multiple processes or nodes.\n\nNotes:\n **Responsibilities:**\n\n - This class is responsible only for persistence and retrieval\n - It does not interpret, validate, refresh, or otherwise manage the lifecycle of the credentials being stored\n\n **Guarantees:**\n\n - The store is intentionally generic and delegates all serialization concerns to caller-provided functions\n - This avoids unsafe mechanisms such as pickle and allows credential formats to be explicitly controlled and audited",
|
||||
"docstring": "Redis-backed implementation of `CredentialStore`.\n\nThis store persists credentials in Redis and is suitable for\ndistributed and horizontally scaled deployments where credentials\nmust be shared across multiple processes or nodes.\n\nNotes:\n **Responsibilities:**\n\n - This class is responsible only for persistence and retrieval.\n - It does not interpret, validate, refresh, or otherwise manage the\n lifecycle of the credentials being stored.\n\n **Guarantees:**\n\n - The store is intentionally generic and delegates all serialization\n concerns to caller-provided functions.\n - This avoids unsafe mechanisms such as `pickle` and allows\n credential formats to be explicitly controlled and audited.",
|
||||
"members": {
|
||||
"redis": {
|
||||
"name": "redis",
|
||||
@@ -118,7 +118,7 @@
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.RedisCredentialStore.load",
|
||||
"signature": "<bound method Alias.signature of Alias('load', 'mail_intake.credentials.redis.RedisCredentialStore.load')>",
|
||||
"docstring": "Load credentials from Redis.\n\nReturns:\n Optional[T]:\n An instance of type ``T`` if credentials are present and\n successfully deserialized; otherwise ``None``.\n\nNotes:\n **Guarantees:**\n\n - If no value exists for the configured key, or if the stored payload cannot be successfully deserialized, this method returns ``None``\n - The store does not attempt to validate the returned credentials or determine whether they are expired or otherwise usable"
|
||||
"docstring": "Load credentials from Redis.\n\nReturns:\n Optional[T]:\n An instance of type `T` if credentials are present and\n successfully deserialized; otherwise `None`.\n\nNotes:\n **Guarantees:**\n\n - If no value exists for the configured key, or if the stored\n payload cannot be successfully deserialized, this method\n returns `None`.\n - The store does not attempt to validate the returned\n credentials or determine whether they are expired or\n otherwise usable."
|
||||
},
|
||||
"save": {
|
||||
"name": "save",
|
||||
@@ -141,7 +141,7 @@
|
||||
"kind": "module",
|
||||
"path": "mail_intake.credentials.pickle",
|
||||
"signature": null,
|
||||
"docstring": "Local filesystem–based credential persistence for Mail Intake.\n\n---\n\n## Summary\n\nThis module provides a file-backed implementation of the\n``CredentialStore`` abstraction using Python's ``pickle`` module.\n\nThe pickle-based credential store is intended for local development,\nsingle-node deployments, and controlled environments where credentials\ndo not need to be shared across processes or machines.\n\nDue to the security and portability risks associated with pickle-based\nserialization, this implementation is not suitable for distributed or\nuntrusted environments.",
|
||||
"docstring": "# Summary\n\nLocal filesystem–based credential persistence for Mail Intake.\n\nThis module provides a file-backed implementation of the\n`CredentialStore` abstraction using Python's `pickle` module.\n\nThe `pickle`-based credential store is intended for local development,\nsingle-node deployments, and controlled environments where credentials\ndo not need to be shared across processes or machines.\n\nDue to the security and portability risks associated with `pickle`-based\nserialization, this implementation is not suitable for distributed or\nuntrusted environments.",
|
||||
"members": {
|
||||
"pickle": {
|
||||
"name": "pickle",
|
||||
@@ -169,14 +169,14 @@
|
||||
"kind": "class",
|
||||
"path": "mail_intake.credentials.pickle.CredentialStore",
|
||||
"signature": "<bound method Alias.signature of Alias('CredentialStore', 'mail_intake.credentials.store.CredentialStore')>",
|
||||
"docstring": "Abstract base class defining a generic persistence interface for\nauthentication credentials.\n\nNotes:\n **Responsibilities:**\n\n - Provide persistent storage separating life-cycle management from storage mechanics\n - Keep implementation focused only on persistence\n \n **Constraints:**\n \n - The store is intentionally agnostic to:\n - The concrete credential type being stored\n - The serialization format used to persist credentials\n - The underlying storage backend or durability guarantees",
|
||||
"docstring": "Abstract base class defining a generic persistence interface.\n\nUsed for authentication credentials across different backends.\n\nNotes:\n **Responsibilities:**\n\n - Provide persistent storage separating life-cycle management from\n storage mechanics.\n - Keep implementation focused only on persistence.\n\n **Constraints:**\n\n - The store is intentionally agnostic to:\n - The concrete credential type being stored.\n - The serialization format used to persist credentials.\n - The underlying storage backend or durability guarantees.",
|
||||
"members": {
|
||||
"load": {
|
||||
"name": "load",
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.pickle.CredentialStore.load",
|
||||
"signature": "<bound method Alias.signature of Alias('load', 'mail_intake.credentials.store.CredentialStore.load')>",
|
||||
"docstring": "Load previously persisted credentials.\n\nReturns:\n Optional[T]:\n An instance of type ``T`` if credentials are available and\n loadable; otherwise ``None``.\n\nNotes:\n **Guarantees:**\n\n - Implementations should return ``None`` when no credentials are present or when stored credentials cannot be successfully decoded or deserialized\n - The store must not attempt to validate, refresh, or otherwise interpret the returned credentials"
|
||||
"docstring": "Load previously persisted credentials.\n\nReturns:\n Optional[T]:\n An instance of type `T` if credentials are available and\n loadable; otherwise `None`.\n\nNotes:\n **Guarantees:**\n\n - Implementations should return `None` when no credentials are\n present or when stored credentials cannot be successfully\n decoded or deserialized.\n - The store must not attempt to validate, refresh, or otherwise\n interpret the returned credentials."
|
||||
},
|
||||
"save": {
|
||||
"name": "save",
|
||||
@@ -205,8 +205,8 @@
|
||||
"name": "PickleCredentialStore",
|
||||
"kind": "class",
|
||||
"path": "mail_intake.credentials.pickle.PickleCredentialStore",
|
||||
"signature": "<bound method Class.signature of Class('PickleCredentialStore', 28, 108)>",
|
||||
"docstring": "Filesystem-backed credential store using pickle serialization.\n\nThis store persists credentials as a pickled object on the local\nfilesystem. It is a simple implementation intended primarily for\ndevelopment, testing, and single-process execution contexts.\n\nNotes:\n **Guarantees:**\n\n - Stores credentials on the local filesystem\n - Uses pickle for serialization and deserialization\n - Does not provide encryption, locking, or concurrency guarantees\n\n **Constraints:**\n \n - Credential lifecycle management, validation, and refresh logic are explicitly out of scope for this class",
|
||||
"signature": "<bound method Class.signature of Class('PickleCredentialStore', 26, 109)>",
|
||||
"docstring": "Filesystem-backed credential store using pickle serialization.\n\nThis store persists credentials as a pickled object on the local\nfilesystem. It is a simple implementation intended primarily for\ndevelopment, testing, and single-process execution contexts.\n\nNotes:\n **Guarantees:**\n\n - Stores credentials on the local filesystem.\n - Uses `pickle` for serialization and deserialization.\n - Does not provide encryption, locking, or concurrency guarantees.\n\n **Constraints:**\n\n - Credential lifecycle management, validation, and refresh logic are\n explicitly out of scope for this class.",
|
||||
"members": {
|
||||
"path": {
|
||||
"name": "path",
|
||||
@@ -219,21 +219,21 @@
|
||||
"name": "load",
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.pickle.PickleCredentialStore.load",
|
||||
"signature": "<bound method Function.signature of Function('load', 59, 78)>",
|
||||
"docstring": "Load credentials from the local filesystem.\n\nReturns:\n Optional[T]:\n An instance of type ``T`` if credentials are present and\n successfully deserialized; otherwise ``None``.\n\nNotes:\n **Guarantees:**\n\n - If the credential file does not exist or cannot be successfully deserialized, this method returns ``None``\n - The store does not attempt to validate or interpret the returned credentials"
|
||||
"signature": "<bound method Function.signature of Function('load', 58, 79)>",
|
||||
"docstring": "Load credentials from the local filesystem.\n\nReturns:\n Optional[T]:\n An instance of type `T` if credentials are present and\n successfully deserialized; otherwise `None`.\n\nNotes:\n **Guarantees:**\n\n - If the credential file does not exist or cannot be successfully\n deserialized, this method returns `None`.\n - The store does not attempt to validate or interpret the\n returned credentials."
|
||||
},
|
||||
"save": {
|
||||
"name": "save",
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.pickle.PickleCredentialStore.save",
|
||||
"signature": "<bound method Function.signature of Function('save', 80, 94)>",
|
||||
"signature": "<bound method Function.signature of Function('save', 81, 95)>",
|
||||
"docstring": "Persist credentials to the local filesystem.\n\nArgs:\n credentials (T):\n The credential object to persist.\n\nNotes:\n **Responsibilities:**\n\n - Any previously stored credentials at the configured path are overwritten"
|
||||
},
|
||||
"clear": {
|
||||
"name": "clear",
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.pickle.PickleCredentialStore.clear",
|
||||
"signature": "<bound method Function.signature of Function('clear', 96, 108)>",
|
||||
"signature": "<bound method Function.signature of Function('clear', 97, 109)>",
|
||||
"docstring": "Remove persisted credentials from the local filesystem.\n\nNotes:\n **Lifecycle:**\n\n - This method deletes the credential file if it exists and should be treated as an idempotent operation"
|
||||
}
|
||||
}
|
||||
@@ -245,7 +245,7 @@
|
||||
"kind": "module",
|
||||
"path": "mail_intake.credentials.redis",
|
||||
"signature": null,
|
||||
"docstring": "Redis-backed credential persistence for Mail Intake.\n\n---\n\n## Summary\n\nThis module provides a Redis-based implementation of the\n``CredentialStore`` abstraction, enabling credential persistence\nacross distributed and horizontally scaled deployments.\n\nThe Redis credential store is designed for environments where\nauthentication credentials must be shared safely across multiple\nprocesses, containers, or nodes, such as container orchestration\nplatforms and microservice architectures.\n\nKey characteristics:\n- Distributed-safe, shared storage using Redis\n- Explicit, caller-defined serialization and deserialization\n- No reliance on unsafe mechanisms such as pickle\n- Optional time-to-live (TTL) support for automatic credential expiry\n\nThis module is responsible solely for persistence concerns.\nCredential validation, refresh, rotation, and acquisition remain the\nresponsibility of authentication provider implementations.",
|
||||
"docstring": "# Summary\n\nRedis-backed credential persistence for Mail Intake.\n\nThis module provides a Redis-based implementation of the\n`CredentialStore` abstraction, enabling credential persistence\nacross distributed and horizontally scaled deployments.\n\nThe Redis credential store is designed for environments where\nauthentication credentials must be shared safely across multiple\nprocesses, containers, or nodes, such as container orchestration\nplatforms and microservice architectures.\n\nKey characteristics:\n\n- Distributed-safe, shared storage using Redis.\n- Explicit, caller-defined serialization and deserialization.\n- No reliance on unsafe mechanisms such as `pickle`.\n- Optional time-to-live (TTL) support for automatic credential expiry.\n\nThis module is responsible solely for persistence concerns.\nCredential validation, refresh, rotation, and acquisition remain the\nresponsibility of authentication provider implementations.",
|
||||
"members": {
|
||||
"Optional": {
|
||||
"name": "Optional",
|
||||
@@ -273,14 +273,14 @@
|
||||
"kind": "class",
|
||||
"path": "mail_intake.credentials.redis.CredentialStore",
|
||||
"signature": "<bound method Alias.signature of Alias('CredentialStore', 'mail_intake.credentials.store.CredentialStore')>",
|
||||
"docstring": "Abstract base class defining a generic persistence interface for\nauthentication credentials.\n\nNotes:\n **Responsibilities:**\n\n - Provide persistent storage separating life-cycle management from storage mechanics\n - Keep implementation focused only on persistence\n \n **Constraints:**\n \n - The store is intentionally agnostic to:\n - The concrete credential type being stored\n - The serialization format used to persist credentials\n - The underlying storage backend or durability guarantees",
|
||||
"docstring": "Abstract base class defining a generic persistence interface.\n\nUsed for authentication credentials across different backends.\n\nNotes:\n **Responsibilities:**\n\n - Provide persistent storage separating life-cycle management from\n storage mechanics.\n - Keep implementation focused only on persistence.\n\n **Constraints:**\n\n - The store is intentionally agnostic to:\n - The concrete credential type being stored.\n - The serialization format used to persist credentials.\n - The underlying storage backend or durability guarantees.",
|
||||
"members": {
|
||||
"load": {
|
||||
"name": "load",
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.redis.CredentialStore.load",
|
||||
"signature": "<bound method Alias.signature of Alias('load', 'mail_intake.credentials.store.CredentialStore.load')>",
|
||||
"docstring": "Load previously persisted credentials.\n\nReturns:\n Optional[T]:\n An instance of type ``T`` if credentials are available and\n loadable; otherwise ``None``.\n\nNotes:\n **Guarantees:**\n\n - Implementations should return ``None`` when no credentials are present or when stored credentials cannot be successfully decoded or deserialized\n - The store must not attempt to validate, refresh, or otherwise interpret the returned credentials"
|
||||
"docstring": "Load previously persisted credentials.\n\nReturns:\n Optional[T]:\n An instance of type `T` if credentials are available and\n loadable; otherwise `None`.\n\nNotes:\n **Guarantees:**\n\n - Implementations should return `None` when no credentials are\n present or when stored credentials cannot be successfully\n decoded or deserialized.\n - The store must not attempt to validate, refresh, or otherwise\n interpret the returned credentials."
|
||||
},
|
||||
"save": {
|
||||
"name": "save",
|
||||
@@ -309,8 +309,8 @@
|
||||
"name": "RedisCredentialStore",
|
||||
"kind": "class",
|
||||
"path": "mail_intake.credentials.redis.RedisCredentialStore",
|
||||
"signature": "<bound method Class.signature of Class('RedisCredentialStore', 36, 142)>",
|
||||
"docstring": "Redis-backed implementation of ``CredentialStore``.\n\nThis store persists credentials in Redis and is suitable for\ndistributed and horizontally scaled deployments where credentials\nmust be shared across multiple processes or nodes.\n\nNotes:\n **Responsibilities:**\n\n - This class is responsible only for persistence and retrieval\n - It does not interpret, validate, refresh, or otherwise manage the lifecycle of the credentials being stored\n\n **Guarantees:**\n\n - The store is intentionally generic and delegates all serialization concerns to caller-provided functions\n - This avoids unsafe mechanisms such as pickle and allows credential formats to be explicitly controlled and audited",
|
||||
"signature": "<bound method Class.signature of Class('RedisCredentialStore', 35, 148)>",
|
||||
"docstring": "Redis-backed implementation of `CredentialStore`.\n\nThis store persists credentials in Redis and is suitable for\ndistributed and horizontally scaled deployments where credentials\nmust be shared across multiple processes or nodes.\n\nNotes:\n **Responsibilities:**\n\n - This class is responsible only for persistence and retrieval.\n - It does not interpret, validate, refresh, or otherwise manage the\n lifecycle of the credentials being stored.\n\n **Guarantees:**\n\n - The store is intentionally generic and delegates all serialization\n concerns to caller-provided functions.\n - This avoids unsafe mechanisms such as `pickle` and allows\n credential formats to be explicitly controlled and audited.",
|
||||
"members": {
|
||||
"redis": {
|
||||
"name": "redis",
|
||||
@@ -351,21 +351,21 @@
|
||||
"name": "load",
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.redis.RedisCredentialStore.load",
|
||||
"signature": "<bound method Function.signature of Function('load', 89, 110)>",
|
||||
"docstring": "Load credentials from Redis.\n\nReturns:\n Optional[T]:\n An instance of type ``T`` if credentials are present and\n successfully deserialized; otherwise ``None``.\n\nNotes:\n **Guarantees:**\n\n - If no value exists for the configured key, or if the stored payload cannot be successfully deserialized, this method returns ``None``\n - The store does not attempt to validate the returned credentials or determine whether they are expired or otherwise usable"
|
||||
"signature": "<bound method Function.signature of Function('load', 91, 116)>",
|
||||
"docstring": "Load credentials from Redis.\n\nReturns:\n Optional[T]:\n An instance of type `T` if credentials are present and\n successfully deserialized; otherwise `None`.\n\nNotes:\n **Guarantees:**\n\n - If no value exists for the configured key, or if the stored\n payload cannot be successfully deserialized, this method\n returns `None`.\n - The store does not attempt to validate the returned\n credentials or determine whether they are expired or\n otherwise usable."
|
||||
},
|
||||
"save": {
|
||||
"name": "save",
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.redis.RedisCredentialStore.save",
|
||||
"signature": "<bound method Function.signature of Function('save', 112, 130)>",
|
||||
"signature": "<bound method Function.signature of Function('save', 118, 136)>",
|
||||
"docstring": "Persist credentials to Redis.\n\nArgs:\n credentials (T):\n The credential object to persist.\n\nNotes:\n **Responsibilities:**\n\n - Any previously stored credentials under the same key are overwritten\n - If a TTL is configured, the credentials will expire automatically after the specified duration"
|
||||
},
|
||||
"clear": {
|
||||
"name": "clear",
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.redis.RedisCredentialStore.clear",
|
||||
"signature": "<bound method Function.signature of Function('clear', 132, 142)>",
|
||||
"signature": "<bound method Function.signature of Function('clear', 138, 148)>",
|
||||
"docstring": "Remove stored credentials from Redis.\n\nNotes:\n **Lifecycle:**\n\n - This operation deletes the configured Redis key if it exists\n - Implementations should treat this method as idempotent"
|
||||
}
|
||||
}
|
||||
@@ -384,7 +384,7 @@
|
||||
"kind": "module",
|
||||
"path": "mail_intake.credentials.store",
|
||||
"signature": null,
|
||||
"docstring": "Credential persistence abstractions for Mail Intake.\n\n---\n\n## Summary\n\nThis module defines the generic persistence contract used to store and\nretrieve authentication credentials across Mail Intake components.\n\nThe ``CredentialStore`` abstraction establishes a strict separation\nbetween credential *lifecycle management* and credential *storage*.\nAuthentication providers are responsible for acquiring, validating,\nrefreshing, and revoking credentials, while concrete store\nimplementations are responsible solely for persistence concerns.\n\nBy remaining agnostic to credential structure, serialization format,\nand storage backend, this module enables multiple persistence\nstrategies—such as local files, in-memory caches, distributed stores,\nor secrets managers—without coupling authentication logic to any\nspecific storage mechanism.",
|
||||
"docstring": "# Summary\n\nCredential persistence abstractions for Mail Intake.\n\nThis module defines the generic persistence contract used to store and\nretrieve authentication credentials across Mail Intake components.\n\nThe `CredentialStore` abstraction establishes a strict separation\nbetween credential *lifecycle management* and credential *storage*.\nAuthentication providers are responsible for acquiring, validating,\nrefreshing, and revoking credentials, while concrete store\nimplementations are responsible solely for persistence concerns.\n\nBy remaining agnostic to credential structure, serialization format,\nand storage backend, this module enables multiple persistence\nstrategies—such as local files, in-memory caches, distributed stores,\nor secrets managers—without coupling authentication logic to any\nspecific storage mechanism.",
|
||||
"members": {
|
||||
"ABC": {
|
||||
"name": "ABC",
|
||||
@@ -432,28 +432,28 @@
|
||||
"name": "CredentialStore",
|
||||
"kind": "class",
|
||||
"path": "mail_intake.credentials.store.CredentialStore",
|
||||
"signature": "<bound method Class.signature of Class('CredentialStore', 31, 102)>",
|
||||
"docstring": "Abstract base class defining a generic persistence interface for\nauthentication credentials.\n\nNotes:\n **Responsibilities:**\n\n - Provide persistent storage separating life-cycle management from storage mechanics\n - Keep implementation focused only on persistence\n \n **Constraints:**\n \n - The store is intentionally agnostic to:\n - The concrete credential type being stored\n - The serialization format used to persist credentials\n - The underlying storage backend or durability guarantees",
|
||||
"signature": "<bound method Class.signature of Class('CredentialStore', 29, 105)>",
|
||||
"docstring": "Abstract base class defining a generic persistence interface.\n\nUsed for authentication credentials across different backends.\n\nNotes:\n **Responsibilities:**\n\n - Provide persistent storage separating life-cycle management from\n storage mechanics.\n - Keep implementation focused only on persistence.\n\n **Constraints:**\n\n - The store is intentionally agnostic to:\n - The concrete credential type being stored.\n - The serialization format used to persist credentials.\n - The underlying storage backend or durability guarantees.",
|
||||
"members": {
|
||||
"load": {
|
||||
"name": "load",
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.store.CredentialStore.load",
|
||||
"signature": "<bound method Function.signature of Function('load', 50, 65)>",
|
||||
"docstring": "Load previously persisted credentials.\n\nReturns:\n Optional[T]:\n An instance of type ``T`` if credentials are available and\n loadable; otherwise ``None``.\n\nNotes:\n **Guarantees:**\n\n - Implementations should return ``None`` when no credentials are present or when stored credentials cannot be successfully decoded or deserialized\n - The store must not attempt to validate, refresh, or otherwise interpret the returned credentials"
|
||||
"signature": "<bound method Function.signature of Function('load', 50, 68)>",
|
||||
"docstring": "Load previously persisted credentials.\n\nReturns:\n Optional[T]:\n An instance of type `T` if credentials are available and\n loadable; otherwise `None`.\n\nNotes:\n **Guarantees:**\n\n - Implementations should return `None` when no credentials are\n present or when stored credentials cannot be successfully\n decoded or deserialized.\n - The store must not attempt to validate, refresh, or otherwise\n interpret the returned credentials."
|
||||
},
|
||||
"save": {
|
||||
"name": "save",
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.store.CredentialStore.save",
|
||||
"signature": "<bound method Function.signature of Function('save', 67, 86)>",
|
||||
"signature": "<bound method Function.signature of Function('save', 70, 89)>",
|
||||
"docstring": "Persist credentials to the underlying storage backend.\n\nArgs:\n credentials (T):\n The credential object to persist.\n\nNotes:\n **Lifecycle:**\n\n - This method is invoked when credentials are newly obtained or have been refreshed and are known to be valid at the time of persistence\n\n **Responsibilities:**\n\n - Ensuring durability appropriate to the deployment context\n - Applying encryption or access controls where required\n - Overwriting any previously stored credentials"
|
||||
},
|
||||
"clear": {
|
||||
"name": "clear",
|
||||
"kind": "function",
|
||||
"path": "mail_intake.credentials.store.CredentialStore.clear",
|
||||
"signature": "<bound method Function.signature of Function('clear', 88, 102)>",
|
||||
"signature": "<bound method Function.signature of Function('clear', 91, 105)>",
|
||||
"docstring": "Remove any persisted credentials from the store.\n\nNotes:\n **Lifecycle:**\n\n - This method is called when credentials are known to be invalid, revoked, corrupted, or otherwise unusable\n - Must ensure that no stale authentication material remains accessible\n\n **Guarantees:**\n\n - Implementations should treat this operation as idempotent"
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user