mail-intake/mcp_docs/modules/mail_intake.credentials.redis.json

{
  "module": "mail_intake.credentials.redis",
  "content": {
    "path": "mail_intake.credentials.redis",
    "docstring": "Redis-backed credential persistence for Mail Intake.\n\nThis module provides a Redis-based implementation of the\n``CredentialStore`` abstraction, enabling credential persistence\nacross distributed and horizontally scaled deployments.\n\nThe Redis credential store is designed for environments where\nauthentication credentials must be shared safely across multiple\nprocesses, containers, or nodes, such as container orchestration\nplatforms and microservice architectures.\n\nKey characteristics:\n- Distributed-safe, shared storage using Redis\n- Explicit, caller-defined serialization and deserialization\n- No reliance on unsafe mechanisms such as pickle\n- Optional time-to-live (TTL) support for automatic credential expiry\n\nThis module is responsible solely for persistence concerns.\nCredential validation, refresh, rotation, and acquisition remain the\nresponsibility of authentication provider implementations.",
    "objects": {
      "Optional": {
        "name": "Optional",
        "kind": "alias",
        "path": "mail_intake.credentials.redis.Optional",
        "signature": "<bound method Alias.signature of Alias('Optional', 'typing.Optional')>",
        "docstring": null
      },
      "TypeVar": {
        "name": "TypeVar",
        "kind": "alias",
        "path": "mail_intake.credentials.redis.TypeVar",
        "signature": "<bound method Alias.signature of Alias('TypeVar', 'typing.TypeVar')>",
        "docstring": null
      },
      "Callable": {
        "name": "Callable",
        "kind": "alias",
        "path": "mail_intake.credentials.redis.Callable",
        "signature": "<bound method Alias.signature of Alias('Callable', 'typing.Callable')>",
        "docstring": null
      },
      "CredentialStore": {
        "name": "CredentialStore",
        "kind": "class",
        "path": "mail_intake.credentials.redis.CredentialStore",
        "signature": "<bound method Alias.signature of Alias('CredentialStore', 'mail_intake.credentials.store.CredentialStore')>",
        "docstring": "Abstract base class defining a generic persistence interface for\nauthentication credentials.\n\nThis interface separates *credential lifecycle management* from\n*credential storage mechanics*. Implementations are responsible\nonly for persistence concerns, while authentication providers\nretain full control over credential creation, validation, refresh,\nand revocation logic.\n\nThe store is intentionally agnostic to:\n- The concrete credential type being stored\n- The serialization format used to persist credentials\n- The underlying storage backend or durability guarantees",
        "members": {
          "load": {
            "name": "load",
            "kind": "function",
            "path": "mail_intake.credentials.redis.CredentialStore.load",
            "signature": "<bound method Alias.signature of Alias('load', 'mail_intake.credentials.store.CredentialStore.load')>",
            "docstring": "Load previously persisted credentials.\n\nImplementations should return ``None`` when no credentials are\npresent or when stored credentials cannot be successfully\ndecoded or deserialized.\n\nThe store must not attempt to validate, refresh, or otherwise\ninterpret the returned credentials.\n\nReturns:\n    An instance of type ``T`` if credentials are available and\n    loadable; otherwise ``None``."
          },
          "save": {
            "name": "save",
            "kind": "function",
            "path": "mail_intake.credentials.redis.CredentialStore.save",
            "signature": "<bound method Alias.signature of Alias('save', 'mail_intake.credentials.store.CredentialStore.save')>",
            "docstring": "Persist credentials to the underlying storage backend.\n\nThis method is invoked when credentials are newly obtained or\nhave been refreshed and are known to be valid at the time of\npersistence.\n\nImplementations are responsible for:\n- Ensuring durability appropriate to the deployment context\n- Applying encryption or access controls where required\n- Overwriting any previously stored credentials\n\nArgs:\n    credentials:\n        The credential object to persist."
          },
          "clear": {
            "name": "clear",
            "kind": "function",
            "path": "mail_intake.credentials.redis.CredentialStore.clear",
            "signature": "<bound method Alias.signature of Alias('clear', 'mail_intake.credentials.store.CredentialStore.clear')>",
            "docstring": "Remove any persisted credentials from the store.\n\nThis method is called when credentials are known to be invalid,\nrevoked, corrupted, or otherwise unusable, and must ensure that\nno stale authentication material remains accessible.\n\nImplementations should treat this operation as idempotent."
          }
        }
      },
      "T": {
        "name": "T",
        "kind": "attribute",
        "path": "mail_intake.credentials.redis.T",
        "signature": null,
        "docstring": null
      },
      "RedisCredentialStore": {
        "name": "RedisCredentialStore",
        "kind": "class",
        "path": "mail_intake.credentials.redis.RedisCredentialStore",
        "signature": "<bound method Class.signature of Class('RedisCredentialStore', 32, 142)>",
        "docstring": "Redis-backed implementation of ``CredentialStore``.\n\nThis store persists credentials in Redis and is suitable for\ndistributed and horizontally scaled deployments where credentials\nmust be shared across multiple processes or nodes.\n\nThe store is intentionally generic and delegates all serialization\nconcerns to caller-provided functions. This avoids unsafe mechanisms\nsuch as pickle and allows credential formats to be explicitly\ncontrolled and audited.\n\nThis class is responsible only for persistence and retrieval.\nIt does not interpret, validate, refresh, or otherwise manage\nthe lifecycle of the credentials being stored.",
        "members": {
          "redis": {
            "name": "redis",
            "kind": "attribute",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.redis",
            "signature": null,
            "docstring": null
          },
          "key": {
            "name": "key",
            "kind": "attribute",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.key",
            "signature": null,
            "docstring": null
          },
          "serialize": {
            "name": "serialize",
            "kind": "attribute",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.serialize",
            "signature": null,
            "docstring": null
          },
          "deserialize": {
            "name": "deserialize",
            "kind": "attribute",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.deserialize",
            "signature": null,
            "docstring": null
          },
          "ttl_seconds": {
            "name": "ttl_seconds",
            "kind": "attribute",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.ttl_seconds",
            "signature": null,
            "docstring": null
          },
          "load": {
            "name": "load",
            "kind": "function",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.load",
            "signature": "<bound method Function.signature of Function('load', 94, 115)>",
            "docstring": "Load credentials from Redis.\n\nIf no value exists for the configured key, or if the stored\npayload cannot be successfully deserialized, this method\nreturns ``None``.\n\nThe store does not attempt to validate the returned credentials\nor determine whether they are expired or otherwise usable.\n\nReturns:\n    An instance of type ``T`` if credentials are present and\n    successfully deserialized; otherwise ``None``."
          },
          "save": {
            "name": "save",
            "kind": "function",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.save",
            "signature": "<bound method Function.signature of Function('save', 117, 133)>",
            "docstring": "Persist credentials to Redis.\n\nAny previously stored credentials under the same key are\noverwritten. If a TTL is configured, the credentials will\nexpire automatically after the specified duration.\n\nArgs:\n    credentials:\n        The credential object to persist."
          },
          "clear": {
            "name": "clear",
            "kind": "function",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.clear",
            "signature": "<bound method Function.signature of Function('clear', 135, 142)>",
            "docstring": "Remove stored credentials from Redis.\n\nThis operation deletes the configured Redis key if it exists.\nImplementations should treat this method as idempotent."
          }
        }
      },
      "Any": {
        "name": "Any",
        "kind": "alias",
        "path": "mail_intake.credentials.redis.Any",
        "signature": "<bound method Alias.signature of Alias('Any', 'typing.Any')>",
        "docstring": null
      }
    }
  }
}