mail-intake/mcp_docs/modules/mail_intake.credentials.redis.json

{
  "module": "mail_intake.credentials.redis",
  "content": {
    "path": "mail_intake.credentials.redis",
    "docstring": "Redis-backed credential persistence for Mail Intake.\n\n---\n\n## Summary\n\nThis module provides a Redis-based implementation of the\n``CredentialStore`` abstraction, enabling credential persistence\nacross distributed and horizontally scaled deployments.\n\nThe Redis credential store is designed for environments where\nauthentication credentials must be shared safely across multiple\nprocesses, containers, or nodes, such as container orchestration\nplatforms and microservice architectures.\n\nKey characteristics:\n- Distributed-safe, shared storage using Redis\n- Explicit, caller-defined serialization and deserialization\n- No reliance on unsafe mechanisms such as pickle\n- Optional time-to-live (TTL) support for automatic credential expiry\n\nThis module is responsible solely for persistence concerns.\nCredential validation, refresh, rotation, and acquisition remain the\nresponsibility of authentication provider implementations.",
    "objects": {
      "Optional": {
        "name": "Optional",
        "kind": "alias",
        "path": "mail_intake.credentials.redis.Optional",
        "signature": "<bound method Alias.signature of Alias('Optional', 'typing.Optional')>",
        "docstring": null
      },
      "TypeVar": {
        "name": "TypeVar",
        "kind": "alias",
        "path": "mail_intake.credentials.redis.TypeVar",
        "signature": "<bound method Alias.signature of Alias('TypeVar', 'typing.TypeVar')>",
        "docstring": null
      },
      "Callable": {
        "name": "Callable",
        "kind": "alias",
        "path": "mail_intake.credentials.redis.Callable",
        "signature": "<bound method Alias.signature of Alias('Callable', 'typing.Callable')>",
        "docstring": null
      },
      "CredentialStore": {
        "name": "CredentialStore",
        "kind": "class",
        "path": "mail_intake.credentials.redis.CredentialStore",
        "signature": "<bound method Alias.signature of Alias('CredentialStore', 'mail_intake.credentials.store.CredentialStore')>",
        "docstring": "Abstract base class defining a generic persistence interface for\nauthentication credentials.\n\nNotes:\n    **Responsibilities:**\n\n        - Provide persistent storage separating life-cycle management from storage mechanics\n        - Keep implementation focused only on persistence\n        \n    **Constraints:**\n    \n        - The store is intentionally agnostic to:\n            - The concrete credential type being stored\n            - The serialization format used to persist credentials\n            - The underlying storage backend or durability guarantees",
        "members": {
          "load": {
            "name": "load",
            "kind": "function",
            "path": "mail_intake.credentials.redis.CredentialStore.load",
            "signature": "<bound method Alias.signature of Alias('load', 'mail_intake.credentials.store.CredentialStore.load')>",
            "docstring": "Load previously persisted credentials.\n\nReturns:\n    Optional[T]:\n        An instance of type ``T`` if credentials are available and\n        loadable; otherwise ``None``.\n\nNotes:\n    **Guarantees:**\n\n        - Implementations should return ``None`` when no credentials are present or when stored credentials cannot be successfully decoded or deserialized\n        - The store must not attempt to validate, refresh, or otherwise interpret the returned credentials"
          },
          "save": {
            "name": "save",
            "kind": "function",
            "path": "mail_intake.credentials.redis.CredentialStore.save",
            "signature": "<bound method Alias.signature of Alias('save', 'mail_intake.credentials.store.CredentialStore.save')>",
            "docstring": "Persist credentials to the underlying storage backend.\n\nArgs:\n    credentials (T):\n        The credential object to persist.\n\nNotes:\n    **Lifecycle:**\n\n        - This method is invoked when credentials are newly obtained or have been refreshed and are known to be valid at the time of persistence\n\n    **Responsibilities:**\n\n        - Ensuring durability appropriate to the deployment context\n        - Applying encryption or access controls where required\n        - Overwriting any previously stored credentials"
          },
          "clear": {
            "name": "clear",
            "kind": "function",
            "path": "mail_intake.credentials.redis.CredentialStore.clear",
            "signature": "<bound method Alias.signature of Alias('clear', 'mail_intake.credentials.store.CredentialStore.clear')>",
            "docstring": "Remove any persisted credentials from the store.\n\nNotes:\n    **Lifecycle:**\n\n        - This method is called when credentials are known to be invalid, revoked, corrupted, or otherwise unusable\n        - Must ensure that no stale authentication material remains accessible\n\n    **Guarantees:**\n\n        - Implementations should treat this operation as idempotent"
          }
        }
      },
      "T": {
        "name": "T",
        "kind": "attribute",
        "path": "mail_intake.credentials.redis.T",
        "signature": null,
        "docstring": null
      },
      "RedisCredentialStore": {
        "name": "RedisCredentialStore",
        "kind": "class",
        "path": "mail_intake.credentials.redis.RedisCredentialStore",
        "signature": "<bound method Class.signature of Class('RedisCredentialStore', 36, 142)>",
        "docstring": "Redis-backed implementation of ``CredentialStore``.\n\nThis store persists credentials in Redis and is suitable for\ndistributed and horizontally scaled deployments where credentials\nmust be shared across multiple processes or nodes.\n\nNotes:\n    **Responsibilities:**\n\n        - This class is responsible only for persistence and retrieval\n        - It does not interpret, validate, refresh, or otherwise manage the lifecycle of the credentials being stored\n\n    **Guarantees:**\n\n        - The store is intentionally generic and delegates all serialization concerns to caller-provided functions\n        - This avoids unsafe mechanisms such as pickle and allows credential formats to be explicitly controlled and audited",
        "members": {
          "redis": {
            "name": "redis",
            "kind": "attribute",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.redis",
            "signature": null,
            "docstring": null
          },
          "key": {
            "name": "key",
            "kind": "attribute",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.key",
            "signature": null,
            "docstring": null
          },
          "serialize": {
            "name": "serialize",
            "kind": "attribute",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.serialize",
            "signature": null,
            "docstring": null
          },
          "deserialize": {
            "name": "deserialize",
            "kind": "attribute",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.deserialize",
            "signature": null,
            "docstring": null
          },
          "ttl_seconds": {
            "name": "ttl_seconds",
            "kind": "attribute",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.ttl_seconds",
            "signature": null,
            "docstring": null
          },
          "load": {
            "name": "load",
            "kind": "function",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.load",
            "signature": "<bound method Function.signature of Function('load', 89, 110)>",
            "docstring": "Load credentials from Redis.\n\nReturns:\n    Optional[T]:\n        An instance of type ``T`` if credentials are present and\n        successfully deserialized; otherwise ``None``.\n\nNotes:\n    **Guarantees:**\n\n        - If no value exists for the configured key, or if the stored payload cannot be successfully deserialized, this method returns ``None``\n        - The store does not attempt to validate the returned credentials or determine whether they are expired or otherwise usable"
          },
          "save": {
            "name": "save",
            "kind": "function",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.save",
            "signature": "<bound method Function.signature of Function('save', 112, 130)>",
            "docstring": "Persist credentials to Redis.\n\nArgs:\n    credentials (T):\n        The credential object to persist.\n\nNotes:\n    **Responsibilities:**\n\n        - Any previously stored credentials under the same key are overwritten\n        - If a TTL is configured, the credentials will expire automatically after the specified duration"
          },
          "clear": {
            "name": "clear",
            "kind": "function",
            "path": "mail_intake.credentials.redis.RedisCredentialStore.clear",
            "signature": "<bound method Function.signature of Function('clear', 132, 142)>",
            "docstring": "Remove stored credentials from Redis.\n\nNotes:\n    **Lifecycle:**\n\n        - This operation deletes the configured Redis key if it exists\n        - Implementations should treat this method as idempotent"
          }
        }
      },
      "Any": {
        "name": "Any",
        "kind": "alias",
        "path": "mail_intake.credentials.redis.Any",
        "signature": "<bound method Alias.signature of Alias('Any', 'typing.Any')>",
        "docstring": null
      }
    }
  }
}