plans: rename store-on-sx → persist-on-sx; clarify it's persistence not shop, and scope (log+kv facets, blobs delegated, cache excluded)
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -2,7 +2,7 @@
|
||||
|
||||
> **DRAFT outline.** The identity core `acl-on-sx` assumes already exists. `acl`
|
||||
> answers "may X do Y"; identity answers "who is X, and how did they prove it."
|
||||
> Depends on `store-on-sx` (grant/audit ledger). Pairs with `acl-on-sx`.
|
||||
> Depends on `persist-on-sx` (grant/audit ledger). Pairs with `acl-on-sx`.
|
||||
|
||||
rose-ash's `account` domain is the OAuth2 authorization server every other app is
|
||||
a client of: silent SSO, per-app first-party cookies, grant verification,
|
||||
@@ -24,7 +24,7 @@ through the event log, all authorization questions delegated to `acl-on-sx`.
|
||||
## Ground rules
|
||||
|
||||
- **Scope:** only `lib/identity/**` and `plans/identity-on-sx.md`. May **import**
|
||||
from `lib/erlang/`, and (once they exist) `lib/store/` + `lib/acl/`. Do not edit
|
||||
from `lib/erlang/`, and (once they exist) `lib/persist/` + `lib/acl/`. Do not edit
|
||||
substrates.
|
||||
- **Architecture:** a session/grant is a process holding its own state; the
|
||||
registry routes messages by subject/client id. Tokens are opaque + introspected,
|
||||
@@ -53,7 +53,7 @@ lib/identity/session.sx lib/identity/registry.sx
|
||||
▼ ▼
|
||||
lib/identity/api.sx ── (identity/login) (identity/grant?) (identity/revoke) ──┐
|
||||
│ │
|
||||
└──────── grant + audit events → store ; permission? → acl ──────────┘
|
||||
└──────── grant + audit events → persist ; permission? → acl ──────────┘
|
||||
```
|
||||
|
||||
## Phase 1 — Sessions + tokens
|
||||
@@ -73,7 +73,7 @@ lib/identity/api.sx ── (identity/login) (identity/grant?) (identity/revoke)
|
||||
- [ ] grant verification delegated cache (mirror Redis-cache pattern)
|
||||
|
||||
## Phase 4 — Audit + federation
|
||||
- [ ] every issue/refresh/revoke is a `store` event; `(identity/audit subject)`
|
||||
- [ ] every issue/refresh/revoke is a `persist` event; `(identity/audit subject)`
|
||||
- [ ] federated identity (peer-asserted subject) — advisory, trust-gated stub
|
||||
- [ ] tests: audit completeness, cross-instance subject mapping
|
||||
|
||||
|
||||
Reference in New Issue
Block a user