1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
// Location: ./builtins/session/valkey/src/lib.rs
// Copyright 2026
// SPDX-License-Identifier: Apache-2.0
// Authors: Fred Araujo
//
// cpex-session-valkey — a Valkey-backed `apl_cpex::SessionStore` for
// distributed, cross-restart persistence of session security labels.
//
// # Where this sits
//
// apl-cpex (SessionStore trait, SessionStoreFactory)
// ▲
// │ implements
// cpex-session-valkey ──uses──▶ redis-rs + deadpool-redis (rustls)
//
// The host registers `ValkeySessionStoreFactory` via
// `AplOptions.session_store_factories`; a `global.apl.session_store:
// { kind: valkey, ... }` block then selects it during config load. When
// no such block is present, apl-cpex keeps its default in-process
// `MemorySessionStore`, so this crate is entirely opt-in.
//
// # Design invariants (carried from the requirements/plan)
//
// - Fail-closed: any backend error (unreachable, timeout, undecodable)
// becomes `SessionStoreError`; only a confirmed key-miss is empty.
// - Atomic union: `append_labels` is a single server-side `SADD`.
// - Primary-only: a single endpoint, no replica read-splitting.
// - TLS required off-localhost; `noeviction` is an operator runbook
// concern the client can only warn about.
//
// The connection layer is kept internal (no public reusable API): the
// planned OAuth token cache is the trigger to extract a shared layer
// later, shaped by two real consumers.
pub use ValkeyConfig;
pub use BuildError;
pub use ;
pub use ValkeySessionStore;