d8b7a7bfb3
Subplan 02 Slice 5: Token domain entity (scopes, app/channel scoping, expiry, revocation, last-used) with boundary validation; secrets are dist_<64 hex> drawn from arc4random_buf and only their SHA-256 is persisted. check_token gates revocation > expiry > scope > app/channel; mark_token_used stamps usage for the P4.4 server auth. CLI: dist token create (raw secret shown exactly once; works on a fresh store so CI tokens can predate the first publish), list (lifecycle status, never the secret), revoke (unknown id and double-revoke are distinct errors). Every mutation appends an audit event; tokens joins db.json's persisted arrays, with an absent member loading as empty so older db.json files stay readable. make test 16/16 (new: token_check.sx unit suite, token_ops.sx pinned CLI acceptance).
11 KiB
11 KiB