standard_id 0.16.1 → 0.17.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1cc415579c94e298230fc9d647869d7c2ea2b422b1130eac38bd05bba262956a
-  data.tar.gz: 653d1cd02170d5ba6933973635cb50d62729be158b0037812da8b2f832fb0c0e
+  metadata.gz: 50cac29c9420971a28c8c4b401349cc0563270a16d519c0abd9052da600c685a
+  data.tar.gz: b47c1a99cc5d7d335f9dee1c53d4831cbcc70b3d933bb6130e600797eb4998df
 SHA512:
-  metadata.gz: 16fa94e1dde5fa46e92999ef2fb24b5bb683ff5f5ab3e6549e91f8c738e4cdd42d8e872ab0d13705659ec6ab2bb4c4e184f4947c1d95bf5e00afbc3b9dfe0328
-  data.tar.gz: b730ef767275f8d71aa9b93a8c8fca55a1935c84e1e4e6eaf022ec935d2d152d7b72e99576b5075e3dffba8269b07be66abf43f4fd96e1f7728858d64244f7e2
+  metadata.gz: 04e2bf5d6503e312fecdedfdee8f5eb7b1dd5c438c25f351ab222160249bb4de40d3b7348bffc4431d71047e05cb918ea399e67060ad66d946d17dc66d038ce8
+  data.tar.gz: 6f38767fc4bd02d3595cf243bf1d326881cf17baea355577416158bf43418a6423f7d3a14c9c2fa721b38c9f1ff4fa75658cd5b0b2f26e48d6fb970cc041c3cb

data/lib/standard_id/config/callable_validator.rb

@@ -18,8 +18,8 @@ module StandardId
     #   runtime.
     #
     # Scope: only validates top-level StandardId.config fields plus the hash
-    # entries under `oauth.claim_resolvers`. Does NOT modify the StandardConfig
-    # DSL (the gem's schema doesn't need to know about this).
+    # entries under `oauth.claim_resolvers`. Does NOT modify the schema
+    # (the gem's schema doesn't need to know about this).
     module CallableValidator
       # Each entry: field_path => { signature: "(a, b, c)", arity: Integer, kind: :positional | :keyword, keywords: [..] }
       # Field path is the method chain on StandardId.config, e.g. "after_sign_in"

data/lib/standard_id/config/schema.rb

@@ -1,9 +1,9 @@
 # Schema definitions for StandardId
 # This file defines the configuration schema structure
 
-require "standard_config"
+require "standard_id/config_schema"
 
-StandardConfig.schema.draw do
+StandardId::ConfigSchema.define do
   scope :base do
     field :account_class_name, type: :string, default: "User"
     field :cache_store, type: :any, default: nil
@@ -147,7 +147,7 @@ StandardConfig.schema.draw do
     #
     # Note: the scope is named `reset_password` rather than `password_reset` to
     # avoid a name collision with the `web.password_reset` boolean feature flag
-    # — StandardConfig resolves unique field names globally.
+    # — StandardId::ConfigSchema resolves unique field names globally.
     field :delivery, type: :symbol, default: :custom
     field :mailer_from, type: :string, default: "noreply@example.com"
     field :mailer_subject, type: :string, default: "Reset your password"

data/lib/standard_id/config_schema.rb

@@ -0,0 +1,211 @@
+require "active_support/ordered_options"
+require "concurrent/map"
+
+module StandardId
+  # Lightweight configuration schema backed by ActiveSupport::OrderedOptions.
+  # Replaces the vendored `StandardConfig` DSL/manager. Fields are declared
+  # per scope; the resulting top-level config exposes each scope as a nested
+  # OrderedOptions and routes any field whose name is unique across scopes
+  # to the owning scope (so host apps can read base-scope fields like
+  # `config.account_class_name` without the `base.` prefix).
+  class ConfigSchema
+    Field = Struct.new(:name, :type, :default) do
+      def default_value
+        return default.call if default.respond_to?(:call)
+        return default.dup if default.is_a?(Array) || default.is_a?(Hash)
+        default
+      end
+    end
+
+    class << self
+      def instance = (@instance ||= new)
+      def define(&block) = instance.define(&block)
+      def add_field(**kwargs) = instance.add_field(**kwargs)
+      def build = instance.apply(Config.new)
+    end
+
+    def initialize = @scopes = Concurrent::Map.new
+    def scopes = @scopes
+    def scope?(name) = @scopes.key?(name.to_sym)
+    def field?(scope_name, field_name) = !!@scopes[scope_name.to_sym]&.key?(field_name.to_sym)
+    def field_for(scope_name, field_name) = @scopes[scope_name.to_sym]&.[](field_name.to_sym)
+
+    def define(&block)
+      DSL.new(self).instance_eval(&block) if block
+      self
+    end
+
+    def add_field(scope:, name:, type: :string, default: nil)
+      fields = ensure_scope(scope)
+      fields.compute_if_absent(name.to_sym) { Field.new(name.to_sym, type, default) }
+    end
+
+    # Register a scope without adding a field. Allows `define { scope :foo }` so
+    # provider gems can later `add_field(scope: :foo, ...)` against an existing scope.
+    def ensure_scope(name)
+      @scopes.compute_if_absent(name.to_sym) { Concurrent::Map.new }
+    end
+
+    # Scopes that declare a field with the given name (used for top-level routing).
+    def scopes_with_field(field_name)
+      sym = field_name.to_sym
+      @scopes.each_pair.with_object([]) { |(s, fs), acc| acc << s if fs.key?(sym) }
+    end
+
+    # Populate the given Config with scope sub-options + defaults. Re-apply is safe;
+    # values already set in a Scope are preserved (so provider gems can register
+    # fields after host apps have set base values).
+    def apply(config)
+      config.__schema__ = self
+      @scopes.each_pair do |scope_name, fields|
+        opts = (config.key?(scope_name) && config[scope_name].is_a?(Scope)) ? config[scope_name] : Scope.new(self, scope_name)
+        fields.each_value { |f| opts.write_default(f.name, f.default_value) }
+        config.write_raw(scope_name, opts)
+      end
+      config
+    end
+
+    def cast(value, type)
+      return value if value.nil?
+      case type
+      when :any     then value
+      when :symbol  then value.is_a?(Symbol) ? value : value.to_sym
+      when :string  then value.to_s
+      when :integer then value.to_i
+      when :float   then value.to_f
+      when :array   then Array(value)
+      when :hash    then value.is_a?(Hash) ? value : {}
+      when :boolean
+        case value
+        when true, false then value
+        when "true", "1", 1 then true
+        when "false", "0", 0 then false
+        else !!value
+        end
+      else value
+      end
+    end
+
+    # DSL: `define { scope :base do field :foo, type: :string, default: "x" end }`.
+    # Anonymous-class form keeps both levels in one place; #scope yields a sub-DSL
+    # that closes over the parent schema + scope name.
+    class DSL
+      def initialize(schema, scope_name = nil)
+        @schema = schema
+        @scope_name = scope_name
+      end
+
+      def scope(name, &block)
+        @schema.ensure_scope(name)
+        DSL.new(@schema, name.to_sym).instance_eval(&block) if block
+      end
+
+      def field(name, type: :string, default: nil, **)
+        @schema.add_field(scope: @scope_name, name: name, type: type, default: default)
+      end
+    end
+
+    # Per-scope OrderedOptions. Validates writes, casts and dups Array/Hash values
+    # on read. When `resolver` is set (via `Config#register`), reads delegate to
+    # the resolver-returned hash for dynamic / multi-tenant configuration.
+    class Scope < ActiveSupport::OrderedOptions
+      RAW_SET = ActiveSupport::OrderedOptions.instance_method(:[]=)
+      private_constant :RAW_SET
+
+      attr_accessor :resolver
+
+      def initialize(schema, scope_name)
+        super()
+        @schema = schema
+        @scope_name = scope_name
+      end
+
+      def []=(key, value)
+        validate!(key)
+        super(key.to_sym, value)
+      end
+
+      def [](key)
+        sym = key.to_sym
+        validate!(sym) unless key?(sym) || resolver
+        raw = if resolver
+                hash = resolver.call || {}
+                if hash.respond_to?(:key?) && hash.respond_to?(:[])
+                  hash.key?(sym) ? hash[sym] : hash[sym.to_s]
+                end
+        elsif key?(sym)
+                super(sym)
+        else
+                @schema.field_for(@scope_name, sym)&.default_value
+        end
+        cast_read(sym, raw)
+      end
+
+      def write_default(key, value)
+        return if key?(key.to_sym)
+        RAW_SET.bind_call(self, key.to_sym, value)
+      end
+
+      private
+
+      def validate!(key)
+        return if @schema.field?(@scope_name, key)
+        raise StandardId::ConfigurationError,
+          "Unknown field '#{key}' for scope '#{@scope_name}'. Valid fields: #{@schema.scopes[@scope_name]&.keys}"
+      end
+
+      def cast_read(key, value)
+        field = @schema.field_for(@scope_name, key)
+        return value unless field
+        casted = @schema.cast(value, field.type)
+        casted.is_a?(Array) || casted.is_a?(Hash) ? casted.dup : casted
+      end
+    end
+
+    # Top-level config: routes unqualified field reads/writes to the owning scope
+    # when the name is unique across scopes.
+    class Config < ActiveSupport::OrderedOptions
+      RAW_SET = ActiveSupport::OrderedOptions.instance_method(:[]=)
+      private_constant :RAW_SET
+
+      attr_accessor :__schema__
+
+      def register(scope_name, resolver)
+        sym = scope_name.to_sym
+        unless __schema__&.scope?(sym)
+          raise ArgumentError, "Unknown configuration scope: #{sym}. Valid scopes: #{__schema__&.scopes&.keys}"
+        end
+        self[sym].resolver = resolver
+        self
+      end
+
+      def registered?(scope_name) = !!self[scope_name.to_sym]&.resolver
+
+      def [](key)
+        sym = key.to_sym
+        return super if key?(sym) || __schema__.nil? || __schema__.scope?(sym)
+        target = unique_scope_for(sym)
+        target ? self[target][sym] : super
+      end
+
+      def []=(key, value)
+        sym = key.to_sym
+        if __schema__ && !__schema__.scope?(sym) && !key?(sym) && (target = unique_scope_for(sym))
+          self[target][sym] = value
+        else
+          super(sym, value)
+        end
+      end
+
+      # Bypass routing — used by the schema applier.
+      def write_raw(key, value) = RAW_SET.bind_call(self, key.to_sym, value)
+
+      private
+
+      def unique_scope_for(name)
+        matches = __schema__.scopes_with_field(name)
+        matches.size == 1 ? matches.first : nil
+      end
+    end
+  end
+end

data/lib/standard_id/engine.rb

@@ -59,8 +59,18 @@ module StandardId
     # We warn (not raise) to avoid breaking apps that intentionally short-
     # circuit boot (e.g., `assets:precompile` rake tasks with no secrets
     # available). A hard failure would be hostile to those workflows.
+    #
+    # IMPORTANT: we must NOT call `app.secret_key_base` directly. Rails 8.1's
+    # getter runs the "generate + persist" path on first read, which in turn
+    # invokes the setter — and the setter raises when the resolved value is
+    # blank (which is exactly the case this check is meant to warn about).
+    # So calling the getter here would turn a soft warning into a hard boot
+    # failure under parallel workers (e.g. parallel_rspec's `parallel:create`)
+    # that don't share a generated key between processes. Instead we read
+    # the same underlying sources Rails resolves from (ENV, then credentials)
+    # without triggering the write path.
     def self.verify_host_cookie_encryption!(app)
-      secret = app.respond_to?(:secret_key_base) ? app.secret_key_base : nil
+      secret = host_secret_key_base(app)
 
       if secret.blank?
         Rails.logger.warn(
@@ -73,6 +83,27 @@ module StandardId
       end
     end
 
+    # Probe secret_key_base sources without touching the memoizing setter.
+    # Mirrors Rails' own resolution order (ENV -> credentials), stopping on
+    # the first present value. Returns nil when neither is set — the caller
+    # logs a warning in that case.
+    def self.host_secret_key_base(app)
+      return ENV["SECRET_KEY_BASE"] if ENV["SECRET_KEY_BASE"].present?
+
+      credentials = app.respond_to?(:credentials) ? app.credentials : nil
+      return nil unless credentials&.respond_to?(:secret_key_base)
+
+      credentials.secret_key_base
+    rescue StandardError
+      # A broken credentials file or missing master key raises during read.
+      # That's the host app's problem to surface elsewhere — here we just
+      # want the cookie-encryption warning to fire, so we treat "could not
+      # probe" as "not configured" and let Rails error loudly on its own
+      # path if the app genuinely needs the secret.
+      nil
+    end
+    private_class_method :host_secret_key_base
+
     # Logs a production-only warning when no global audience allow-list is
     # configured. With `allowed_audiences` empty, the API token manager
     # skips decode-time aud enforcement, leaving cross-audience JWT replay

data/lib/standard_id/events/subscribers/passwordless_delivery_subscriber.rb

@@ -5,6 +5,12 @@ module StandardId
         subscribe_to StandardId::Events::PASSWORDLESS_CODE_GENERATED
 
         def call(event)
+          # Per-call manual-delivery request takes precedence over the global
+          # delivery config. Honors Otp.issue(delivery: :manual) callers who
+          # deliver the code themselves (custom widget flows, step-up
+          # challenges, etc.) and would otherwise receive a duplicate email
+          # from this subscriber when c.passwordless.delivery == :built_in.
+          return if event[:skip_sender]
           return unless built_in_delivery?
           return unless event[:channel] == "email"
 

data/lib/standard_id/passwordless/base_strategy.rb

@@ -30,7 +30,12 @@ module StandardId
           expires_in: expires_in,
           metadata: metadata
         )
-        emit_code_generated(challenge, username)
+        # skip_sender is forwarded into the event payload so subscribers that
+        # deliver on PASSWORDLESS_CODE_GENERATED (e.g. PasswordlessDeliverySubscriber)
+        # can honor a per-call manual-delivery request — not just the legacy
+        # sender_callback. Without this, Otp.issue(delivery: :manual) silently
+        # double-delivers when c.passwordless.delivery == :built_in.
+        emit_code_generated(challenge, username, skip_sender: skip_sender)
         sender_callback&.call(username, challenge.code) unless skip_sender
         emit_code_sent(username) unless skip_sender
         challenge
@@ -158,14 +163,15 @@ module StandardId
         )
       end
 
-      def emit_code_generated(challenge, username)
+      def emit_code_generated(challenge, username, skip_sender: false)
         StandardId::Events.publish(
           StandardId::Events::PASSWORDLESS_CODE_GENERATED,
           code_challenge: challenge,
           identifier: username,
           channel: connection_type,
           realm: @realm,
-          expires_at: challenge.expires_at
+          expires_at: challenge.expires_at,
+          skip_sender: skip_sender
         )
       end
 

data/lib/standard_id/provider_registry.rb

@@ -34,7 +34,6 @@ module StandardId
         )
       end
 
-
       # Get all registered providers
       # @return [Hash] Provider name => class mapping
       def all
@@ -50,16 +49,15 @@ module StandardId
 
       private
 
-      # Register provider's config schema fields with StandardConfig
+      # Register provider's config schema fields with the StandardId schema.
+      # Thread-safe and idempotent — adding the same field twice is a no-op.
       # @param provider_class [Class] Provider implementation class
       def register_config_schema(provider_class)
         schema = provider_class.config_schema
         return if schema.nil? || schema.empty?
 
-        StandardConfig.schema.scope(:social) do
-          schema.each do |field_name, options|
-            field field_name, **options
-          end
+        schema.each do |field_name, options|
+          StandardId::ConfigSchema.add_field(scope: :social, name: field_name, **options)
         end
       end
 

data/lib/standard_id/providers/base.rb

@@ -106,7 +106,7 @@ module StandardId
 
         # Define configuration schema fields for this provider.
         #
-        # Returns a hash of field definitions compatible with StandardConfig schema DSL.
+        # Returns a hash of field definitions compatible with the StandardId::ConfigSchema DSL.
         # These fields will be registered under the :social configuration scope.
         #
         # @return [Hash] Field definitions with types and defaults

data/lib/standard_id/version.rb

@@ -1,3 +1,3 @@
 module StandardId
-  VERSION = "0.16.1"
+  VERSION = "0.17.1"
 end

data/lib/standard_id.rb

@@ -3,6 +3,7 @@ require "standard_id/current_attributes"
 require "standard_id/engine"
 require "standard_id/web_engine"
 require "standard_id/api_engine"
+require "standard_id/config_schema"
 require "standard_id/config/schema"
 require "standard_id/scope_config"
 require "standard_id/errors"
@@ -59,20 +60,23 @@ require "standard_id/providers/base"
 require "standard_id/provider_registry"
 
 module StandardId
+  CONFIG = Concurrent::Delay.new { ConfigSchema.build }
+
   class << self
     CACHE_STORE = Concurrent::Delay.new { config.cache_store || Rails.cache }
     LOGGER = Concurrent::Delay.new { config.logger || Rails.logger }
 
     def configure(&block)
-      StandardConfig.configure(&block)
+      yield config if block_given?
+      config
     end
 
     def register(scope_name, resolver_proc)
-      StandardConfig.config.register(scope_name, resolver_proc)
+      config.register(scope_name, resolver_proc)
     end
 
     def config
-      StandardConfig.config
+      CONFIG.value
     end
 
     def cache_store

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: standard_id
 version: !ruby/object:Gem::Version
-  version: 0.16.1
+  version: 0.17.1
 platform: ruby
 authors:
 - Jaryl Sim
@@ -13,14 +13,14 @@ dependencies:
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '8.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '8.0'
 - !ruby/object:Gem::Dependency
@@ -215,11 +215,6 @@ files:
 - db/migrate/20260416180511_add_partial_indexes_for_active_session_and_challenge_lookups.rb
 - lib/generators/standard_id/install/install_generator.rb
 - lib/generators/standard_id/install/templates/standard_id.rb
-- lib/standard_config.rb
-- lib/standard_config/config.rb
-- lib/standard_config/config_provider.rb
-- lib/standard_config/manager.rb
-- lib/standard_config/schema.rb
 - lib/standard_id.rb
 - lib/standard_id/account_locking.rb
 - lib/standard_id/account_status.rb
@@ -232,6 +227,7 @@ files:
 - lib/standard_id/config/callable_validator.rb
 - lib/standard_id/config/schema.rb
 - lib/standard_id/config/scope_claims_validator.rb
+- lib/standard_id/config_schema.rb
 - lib/standard_id/current_attributes.rb
 - lib/standard_id/engine.rb
 - lib/standard_id/errors.rb
@@ -305,7 +301,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '3.2'
+      version: '4.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/lib/standard_config/config.rb

@@ -1,73 +0,0 @@
-module StandardConfig
-  # Manages configuration for the StandardId engine
-  #
-  # Usage:
-  #   StandardId.configure do |config|
-  #     config.account_class_name = "User"
-  #     config.cache_store = ActiveSupport::Cache::MemoryStore.new
-  #     config.logger = Rails.logger
-  #     config.allowed_post_logout_redirect_uris = ["https://example.com/logout"]
-  #   end
-  class Config
-    # The name of the Account model class as a String, e.g. "User" or "Account"
-    attr_accessor :account_class_name
-
-    # Optional cache store and logger, used by StandardId.cache_store and StandardId.logger
-    attr_accessor :cache_store, :logger
-
-    # OAuth issuer identifier for ID tokens
-    attr_accessor :issuer
-
-    # Optional login URL for redirecting unauthenticated browser requests
-    # Example: "/login" or a full URL like "https://app.example.com/login"
-    # If set, Authorization endpoints can redirect to this path with a redirect_uri param
-    attr_accessor :login_url
-
-    # Social login hooks
-    attr_accessor :social_account_attributes
-
-    # Passwordless authentication delivery callbacks (deprecated - use events instead)
-    attr_accessor :passwordless_email_sender, :passwordless_sms_sender
-
-    # Allowed post-logout redirect URIs for OIDC logout endpoint
-    # If empty or nil, no redirects are allowed and the endpoint will return a JSON message
-    # If provided, the post_logout_redirect_uri must exactly match one of the values in this list
-    attr_accessor :allowed_post_logout_redirect_uris
-
-    # Layout name to use for StandardId Web controllers.
-    # If nil, controllers should default to "application" (host app or dummy app).
-    # Examples: "application", "standard_id/web/application", "my_custom_layout"
-    attr_accessor :web_layout
-
-    # Enable Inertia.js rendering for StandardId Web controllers
-    # When true and inertia_rails gem is available, controllers will render Inertia components
-    attr_accessor :use_inertia
-
-    # Namespace prefix for Inertia component paths
-    # Example: "Auth" will generate component paths like "Auth/Login/show"
-    attr_accessor :inertia_component_namespace
-
-    def initialize
-      @account_class_name = nil
-      @cache_store = nil
-      @logger = nil
-      @issuer = nil
-      @login_url = nil
-      @apple_key_id = nil
-      @apple_team_id = nil
-      @social_account_attributes = nil
-      @passwordless_email_sender = nil
-      @passwordless_sms_sender = nil
-      @allowed_post_logout_redirect_uris = []
-      @web_layout = nil
-      @use_inertia = nil
-      @inertia_component_namespace = nil
-    end
-
-    def account_class
-      account_class_name.constantize
-    rescue NameError
-      raise NameError, "Could not find account class: #{account_class_name}. Please set a valid class name using `StandardId.configure { |c| c.account_class_name = 'YourAccountClass' }`"
-    end
-  end
-end

data/lib/standard_config/config_provider.rb

@@ -1,82 +0,0 @@
-require "ostruct"
-
-module StandardConfig
-  class ConfigProvider
-    def initialize(scope_name, resolver_proc, schema = nil)
-      @scope_name = scope_name
-      @resolver_proc = resolver_proc
-      @schema = schema
-    end
-
-    def method_missing(method_name, *args)
-      if method_name.to_s.end_with?("=")
-        # Setter - only works for static configs (OpenStruct objects)
-        field_name = method_name.to_s.chomp("=").to_sym
-        validate_field!(field_name)
-
-        config_object = @resolver_proc.call
-        if config_object.respond_to?(method_name)
-          config_object.send(method_name, args.first)
-        elsif config_object.respond_to?(:[]=)
-          # Support hash-like providers
-          value = args.first
-          config_object[field_name] = value
-          # Also set string key for convenience if symbol not used by provider
-          begin
-            config_object[field_name.to_s] = value
-          rescue StandardError
-            # ignore if provider doesn't accept string keys
-          end
-        else
-          raise NoMethodError, "Configuration object doesn't support setting #{field_name}"
-        end
-      else
-        # Getter
-        get_field(method_name)
-      end
-    end
-
-    def get_field(field_name)
-      validate_field!(field_name)
-
-      config_object = @resolver_proc.call
-      raw_value = if config_object.respond_to?(field_name)
-                    config_object.send(field_name)
-      elsif config_object.respond_to?(:[])
-                    config_object[field_name] || config_object[field_name.to_s]
-      else
-                    nil
-      end
-
-      # Cast the value according to schema
-      field_def = @schema&.field_definition(@scope_name, field_name)
-      return raw_value unless field_def
-
-      casted = @schema&.cast_value(raw_value, field_def.type) || raw_value
-      # Return dup for mutable structures to prevent accidental mutation of shared defaults
-      if casted.is_a?(Array)
-        casted.dup
-      elsif casted.is_a?(Hash)
-        casted.dup
-      else
-        casted
-      end
-    end
-
-    def respond_to_missing?(method_name, include_private = false)
-      field_name = method_name.to_s.end_with?("=") ? method_name.to_s.chomp("=").to_sym : method_name.to_sym
-      @schema&.valid_field?(@scope_name, field_name) || super
-    end
-
-    private
-
-    def validate_field!(field_name)
-      return unless @schema # Skip validation if no schema provided
-
-      unless @schema.valid_field?(@scope_name, field_name)
-        valid_fields = @schema.scopes[@scope_name]&.fields&.keys || []
-        raise ArgumentError, "Unknown field '#{field_name}' for scope '#{@scope_name}'. Valid fields: #{valid_fields}"
-      end
-    end
-  end
-end

data/lib/standard_config/manager.rb

@@ -1,93 +0,0 @@
-require "ostruct"
-require "concurrent/map"
-require "standard_config/config_provider"
-
-module StandardConfig
-  class Manager
-    def initialize(schema)
-      @schema = schema
-      @providers = Concurrent::Map.new
-      @static_configs = Concurrent::Map.new
-    end
-
-    # Register a configuration provider for a scope
-    def register(scope_name, resolver_proc)
-      scope_name = scope_name.to_sym
-
-      # Validate scope exists in schema
-      unless @schema.valid_scope?(scope_name)
-        raise ArgumentError, "Unknown configuration scope: #{scope_name}. Valid scopes: #{@schema.scopes.keys}"
-      end
-
-      @providers[scope_name] = ConfigProvider.new(scope_name, resolver_proc, @schema)
-      self
-    end
-
-    def registered?(scope_name)
-      @providers.key?(scope_name.to_sym)
-    end
-
-    # Access configuration scopes via method calls
-    def method_missing(method_name, *args)
-      method_str = method_name.to_s
-      scope_name = method_str.end_with?("=") ? method_str.chomp("=").to_sym : method_name.to_sym
-
-      # Handle field setter via unique scope resolution
-      if method_str.end_with?("=")
-        field = scope_name
-        scopes = @schema.scopes_with_field(field)
-        if scopes.size == 1
-          s = scopes.first
-          provider = @providers.compute_if_absent(s) do
-            ConfigProvider.new(s, -> { create_static_config_for_scope(s) }, @schema)
-          end
-          provider.public_send(method_name, *args)
-          return args.first
-        end
-      end
-
-      # Handle field getter via unique scope resolution
-      scopes = @schema.scopes_with_field(scope_name)
-      if scopes.size == 1
-        s = scopes.first
-        provider = @providers.compute_if_absent(s) do
-          ConfigProvider.new(s, -> { create_static_config_for_scope(s) }, @schema)
-        end
-        return provider.get_field(scope_name)
-      end
-
-      # Handle scope access
-      provider = @providers[scope_name]
-      return provider if provider
-
-      # Create static provider for valid scopes on first access
-      if @schema.valid_scope?(scope_name)
-        return @providers.compute_if_absent(scope_name) do
-          ConfigProvider.new(scope_name, -> { create_static_config_for_scope(scope_name) }, @schema)
-        end
-      end
-
-      super
-    end
-
-    def respond_to_missing?(method_name, include_private = false)
-      method_str = method_name.to_s
-      scope_name = method_str.end_with?("=") ? method_str.chomp("=").to_sym : method_name.to_sym
-      @schema.valid_scope?(scope_name) ||
-        @schema.scopes_with_field(scope_name).any? ||
-        super
-    end
-
-    private
-
-    def create_static_config_for_scope(scope_name)
-      @static_configs.compute_if_absent(scope_name) do
-        OpenStruct.new.tap do |config|
-          @schema.scopes[scope_name].fields.each do |field_name, field_def|
-            config.send("#{field_name}=", field_def.default_value)
-          end
-        end
-      end
-    end
-  end
-end

data/lib/standard_config/schema.rb

@@ -1,139 +0,0 @@
-require "concurrent/map"
-
-module StandardConfig
-  class Schema
-    def initialize
-      @scopes = Concurrent::Map.new
-    end
-
-    # DSL entry
-    def draw(&block)
-      Drawer.new(self).instance_eval(&block) if block_given?
-      self
-    end
-
-    def scopes
-      @scopes
-    end
-
-    def scope(name, &block)
-      name_sym = name.to_sym
-      builder = scopes.compute_if_absent(name_sym) { ScopeBuilder.new(name_sym) }
-      builder.instance_eval(&block) if block_given?
-      builder
-    end
-
-    def valid_scope?(name)
-      scopes.key?(name.to_sym)
-    end
-
-    def valid_field?(scope_name, field_name)
-      return false unless valid_scope?(scope_name)
-      scopes[scope_name.to_sym].fields.key?(field_name.to_sym)
-    end
-
-    def field_definition(scope_name, field_name)
-      return nil unless valid_scope?(scope_name)
-      scopes[scope_name.to_sym].fields[field_name.to_sym]
-    end
-
-    # Return an array of scope names that define the given field
-    def scopes_with_field(field_name)
-      scopes.keys.select { |s| scopes[s].fields.key?(field_name.to_sym) }
-    end
-
-    def cast_value(value, type)
-      return value if value.nil?
-
-      case type
-      when :any
-        value
-      when :string
-        value.to_s
-      when :integer
-        value.to_i
-      when :float
-        value.to_f
-      when :boolean
-        case value
-        when true, false then value
-        when "true", "1", 1 then true
-        when "false", "0", 0 then false
-        else !!value
-        end
-      when :array
-        Array(value)
-      when :hash
-        value.is_a?(Hash) ? value : {}
-      else
-        value
-      end
-    end
-
-    class ScopeBuilder
-      attr_reader :name, :fields
-
-      def initialize(name)
-        @name = name.to_sym
-        @fields = Concurrent::Map.new
-      end
-
-      def field(name, type: :string, default: nil, readonly: false)
-        key = name.to_sym
-        if @fields.key?(key)
-          Kernel.warn("[StandardId::Configuration] Redefining field '#{key}' in scope '#{@name}'. Last definition wins.")
-        end
-        @fields[key] = FieldDefinition.new(name, type: type, default: default, readonly: readonly)
-      end
-    end
-
-    class FieldDefinition
-      attr_reader :name, :type, :default, :readonly
-
-      def initialize(name, type: :string, default: nil, readonly: false)
-        @name = name.to_sym
-        @type = type
-        @default = default
-        @readonly = readonly
-      end
-
-      def default_value
-        if @default.respond_to?(:call)
-          @default.call
-        elsif @default.is_a?(Array)
-          @default.dup
-        else
-          @default
-        end
-      end
-    end
-
-    # Internal DSL driver
-    class Drawer
-      def initialize(schema)
-        @schema = schema
-      end
-
-      # scope :base do ... end OR scope :passwordless do ... end
-      def scope(name, &block)
-        name_sym = name.to_sym
-        # Ensure scope exists, then evaluate the block in a scoped context
-        @schema.scope(name_sym)
-        ScopedScope.new(@schema, name_sym).instance_eval(&block) if block_given?
-      end
-    end
-
-    class ScopedScope
-      def initialize(schema, scope_name)
-        @schema = schema
-        @scope_name = scope_name
-      end
-
-      def field(name, type: :string, default: nil, readonly: false)
-        # Add field to the last declared scope by using ScopeBuilder within @schema.scope
-        # This method will be called inside Schema.scope block via Drawer
-        @schema.scopes[@scope_name].field(name, type: type, default: default, readonly: readonly)
-      end
-    end
-  end
-end

data/lib/standard_config.rb

@@ -1,45 +0,0 @@
-require "standard_config/config"
-require "standard_config/config_provider"
-require "standard_config/manager"
-require "standard_config/schema"
-
-require "concurrent/delay"
-
-module StandardConfig
-  SCHEMA = Concurrent::Delay.new { Schema.new }
-  MANAGER = Concurrent::Delay.new { Manager.new(SCHEMA.value) }
-
-  class << self
-    def schema
-      SCHEMA.value
-    end
-
-    def configure(&block)
-      if block_given? && block.arity.zero? && !config.registered?(:base)
-        config.register(:base, block)
-      end
-
-      yield config if block_given?
-
-      config
-    end
-
-    def config
-      MANAGER.value
-    end
-
-    private
-
-    def create_default_config
-      require "ostruct"
-      static_config = OpenStruct.new
-      base_scope = schema.scopes[:base]
-      if base_scope
-        base_scope.fields.each do |field_name, field_def|
-          static_config.send("#{field_name}=", field_def.default_value)
-        end
-      end
-      static_config
-    end
-  end
-end