GALANTHUS / ABI FUNCTION REFERENCE
gln_create_file_wise_token_store
Declared in <galanthus/c_api/gln_capi.h>.
GLN_API gln_status_t GLN_CALL gln_create_file_wise_token_store(
const char* in_directory_path,
const char* in_key_path_or_null,
gln_wise_token_store_t** out_store,
gln_error_t* out_error);
Purpose
Creates a caller-owned Wise token-store handle that records the file paths used by Wise token persistence.
Use this constructor with gln_open_wise_backend when the built-in file-path token-store handle is sufficient.
Nullable parameter slots (in_key_path_or_null, out_error) may be passed as NULL; all other non-value parameters follow the nullability shown in the table.
Return
Returns GLN_OK on success and a non-OK gln_status_t value on failure.
| Type | Nullability | Ownership |
|---|---|---|
gln_status_t | value | value |
Parameters
| Name | Direction | Type | Nullability | Ownership |
|---|---|---|---|---|
in_directory_path | input | const char* | nonnull | borrowed |
in_key_path_or_null | input | const char* | nullable | borrowed |
out_store | output | gln_wise_token_store_t** | nonnull | transferred_out |
out_error | output | gln_error_t* | nullable | caller_allocated_output |
Path Semantics
in_directory_path names the token-store directory. The token blob path recorded in the handle is in_directory_path/wise_token.json.
in_key_path_or_null may be NULL or an empty string. A non-empty value is recorded as the explicit sidecar key path. Otherwise the handle records no explicit key path; when token persistence uses the recorded token blob path, the storage helpers derive .galanthus_fints.key in the token blob directory.
The constructor copies the supplied strings into std::filesystem::path values. It does not create or canonicalize the directory path.
Storage Security
The handle records paths; the constructor itself does not encrypt, read, or write token material.
When backend token persistence uses the recorded token blob path, token data is encrypted with a sidecar key and token-blob reads and writes are protected by the storage lock for that blob.
The sidecar key protects token material stored in the blob. Callers must protect the key file, token blob, and directory.
Ownership And Lifetime
On success, out_store receives a caller-owned handle that must be released with gln_destroy_wise_token_store.
gln_open_wise_backend borrows the token-store handle. The backend does not destroy it; keep the handle alive until every backend using it has been closed.
Failure Cases
After accepting the optional out_error slot as valid, the function clears *out_store to NULL before validating the remaining arguments when out_store is non-NULL.
The call returns GLN_ERR_INVALID_ARG when in_directory_path or out_store is NULL.
Allocation or path-construction failures return a non-OK status. Because the constructor does not touch the filesystem, directory, file, permission, lock, key, and write/read errors can only surface later from code that uses the recorded token-store paths.
out_error may be NULL. If it is non-NULL, its struct_size must describe a valid gln_error_t.