A simple in-memory ConsentStore bounded against unauthenticated growth: the
number of approved clients is capped, evicting the oldest approval first when
the cap is reached, so the (otherwise insert-only) consent map cannot grow
process memory without bound.
NOTE: even bounded, this in-memory default is unsuitable for an
internet-exposed multi-process proxy: consent is per-process and lost on
restart. Back it with shared, bounded storage (and consider a consent TTL) for
such deployments.
A simple in-memory ConsentStore bounded against unauthenticated growth: the number of approved clients is capped, evicting the oldest approval first when the cap is reached, so the (otherwise insert-only) consent map cannot grow process memory without bound.
NOTE: even bounded, this in-memory default is unsuitable for an internet-exposed multi-process proxy: consent is per-process and lost on restart. Back it with shared, bounded storage (and consider a consent TTL) for such deployments.