d-bis/smoa
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
smoa/docs/ios/README.md
defiQUG 5a8c26cf5d Backend, sync, infra, docs: ETag, API versioning, k8s, web scaffold, Android 16, domain stubs 
- Backend: ShallowEtagHeaderFilter for /api/v1/*, API-VERSIONING.md, README (tenant, CORS, Flyway, ETag)
- k8s: backend-deployment.yaml (Deployment, Service, Secret/ConfigMap)
- Web: scaffold with directory pull, 304 handling, touch-friendly UI
- Android 16: ANDROID-16-TARGET.md; BuildConfig STUN/signaling, SMOAApplication configures InfrastructureManager
- Domain: CertificateManager revocation stub, ReportService signReports, ZeroTrust/ThreatDetection minimal docs
- TODO.md and IMPLEMENTATION_STATUS.md updated; communications README for endpoint config

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-10 20:37:01 -08:00

30 lines
1.6 KiB
Markdown
Raw Permalink Blame History

# SMOA iOS app (scaffold)
This folder is a **scaffold** for the SMOA iOS app. The actual app is to be implemented in a separate Xcode project or repo, targeting **iOS 15, 16, and 17** (last three generations).
## Contract
- Use the same **REST API** as Android and Web: see [PLATFORM-REQUIREMENTS.md](../reference/PLATFORM-REQUIREMENTS.md) and [REQUIREMENTS-ALIGNMENT.md](../reference/REQUIREMENTS-ALIGNMENT.md).
- **Sync:** POST to `/api/v1/sync/directory`, `/api/v1/sync/order`, etc.; DELETE for sync delete.
- **Pull:** GET `/api/v1/directory`, `/api/v1/orders`, `/api/v1/evidence`, `/api/v1/credentials`, `/api/v1/reports` (with `since`, `limit`, optional filters).
- **Auth:** Header `X-API-Key` or query `api_key`.
- **Response:** JSON; when `conflict: true`, `remoteData` is base64-encoded JSON.
## Implementation checklist
- [ ] Create Xcode project (Swift/SwiftUI or cross-platform); minimum deployment target iOS 15.0.
- [ ] Store API key in **Keychain**.
- [ ] Implement **PullAPI** (URLSession or Alamofire): GET endpoints above.
- [ ] Implement **SyncAPI**: POST sync + DELETE; parse `SyncResponse`, decode `remoteData` when conflict.
- [ ] **Offline queue:** Queue sync when offline; retry when online; optional Core Data / SwiftData for persistence.
- [ ] Optional: Face ID / Touch ID for app unlock; certificate pinning for API.
## Discovery
- GET `/api/v1/info` returns `endpoints` (sync, delete, pull) and `auth` for client discovery.
## References
- Backend: [backend/README.md](../../backend/README.md)
- Platform requirements: [docs/reference/PLATFORM-REQUIREMENTS.md](../reference/PLATFORM-REQUIREMENTS.md)
Reference in New Issue View Git Blame Copy Permalink