admin/ReadKeep
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
216 Commits 4 Branches 2 Tags
Commit Graph

4 Commits

Author SHA1 Message Date
Ilyas Hallak
ec432a037c feat: Implement OAuth 2.0 authentication with PKCE and automatic fallback 
Add complete OAuth 2.0 Authorization Code Flow with PKCE as alternative
to API token authentication, with automatic server detection and graceful
fallback to classic login.

**OAuth Core (RFC 7636 PKCE):**
- PKCEGenerator: S256 challenge generation for secure code exchange
- OAuth DTOs: Client registration, token request/response models
- OAuthClient, OAuthToken, AuthenticationMethod domain models
- API.swift: registerOAuthClient() and exchangeOAuthToken() endpoints
- OAuthRepository + POAuthRepository protocol

**Browser Integration (ASWebAuthenticationSession):**
- OAuthSession: Wraps native authentication session
- OAuthFlowCoordinator: Orchestrates 5-phase OAuth flow
- readeck:// URL scheme for OAuth callback handling
- State verification for CSRF protection
- User cancellation handling

**Token Management:**
- KeychainHelper: OAuth token storage alongside API tokens
- TokenProvider: getOAuthToken(), setOAuthToken(), getAuthMethod()
- AuthenticationMethod enum to distinguish token types
- AuthRepository: loginWithOAuth(), getAuthenticationMethod()
- Endpoint persistence in both Keychain and Settings

**Server Feature Detection:**
- ServerInfo extended with features array and supportsOAuth flag
- GET /api/info endpoint integration (backward compatible)
- GetServerInfoUseCase with optional endpoint parameter

**User Profile Integration:**
- ProfileApiClient: Fetch user data via GET /api/profile
- UserProfileDto with username, email, provider information
- GetUserProfileUseCase: Extract username from profile
- Username saved and displayed for OAuth users (like classic auth)

**Automatic OAuth Flow (No User Selection):**
- OnboardingServerView: 2-phase flow (endpoint → auto-OAuth or classic)
- OAuth attempted automatically if server supports it
- Fallback to username/password on OAuth failure or unsupported
- SettingsServerViewModel: checkServerOAuthSupport(), loginWithOAuth()

**Cleanup & Refactoring:**
- Remove all #if os(iOS) && !APP_EXTENSION conditionals
- Remove LoginMethodSelectionView (no longer needed)
- Remove switchToClassicLogin() method
- Factories updated with OAuth dependencies

**Testing:**
- PKCEGeneratorTests: Verify RFC 7636 compliance
- ServerInfoTests: Feature detection and backward compatibility
- Mock implementations for all OAuth components

**Documentation:**
- docs/OAuth2-Implementation-Plan.md: Complete implementation guide
- openapi.json: Readeck API specification

**Scopes Requested:**
- bookmarks:read, bookmarks:write, profile:read

OAuth users now have full feature parity with classic authentication.
Server auto-detects OAuth support via /info endpoint. Seamless UX with
browser-based login and automatic fallback.
 2025-12-19 21:56:40 +01:00
Ilyas Hallak
ffb41347af refactor: Implement state machine architecture for offline sync 
- Replace multiple boolean properties with single OfflineBookmarkSyncState enum
- Add Use Case pattern for OfflineSyncManager with dependency injection
- Simplify LocalBookmarksSyncView using state-driven UI with external bindings
- Convert OfflineBookmarksViewModel to use @Observable instead of ObservableObject
- Move credentials from Core Data to Keychain for better persistence
- Implement comprehensive database migration for App Group containers
- Add structured logging throughout sync operations and API calls

Architecture improvements follow MVVM principles with clean separation of concerns.
 2025-08-18 22:58:42 +02:00
Ilyas Hallak
7861368196 chore: project setup, navigation improvements, and various fixes 
- Add Ruby version and Fastlane setup (Gemfile, fastlane/, .ruby-version) for iOS automation and CI/CD
- Add and update Xcode schemes and project configuration
- Update entitlements and Info.plist for app and extension
- Refactor PhoneTabView: improve navigation in 'More' tab, prevent unwanted jumps, preserve deep navigation for Tags/Search
- Update KeychainHelper, BookmarkDetail model, and related ViewModels for bugfixes or enhancements
- Various UI and logic improvements in BookmarkDetail and Search views
 2025-07-17 23:45:24 +02:00
Ilyas Hallak
1763dd6fa1 feat: Complete Share Extension implementation with Keychain integration 
UI/UX Improvements:
- Replace SLComposeServiceViewController with custom UIViewController
- Add beautiful green-themed UI with Readeck branding and logo
- Implement modern card-based layout with shadows and rounded corners
- Add custom cancel button and proper navigation styling
- Include loading states and comprehensive user feedback

Backend Integration:
- Add KeychainHelper integration for secure token/endpoint storage
- Implement proper API integration with async/await
- Add comprehensive error handling and status messages
- Include DTOs for API communication

Security & Configuration:
- Add keychain access groups to entitlements for both main app and extension
- Update TokenProvider to save tokens to keychain
- Modify LogoutUseCase to clear keychain data
- Update SaveServerSettingsUseCase to persist endpoint in keychain
- Configure proper build settings and file sharing between targets

Extension Lifecycle:
- Implement proper URL extraction from various sources
- Add automatic extension dismissal on success
- Ensure proper extension context handling
 2025-07-04 00:00:35 +02:00