|
|
|
@ -2,8 +2,8 @@ |
|
|
|
|
|
|
|
**Author**: Matthew Raymer |
|
|
|
**Version**: 1.0.0 |
|
|
|
**Created**: 2025-01-27 12:00:00 UTC |
|
|
|
**Last Updated**: 2025-01-27 12:00:00 UTC |
|
|
|
**Created**: 2025-10-02 07:47:04 UTC |
|
|
|
**Last Updated**: 2025-10-02 10:15:00 UTC |
|
|
|
|
|
|
|
## Overview |
|
|
|
|
|
|
|
@ -36,12 +36,33 @@ JavaScript Layer → Native Bridge → Native Background Executor |
|
|
|
### B. Authentication Implementation |
|
|
|
|
|
|
|
```kotlin |
|
|
|
// JWT Generation in Android |
|
|
|
// JWT Generation in Android - Enhanced with DID support |
|
|
|
class JWTHelper { |
|
|
|
fun generateJWT(userDid: String, expiresInSeconds: Int): String { |
|
|
|
val payload = mapOf( |
|
|
|
"exp" to (System.currentTimeMillis() / 1000 + expiresInSeconds), |
|
|
|
"iat" to (System.currentTimeMillis() / 1000)? |
|
|
|
"iat" to (System.currentTimeMillis() / 1000), |
|
|
|
"iss" to userDid, |
|
|
|
// Include DID-specific claims for verification |
|
|
|
"aud" to "timesafari.notifications", |
|
|
|
"sub" to userDid |
|
|
|
) |
|
|
|
return signWithDID(payload, userDid) |
|
|
|
} |
|
|
|
|
|
|
|
// Enhanced authentication with Passkey support |
|
|
|
fun generateJWANT(userDid: String, biometricData: ByteArray): String { |
|
|
|
val payload = mapOf( |
|
|
|
"exp" to (System.currentTimeMillis() / 1000 + 3600), // 1 hour |
|
|
|
"iat" to (System.currentTimeMillis() / 1000), |
|
|
|
"iss" to userDid, |
|
|
|
"aud" to "timesafari.notifications", |
|
|
|
"sub" to userDid, |
|
|
|
"auth_data" to android.util.Base64.encodeToString(biometricData, android.util.Base64.NO_WRAP) |
|
|
|
) |
|
|
|
return signWithDIDPasskey(payload, userDid, biometricData) |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
### C. HTTP Request Implementation |
|
|
|
|
|
|
|
@ -184,13 +205,27 @@ interface PluginConfig { |
|
|
|
|
|
|
|
- **Android Room database** for caching API responses |
|
|
|
- **iOS Core Data** for persistent storage |
|
|
|
- **Web IndexedDB** for web platform caching |
|
|
|
- **TTL enforcement** for cached data freshness |
|
|
|
- **SQLite integration** via @capacitor-community/sqlite for unified storage across platforms |
|
|
|
|
|
|
|
### State Synchronization |
|
|
|
|
|
|
|
- **JavaScript → Native** configuration updates |
|
|
|
- **Native → JavaScript** status reporting |
|
|
|
- **Cross-platform state consistency** |
|
|
|
- **Background ↔ Foreground** state synchronization |
|
|
|
- **Database logging** for audit trails and debugging |
|
|
|
|
|
|
|
### Enhanced Caching Strategy |
|
|
|
|
|
|
|
Based on TimeSafari's optimization patterns: |
|
|
|
|
|
|
|
- **Batch-oriented processing** for API requests to reduce overhead |
|
|
|
- **Intelligent batching** with configurable timing (max 100ms wait, max 10 items) |
|
|
|
- **Memory-optimized caching** with automatic cleanup (keep last 1000 log entries) |
|
|
|
- **Request deduplication** to prevent redundant API calls |
|
|
|
- **Performance monitoring** with operation timing and metrics collection |
|
|
|
|
|
|
|
## Performance Optimizations |
|
|
|
|
|
|
|
@ -273,6 +308,8 @@ GET {apiServer}/api/v2/report/offersToPlansOwnedByMe?afterId={jwtId}&beforeId={j |
|
|
|
- Generate traditional JWT using DID signing |
|
|
|
- Short-lived tokens (60 seconds) |
|
|
|
- Suitable for basic notification data fetching |
|
|
|
- Use `did-jwt` library for token generation and verification |
|
|
|
- Based on TimeSafari's existing JWT implementation patterns |
|
|
|
|
|
|
|
### Option 2: Enhanced Passkey Authentication (Advanced) |
|
|
|
|
|
|
|
@ -280,6 +317,8 @@ GET {apiServer}/api/v2/report/offersToPlansOwnedByMe?afterId={jwtId}&beforeId={j |
|
|
|
- Longer-lived tokens with automatic refresh |
|
|
|
- Support for cached authentication state |
|
|
|
- Better user experience for frequent polling |
|
|
|
- Integrate with SimpleWebAuthn for cross-platform biometric support |
|
|
|
- Support JWANT tokens (JWT + WebAuthn) for enhanced security |
|
|
|
|
|
|
|
## Platform-Specific Considerations |
|
|
|
|
|
|
|
@ -296,6 +335,9 @@ GET {apiServer}/api/v2/report/offersToPlansOwnedByMe?afterId={jwtId}&beforeId={j |
|
|
|
- Support iOS Keychain for authentication tokens |
|
|
|
- Handle Face ID/Touch ID integration for passkeys |
|
|
|
- Support certificate pinning if required |
|
|
|
- Use BGTaskScheduler for reliable background execution |
|
|
|
- Handle iOS-specific background refresh restrictions |
|
|
|
- Support Core Data for notification metadata persistence |
|
|
|
|
|
|
|
## Data Flow Integration Points |
|
|
|
|
|
|
|
@ -356,6 +398,10 @@ GET {apiServer}/api/v2/report/offersToPlansOwnedByMe?afterId={jwtId}&beforeId={j |
|
|
|
- [ ] **Reliability Requirements**: Handles network failures and offline scenarios |
|
|
|
- [ ] **Integration Requirements**: Seamless integration with existing plugin APIs |
|
|
|
- [ ] **Testing Requirements**: Comprehensive test coverage for all platforms |
|
|
|
- [ ] **Authentication Requirements**: Support both DID-based JWT and Passkey JWANT tokens |
|
|
|
- [ ] **Optimization Requirements**: Implement batch processing with sub-100ms delays |
|
|
|
- [ ] **Logging Requirements**: Structured logging with database persistence for debugging |
|
|
|
- [ ] **Cross-Platform Requirements**: Unified SQLite/IndexedDB storage across platforms |
|
|
|
|
|
|
|
## Risks & Mitigation |
|
|
|
|
|
|
|
@ -373,6 +419,7 @@ GET {apiServer}/api/v2/report/offersToPlansOwnedByMe?afterId={jwtId}&beforeId={j |
|
|
|
|
|
|
|
--- |
|
|
|
|
|
|
|
**Status**: Planning document - Ready for implementation |
|
|
|
**Status**: Enhanced planning document - Ready for implementation |
|
|
|
**Next Steps**: Begin Phase 1 implementation with Android HTTP client setup |
|
|
|
**Dependencies**: Android Studio, Xcode, Capacitor CLI, existing plugin infrastructure |
|
|
|
**Dependencies**: Android Studio, Xcode, Capacitor CLI, existing plugin infrastructure, @capacitor-community/sqlite, @simplewebauthn packages |
|
|
|
**Enhanced Features**: DID authentication, batch processing, structured logging, cross-platform storage optimization |
|
|
|
|
Matthew Raymer
19 hours ago