payfrit/payfrit-beacon-ios
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: provisioner hardening — multi-password auth & structured errors #2

Merged
schwifty merged 2 commits from schwifty/provisioner-hardening into main 2026-03-21 21:44:06 +00:00
Conversation 0 Commits 2 Files changed 3 +167 -33
schwifty commented 2026-03-21 10:31:55 +00:00
Collaborator
Copy link

Summary

  • Multi-password DX-Smart auth: Tries 555555, dx1234, 000000 in sequence instead of hardcoding one password. Matches Android's fallback behavior for better firmware compatibility.
  • Structured error codes: New ProvisioningError enum (AUTH_FAILED, CONNECTION_FAILED, WRITE_FAILED, etc.) matching Android's BeaconConfig error codes. All fail() calls tagged for better debugging.
  • Missing API endpoints: Added getBusiness(), getBusinessName() (cached), and allocateServicePointMinor() — all present in Android but missing from iOS.
  • Logging fix: Replaced stray print() with DebugLog.shared.log().

Test plan

  • Verify DX-Smart provisioning still works with 555555 password (primary)
  • Verify fallback to dx1234 if first password rejected
  • Verify error codes appear in debug log on failure
  • Verify ScanView handles .failureWithCode result correctly
  • Verify new API endpoints work (getBusiness, allocateServicePointMinor)

🤖 Generated with Claude Code

## Summary - **Multi-password DX-Smart auth**: Tries `555555`, `dx1234`, `000000` in sequence instead of hardcoding one password. Matches Android's fallback behavior for better firmware compatibility. - **Structured error codes**: New `ProvisioningError` enum (`AUTH_FAILED`, `CONNECTION_FAILED`, `WRITE_FAILED`, etc.) matching Android's `BeaconConfig` error codes. All `fail()` calls tagged for better debugging. - **Missing API endpoints**: Added `getBusiness()`, `getBusinessName()` (cached), and `allocateServicePointMinor()` — all present in Android but missing from iOS. - **Logging fix**: Replaced stray `print()` with `DebugLog.shared.log()`. ## Test plan - [ ] Verify DX-Smart provisioning still works with `555555` password (primary) - [ ] Verify fallback to `dx1234` if first password rejected - [ ] Verify error codes appear in debug log on failure - [ ] Verify `ScanView` handles `.failureWithCode` result correctly - [ ] Verify new API endpoints work (getBusiness, allocateServicePointMinor) 🤖 Generated with [Claude Code](https://claude.com/claude-code)
schwifty added 2 commits 2026-03-21 10:31:56 +00:00 
Created UUIDFormatting.swift with .normalizedUUID and .uuidWithDashes
String extensions, replacing 4 duplicate formatUuidWithDashes() methods
and 6+ inline .replacingOccurrences(of: "-", with: "").uppercased() calls
across Api.swift, BeaconScanner.swift, ScanView.swift,
ServicePointListView.swift, BeaconBanList.swift, and BeaconProvisioner.swift.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- DX-Smart auth now tries multiple passwords in sequence (555555, dx1234, 000000)
  instead of hardcoding a single password. Matches Android behavior for better
  compatibility across firmware versions.

- Added ProvisioningError enum with structured error codes (CONNECTION_FAILED,
  AUTH_FAILED, SERVICE_NOT_FOUND, WRITE_FAILED, etc.) matching Android's
  BeaconConfig error codes. All fail() calls now tagged with codes for better
  debugging and error reporting.

- Added ProvisioningResult.failureWithCode case and handling in ScanView.

- Added missing API endpoints that Android has:
  - getBusiness() - single business fetch
  - getBusinessName() - cached business name lookup
  - allocateServicePointMinor() - minor value allocation

- Fixed stray print() in Api.swift to use DebugLog.shared.log() for consistency.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
schwifty added 1 commit 2026-03-21 17:31:07 +00:00 
Without this reset, if provision() was called first and incremented
passwordIndex, a subsequent readConfig() call would start at the wrong
password index and potentially skip the correct password entirely.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
schwifty merged commit 4618df9191 into main 2026-03-21 21:44:06 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: payfrit/payfrit-beacon-ios#2
No description provided.
Delete branch "schwifty/provisioner-hardening"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?