Backend, sync, infra, docs: ETag, API versioning, k8s, web scaffold, Android 16, domain stubs

- Backend: ShallowEtagHeaderFilter for /api/v1/*, API-VERSIONING.md, README (tenant, CORS, Flyway, ETag) - k8s: backend-deployment.yaml (Deployment, Service, Secret/ConfigMap) - Web: scaffold with directory pull, 304 handling, touch-friendly UI - Android 16: ANDROID-16-TARGET.md; BuildConfig STUN/signaling, SMOAApplication configures InfrastructureManager - Domain: CertificateManager revocation stub, ReportService signReports, ZeroTrust/ThreatDetection minimal docs - TODO.md and IMPLEMENTATION_STATUS.md updated; communications README for endpoint config Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-10 20:37:01 -08:00
parent 97f75e144f
commit 5a8c26cf5d
101 changed files with 4923 additions and 103 deletions
--- a/modules/reports/src/main/java/com/smoa/modules/reports/domain/ReportService.kt
+++ b/modules/reports/src/main/java/com/smoa/modules/reports/domain/ReportService.kt
@@ -2,6 +2,7 @@ package com.smoa.modules.reports.domain

 import com.smoa.core.security.AuditLogger
 import com.smoa.core.security.AuditEventType
+import java.security.MessageDigest
 import java.util.Date
 import java.util.UUID
 import javax.inject.Inject
@@ -15,7 +16,10 @@ class ReportService @Inject constructor(
    private val reportGenerator: ReportGenerator,
    private val auditLogger: AuditLogger
 ) {
-    
+
+    /** When true, reports get a minimal content-hash signature; for full signing use a dedicated signing service. */
+    var signReports: Boolean = false
+
    /**
     * Generate report.
     */
@@ -28,6 +32,14 @@ class ReportService @Inject constructor(
        template: ReportTemplate?
    ): Result<Report> {
        return try {
+            val signature = if (signReports) {
+                DigitalSignature(
+                    signatureId = UUID.randomUUID().toString(),
+                    signerId = generatedBy,
+                    signatureDate = Date(),
+                    signatureData = MessageDigest.getInstance("SHA-256").digest(content)
+                )
+            } else null
            val report = Report(
                reportId = UUID.randomUUID().toString(),
                reportType = reportType,
@@ -37,7 +49,7 @@ class ReportService @Inject constructor(
                content = content,
                generatedDate = Date(),
                generatedBy = generatedBy,
-                signature = null, // TODO: Add digital signature
+                signature = signature,
                metadata = ReportMetadata()
            )