docs: Add ADR-011 for hybrid OAuth + AppAPI deployment architecture
This ADR documents the architectural decision to support both OAuth and AppAPI (ExApp) deployment modes in a single codebase with 90%+ code sharing. Key additions: - Comprehensive analysis of AppAPI limitations and challenges - Feature parity matrix comparing OAuth vs AppAPI modes - Resolution of critical open questions via research: * Non-browser client authentication (app passwords/OAuth) * Streaming transport compatibility (buffered, not real-time) * Callbacks/webhooks (MCP notifications not possible in AppAPI) - Detailed implementation plan with 4 phases (10 days) - Mode-aware architecture with abstraction layer Critical findings: - AppAPI mode does NOT support MCP sampling (RAG features) - No real-time progress updates (use Nextcloud notifications) - Buffered streaming only (Streamable HTTP works, WebSocket doesn't) - Requires app password support in AppAPI proxy Deployment mode selection: - OAuth: Multi-tenant, external clients, sampling/RAG, real-time updates - AppAPI: Single-tenant, simplified install, native UI, admin-controlled Related to investigation of ~/Software/app_api/ and ~/Software/nc_py_api/ for AppAPI integration patterns. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Chris Coutinho