chore

.example.env

@@ -7,6 +7,9 @@ BASIC_AUTH_PASSWORD=******
 SWAGGER_URL="/documentation"
 API_URL="/swagger.json"
 
+JWT_SECRET_KEY=******
+JWT_ACCESS_TOKEN_EXPIRES=******
+JWT_REFRESH_TOKEN_EXPIRES=******
 
 
 DATABASE_USER=*****

.gitignore

@@ -3,4 +3,5 @@ __pycache__/
 app.log
 .DS_Store
 migrations/__pycache__/
-migrations/*.pycg
+migrations/*.pycg
+./vscode

.vscode/settings.json

@@ -0,0 +1,24 @@
+{
+  "editor.lineNumbers": "off",
+  "editor.padding.top": 3,
+  "editor.padding.bottom": 3,
+  "editor.formatOnSave": true,
+  "editor.formatOnPaste": true,
+  "editor.fontSize": 14,
+  "editor.lineHeight": 4.5,
+  "editor.suggestFontSize": 15,
+  // "editor.suggestLineHeight": 4,
+  "breadcrumbs.enabled": false,
+  "workbench.tips.enabled": false,
+  "workbench.statusBar.visible": false,
+  // "workbench.editor.showTabs": "single",
+  "git.enableSmartCommit": true,
+  "workbench.editor.editorActionsLocation": "hidden",
+  // "workbench.activityBar.location": "hidden",
+  "workbench.editor.enablePreviewFromQuickOpen": false,
+  "editor.lightbulb.enabled": "off",
+  "editor.selectionHighlight": false,
+  "editor.overviewRulerBorder": false,
+  "editor.renderLineHighlight": "none",
+  "editor.occurrencesHighlight": "off"
+}

app/__init__.py

@@ -8,38 +8,43 @@ from app.errors import register_error_handlers
 from flask_sqlalchemy import SQLAlchemy
 from flask_migrate import Migrate
 from app.extensions import db, migrate
+from flask_jwt_extended import (
+    JWTManager,
+    jwt_required,
+    create_access_token,
+    get_jwt_identity,
+)
+
 
 def create_app():
-    """ Factory function to create a Flask app instance """
+    """Factory function to create a Flask app instance"""
     app = Flask(__name__)
 
     # Load configuration
     app.config.from_object(Config)
 
+    CORS(app)
 
-    CORS(app, supports_credentials=True) 
+    JWTManager(app)
 
     # Swagger Doc
     SWAGGER_URL = app.config.get("SWAGGER_URL")
     API_URL = app.config.get("API_URL")
 
-    
     # Register blueprints
     app.register_blueprint(api)
 
     swagger_ui_blueprint = get_swaggerui_blueprint(SWAGGER_URL, API_URL)
     app.register_blueprint(swagger_ui_blueprint, url_prefix=SWAGGER_URL)
 
-   
     # Error Handlers
     register_error_handlers(app)
-    
+
     from . import models
+
     # Database and Migrations
     db.init_app(app)
-    
-    
+
     migrate.init_app(app, db)
-   
 
     return app

app/api/integrations/__init__.py

@@ -1,2 +1 @@
-from .simbrella import SimbrellaIntegration
-from .kafka import KafkaIntegration
+from .simbrella import SimbrellaClient

app/api/integrations/kafka.py

@@ -1,79 +0,0 @@
-from confluent_kafka import Producer
-import json
-import logging
-from app.config import settings
-
-logger = logging.getLogger(__name__)
-
-class KafkaIntegration:
-    _producer = None
-    _config = {
-        'bootstrap.servers': settings.KAFKA_BROKER,
-        'client.id': 'loan-service-producer',
-        'acks': 'all',
-        'retries': 3,
-        'debug': 'broker,topic,msg'
-    }
-
-
-    @staticmethod
-    def _get_producer():
-        """Kafka producer"""
-        if not KafkaIntegration._producer:
-            KafkaIntegration._producer = Producer(KafkaIntegration._config)
-            logger.info(f"Connected to Kafka broker at {KafkaIntegration._config['bootstrap.servers']}")
-
-        return KafkaIntegration._producer
-    
-
-
-    @staticmethod
-    def delivery_report(err, msg):
-        """Called once for each message produced"""
-        if err is not None:
-            logger.error(f'Message delivery failed: {err}')
-            raise RuntimeError(f"Message delivery failed: {err}")
-        
-        else:
-            logger.debug(f'Message delivered to {msg.topic()} [{msg.partition()}] @ offset {msg.offset()}')
-
-
-
-
-    @staticmethod
-    def send_loan_request(loan_data, request_id):
-        """
-        Send loan request to PROCESS_PAYMENT topic
-        
-        Args:
-            loan_data: Loan request payload as dict
-            request_id: Unique request identifier (used as Kafka key)
-        """
-        try:
-         
-
-            # Proceed to send loan request to Kafka
-            producer = KafkaIntegration._get_producer()
-
-            # Sending loan request message to Kafka
-            producer.produce(
-                topic="PROCESS_PAYMENT",
-                key=str(request_id),
-                value=json.dumps(loan_data).encode('utf-8'),
-                callback=KafkaIntegration.delivery_report
-            )
-
-            producer.poll(0)
-
-            logger.info(f"Loan request {request_id} queued for processing")
-
-        except Exception as e:
-            logger.error(f"Failed to send loan request to Kafka: {str(e)}", exc_info=True)
-            raise Exception(f"Failed to send loan request to Kafka: {str(e)}")
-
-
-    @staticmethod
-    def flush():
-        """Shutdown"""
-        producer = KafkaIntegration._get_producer()
-        producer.flush()

app/api/integrations/simbrella.py

@@ -2,7 +2,7 @@ import requests
 from app.utils.logger import logger
 from app.config import settings
 
-class SimbrellaIntegration:
+class SimbrellaClient:
     BASE_URL = settings.SIMBRELLA_BASE_URL
 
     @staticmethod
@@ -10,7 +10,7 @@ class SimbrellaIntegration:
         """
         Calls the RACCheck endpoit
         """
-        url = f"{SimbrellaIntegration.BASE_URL}/RACCheck"
+        url = f"{SimbrellaClient.BASE_URL}/RACCheck"
         
         payload = {
             "customerId": customer_id,
@@ -37,9 +37,10 @@ class SimbrellaIntegration:
             response = requests.post(url, json=payload, timeout=10)
 
             # Raise an error for non-200 responses
-            response.raise_for_status()  
+            # response.raise_for_status()  
+
 
             return response.json()
         except requests.exceptions.RequestException as err:
             logger.error(f"RACCheck API call failed: {str(err)}", exc_info=True)
-            return {"error": "RACCheck API error"}
+            return {"error": "RACCheck API error", "details": str(err)}

app/api/middlewares/app_id_checker.py

@@ -15,12 +15,12 @@ def require_app_id(f):
 
         if not app_id:
             logger.error("Unauthorized access: Missing App-ID.")
-            return jsonify({"message": "Invalid request"}), 400
+            return jsonify({"message": "Invalid request parameters"}), 400
 
 
         if app_id != VALID_APP_ID:
             logger.error(f"Unauthorized access: Invalid App-ID {app_id}.")
-            return jsonify({"message": "Invalid request"}), 400
+            return jsonify({"message": "Invalid request parameters"}), 400
 
         return f(*args, **kwargs)
 

app/api/middlewares/basic_auth.py

@@ -11,7 +11,7 @@ def require_auth(f):
     def decorated(*args, **kwargs):
         auth = request.headers.get('Authorization')
         if not auth or not check_auth(auth):
-            return jsonify({"message": "Invalid request"}), 401
+            return jsonify({"message": "Invalid request parameters"}), 401
         return f(*args, **kwargs)
     return decorated
 

app/api/middlewares/cors.py

@@ -4,4 +4,4 @@ from flask import request, jsonify
 def enforce_json():
     """Middleware to enforce JSON Content-Type for incoming requests"""
     if request.method in ["POST", "PUT", "PATCH"] and request.content_type != "application/json":
-        return jsonify({"message": "Invalid request"}), 400
+        return jsonify({"message": "Invalid request parameters"}), 400

app/api/middlewares/verify_api_key.py

@@ -14,11 +14,11 @@ def require_api_key(f):
 
         if not api_key:
             logger.error("Unauthorized access: Missing API key.")
-            return jsonify({"message": "Invalid request"}), 400
+            return jsonify({"message": "Invalid request parameters"}), 400
 
         if api_key != VALID_API_KEY:
             logger.error("Unauthorized access: Invalid API key.")
-            return jsonify({"message": "Invalid request"}), 400
+            return jsonify({"message": "Invalid request parameters"}), 400
 
         return f(*args, **kwargs)
 

app/api/routes/routes.py

@@ -6,11 +6,19 @@ from app.api.services import (
     LoanStatusService,
     RepaymentService,
     CustomerConsentService,
-    NotificationCallbackService
+    NotificationCallbackService,
+    AuthorizationService,
 )
 from app.utils.logger import logger
-from app.api.middlewares import enforce_json, require_auth 
+from app.api.middlewares import enforce_json, require_auth
 import os
+from flask_jwt_extended import (
+    JWTManager,
+    jwt_required,
+    create_access_token,
+    get_jwt_identity,
+    create_refresh_token,
+)
 
 
 api = Blueprint("api", __name__)
@@ -23,31 +31,31 @@ def cors_middleware():
 
 
 # Swagger JSON file
-@api.route("/swagger.json", methods=['GET'])
+@api.route("/swagger.json", methods=["GET"])
 def swagger_json():
     swagger_dir = os.path.join("swagger")
     return send_from_directory(swagger_dir, "digifi_swagger.json")
 
 
-
-@api.route('/swagger/<path:filename>')
+@api.route("/swagger/<path:filename>")
 def serve_paths(filename):
     swagger_dir = os.path.join("swagger")
     return send_from_directory(swagger_dir, filename)
 
 
 # EligibilityCheck Endpoint
-@api.route('/EligibilityCheck', methods=['POST'])
-@require_auth
+@api.route("/EligibilityCheck", methods=["POST"])
+@jwt_required()
 def eligibility_check():
     data = request.get_json()
     # logger.info(f"EligibilityCheck request received: {data}")
     response = EligibilityCheckService.process_request(data)
     return response
 
+
 # SelectOffer Endpoint
-@api.route('/SelectOffer', methods=['POST'])
-@require_auth
+@api.route("/SelectOffer", methods=["POST"])
+@jwt_required()
 def select_offer():
     data = request.get_json()
     # logger.info(f"SelectOffer request received: {data}")
@@ -56,8 +64,8 @@ def select_offer():
 
 
 # ProvideLoan Endpoint
-@api.route('/ProvideLoan', methods=['POST'])
-@require_auth
+@api.route("/ProvideLoan", methods=["POST"])
+@jwt_required()
 def provide_loan():
     data = request.get_json()
     # logger.info(f"ProvideLoan request received: {data}")
@@ -66,8 +74,8 @@ def provide_loan():
 
 
 # LoanStatus Endpoint
-@api.route('/LoanStatus', methods=['POST'])
-@require_auth
+@api.route("/LoanStatus", methods=["POST"])
+@jwt_required()
 def loan_status():
     data = request.get_json()
     # logger.info(f"LoanStatus request received: {data}")
@@ -76,8 +84,8 @@ def loan_status():
 
 
 # Repayment Endpoint
-@api.route('/Repayment', methods=['POST'])
-@require_auth
+@api.route("/Repayment", methods=["POST"])
+@jwt_required()
 def repayment():
     data = request.get_json()
     # logger.info(f"Repayment request received: {data}")
@@ -86,8 +94,8 @@ def repayment():
 
 
 # CustomerConsent Endpoint
-@api.route('/CustomerConsent', methods=['POST'])
-@require_auth
+@api.route("/CustomerConsent", methods=["POST"])
+@jwt_required()
 def customer_consent():
     data = request.get_json()
     # logger.info(f"CustomerConsent request received: {data}")
@@ -96,8 +104,8 @@ def customer_consent():
 
 
 # NotificationCallback Endpoint
-@api.route('/NotificationCallback', methods=['POST'])
-@require_auth
+@api.route("/NotificationCallback", methods=["POST"])
+@jwt_required()
 def notification_callback():
     data = request.get_json()
     # logger.info(f"NotificationCallback request received: {data}")
@@ -106,6 +114,25 @@ def notification_callback():
 
 
 # Health Check Endpoint
-@api.route('/health', methods=['GET'])
+@api.route("/health", methods=["GET"])
 def health_check():
-    return {"status": "ok"} , 200
+    return {"status": "ok"}, 200
+
+
+# Authorize endpoint
+@api.route("/Authorize", methods=["POST"])
+def authorize():
+    data = request.get_json()
+    # logger.info(f"Authorize request received: {data}")
+    response = AuthorizationService.process_request(data)
+    return response
+
+
+# Authorize refresh endpoint
+@api.route("/AuthorizeRefresh", methods=["POST"])
+@jwt_required(refresh=True)
+def refresh():
+    data = request.get_json()
+    # logger.info(f"Authorize refresh request received: {data}")
+    response = AuthorizationService.process_refresh_request()
+    return response

app/api/schemas/authorization.py

@@ -0,0 +1,6 @@
+from marshmallow import Schema, fields
+
+
+class AuthorizeRequestSchema(Schema):
+    username = fields.Str(required=True)
+    password = fields.Str(required=True)

app/api/services/__init__.py

@@ -4,4 +4,5 @@ from app.api.services.provide_loan import ProvideLoanService
 from app.api.services.loan_status import LoanStatusService
 from app.api.services.repayment import RepaymentService
 from app.api.services.customer_consent import CustomerConsentService
-from app.api.services.notification_callback import NotificationCallbackService
+from app.api.services.notification_callback import NotificationCallbackService
+from app.api.services.authorization import AuthorizationService

app/api/services/authorization.py

@@ -0,0 +1,102 @@
+from flask import request, jsonify
+from marshmallow import ValidationError
+from app.api.services.base_service import BaseService
+from app.utils.logger import logger
+from app.api.schemas.authorization import AuthorizeRequestSchema
+from app.api.helpers.response_helper import ResponseHelper
+from flask_jwt_extended import (
+    JWTManager,
+    jwt_required,
+    create_access_token,
+    create_refresh_token,
+    get_jwt_identity,
+)
+from app.config import Config
+
+USERNAME = Config.BASIC_AUTH_USERNAME
+PASSWORD = Config.BASIC_AUTH_PASSWORD
+
+
+class AuthorizationService(BaseService):
+
+    @staticmethod
+    def process_request(data):
+        """
+        Process the Authorization request.
+
+        Args:
+            data (dict): The request data.
+
+        Returns:
+            dict: A standardized response.
+        """
+        try:
+            logger.info("Processing Authorization request")
+
+            if not data:
+                return ResponseHelper.bad_request(message="Missing JSON in request")
+
+            # Validate input data using the Authorization schema
+            schema = AuthorizeRequestSchema()
+            validated_data = schema.load(data)  # Raises ValidationError if invalid
+
+            if (
+                validated_data["username"] != USERNAME
+                or validated_data["password"] != PASSWORD
+            ):
+                return ResponseHelper.unauthorized(message="Invalid credentials")
+
+            access_token = create_access_token(identity=validated_data["username"])
+            refresh_token = create_refresh_token(identity=validated_data["username"])
+
+            # Simulated processing logic
+            response_data = {
+                "access_token": access_token,
+                "refresh_token": refresh_token,
+            }
+
+            return ResponseHelper.success(
+                data=response_data, message="Authorization processed successfully"
+            )
+
+        except ValidationError as e:
+            logger.error(f"Validation error: {e}")
+            return ResponseHelper.bad_request(message=f"Validation error: {e}")
+
+        except Exception as e:
+            logger.error(f"Error processing Authorization request: {e}")
+            return ResponseHelper.internal_server_error(
+                message=f"Error processing Authorization request: {e}"
+            )
+
+    @staticmethod
+    def process_refresh_request():
+        """
+        Process the RefreshToken request.
+
+        Args:
+            data (dict): The request data.
+
+        Returns:
+            dict: A standardized response.
+        """
+        try:
+            logger.info("Processing RefreshToken request")
+
+            identity = get_jwt_identity()
+            access_token = create_access_token(identity=identity)
+
+            # Simulated processing logic
+            response_data = {
+                "access_token": access_token,
+            }
+
+            return ResponseHelper.success(
+                data=response_data, message="RefreshToken processed successfully"
+            )
+
+        except Exception as e:
+            logger.error(f"Error processing RefreshToken request: {e}")
+            return ResponseHelper.internal_server_error(
+                message=f"Error processing RefreshToken request: {e}"
+            )

app/api/services/eligibility_check.py

@@ -4,7 +4,7 @@ from app.api.services.base_service import BaseService
 from app.api.schemas.eligibility_check import EligibilityCheckSchema
 from marshmallow import ValidationError
 from app.api.enums import TransactionType
-from app.api.integrations import SimbrellaIntegration
+from app.api.integrations import SimbrellaClient
 
 class EligibilityCheckService(BaseService):
     TRANSACTION_TYPE = TransactionType.ELIGIBILITY_CHECK 
@@ -42,14 +42,14 @@ class EligibilityCheckService(BaseService):
                     }), 400
             
              # Call RACCheck
-            response = SimbrellaIntegration.rac_check(
+            response = SimbrellaClient.rac_check(
                 customer_id = customer_id,
                 account_id = account_id,
                 transaction_id = transaction.id,
             )
 
             if "error" in response or response.get("status") != 200:
-                return jsonify({"message": "RACCheck failed"}), 400
+                return jsonify({"message": "RACCheck failed", "error": response.get("message", response)}), 400
 
             
 

app/api/services/loan_status.py

@@ -22,11 +22,10 @@ class LoanStatusService(BaseService):
         """
         try:
             validated_data = LoanStatusService.validate_data(data, LoanStatusSchema())
+            account_id = validated_data.get('accountId')
             customer_id =  validated_data.get('customerId')
-            customer = LoanStatusService.get_or_create_customer(validated_data)
-            account = customer.accounts[0]
 
-            if (LoanStatusService.validate_account_ownership(account_id = account.id, customer_id = customer_id)):
+            if (LoanStatusService.validate_account_ownership(account_id = account_id, customer_id = customer_id)):
                 transaction = LoanStatusService.log_transaction(validated_data = validated_data)
 
                 if not transaction:

app/api/services/provide_loan.py

@@ -1,13 +1,9 @@
 from flask import request, jsonify
 from marshmallow import ValidationError
-from app.api.integrations.kafka import KafkaIntegration
 from app.api.services.base_service import BaseService
 from app.api.enums import TransactionType   
 from app.utils.logger import logger
-from app.api.schemas.provide_loan import ProvideLoanSchema
-from app.api.integrations import KafkaIntegration
-from threading import Thread
-
+from app.api.schemas.provide_loan import ProvideLoanSchema   
 
 class ProvideLoanService(BaseService):
     TRANSACTION_TYPE = TransactionType.PROVIDE_LOAN 
@@ -28,7 +24,6 @@ class ProvideLoanService(BaseService):
             validated_data = ProvideLoanService.validate_data(data, ProvideLoanSchema())
             account_id = validated_data.get('accountId')
             customer_id =  validated_data.get('customerId')
-            request_id =  validated_data.get('requestId')
 
             if (ProvideLoanService.validate_account_ownership(account_id = account_id, customer_id = customer_id)):
                 transaction = ProvideLoanService.log_transaction(validated_data = validated_data)
@@ -45,20 +40,16 @@ class ProvideLoanService(BaseService):
            
            
             response_data = {
-                "requestId": request_id,
+                "requestId": "202111170001371256908",
                 "transactionId": "Tr201712RK9232P115",
-                "customerId": customer_id,
-                "accountId": account_id,
+                "customerId": "CN621868",
+                "accountId": "ACN8263457",
                 "msisdn": "3451342",
                 "resultCode": "00",
                 "resultDescription": "Successful"
                 }
 
 
-            # KafkaIntegration.send_loan_request(loan_data = response_data, request_id = request_id)
-            # Call Kafka in a background thread
-            thread = Thread(target=ProvideLoanService.async_send_to_kafka, args=(response_data, request_id))
-            thread.start()
 
             return response_data
 
@@ -81,11 +72,4 @@ class ProvideLoanService(BaseService):
             logger.error(f"An error occurred: {str(e)}", exc_info=True)
             return jsonify({
                 "message": "Internal Server Error"
-                }) , 500
-        
-    
-    def async_send_to_kafka(loan_data, request_id):
-        KafkaIntegration.send_loan_request(loan_data = loan_data, request_id = request_id)
-        KafkaIntegration.flush()
-
-
+                }) , 500

app/config.py

@@ -1,16 +1,17 @@
 import os
+from datetime import timedelta
+
 
 class Config:
     """Base configuration for Flask app"""
 
-
     SWAGGER_URL = os.getenv("SWAGGER_URL", "/documentation")
     API_URL = os.getenv("API_URL", "/swagger.json")
 
     DEBUG = True
     VALID_APP_ID = os.getenv("VALID_APP_ID", "app1")
     VALID_API_KEY = os.getenv("VALID_API_KEY", "test-api-key-12345")
-    BASIC_AUTH_USERNAME  = os.environ.get("BASIC_AUTH_USERNAME", "user")
+    BASIC_AUTH_USERNAME = os.environ.get("BASIC_AUTH_USERNAME", "user")
     BASIC_AUTH_PASSWORD = os.environ.get("BASIC_AUTH_PASSWORD", "password")
 
     DATABASE_USER = os.environ.get("DATABASE_USER")
@@ -19,14 +20,15 @@ class Config:
     DATABASE_PORT = os.environ.get("DATABASE_PORT", 10532)
     DATABASE_NAME = os.environ.get("DATABASE_NAME")
 
-    SQLALCHEMY_DATABASE_URI = (
-       f"postgresql+psycopg2://{DATABASE_USER}:{DATABASE_PASSWORD}@{DATABASE_HOST}:{DATABASE_PORT}/{DATABASE_NAME}"
-    )
+    SQLALCHEMY_DATABASE_URI = f"postgresql+psycopg2://{DATABASE_USER}:{DATABASE_PASSWORD}@{DATABASE_HOST}:{DATABASE_PORT}/{DATABASE_NAME}"
     SQLALCHEMY_TRACK_MODIFICATIONS = False
     SIMBRELLA_BASE_URL = os.getenv("SIMBRELLA_BASE_URL", "http://127.0.0.1:6337")
 
-    KAFKA_BROKER = 'dev-events.simbrellang.net:9085'
-    KAFKA_PAYMENT_TOPIC = 'PROCESS_PAYMENT'
+    JWT_SECRET_KEY = os.getenv("JWT_SECRET_KEY", "secret-key")
+    JWT_ACCESS_TOKEN_EXPIRES = os.getenv("JWT_ACCESS_TOKEN_EXPIRES", timedelta(hours=1))
+    JWT_REFRESH_TOKEN_EXPIRES = os.getenv(
+        "JWT_REFRESH_TOKEN_EXPIRES", timedelta(days=30)
+    )
 
 
-settings = Config()
+settings = Config()

app/models/account.py

@@ -1,5 +1,4 @@
 from datetime import datetime, timezone
-from sqlalchemy.orm import relationship
 from app.extensions import db
 
 class Account(db.Model):
@@ -13,13 +12,6 @@ class Account(db.Model):
     created_at = db.Column(db.DateTime, default=datetime.now(timezone.utc))
     updated_at = db.Column(db.DateTime, default=datetime.now(timezone.utc), onupdate=datetime.now(timezone.utc))
 
-    customer = relationship(
-        "Customer",
-        primaryjoin="Customer.id == Account.customer_id",
-        foreign_keys=[customer_id],
-        back_populates="accounts",
-    )
-
     @classmethod
     def create_account(cls, id, customer_id, account_type, status='active'):
         account = cls(

app/models/customer.py

@@ -1,5 +1,4 @@
 from datetime import datetime, timezone
-from sqlalchemy.orm import relationship
 from app.extensions import db
 from app.models.account import Account
 
@@ -12,13 +11,6 @@ class Customer(db.Model):
     created_at = db.Column(db.DateTime, default=datetime.now(timezone.utc))
     updated_at = db.Column(db.DateTime, default=datetime.now(timezone.utc), onupdate=datetime.now(timezone.utc))
 
-    accounts = relationship(
-        "Account",
-        primaryjoin="Customer.id == Account.customer_id",
-        foreign_keys="Account.customer_id",
-        back_populates="customer",
-    )
-
     @classmethod
     def is_eligible(cls, customer_id):
         customer = cls.query.filter_by(id=customer_id).first()

app/swagger/digifi_swagger.json

@@ -1,7 +1,7 @@
 {
   "openapi": "3.0.3",
   "info": {
-    "title": "Swagger Simbrella FirstAdvance - OpenAPI 3.0",
+    "title": "Swagger Bank Channel to Simbrella FirstAdvance - OpenAPI 3.0",
     "description": "This is a Simbrella FirstAdvance Backend Server with the OpenAPI 3.0 specification.  \n\n\nSome useful links:\n- [Web Simulated Demo Page](https://digifi-salaryloan.chiefsoft.net/)\n- [Web Management Support Portal](https://digifi-office.chiefsoft.net/auth/login)",
     "termsOfService": "http://swagger.io/terms/",
     "contact": {
@@ -16,6 +16,9 @@
   "servers": [
     {
       "url": "http://localhost:4500"
+    },
+    {
+      "url": "http://api.dev.simbrellang.net:4500"
     }
   ],
   "tags": [
@@ -74,6 +77,22 @@
         "description": "Find out more",
         "url": "https://www.simbrellang.net"
       }
+    },
+    {
+      "name": "Authorize",
+      "description": "This feature will be used for authorizing customers.",
+      "externalDocs": {
+        "description": "Find out more",
+        "url": "https://www.simbrellang.net"
+      }
+    },
+    {
+      "name": "AuthorizeRefresh",
+      "description": "This feature will be used for refreshing authorized customers.",
+      "externalDocs": {
+        "description": "Find out more",
+        "url": "https://www.simbrellang.net"
+      }
     }
   ],
   "paths": {
@@ -97,6 +116,12 @@
     },
     "/NotificationCallback": {
       "$ref": "swagger/paths/NotificationCallback.json"
+    },
+    "/Authorize": {
+      "$ref": "swagger/paths/Authorize.json"
+    },
+    "/AuthorizeRefresh": {
+      "$ref": "swagger/paths/AuthorizeRefresh.json"
     }
   },
   "components": {
@@ -139,18 +164,36 @@
       },
       "ApiResponse": {
         "$ref": "swagger/schemas/ApiResponse.json"
+      },
+      "AuthorizeResponse": {
+        "$ref": "swagger/schemas/AuthorizeResponse.json"
+      },
+      "AuthorizeRequest": {
+        "$ref": "swagger/schemas/AuthorizeRequest.json"
+      },
+      "AuthorizeRefreshResponse": {
+        "$ref": "swagger/schemas/AuthorizeRefreshResponse.json"
+      },
+      "AuthorizeRefreshRequest": {
+        "$ref": "swagger/schemas/AuthorizeRefreshRequest.json"
       }
     },
     "securitySchemes": {
       "basicAuth": {
-      "type": "http",
-      "scheme": "basic"
+        "type": "http",
+        "scheme": "basic"
+      },
+      "bearerAuth": {
+        "type": "http",
+        "scheme": "bearer",
+        "bearerFormat": "JWT"
       }
     }
   },
   "security": [
     {
-      "basicAuth": []
+      "basicAuth": [],
+      "bearerAuth": []
     }
   ]
-}
+}

app/swagger/paths/Authorize.json

@@ -0,0 +1,54 @@
+{
+  "post": {
+    "tags": ["Authorize"],
+    "summary": "Customer Authorize Request",
+    "description": "Customer Authorize Request",
+    "operationId": "Authorize",
+    "requestBody": {
+      "required": true,
+      "content": {
+        "application/json": {
+          "schema": {
+            "$ref": "../schemas/AuthorizeRequest.json"
+          }
+        },
+        "application/xml": {
+          "schema": {
+            "$ref": "../schemas/AuthorizeRequest.json"
+          }
+        },
+        "application/x-www-form-urlencoded": {
+          "schema": {
+            "$ref": "../schemas/AuthorizeRequest.json"
+          }
+        }
+      }
+    },
+    "responses": {
+      "200": {
+        "description": "Successful operation",
+        "content": {
+          "application/json": {
+            "schema": {
+              "$ref": "../schemas/AuthorizeResponse.json"
+            }
+          },
+          "application/xml": {
+            "schema": {
+              "$ref": "../schemas/AuthorizeResponse.json"
+            }
+          }
+        }
+      },
+      "400": {
+        "description": "Invalid request parameters"
+      },
+      "422": {
+        "description": "Validation exception"
+      },
+      "500": {
+        "description": "Internal server error"
+      }
+    }
+  }
+}

app/swagger/paths/AuthorizeRefresh.json

@@ -0,0 +1,54 @@
+{
+  "post": {
+    "tags": ["Authorize Refresh"],
+    "summary": "Customer Authorize Refresh Request",
+    "description": "Customer Authorize Refresh Request",
+    "operationId": "AuthorizeRefresh",
+    "requestBody": {
+      "required": true,
+      "content": {
+        "application/json": {
+          "schema": {
+            "$ref": "../schemas/AuthorizeRefreshRequest.json"
+          }
+        },
+        "application/xml": {
+          "schema": {
+            "$ref": "../schemas/AuthorizeRefreshRequest.json"
+          }
+        },
+        "application/x-www-form-urlencoded": {
+          "schema": {
+            "$ref": "../schemas/AuthorizeRefreshRequest.json"
+          }
+        }
+      }
+    },
+    "responses": {
+      "200": {
+        "description": "Successful operation",
+        "content": {
+          "application/json": {
+            "schema": {
+              "$ref": "../schemas/AuthorizeRefreshResponse.json"
+            }
+          },
+          "application/xml": {
+            "schema": {
+              "$ref": "../schemas/AuthorizeRefreshResponse.json"
+            }
+          }
+        }
+      },
+      "400": {
+        "description": "Invalid request parameters"
+      },
+      "422": {
+        "description": "Validation exception"
+      },
+      "500": {
+        "description": "Internal server error"
+      }
+    }
+  }
+}

app/swagger/paths/CustomerConsent.json

@@ -43,7 +43,7 @@
           }
         },
         "400": {
-          "description": "Invalid request"
+          "description": "Invalid request parameters"
         },
         "422": {
           "description": "Validation exception"

app/swagger/paths/EligibilityCheck.json

@@ -44,7 +44,7 @@
                 }
             },
             "400": {
-                "description": "Invalid request"
+                "description": "Invalid request parameters"
             },
             "422": {
                 "description": "Validation exception"

app/swagger/paths/LoanStatus.json

@@ -44,7 +44,7 @@
           }
         },
         "400": {
-          "description": "Invalid request"
+          "description": "Invalid request parameters"
         },
         "422": {
           "description": "Validation exception"

app/swagger/paths/NotificationCallback.json

@@ -44,7 +44,7 @@
           }
         },
        "400": {
-          "description": "Invalid request"
+          "description": "Invalid request parameters"
         },
         "422": {
           "description": "Validation exception"

app/swagger/paths/ProvideLoan.json

@@ -44,7 +44,7 @@
           }
         },
         "400": {
-          "description": "Invalid request"
+          "description": "Invalid request parameters"
         },
         "422": {
           "description": "Validation exception"

app/swagger/paths/Repayment.json

@@ -43,7 +43,7 @@
                 }
             },
             "400": {
-                "description": "Invalid request"
+                "description": "Invalid request parameters"
             },
             "422": {
                 "description": "Validation exception"

app/swagger/paths/SelectOffer.json

@@ -44,7 +44,7 @@
                 }
             },
             "400": {
-                "description": "Invalid request"
+                "description": "Invalid request parameters"
             },
             "422": {
                 "description": "Validation exception"

app/swagger/schemas/AuthorizeRefreshRequest.json

@@ -0,0 +1,7 @@
+{
+  "type": "object",
+  "properties": {},
+  "xml": {
+    "name": "AuthorizeRefreshRequest"
+  }
+}

app/swagger/schemas/AuthorizeRefreshResponse.json

@@ -0,0 +1,12 @@
+{
+  "type": "object",
+  "properties": {
+    "access_token": {
+      "type": "string",
+      "example": "access_token"
+    }
+  },
+  "xml": {
+    "name": "AuthorizeRefreshResponse"
+  }
+}

app/swagger/schemas/AuthorizeRequest.json

@@ -0,0 +1,16 @@
+{
+  "type": "object",
+  "properties": {
+    "username": {
+      "type": "string",
+      "example": "user"
+    },
+    "password": {
+      "type": "string",
+      "example": "password"
+    }
+  },
+  "xml": {
+    "name": "AuthorizeRequest"
+  }
+}

app/swagger/schemas/AuthorizeResponse.json

@@ -0,0 +1,16 @@
+{
+  "type": "object",
+  "properties": {
+    "access_token": {
+      "type": "string",
+      "example": "access_token"
+    },
+    "refresh_token": {
+      "type": "string",
+      "example": "refresh_token"
+    }
+  },
+  "xml": {
+    "name": "AuthorizeResponse"
+  }
+}

app/swagger/schemas/ProvideLoanRequest.json

@@ -1,10 +1,6 @@
 {
     "type": "object",
     "properties": {
-        "type": {
-            "type": "string",
-            "example": "ProvideLoanRequest"
-        },
         "requestId": {
             "type": "string",
             "example": "202111170001371256908"

requirements.txt

@@ -27,6 +27,6 @@ python-dotenv
 # Requests
 requests
 
-# Kafka 
-confluent-kafka==1.9.2
+# JWT
+flask-jwt-extended