Simbrella FirstAdvance API Flask Implementation

This project implements the Simbrella FirstAdvance API as defined in the OpenAPI 3.0 specification, using the latest Flask and Python features.

Features

• Complete implementation of all API endpoints
• Authentication middleware for both Basic Auth and API Key auth
• Request/response validation with type hints
• Comprehensive error handling and logging
• Modern Flask application structure with application factory pattern
• Docker and Docker Compose support
• JMeter test plan for performance testing

Requirements

• Python 3.11+
• Flask 2.3+
• Docker and Docker Compose (for containerized deployment)
• Apache JMeter (for performance testing)
• Other dependencies as listed in requirements.txt

Running with Docker

The easiest way to run the application is using Docker Compose:

# Stop any running containers
docker-compose down

# Rebuild the image
docker-compose build

# Start the container
docker-compose up -d

# Check if the container is running
docker ps

# Check the logs for any errors
docker-compose logs

Manual Setup

If you prefer to run the application without Docker:

1. Clone the repository
2. Create a virtual environment:

python -m venv venv
source venv/bin/activate  # On Windows: venv\Scripts\activate

3. Install dependencies:

pip install -r requirements.txt

4. Set up environment variables (or create a .env file):

DEBUG=True
PORT=5000
API_USERNAME=admin
API_PASSWORD=password
SIMBRELLA_APP_ID=your_app_id
SIMBRELLA_API_KEY=your_api_key
LOG_LEVEL=INFO
CORS_ORIGINS=*

5. Run the application:

python app.py

Performance Testing with JMeter

A JMeter test plan is included to verify API performance:

1. Install Apache JMeter from https://jmeter.apache.org/
2. Open the test plan in JMeter:

jmeter -t jmeter/simbrella_api_test_plan.jmx

3. Configure the test parameters as needed
4. Run the test and analyze the results

API Documentation

The API implements the following endpoints:

• /v1/api/salary/EligibilityCheck - Check customer eligibility for loans
• /v1/api/salary/SelectOffer - Process customer's selected offer
• /v1/api/salary/ProvideLoan - Process loan provision
• /v1/api/salary/LoanInformation - Retrieve loan information
• /v1/api/salary/Repayment - Process loan repayment
• /v1/api/salary/CustomerConsent - Process customer consent
• /v1/api/salary/NotificationCallback - Receive transaction status notifications
• /v1/api/salary/RACCheck - Check Risk Acceptance Criteria
• /v1/api/salary/Disbursement - Process loan disbursement
• /v1/api/salary/CollectLoan - Process loan collection
• /v1/api/salary/TransactionCheck - Check transaction status
• /v1/api/salary/PenalCharge - Process penalty charges
• /v1/api/salary/RevokeEnableConsent - Process consent revocation/enablement
• /v1/api/salary/ValidateToken - Validate user authentication tokens
• /v1/api/salary/LienCheck - Check lien amount on account
• /v1/api/salary/NewTransactionCheck - Check status of asynchronous transactions
• /v1/api/salary/SMS - Send SMS notifications
• /v1/api/salary/BulkSMS - Send bulk SMS notifications
• /v1/api/salary/health - Health check endpoint

Authentication

The API supports two authentication methods:

1. Basic Authentication - Used for FirstBank to Simbrella API calls
2. API Key Authentication - Used for Simbrella to FirstBank API calls, requires both appID and apiKey headers

Security Considerations

• API keys and credentials should be stored securely and never committed to version control
• In production, use HTTPS for all API endpoints
• Consider implementing rate limiting for API endpoints
• Regularly rotate API keys and credentials