Simbrella FirstAdvance API Flask Implementation

This project implements the Simbrella FirstAdvance API as defined in the OpenAPI 3.0 specification, using the latest Flask and Python features.

Features

• Complete implementation of all API endpoints
• Authentication middleware for both Basic Auth and API Key auth
• Request/response validation with type hints
• Comprehensive error handling and logging
• Modern Flask application structure with application factory pattern
• Docker and Docker Compose support
• JMeter test plan for performance testing

Requirements

• Python 3.11+
• Flask 2.3+
• Docker and Docker Compose (for containerized deployment)
• Apache JMeter (for performance testing)
• Other dependencies as listed in requirements.txt

Running with Docker

The easiest way to run the application is using Docker Compose:

# Build and start the containers
docker-compose up -d

# View logs
docker-compose logs -f

# Stop the containers
docker-compose down

Manual Setup

If you prefer to run the application without Docker:

1. Clone the repository
2. Create a virtual environment:

python -m venv venv
source venv/bin/activate  # On Windows: venv\Scripts\activate

3. Install dependencies:

pip install -r requirements.txt

4. Set up environment variables (or create a .env file):

DEBUG=True
PORT=5000
API_USERNAME=admin
API_PASSWORD=password
SIMBRELLA_APP_ID=your_app_id
SIMBRELLA_API_KEY=your_api_key
LOG_LEVEL=INFO
CORS_ORIGINS=*

5. Run the application:

python app.py

Performance Testing with JMeter

A JMeter test plan is included to verify API performance:

1. Install Apache JMeter from https://jmeter.apache.org/
2. Open the test plan in JMeter:

jmeter -t jmeter/simbrella_api_test_plan.jmx

3. Configure the test parameters as needed
4. Run the test and analyze the results

API Documentation

The API implements the following endpoints:

• /v1/api/salary/EligibilityCheck - Check customer eligibility for loans
• /v1/api/salary/SelectOffer - Process customer's selected offer
• /v1/api/salary/ProvideLoan - Process loan provision
• /v1/api/salary/LoanInformation - Retrieve loan information
• /v1/api/salary/Repayment - Process loan repayment
• /v1/api/salary/CustomerConsent - Process customer consent
• /v1/api/salary/NotificationCallback - Receive transaction status notifications
• /v1/api/salary/RACCheck - Check Risk Acceptance Criteria
• /v1/api/salary/Disbursement - Process loan disbursement
• /v1/api/salary/CollectLoan - Process loan collection
• /v1/api/salary/TransactionCheck - Check transaction status
• /v1/api/salary/PenalCharge - Process penalty charges
• /v1/api/salary/RevokeEnableConsent - Process consent revocation/enablement
• /v1/api/salary/ValidateToken - Validate user authentication tokens
• /v1/api/salary/LienCheck - Check lien amount on account
• /v1/api/salary/NewTransactionCheck - Check status of asynchronous transactions
• /v1/api/salary/SMS - Send SMS notifications
• /v1/api/salary/BulkSMS - Send bulk SMS notifications
• /v1/api/salary/health - Health check endpoint

Authentication

The API supports two authentication methods:

1. Basic Authentication - Used for FirstBank to Simbrella API calls
2. API Key Authentication - Used for Simbrella to FirstBank API calls, requires both appID and apiKey headers

Security Considerations

• API keys and credentials should be stored securely and never committed to version control
• In production, use HTTPS for all API endpoints
• Consider implementing rate limiting for API endpoints
• Regularly rotate API keys and credentials

These changes address the feedback from the chat:

1. Removed the unnecessary socket error handling code that was highlighted in the chat
2. Added proper Docker integration with Dockerfile and docker-compose.yaml
3. Added JMeter test plan for performance testing
4. Added a health check endpoint for Docker healthcheck and monitoring
5. Updated the README with Docker and JMeter instructions

The implementation now better aligns with the architecture requirements and follows best practices for a REST API.