As a stakeholder of ReportStream,
I want a SECURE, RELIABLE, SCALABLE, and DECOUPLED way to handle incoming upload requests,
so that we can minimize potential of unrelated-to-uploads ReportStream issues preventing senders from submitting reports.
Description/Use Case
Presently, ReportStream has two upload APIs:
"reports API" - uses Azure Functions Key Auth
"Waters API" - uses OAuth2.0 with homemade custom Authorization server embedded in the application
The reports API is coupled to an insecure auth method and both endpoints are tightly coupled to the main Azure Functions App where all the other services are running alongside. This ticket is to implement a new upload API, specific to UP, that is decoupled from the main app/database and uses the new secure Auth service.
Risks/Impacts/Considerations
Dev Notes
The implementation details of this service have (mostly) been thought through. Please see the Receive Step Software Requirements section in the UP Software Requirements Document.
Acceptance Criteria
[ ] Upload Service (Spring App) implemented per the SRD. Any changes to SRD reviewed and Approved by @arnejduranovic
[ ] SRD updated (if needed) and Approved by @arnejduranovic
User Story
As a stakeholder of ReportStream, I want a SECURE, RELIABLE, SCALABLE, and DECOUPLED way to handle incoming upload requests, so that we can minimize potential of unrelated-to-uploads ReportStream issues preventing senders from submitting reports.
Description/Use Case
Presently, ReportStream has two upload APIs:
The reports API is coupled to an insecure auth method and both endpoints are tightly coupled to the main Azure Functions App where all the other services are running alongside. This ticket is to implement a new upload API, specific to UP, that is decoupled from the main app/database and uses the new secure Auth service.
Risks/Impacts/Considerations
Dev Notes
The implementation details of this service have (mostly) been thought through. Please see the Receive Step Software Requirements section in the UP Software Requirements Document.
Acceptance Criteria