Closed maektwain closed 6 years ago
maektwain
commented
7 years ago When registering the access for the partner there is a need that we need to create a tenant in the finocial which requires us to access the db and update the columns which means we can create a service in the system of the finocial where it creates a new db every time a partner a verified one gets his own tenant and will be updated back to the gateway
For the merchant we don't need tenant creation
maektwain
commented
7 years ago When creating a partner in the beginning do we need to know that what kind of user we can always create a consumer and can identify that who is he, like which means we need to think about authorisation that what kind of authorisation we are going to provide them
If a partner is selected and is verified using the credit card or any kind of verification process @mit2u what do you think how should we verify the partner and in which we should verify it
mit2u
commented
7 years ago Partner systems would mostly be Oracle,Finnacle or Finnone. Focus on universal authentication.We will provide them a username password for accessing API's & same can also be used to access our UI(Tenant).Build a service inside Fineract which will send the processed data.Only this way we can later offer them more services from backend, else it will just be a lead generation service.
maektwain
commented
7 years ago Yeah that is what i am thinking like in the case of rubique what we can do is that we can have thier backend API connected with finocial as the hooks which they want data to send like on which events like when a loan is created in the system their api will be fired on similarly we will use the core functionalities of HOOKS which means that we need to design a functionality from the gateway that hooks can be edited on certain events directly
mit2u
commented
7 years ago Ok Cool
On Tue, Oct 4, 2016 at 4:26 PM Maek Twain notifications@github.com wrote:
Yeah that is what i am thinking like in the case of rubique what we can do is that we can have thier backend API connected with finocial as the hooks which they want data to send like on which events like when a loan is created in the system their api will be fired on similarly we will use the core functionalities of HOOKS which means that we need to design a functionality from the gateway that hooks can be edited on certain events directly
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/upscaletech/gateway/issues/3#issuecomment-251357193, or mute the thread https://github.com/notifications/unsubscribe-auth/ARpKPxe0SV0ZyW_XQ808CDx5jF-WEWaTks5qwjDegaJpZM4KLEjy .
Mitul Upscale +91-8265997130
anuragmath
commented
7 years ago @maektwain
so for registering and authorisation are we going to an app over our current gateway? please clear the confusion with a simple process diagram
maektwain
commented
7 years ago No We need to store a model which allows us to associate application details which the consumer is going to use and authenticate from and access api in the case of merchant the merchant will access the user api and partner api so we are not creating another app,
theupscale
commented
7 years ago I am creating another model because changing the core configuration is not going help Core model of oauth_client_details and user will be referenced based on the user id and the client_id
maektwain
commented
7 years ago @anuragmath Please check your GET API for Apps it is saying Could not find acceptable representation
maektwain
commented
7 years ago ClientDetailsServiceConfigurer provides two types of interfaces which allows us to configure oauth client details to be identified @anuragmath please make sure that you create a separate model which will encapsulate user_id and client_id
Please make a stand alone model which will be referenced to both sides because the interface is throwing this error when i have modified the Model of oauth_client_details
{ "error": "unauthorized", "error_description": "Error creating bean with name 'scopedTarget.clientDetailsService' defined in class path resource [org/springframework/security/oauth2/config/annotation/configuration/ClientDetailsServiceConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.ClientDetailsService]: Factory method 'clientDetailsService' threw exception; nested exception is org.springframework.dao.DataIntegrityViolationException: PreparedStatementCallback; SQL [insert into oauth_client_details (client_secret, resource_ids, scope, authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information, autoapprove, client_id) values (?,?,?,?,?,?,?,?,?,?,?)]; Field 'user_id' doesn't have a default value; nested exception is java.sql.SQLException: Field 'user_id' doesn't have a default value" }
maektwain
commented
7 years ago @anuragmath Please update
maektwain
commented
7 years ago What about TESTS
maektwain
commented
7 years ago @anuragmath There are lot of bugs in your code or incomplete
Quality of code is really bad !
anuragmath
commented
7 years ago which one are you talking about?
On Wed, Oct 26, 2016 at 12:34 PM, Maek Twain notifications@github.com wrote:
@anuragmath https://github.com/anuragmath There are lot of bugs in your code or incomplete
Quality of code is really bad !
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/upscaletech/gateway/issues/3#issuecomment-256265951, or mute the thread https://github.com/notifications/unsubscribe-auth/APyZhe55b3Cjp6dBg7Z1aXoagTwecFSuks5q3vtvgaJpZM4KLEjy .
Thanks and Regards
Anurag Garg Upscale Consultancy Services Pvt Ltd Contact - 7770091421, 9811339877 email - anurag@theupscale.in ankit@theupscale.in
SAVE PAPER - THINK BEFORE YOU PRINT!
CONFIDENTIALITY/PROPRIETARY NOTE
This mail is governed by Upscale Consultancy Services Private Limited's IT policy.
The information contained in this e-mail and any accompanying documents may contain information that is confidential or otherwise protected from disclosure. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message, including any attachments. Any dissemination, distribution or other use of the contents of this message by anyone other than the intended recipient is strictly prohibited. All messages sent to and from this e-mail address may be monitored as permitted by applicable law and regulations to ensure compliance with our internal policies and to protect our business. E-mails are not secure and cannot be guaranteed to be error free as they can be intercepted, amended, lost or destroyed, or contain viruses. You are deemed to have accepted these risks if you communicate with us by e-mail.
maektwain
commented
7 years ago remove the old page of the approval flow which is in the oauth2 please
Currently it has
What we need
You need to show the user name and user image also and resource id, or name like which api is requesting for in params of the request
This is one of the api which is going to be helpful while taking forward the platform approach where 3 legged OAUTH2 is going to get used
Process Flow
Partner API
Consumer API ---Open For Everyone Which means a partner can also create and book loans for a client
Seller API
Above are the context which allows any one to sign up and create apps and then auth will be done through that and they will be able to access our API
We are going to focus on the first part where we will create an oauth based register app where we will be consuming JSON data which is in issue #2
This whole action is only applicable for the consumer who is logged in the system and are registered as user.