Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Core Services is one of the key DIGIT components. Browse through this section to learn more about key configuration and integration details of these core services.
User service is responsible for user data management and providing functionality to login and logout into Digit system
Before you proceed with the configuration, make sure the following pre-requisites are met -
Java 8
Kafka server is up and running
Encryption and MDMS services are running
PSQL server is running and database
Redis is running
Store, update and search user data
Provide authentication
Provide login, logout functionality into DIGIT platform
Store user data PIIs in encrypted form
Setup latest version of egov-enc-service and egov-mdms- service
Deploy the latest version of egov-user service
Add Role-Action mapping for API’s
Following application properties file in user service are configurable.
Property
Value
Remarks
egov.user.search.default.size
10
default search record number limit
citizen.login.password.otp.enabled
true
whether citizen login otp based
employee.login.password.otp.enabled
false
whether employee login otp based
citizen.login.password.otp.fixed.value
123456
fixed otp for citizen
citizen.login.password.otp.fixed.enabled
false
allow fixed otp for citizen
otp.validation.register.mandatory
true
whether otp compulsory for registration
access.token.validity.in.minutes
10080
validity time of access token
refresh.token.validity.in.minutes
20160
validity time of refresh token
default.password.expiry.in.days
90
expiry date of a password
account.unlock.cool.down.period.minutes
60
unlock time
max.invalid.login.attempts.period.minutes
30
window size for counting attempts for lock
max.invalid.login.attempts
5
max failed login attempts before account is locked
egov.state.level.tenant.id
pb
User data management and functionality to login and logout into Digit system using OTP and password.
Providing following functionality to citizen and employee type users
Employee:
User registration
Search user
Update user details
Forgot password
Change password
User role mapping(Single ULB to multiple roles)
Enable employee to login into DIGIT system based on a password.
Citizen:
Create user
Update user
Search user
User registration using OTP
OTP based login
To integrate, host of egov-user should be overwritten in the helm chart.
Use /citizen/_create and /users/_createnovalidate endpoints for creating users into the system
Use /v1/_search and /_search endpoints to search users in the system depending on various search parameters
Use /profile/_update for partial update and /users/_updatenovalidate for update
Use /password/nologin/_update for otp based password reset and /password/_update for logged in user password reset
Use /user/oauth/token for generating token, /_logoutfor logout and /_details for getting user information from his token
Link
/citizen/_create
/users/_createnovalidate
/_search
/v1/_search
/_details
/users/_updatenovalidate
/profile/_update
/password/_update
/password/nologin/_update
/_logout
/user/oauth/token
The objective of PDF generation service is to bulk generate pdf as per requirement.
Before you proceed with the documentation, make sure the following pre-requisites are met -
Install npm.
Kafka server is up and running.
egov-persister service is running and has pdf generation persister config path added in it.
PSQL server is running and the database is created to store filestore id and job id of generated pdf.
Provide a common framework to generate PDF.
Provide flexibility to customise the PDF as per the requirement.
Provide functionality to add an image, Qr Code in PDF.
Provide functionality to generate pdf in bulk.
Provide functionality to specify a maximum number of records to be written in one PDF.
Environment Variables
Description
MAX_NUMBER_PAGES
Maximum number of records to be written in one PDF
DATE_TIMEZONE
Date timezone which will be used to convert epoch timestamp into date (DD/MM/YYYY)
DEFAULT_LOCALISATION_LOCALE
Default value of localisation locale
DEFAULT_LOCALISATION_TENANT
Default value of localisation tenant
DATA_CONFIG_URLS
File path/URL'S of data config
FORMAT_CONFIG_URLS
File path/URL'S of format config
Mustache.js: (https://github.com/janl/mustache.js/ ):- as templating engine to populate format as defined in format config, from request json based on mappings defined in data config
Create data config and format config for a PDF according to product requirement.
Add data config and format config files in PDF configuration
Add the file path of data and format config in the environment yml file
Deploy the latest version of pdf-service in a particular environment.
For Configuration details please refer to Customizing PDF Receipts & Certificates.
The PDF configuration can be used by any module which needs to show particular information in PDF format that can be print/downloaded by the user.
Functionality to generate PDFs in bulk.
Avoid regeneration.
Support QR codes and Images.
Functionality to specify the maximum number of records to be written in one PDF.
Uploading generated PDF to filestore and return filestore id for easy access.
To download and print the required PDF _create API has to be called with the required key (For Integration with UI, please refer to the links in Reference Docs)
Title
Link
Customizing PDF Receipts & Certificates
Steps for Integration of PDF in UI for download and print PDF
API Swagger Documentation
Link
pdf-service/v1/_create
pdf-service/v1/_createnosave
pdf-service/v1/_search
(Note: All the API’s are in the same postman collection, therefore, the same link is added in each row)
A core application which provides location details of the tenant for which the services are being provided.
Before you proceed with the documentation, make sure the following pre-requisites are met -
Java 8
PSQL server is running and database is created
Knowledge of egov-mdms service
egov-mdms service is running and all the required mdms master are loaded in it
The location information is also known as boundary data of ULB
Boundary data can be of different hierarchies ADMIN, ELECTION hierarchy which is defined by the Administrators, Revenue hierarchy defined by the Revenue department.
The election hierarchy has the locations divided into several types like zone, election ward, block, street and locality. The Revenue hierarchy has the locations divided into a zone, ward, block and locality.
The model which defines the localities like zone, ward and etc is boundary object which contains information like name, lat, long, parent or children boundary if any. The boundaries come under each other in a hierarchy like a zone contains wards, ward contains blocks, a block contains locality. The order in which the boundaries are contained in each other will differ based on the tenants.
Environment Variables
Description
egov.services.egov_mdms.hostname
Host name for MDMS service.
egov.services.egov_mdms.searchpath
MDMS Search URL.
egov.service.egov.mdms.moduleName
MDMS module which contain boundary master.
egov.service.egov.mdms.masterName
MDMS master file which contain boundary detail.
Add/Update the mdms master file which contain boundary data of ULB’s.
Add Role-Action mapping for egov-location API’s.
Deploy/Redeploy the latest version of egov-mdms service.
Fill the above environment variables in egov-location with proper values.
Deploy the latest version of egov-location service.
The boundary data has been moved to mdms from the master tables in DB. The location service fetches the JSON from mdms and parses it to the structure of boundary object as mentioned above. A sample master would look like below.
Attribute Name
Description
tenantId
The tenantId (ULB code) for which the boundary data configuration is defined.
moduleName
The name of the module where TenantBoundary master is present.
TenantBoundary.hierarchyType.code
Unique code of the hierarchy type.
TenantBoundary.hierarchyType.name
Unique name of the hierarchy type.
TenantBoundary.boundary.id
Id of boundary defined for particular hierarchy.
boundaryNum
Sequence number of boundary attribute defined for the particular hierarchy.
name
Name of the boundary like Block 1 or Zone 1 or City name.
localname
Local name of the boundary.
longitude
Longitude of the boundary.
latitude
Latitude of the boundary.
label
Label of the boundary.
code
Code of the boundary.
children
Details of its sub-boundaries.
The egov-location API’s can be used by any module which needs to store the location details of the tenant.
Get the boundary details based on boundary type and hierarchy type within the tenant boundary structure.
Get the geographical boundaries by providing appropriate GeoJson.
Get the tenant list in the given latitude and longitude.
To integrate, host of egov-location should be overwritten in helm chart.
/boundarys/_search should be added as the search endpoint for searching boundary details based on tenant Id, Boundary Type, Hierarchy Type etc.
/geography/_search should be added as the search endpoint .This method handles all requests related to geographical boundaries by providing appropriate GeoJson and other associated data based on tenantId or lat/long etc.
/tenant/_search should be added as the search endpoint. This method tries to resolve a given lat, long to a corresponding tenant, provided there exists a mapping between the reverse geocoded city to tenant.
The MDMS Tenant boundary master file should be loaded in MDMS service.
Title
Link
Local setup
Link
/boundarys/_search
/geography/_search
/tenant/_search
Please refer to the Swagger API contract for egov-location service to understand the structure of APIs and to have a visualisation of all internal APIs.
DIGIT is API based Platform here each API is denoting to a DIGIT resource. Access Control Service (ACS) primary job is to authorise end-user based on their roles and provide access to the DIGIT platform resources. Access control functionality basically works based on below points:
Actions: Actions are events which are performed by a user. This can be an API end-point or Frontend event. This is MDMS master
Roles: Role are assigned to the user, a user can hold multiple roles. Roles are defined in MDMS masters.
Role-Action: Role actions are mapping b/w Actions and Roles. Based on role, action mapping access control service identifies applicable action for the role.
Before you proceed with the configuration, make sure the following pre-requisites are met -
Java 8
MDMS service is up and running
Serve the applicable actions for a user based on user role (To print menu three).
On each action which is performed by a user, access control looks at the roles for the user and validate actions mapping with the role.
Support tenant-level role-action. For instance, an employee from Amritsar can have a role of APPROVER for other ULB like Jalandhar and hence will be authorised to act as APPROVER in Jalandhar.
Deploy the latest version of Access Control Service
Deploy MDMS service to fetch the Role Action Mappings
Define the roles
Add the Actions (URL)
Add the role action mapping
(The details about the fields in the configuration can be found in the swagger contract)
Any microservice which requires authorisation can leverage the functionalities provided by access control service.
Any new microservice that is to be added in the platform won’t have to worry about authorisation. It can just add it’s role action mapping in the master data and Access Control Service will perform authorisation whenever API for the microservice is called.
To integrate with Access Control Service the role action mapping has to be configured(added) in the MDMS service.
The service needs to call /actions/_authorize API of Access Control Service to check for authorisation of any request
Title
Link
API Contract
Title
Link
eGov Payment Gateway acts as a liaison between eGov apps and external payment gateways facilitating payments, reconciliation of payments and lookup of transactions' status'.
Before you proceed with the documentation, make sure the following pre-requisites are met -
Java 8
Kafka server is up and running
egov-persister service is running and has pg service persister config path added in it
PSQL server is running and the database is created to store transaction data.
Create or initiate a transaction, to make a payment against a bill.
Make payment for multiple bill details [multi module] for a single consumer code at once.
Transaction to be initiated with a call to the transaction/_create API, various validations are carried out to ensure the sanctity of the request.
The response includes a generated transaction id and a redirect URL to the payment gateway itself.
Various validations are carried out to verify the authenticity of the request and the status is updated accordingly. If the transaction is successful, a receipt is generated for the same.
Reconciliation is carried out by two jobs scheduled via a Quartz clustered scheduler.
Early Reconciliation job is set to run every 15 minutes [configurable via app properties], and is aimed at reconciling transactions which were created 15 - 30 minutes ago and are in PENDING state.
Daily Reconciliation job is set to run once per day and is aimed at reconciling all transactions that are in PENDING state, except for ones which were created 30 minutes ago.
Axis, Phonepe and Paytm payment gateways are implemented.
Following properties in the application.properties file in egov-pg-service has to be added and set to default value after integrating with the new payment gateway. In the below table properties for AXIS bank, payment gateway is shown the same relevant property needs to be added for other payment gateways.
Deploy the latest version of egov-pg-service
Add pg service persister yaml path in persister configuration
The egov-pg-service acts as communication/contact between eGov apps and external payment gateways.
Record of every transaction against a bill.
Record of payment for multiple bill details for a single consumer code at once.
To integrate, host of egov-pg-service should be overwritten in helm chart
/pg-service/transaction/v1/_create should be added in the module to initiates a new payment transaction, on successful validation
/pg-service/transaction/v1/_update should be added as the update endpoint to updates an existing payment transaction. This endpoint is issued only by payment gateways to update the status of payments. It verifies the authenticity of the request with the payment gateway and forward all query params received from a payment gateway
/pg-service/transaction/v1/_search should be added as the search endpoint for retrieving the current status of a payment in our system.
(Note: All the API’s are in the same postman collection, therefore, the same link is added in each row)
Indexer service runs as a separate service. This service is designed to perform all the indexing tasks of the digit platform. The service reads records posted on specific kafka topics and picks the corresponding index configuration from the yaml file provided by the respective module. Objective of Indexer service are listed as below.
To provide a one stop framework for indexing the data to elasticsearch.
To create provision for indexing live data, reindexing from one index to the other and indexing legacy data from the datastore.
Before you proceed with the configuration, make sure the following pre-requisites are met -
Prior Knowledge of Java/J2EE
Prior Knowledge of SpringBoot
Prior Knowledge of Elasticsearch
Prior Knowledge of REST APIs and related concepts like path parameters, headers, JSON etc.
Prior Knowledge of Kafka and related concepts like Producer, Consumer, Topic etc.
Performs three major tasks namely: LiveIndex, Reindex and LegacyIndex.
LiveIndex: Task of indexing the live transaction data on the platform. This keeps the es data in sync with the db.
Reindex: Task of indexing data from one index to the other. ES already provides this feature, indexer does the same but with data transformation.
LegacyIndex: Task of indexing legacy data from the tables to ES.
Provides flexibility to index the entire object, a part of the object or an entirely different custom object all using one input json from modules.
Provides features for customizing index json by field mapping, field masking, data enrichment through external APIs and data denormalization using MDMS.
One stop shop for all the es index requirements with easy-to-write and easy-to-maintain configuration files.
Designed as a consumer to save API overhead. The consumer configs are written from scratch to have complete control over the consumer behaviour.
Step 1: Write configuration as per your requirement. Structure of the config file is explained later in the same doc.
Step 3: Provide the absolute path of the checked-in file to DevOps, to add it to the file-read path of egov-indexer. The file will be added to egov-indexer's environment manifest file for it to be read at start-up of the application.
Step 4: Run the egov-indexer app, Since it is a consumer, it starts listening to the configured topics and indexes the data.
For Indexer Configuration, please refer to the document in Reference Docs table given below.
a) POST /{key}/_index
Receive data and index. There should be a mapping with topic as {key} in index config files.
b) POST /_reindex
This is used to migrate data from one index to another index
c) POST /_legacyindex
This is to run LegacyIndex job to index data from DB. In the request body the URL of the service which would be called by indexer service to pick data, must be mentioned.
In legacy indexing and for collection-service record LiveIndex kafka-connect is used to do part of pushing record to elastic search. For more details please refer to document mentioned in document list.
The URL shortening service is used to shorten long URLs. There may be requirement when we want to avoid sending very long urls to the user via SMS, Whatsapp etc, this service compresses the URL.
Before you proceed with the configuration, make sure the following pre-requisites are met -
Prior Knowledge of Java/J2EE
Prior Knowledge of SpringBoot
Prior Knowledge of REST APIs and related concepts like path parameters, headers, JSON etc.
Compress long URLs.
Converted short URLs contains id, which is used by this service to identify and get longer URLs.
Deploy latest version of URL Shortening service
Receive long urls and converts them to shorter urls. Shortened urls contains urls to endpoint mentioned next. When user clicks on shortened URL, user is redirected to long URL.
This shortened urls contains path to this endpoint. The service uses id used in last endpoint to get long URL. As response the user is redirected to long URL.
One of the applications in the Digit core group of services aims to reduce the time spent by developers on writing codes to store and fetch master data ( primary data needed for module functionality ) which doesn’t have any business logic associated with them. Instead of writing APIs, creating tables in every different service to store and retrieve data that is seldom changed MDMS service keeps them at a single location for all modules and provides data on will with the help of no more than three lines of configuration.
Prior Knowledge of Java/J2EE.
Prior Knowledge of Spring Boot.
Prior Knowledge of REST APIs and related concepts like path parameters, headers, JSON etc.
Prior knowledge of Git.
Advanced knowledge on how to operate JSON data would be an added advantage to understand the service.
Adds master data for usage without the need to create master data APIs in every module.
Reads data from GIT directly with no dependency on any database services.
Deploy the latest version of Mdms-service
Add conf path for the file location
Add master config JSON path
The MDMS service provides ease of access to master data for any service.
No time spent writing repetitive codes with no business logic.
To integrate, host of egov-mdms-service should be overwritten in helm chart
egov-mdms-service/v1/_search should be added as the search endpoint for searching master data.
Mdms client from eGov snapshots should be added as mvn entity in pom.xml for ease of access since it provides mdms request pojos.
Whenever any user logs an authorization token and a refresh token is generated for him. Using the auth token the client can make rest API calls to the server to fetch data. The auth token has an expiry period. Once the auth token is expired it cannot be used to make API calls. The client will have to generate a new authorization token. This is done by authenticating the refresh token with the server which then generates and sends new authorization token to the client. The refresh token avoids the need for the client to again login whenever Auth token expires.
Refresh token also has an expiry period and once it gets expired it cannot be used to generate new authorization token and the user will have to login again to get a new pair of authorization token and refresh token. Generally, the duration before the expiry of the refresh token is much longer compared to that of auth token. If the user logs out of the account both Auth token and the refresh token will become invalid.
`
PDFMake: (https://github.com/bpampuch/pdfmake - Connect to preview ):- for generating PDFs
Additional gateways can be added by implementing the interface. No changes required to the core packages.
Step 2: Check-in the config file to a remote location preferably github, currently we check the files into this folder -for dev
Property
Remarks
axis.active
Bollean lag to set the payment gateway active/inactive
axis.currency
Currency representation for merchant, default(INR)
axis.merchant.id
Payment merchant Id
axis.merchant.secret.key
Secret key for payment merchant
axis.merchant.user
User name to access the payment merchant for transaction
axis.merchant.pwd
Password of the user tp access payment merchant
axis.merchant.access.code
Access code
axis.merchant.vpc.command.pay
Pay command
axis.merchant.vpc.command.status
commans status
axis.url.debit
Url for making payment
axis.url.status
URL to get the status of the transaction
Title
Link
Swagger API Contract
Title
Link
/pg-service/transaction/v1/_create
/pg-service/transaction/v1/_update
/pg-service/transaction/v1/_search
/pg-service/gateway/v1/_search
Environment Variable
Description
host.name
Host name to append in short URL
db.persistance.enabled
The boolean flag to store the short URL in database when flag is set as TRUE.
Title
Link
Swagger API Contract
Local Setup
Environment Variables
Description
egov.mdms.conf.path
The default value of folder where master data files are stored
masters.config.url
The default value of the file URL which contains master-config values
egov-mdms-service/v1/_search
Param
Description
access.token.validity.in.minutes
Duration in minutes for which the authorization token is valid
refresh.token.validity.in.minutes
Duration in minutes for which the refresh token is valid
API
Description
/user/oauth/token
Used to start the session by generating Auth token and refresh token from username and password using grant_type as password. The same API can be used to generate new auth token from refresh token by using grant_type as refresh_token and sending the refresh token with key refresh_token
/user/_logout
This API is used to end the session. The access token and refresh token will become invalid once this API is called. Auth token is sent as param in the API call
Title
Link
egov-mdms sample data
master-config.json
Workflows are a series of steps that moves a process from one state to another state by actions performed by different kind of Actors - Humans, Machines, Time based events etc. to achieve a goal like onboarding an employee, or approve an application or grant a resource etc. The egov-workflow-v2 is a workflow engine which helps in performing these operations seamlessly using a predefined configuration.
Before you proceed with the documentation, make sure the following pre-requisites are met -
Java 8
Kafka server is up and running
egov-persister service is running and has workflow persister config path added in it
PSQL server is running and database is created to store workflow configuration and data
Always allow anyone with a role in the workflow state machine to view the workflow instances and comment on it
On the creation of workflow, it will appear in the inbox of all employees that have roles that can perform any state transitioning actions in this state.
Once an instance is marked to an individual employee it will appear only in that employee's inbox although point 1 will still hold true and all others participating in the workflow can still search it and act if they have necessary action available to them
If the instance is marked to a person who cannot perform any state transitioning action, they can still comment/upload and mark to anyone else.
Overall SLA: SLA for the complete processing of the application/Entity
State-level SLA: SLA for a particular state in the workflow
Environment Variables
Description
egov.wf.default.offset
The default value of offset in search
egov.wf.default.limit
The default value of limit in search
egov.wf.max.limit
The maximum number of records that are returned in search response
egov.wf.inbox.assignedonly
Boolean flag if set to true default search will return records assigned to the user only, if false it will return all the records based on the user’s role. (default search is the search call when no query params are sent and based on the RequestInfo of the call, records are returned, it’s used to show applications in employee inbox)
egov.wf.statelevel
Boolean flag set to true if a state-level workflow is required
Deploy the latest version of egov-workflow-v2 service
Add businessService persister yaml path in persister configuration
Add Role-Action mapping for BusinessService API’s
Overwrite the egov.wf.statelevel flag ( true for state level and false for tenant level)
Create businessService (workflow configuration) according to product requirements
Add Role-Action mapping for /processInstance/_search API
Add workflow persister yaml path in persister configuration
For Configuration details please refer to the links in Reference Docs
The workflow configuration can be used by any module which performs a sequence of operations on an application/Entity. It can be used to simulate and track processes in organisations to make it more efficient too and increase accountability.
Role-based workflow
An easy way of writing rule
File movement within workflow roles
To integrate, host of egov-workflow-v2 should be overwritten in helm chart
/process/_search should be added as the search endpoint for searching workflow process Instance object.
/process/_transition should be added to perform an action on an application. (It’s for internal use in modules and should not be added in Role-Action mapping)
The workflow configuration can be fetched by calling _search API to check if data can be updated or not in the current state
Title
Link
Configuring Workflows For New Product/Entity
Setting Up Workflows
API Swagger Documentation
Migration to Workflow 2.0
Title
Link
/businessservice/_create
/businessservice/_update
/businessservice/_search
/process/_transition
/process/_search
(Note: All the API’s are in the same postman collection, therefore, the same link is added in each row)