From 00a1d3124a9f82b165483ecc1a296f1d4ff0e943 Mon Sep 17 00:00:00 2001 From: Sunny Tyagi Date: Fri, 5 Dec 2025 16:17:59 +0530 Subject: [PATCH 1/3] docs(all-services): add autnentication layer doc add autnentication layer doc GH-0 --- services/subscription-service/README.md | 5 +++++ services/tenant-management-service/README.md | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/services/subscription-service/README.md b/services/subscription-service/README.md index 56d8b7d..4fdf1ee 100644 --- a/services/subscription-service/README.md +++ b/services/subscription-service/README.md @@ -46,6 +46,11 @@ Plan features are saved in the FeatureValues model and associated with plans usi - Feature: Represents a general capability or functionality offered in your plans. - FeatureValues: This model associates features with specific plans and allows configuration of their values. +## Prerequisite +Authentication and authorization are implemented on each API endpoint. You can build the authentication service using the [@sourceloop/authentication-service](https://www.npmjs.com/package/@sourceloop/authentication-service). + +Note: For a basic setup, you can use symmetric encryption with Cognito. You can also refer to the [sandbox](https://github.com/sourcefuse/arc-saas-sandbox) + ## Installation Install Subscription service using `npm`; diff --git a/services/tenant-management-service/README.md b/services/tenant-management-service/README.md index 23760ae..dd3c6ac 100644 --- a/services/tenant-management-service/README.md +++ b/services/tenant-management-service/README.md @@ -18,6 +18,11 @@ A Microservice for handling tenant management operations. It provides - ![image](https://github.com/sourcefuse/arc-saas/assets/107617248/25cb5c15-30d6-4e3a-8a43-05cca121eeaf) +## Prerequisite +Authentication and authorization are implemented on each API endpoint. You can build the authentication service using the [@sourceloop/authentication-service](https://www.npmjs.com/package/@sourceloop/authentication-service). + +Note: For a basic setup, you can use symmetric encryption with Cognito. You can also refer to the [sandbox](https://github.com/sourcefuse/arc-saas-sandbox) + ## Installation Install Tenant Management Service using `npm`; From 01b9ab8081183ddd4b11ed9a2018e8837a87ba76 Mon Sep 17 00:00:00 2001 From: Sunny Tyagi Date: Mon, 8 Dec 2025 10:39:30 +0530 Subject: [PATCH 2/3] docs(all-services): add docs to generate via cli add docs to generate via cli GH-0 --- services/subscription-service/README.md | 54 ++++++++++++++++ services/tenant-management-service/README.md | 67 +++++++++++++++++++- 2 files changed, 120 insertions(+), 1 deletion(-) diff --git a/services/subscription-service/README.md b/services/subscription-service/README.md index 4fdf1ee..955dde5 100644 --- a/services/subscription-service/README.md +++ b/services/subscription-service/README.md @@ -123,6 +123,47 @@ This microservice uses [loopback4-authentication](https://www.npmjs.com/package/ - Bind any of the custom [providers](#providers) you need. +### Usage Via Sourceloop CLI +You need to have [@sourceloop/cli](https://www.npmjs.com/package/@sourceloop/cli) installed on your system +```sh +$ [npm install | yarn add] @sourceloop/cli +``` +follow the below steps: +- Run ***sl scaffold myapp*** to scaffold a Lerna monorepo, if you already don't have any monorepo. +- select all the required configuration by answering to prompted questions. +- Navigate into your project using cd myapp. +- Run ***sl microservice subscription-service***. +- Through the prompts, you can set up migrations, configure the datasource, bind components in application.ts, and complete other necessary setups. +- This microservice uses loopback4-authentication and @sourceloop/core and that uses asymmetric token encryption and decryption by default for that setup please refer their documentation but if you wish to override + + ```typescript + + this.bind(SubscriptionServiceBindings.Config).to({ + useCustomSequence: true, + }); + this.component(AuthenticationComponent); + this.sequence(ServiceSequence); + // Add bearer verifier component + this.bind(BearerVerifierBindings.Config).to({ + type: BearerVerifierType.service, + useSymmetricEncryption: true, + } as BearerVerifierConfig); + this.component(BearerVerifierComponent); + // Add authorization component + this.bind(AuthorizationBindings.CONFIG).to({ + allowAlwaysPaths: ['/explorer', '/openapi.json'], + }); + this.component(AuthorizationComponent); + + ``` + + comment the following since we are using our custom sequence + + ```typescript + // Set up the custom sequence + //this.sequence(MySequence); + ``` + ## Integrating Billing Functionality into Subscription Service using LoopBack 4 We are leveraging the [loopback4-billing](https://github.com/sourcefuse/loopback4-billing) package to integrate billing capabilities into our Subscription Service. @@ -455,6 +496,19 @@ export class FeatureToggleDbDataSource The migrations required for this service can be copied from the service. You can customize or cherry-pick the migrations in the copied files according to your specific requirements and then apply them to the DB. + - copy the selected migration according to your need. we have provided the postgresql migration files. + - copy them in your application with directory migration/sql at root. + - add the below scripts to your applciation package.json + + ``` + "migrate:up": "db-migrate up --config database.json -m ./migrations", + "migrate:down": "db-migrate down --config database.json -m ./migrations", + "migrate:create": "db-migrate create --sql-file" + ``` +- do npm i db-migrate db-migrate-pg, + +if you are generating the application using [@sourceloop/cli](https://www.npmjs.com/package/@sourceloop/cli), then you can skip these configuration and and generate all the migration related configuration by providing the answering the prmpted question on running - sl microservice + ## Database Schema ![ERD](static/subscription-erd.png) diff --git a/services/tenant-management-service/README.md b/services/tenant-management-service/README.md index dd3c6ac..766be01 100644 --- a/services/tenant-management-service/README.md +++ b/services/tenant-management-service/README.md @@ -63,7 +63,7 @@ $ [npm install | yarn add] @sourceloop/ctrl-plane-tenant-management-service `npm install @sourceloop/core loopback4-authorization loopback4-authentication` - Add the following to your `application.ts` -```typecript +```typescript this.bind(TenantManagementServiceBindings.Config).to({ useCustomSequence: true, }); @@ -98,7 +98,47 @@ comment the following since we are using our custom sequence - Set up a [Loopback4 Datasource](https://loopback.io/doc/en/lb4/DataSource.html) with `dataSourceName` property set to `TenantManagementDB`. You can see an example datasource [here](#setting-up-a-datasource). +- + +### Usage Via Sourceloop CLI +You need to have [@sourceloop/cli](https://www.npmjs.com/package/@sourceloop/cli) installed on your system +```sh +$ [npm install | yarn add] @sourceloop/cli +``` +follow the below steps: +- Run ***sl scaffold myapp*** to scaffold a Lerna monorepo. +- select all the required configuration by answering to prompted questions. +- Navigate into your project using cd myapp. +- Run ***sl microservice tenant-mgmt-service***. +- Through the prompts, you can set up migrations, configure the datasource, bind components in application.ts, and complete other necessary setups. +- This microservice uses loopback4-authentication and @sourceloop/core and that uses asymmetric token encryption and decryption by default for that setup please refer their documentation but if you wish to override + + ```typescript + this.bind(TenantManagementServiceBindings.Config).to({ + useCustomSequence: true, + }); + + this.component(TenantManagementServiceComponent); + + this.component(AuthenticationComponent); + this.sequence(ServiceSequence); + + // Add bearer verifier component + this.bind(BearerVerifierBindings.Config).to({ + type: BearerVerifierType.service, + useSymmetricEncryption: true, + } as BearerVerifierConfig); + + this.component(BearerVerifierComponent); + + // Add authorization component + this.bind(AuthorizationBindings.CONFIG).to({ + allowAlwaysPaths: ['/explorer', '/openapi.json'], + }); + this.component(AuthorizationComponent); + ``` +- Bind the Event publisher as mentioned below. ## Onboarding a tenant - The onboarding process starts through a concept of a `Lead`. A `Lead` is a prospective client who may or may not end being a tenant in our system. @@ -162,6 +202,17 @@ export class TenantEventPublisher { } ``` +### Configure EventBridge for publishing events +bind the below binding to the application.ts + +```typescript +this.bind(EventBridgeStreamBindings.Config).to({ + source: 'tenant-management', + }); +this.component(EventBridgeConnector); +``` + + ## IDP - Identity Provider The IDP (Identity Provider) Controller provides an endpoint to manage identity provider configurations for tenants. It supports multiple identity providers, such as Keycloak and Auth0, and ensures secure handling of identity provider setup requests through rate-limiting, authorization, and input validation. @@ -673,6 +724,20 @@ export class RedisDataSource The migrations required for this service can be copied from the service. You can customize or cherry-pick the migrations in the copied files according to your specific requirements and then apply them to the DB. + - copy the selected migration according to your need. we have provided the postgresql migration files. + - copy them in your application with directory migration/sql at root. + - add the below scripts to your applciation package.json + + ``` + "migrate:up": "db-migrate up --config database.json -m ./migrations", + "migrate:down": "db-migrate down --config database.json -m ./migrations", + "migrate:create": "db-migrate create --sql-file" + ``` +- do npm i db-migrate db-migrate-pg, + +if you are generating the application using [@sourceloop/cli](https://www.npmjs.com/package/@sourceloop/cli), then you can skip these configuration and and generate all the migration related configuration by providing the answering the prmpted question on running - sl microservice + + ## Database Schema ![alt text](./docs/db_schema.png) From 87d77525517b0d86380a8360a9e62063258bb67c Mon Sep 17 00:00:00 2001 From: Sunny Tyagi Date: Mon, 8 Dec 2025 10:48:16 +0530 Subject: [PATCH 3/3] docs(all-services): add few more docs add few more docs GH-0 --- services/subscription-service/README.md | 5 ++ services/tenant-management-service/README.md | 54 +++++++++++--------- 2 files changed, 34 insertions(+), 25 deletions(-) diff --git a/services/subscription-service/README.md b/services/subscription-service/README.md index 955dde5..05cfd96 100644 --- a/services/subscription-service/README.md +++ b/services/subscription-service/README.md @@ -122,6 +122,11 @@ This microservice uses [loopback4-authentication](https://www.npmjs.com/package/ This component internally uses [FeatureToggleServiceComponent](https://www.npmjs.com/package/@sourceloop/feature-toggle-service) that requires a datasource binding with the name 'FeatureToggleDB'. Make sure to create a datasource for it. You can refer an example datasource [here](#setting-up-a-datasource). - Bind any of the custom [providers](#providers) you need. +- load env config by adding below code in application.ts. + ```typescript + import * as dotenv from 'dotenv'; + dotenv.config(); + ``` ### Usage Via Sourceloop CLI You need to have [@sourceloop/cli](https://www.npmjs.com/package/@sourceloop/cli) installed on your system diff --git a/services/tenant-management-service/README.md b/services/tenant-management-service/README.md index 766be01..35a4acb 100644 --- a/services/tenant-management-service/README.md +++ b/services/tenant-management-service/README.md @@ -63,42 +63,46 @@ $ [npm install | yarn add] @sourceloop/ctrl-plane-tenant-management-service `npm install @sourceloop/core loopback4-authorization loopback4-authentication` - Add the following to your `application.ts` -```typescript -this.bind(TenantManagementServiceBindings.Config).to({ - useCustomSequence: true, - }); + ```typescript + this.bind(TenantManagementServiceBindings.Config).to({ + useCustomSequence: true, + }); -this.component(TenantManagementServiceComponent); + this.component(TenantManagementServiceComponent); -this.component(AuthenticationComponent); -this.sequence(ServiceSequence); + this.component(AuthenticationComponent); + this.sequence(ServiceSequence); -// Add bearer verifier component -this.bind(BearerVerifierBindings.Config).to({ - type: BearerVerifierType.service, - useSymmetricEncryption: true, - } as BearerVerifierConfig); + // Add bearer verifier component + this.bind(BearerVerifierBindings.Config).to({ + type: BearerVerifierType.service, + useSymmetricEncryption: true, + } as BearerVerifierConfig); -this.component(BearerVerifierComponent); + this.component(BearerVerifierComponent); -// Add authorization component -this.bind(AuthorizationBindings.CONFIG).to({ - allowAlwaysPaths: ['/explorer', '/openapi.json'], - }); -this.component(AuthorizationComponent); + // Add authorization component + this.bind(AuthorizationBindings.CONFIG).to({ + allowAlwaysPaths: ['/explorer', '/openapi.json'], + }); + this.component(AuthorizationComponent); -``` + ``` -comment the following since we are using our custom sequence + comment the following since we are using our custom sequence -```typescript -// Set up the custom sequence -//this.sequence(MySequence); -``` + ```typescript + // Set up the custom sequence + //this.sequence(MySequence); + ``` - Set up a [Loopback4 Datasource](https://loopback.io/doc/en/lb4/DataSource.html) with `dataSourceName` property set to `TenantManagementDB`. You can see an example datasource [here](#setting-up-a-datasource). -- +- load env config by adding below code in application.ts. + ```typescript + import * as dotenv from 'dotenv'; + dotenv.config(); + ``` ### Usage Via Sourceloop CLI You need to have [@sourceloop/cli](https://www.npmjs.com/package/@sourceloop/cli) installed on your system