EOM Inventory

The EOM Inventory service provides a RESTful api for the scheduling of tasks that can perform operation on orders based on order filters.


HealthCheck RabbitMQ Authentication

Environment Version Repository Documentation Copyright

Get the Code

C:\src> git clone git@bitbucket.org:aptosretail/eom-service-inventory.git
C:\src> cd eom-service-inventory
C:\src\eom-service-inventory> Eom.Inventory.sln

Running unit tests

Use nCrunch to run NUnit unit tests.

Running integration tests

TBD

Building the service

TBD

Running the service

The service may be run locally or in a Docker container.

{
  "iisSettings": {
    "windowsAuthentication": false,
    "anonymousAuthentication": true,
    "iisExpress": {
      "applicationUrl": "http://localhost:64970",
      "sslPort": 44380
    }
  },
  "$schema": "http://json.schemastore.org/launchsettings.json",
  "profiles": {
    "IIS Express": {
      "commandName": "IISExpress",
      "launchBrowser": true,
      "launchUrl": "index.html",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development"
      }
    },
    "EomInventory PostgreSQL, Keycloak": {
      "commandName": "Project",
      "launchBrowser": true,
      "launchUrl": "index.html",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development",
        "Database.UseInMemoryRepositories": "false",
        "Database.ManagementUrl": "http://localhost:8083",
        "JwtValidation:RequireHttps": "false"
      },
      "applicationUrl": "https://localhost:5001;http://localhost:5000"
    },
    "EomInventory InMemory, No-Auth": {
      "commandName": "Project",
      "launchBrowser": true,
      "launchUrl": "index.html",
      "environmentVariables": {
        "ASPNETCORE_ENVIRONMENT": "Development",
        "Database.UseInMemoryRepositories": "true",
        "Database.ManagementUrl": "http://localhost:8083",
        "JwtValidation:EnableValidation": "false"
      },
      "applicationUrl": "https://localhost:5001;http://localhost:5000"
    },
    "Docker": {
      "commandName": "Docker",
      "launchBrowser": true,
      "launchUrl": "{Scheme}://{ServiceHost}:{ServicePort}"
    }
  }
}

Running PostgreSQL

TIP: You can use an In-Memory database to avoid running PostgreSQL In Visual Studio right-click the project in "Solution Explorer" and select "Manage User Secrets" from the context menu to add this to your user secrets. Or configure this setting as an environmental variable in one of your launchSettings.json configurations:

  "UseInMemoryRepositories": "true"

Setup the container:

This command creates a docker container with the name dev-postgres.

$ docker run -d --name dev-postgres -p 5432:5432 -e POSTGRES_PASSWORD=password -e POSTGRES_USER=admin -d postgres
Setup the pgadmin4 administration console:

This command creates a pgadmin4 admin console with the name dev-pgadmin.

docker run -p 8083:80 -e "PGADMIN_DEFAULT_EMAIL=admin@aptos.com" --link dev-postgres -e "PGADMIN_DEFAULT_PASSWORD=Aptos123!" --name dev-pgadmin -d dpage/pgadmin4

The console may be accessed in a browser window with the following credentials:

pgadmin4 Console URL: http://localhost:8083
Email Address: admin@aptos.com
Password: Aptos123!

Adding a postgres server in pgadmin4

Running RabbitMQ

Setup the container:
$ docker run -d --name dev-rabbit -p 15672:15672 -p 5672:5672 rabbitmq:3-management

replace -d with -it --rm to run interactively and remove the container on exit.

Access the administration console (optional):

Management Console URL: http://localhost:15672
Username: guest
Password: guest


Running KeyCloak

TIP: You can disable authentication to avoid running KeyCloak while developing. In Visual Studio right-click the project in "Solution Explorer" and select "Manage User Secrets" from the context menu to add this to your user secrets. Or configure this setting as an environmental variable in one of your launchSettings.json configurations:

  "JwtValidation:EnableValidation": "false"
Setup the container:
docker run -d --name dev-keycloak --hostname dev-keycloak -p 8888:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=password -e KEYCLOAK_SERVER=http://localhost:8080/auth jboss/keycloak
Configure kcadm:

This is needed to authenticate subsequent commands.

docker exec dev-keycloak bash -c "keycloak/bin/kcadm.sh  config credentials --server $KEYCLOAK_SERVER --realm master --user $KEYCLOAK_USER --password $KEYCLOAK_PASSWORD"
Update Realm

This sets the default signing algorithm.

docker exec dev-keycloak bash -c "keycloak/bin/kcadm.sh update realms/master -s defaultSignatureAlgorithm=RS256"
Create Client

This creates a client to authenticate against.

docker exec dev-keycloak bash -c "keycloak/bin/kcadm.sh create clients -r master -s clientId=aptos -s 'redirectUris=[\"http://localhost:8888\"]' -s standardFlowEnabled=false -s serviceAccountsEnabled=true -s authorizationServicesEnabled=true -i"
Get the client secret (needed for Postman)

The client secret will be used by Postman to get a JWT token.

docker exec dev-keycloak bash -c "keycloak/bin/kcadm.sh get clients/$(keycloak/bin/kcadm.sh get clients -q clientId=aptos | jq -r '.[] | .id')/installation/providers/keycloak-oidc-keycloak-json | jq -r '.credentials.secret'"

Output:

142adce3-e437-4ae4-b39f-bb731efb4538

For Postman you can now use OAuth2 with these settings and the client Id above

 Grant Type:      Client Credentials
 URL:             http://localhost:8888/auth/realms/master/protocol/openid-connect/token
 ClientId:        aptos
 Client Secret:   142adce3-e437-4ae4-b39f-bb731efb4538
 Scope:           Roles

See the launchSettings.json for connection settings to Keycloak. In particular "JwtValidation:RequireHttps": "false" should be used to allow connection to insecure Keycloaks in development environments.

License

Copyright (c) 2020 Aptos, Inc. All rights reserved.