- A 2021 code assigment- The goal of this assignment is to build a simple HTTP service (with the appropriate unit tests) with two endpoints:
Accepts JSON input in the format:
{"username": "<user name>", "password": "<user password>"}
and returns JWT OAUTH 2/OIDC token with the username as a subject. The username and the password don't have to be verified, but should not accept empty strings. The JWT token should expire in one hour.
It should return appropriate error status code if the JSON payload is not valid, or the username and password are not valid (are empty)
Protected with a valid JWT token, generated by the /auth endpoint, provided as a Bearer Authorization header.
Accepts arbitrary JSON document as payload, which can contain a variety of things: arrays [1,2,3,4], objects {"a":1, "b":2, "c":3}, numbers, and strings. The endpoint should find all of the numbers throughout the document and add them together.
For example:
- [1,2,3,4] and {"a":6,"b":4} both have a sum of 10.
- [[[2]]] and {"a":{"b":4},"c":-2} both have a sum of 2.
- {"a":[-1,1,"dark"]} and [-1,{"a":1, "b":"light"}] both have a sum of 0.
- [] and {} both have a sum of 0.
The response should be the SHA256 hash of the sum of all numbers in the document. It should return the appropriate error status code if the JWT token or the JSON payload are not valid.
- Hexagonal(Onion) like design, build to separate different adapters, from the application and domain layers, achieved by relaying on dependency injection through interfaces.
- Logs and custom error handling were left out due the simplicity of the task and the time.
- No third party lib for testing, thanks to the design everything can be mocked easily.
- JWT is based on this article
Note: Beside the documentation there are plenty of comments as notes in the code that describe what should be done or
improved.