Money Forward ME ☓ LINE Securities └ How the security issue is resolved. - Project: LINE app wallet tab integration └ How the test issue is resolved. - Future challenges and prospects
China・Guizhou (famous for hot chili) ⎯ Got master degree from Kyushu University, Information Intelligence Engineering. ⎯ Joined LINE Fukuoka as a server-side engineer. ⎯ Living in Fukuoka. Favourite food is とんこつRamen Profile GUIZHOU FUKUOKA My dog named “Java” ⎯ Border collie is the smartest dog in the world, I think he may become a Java programmer like me.
related to me LINE Securities service start Recurring fund investment service start IPO service start Project join MoneyForward ME integration start STO (security token offering) service start
Intertrade JPX (Japan Exchange Group) Refinitiv (Renamed from Reuter) LINE pay QUICK LINE Securities Internal network Internet Buy/Sell LINE Securities server pool NRI system Price, market situation Buy/Sell Price information News Price Big data traffic, No data loss, less delay execution data Securities buy/sell records Off-exchange report
pay QUICK LINE Securities Internal network Internet Buy/Sell LINE Securities server pool NRI system Price, market situation Buy/Sell Price information News Price Big data traffic, No data loss, less delay execution data Securities buy/sell records Off-exchange report Various external services - Big transaction among systems. - Big data traffic between Refinitiv(rename from Reuter) and LINE Securities. - Combine data sources to show.
at the beginning of morning session(9:00) ⎯ Use Spring WebFlux to do non-blocking I/O processing. ⎯ Use Kafka as a hub to get data. Please refer to LINE Engineering Blog for more detail: ⎯ https://engineering.linecorp.com/ja/blog/on-the-use-of-stock-price-information-from-feeds/ No data lose, less delay
securities asset LINE Securities cosmos NRI system LINE Securities microservices internal network LINE Securities front-end LINE Securities old server pool get asset info get fund/stock detail
network DMZ ngnix internal network LINE Securities cosmos NRI system LINE Securities microservices LINE Securities old server pool Money Forward ME Server
internal network, to protect the internal network. Enable Money Forward servers to access LINE securities internal network . DMZ DMZ firewall public network Comet-web Use ngnix in DMZ named comet-web. comet-web (nginx)
network DMZ comet-web (ngnix) internal network ACL LINE Securities cosmos NRI system LINE Securities microservices LINE Securities old server pool Money Forward ME Server
in the existing web server. Plan B Create a new authentication system. Create an API in a new microservice. Plan C Use LINE login to authenticate. Create an API in a new microservice. Solutions to Issue 2 Authentication
Core microservice of integration A simple and flexible scheduler and orchestrator to deploy and manage containers and non- containerized applications. Spring Boot (Kotlin) Microservice Nomad Recently most used in LINE Securities Easy for multiple teams to take responsibility. Tech stack wallet-handler get /asset
to access via access token. curl –H “Authorization: Bearer {access_token}” ¥ -X POST ¥ 'https://{domain}/{path-to-wallet-handler}/authorize { ”result": ”OK" } We can know canceling association from LINE by calling access token verification API. curl -X GET ¥ 'https://api.line.me/oauth2/v2.1/verify?access_token =eyJhbGciOiJIUzI1NiJ9.UnQ_o-GP0VtnwDjbK0C8E_NvK...’ { "error": "invalid_request", "error_description": "access token expired" } Also auto delete authorization when user has no access for a specified period.
Over 400 req/s 0 50 100 150 200 250 300 350 400 450 Issue 2 How to test with FX service while it is still in developing. Issue 1 40 times increasing in traffic securities wallet-handler FX
request amount ⎯ In Wallet tab side, cache 1 min by FX/securities. ⎯ Call account info API first to reduce unnecessary API call. Global rate limit & API rate limit Global rate limit API rate limit API rate limit FX securities wallet tab wallet-handler account info
flexible tool for building mock APIs. Solutions to Issue 2 How to test with FX service while it is still in developing securities wallet tab wallet-handler FX FX mock server
use We only need to mock 1 API, it means 1 json file in WireMock. Modify mock API without restarting. Dynamic management Use admin APIs to manage mock APIs. Matches many use cases. Suitable for testing For 1 API, we can use request mapping to define different response patterns.
1 API, use request parameters mapping to define different response patterns. 2. Mock response status to check error case. 3. Mock response body to test UI.
API, use request parameters mapping to define different response patterns. 2. Mock response status to check error case. 3. Mock response body to test UI. 4. Proxy all requests to the real system, only simulate APIs that don't exist yet. 4
- Need to config rate limit by clients. - Otherwise, if one service reaches rate limit, other services will be unavailable. Where to cache and how long we can cache? - Currently only wallet tab server has cache. - When provide to more services, cache can reduce the access to NRI system. wallet tab cache