Digital Bank
Platform
A microservices-based digital banking backend built with Java 21 and Spring Boot 3. Event-driven via Kafka, secured by Keycloak, and observable with Prometheus + Grafana.
7
Microservices
4
Kafka Topics
OAuth2
Keycloak
KRaft
No ZooKeeper
Kafka Message Architecture
Async transaction processing with 3-attempt retries and dead-letter topics on exhaustion.
Apache Kafka
KRaft mode — no ZooKeeper
6 Independent Services
Each service owns its own database. Schema migrations managed by Flyway.
api-gateway
Single entry point. Validates JWTs, injects X-Correlation-ID, routes via Eureka.
user-service
User registration & profile management. Publishes user.created on Kafka.
account-service
Manages bank accounts & balances. Consumes events, applies changes, emits balance.updated.
transaction-service
Handles DEPOSIT, WITHDRAWAL, TRANSFER. Creates PENDING → COMPLETED/FAILED.
config-server
Serves per-service YAML config. Each service fetches config on startup.
discovery-service
Netflix Eureka server. Services register on startup; gateway resolves instances.
Defense-in-Depth Security
All services are OAuth2 Resource Servers — each validates JWTs independently. The gateway validates first; Feign clients forward the original Authorization header for authenticated inter-service calls.
Core Implementation
Kafka Consumer with Retry
@RetryableTopic with 3 attempts and exponential backoff. Failed messages land on a dead-letter topic for inspection.
Idempotent Transaction API
Idempotency-Key header prevents double-processing on safe retries. Cached responses returned for duplicate keys.
JWT Role Extraction
Roles extracted from Keycloak realm_access.roles claim. JwtAuthenticationConverter maps them to Spring Security authorities.
Tech Stack
Prometheus Metrics
Every service exposes /actuator/prometheus. Scrapes HTTP rate, latency percentiles, JVM memory, DB connections.
Grafana Dashboard
Pre-provisioned dashboard at :3000. Tracks Kafka consumer lag, request rates, and service health in real time.
Retry + DLT
@RetryableTopic: 3 attempts with 2s/4s backoff. Exhausted events land on .dlt topic for manual inspection.