A comprehensive point-based subscription service built with Spring Boot, PostgreSQL, and Stripe integration with JWT authentication and role-based authorization.
- 🔔 Subscription Management: Create, activate, cancel subscriptions
- 💳 Stripe Integration: Secure payment processing
- 🎯 Point System: Award and redeem points for user engagement
- 📊 Payment Tracking: Complete payment history and status tracking
- 🔗 Webhook Support: Real-time Stripe event processing
- 🗄️ PostgreSQL Database: Robust data persistence
- 🐳 Docker Support: Easy deployment with Docker Compose
- 🔐 JWT Authentication: Secure API access with role-based authorization
- 📚 Swagger UI: Interactive API documentation
- 👥 Role-Based Access: Support for STUDENT, INSTRUCTOR, and ADMIN roles
- Backend: Spring Boot 3.4.7, Java 17
- Database: PostgreSQL 15
- Payment: Stripe API
- Authentication: JWT with OAuth2 Resource Server
- Documentation: OpenAPI 3 (Swagger)
- Containerization: Docker & Docker Compose
- ORM: JPA/Hibernate
- Build Tool: Gradle
- Java 17+
- Docker & Docker Compose
- Stripe Account (for payment processing)
- JWT Authentication Server (API Gateway)
-
Clone and navigate to the project:
cd subscription-service -
Set up environment variables:
copy .env.example .env
Edit
.envfile with your credentials:STRIPE_SECRET_KEY=sk_test_your_stripe_secret_key STRIPE_WEBHOOK_SECRET=whsec_your_webhook_secret JWT_JWK_SET_URI=https://your-auth-server/.well-known/jwks.json JWT_ISSUER_URI=https://your-auth-server -
Start the services:
docker-compose up -d
-
Build the application:
./gradlew build
-
Access the application:
- API: http://localhost:8083
- Swagger UI: http://localhost:8083/swagger-ui.html
- API Docs: http://localhost:8083/v3/api-docs
- Database: localhost:5434
- Health Check: http://localhost:8083/actuator/health
The service uses JWT tokens for authentication. All protected endpoints require a valid JWT token in the Authorization header:
Authorization: Bearer <your-jwt-token>
- STUDENT: Can manage their own subscriptions and points
- INSTRUCTOR: Can award points to students and manage their own resources
- ADMIN: Full access to all endpoints and user management
Expected JWT token structure:
{
"sub": "user-uuid",
"email": "user@example.com",
"roles": ["STUDENT"],
"iat": 1234567890,
"exp": 1234567890
}GET /api/v1/subscription-plans/**- Subscription plan informationPOST /api/v1/webhooks/**- Webhook endpointsGET /actuator/health- Health checkGET /swagger-ui.html- API documentation
GET /api/v1/subscription-plans- Get all active plansGET /api/v1/subscription-plans/{planId}- Get plan by IDGET /api/v1/subscription-plans/by-name/{planName}- Get plans by name
POST /api/v1/subscriptions/create- Create new subscriptionPOST /api/v1/subscriptions/{id}/activate- Activate subscription (Admin only)POST /api/v1/subscriptions/{id}/cancel- Cancel subscriptionGET /api/v1/subscriptions/user/{userId}- Get user subscriptionsGET /api/v1/subscriptions/user/{userId}/active- Get active subscriptionGET /api/v1/subscriptions/my-subscriptions- Get current user's subscriptionsGET /api/v1/subscriptions/my-active- Get current user's active subscription
GET /api/v1/points/wallet/{userId}- Get user walletGET /api/v1/points/my-wallet- Get current user's walletPOST /api/v1/points/redeem- Redeem pointsPOST /api/v1/points/award- Award points (Admin/Instructor only)GET /api/v1/points/transactions/{userId}- Get transaction historyGET /api/v1/points/my-transactions- Get current user's transaction history
POST /api/v1/webhooks/stripe- Stripe webhook endpoint
Interactive API documentation is available via Swagger UI at:
- Local: http://localhost:8083/swagger-ui.html
- Production: https://your-domain/swagger-ui.html
The documentation includes:
- Authentication requirements
- Request/response schemas
- Example payloads
- Error responses
- Try-it-out functionality
- Automatic token validation
- User ID extraction from token claims
- Role-based authorization using Spring Security
- CORS configuration for cross-origin requests
- Students: Access their own resources only
- Instructors: Award points + access their own resources
- Admins: Full access to all resources
- All sensitive endpoints require authentication
- User ID is extracted from JWT token (not from request)
- Resource-level authorization checks
- Webhook signature verification
The service includes the following main entities:
- subscription_plans: Available subscription plans with Stripe integration
- user_subscriptions: User subscription records with status tracking
- payments: Payment transactions with Stripe references
- user_points_wallet: User point balances and lifetime statistics
- points_transactions: Point transaction history with references
- webhook_events: Stripe webhook event tracking and processing
- subscription_history: Audit trail for subscription changes
Key configuration options in application.properties:
# Server
server.port=8083
# Database
spring.datasource.url=jdbc:postgresql://localhost:5434/subscription_db
spring.datasource.username=subscription_user
spring.datasource.password=subscription_pass
# JWT Authentication
spring.security.oauth2.resourceserver.jwt.jwk-set-uri=${JWT_JWK_SET_URI}
spring.security.oauth2.resourceserver.jwt.issuer-uri=${JWT_ISSUER_URI}
# Stripe
stripe.api.key=${STRIPE_API_KEY}
stripe.webhook.secret=${STRIPE_WEBHOOK_SECRET}
# Swagger
springdoc.swagger-ui.path=/swagger-ui.html
springdoc.api-docs.path=/v3/api-docsThe system comes with pre-configured plans:
- Basic: $9.99/month (100 points) or $99.99/year (1200 points)
- Plus: $19.99/month (250 points) or $199.99/year (3000 points)
- Pro: $39.99/month (500 points) or $399.99/year (6000 points)
This service is designed to work behind an API Gateway that handles:
- User authentication and JWT token generation
- Rate limiting and request routing
- Load balancing and SSL termination
Expected JWT token format from the API Gateway:
/**
* Extract user ID from JWT token
*/
private String extractUserIdFromToken(Authentication authentication) {
Jwt jwt = (Jwt) authentication.getPrincipal();
return jwt.getClaimAsString("sub");
}
/**
* Extract user roles from JWT token
*/
private List<String> extractUserRoles(Authentication authentication) {
Jwt jwt = (Jwt) authentication.getPrincipal();
return jwt.getClaimAsStringList("roles");
}-
Start PostgreSQL:
docker-compose up subscription-db -d
-
Run the application:
./gradlew bootRun
-
Access Swagger UI:
http://localhost:8083/swagger-ui.html
- Go to Swagger UI
- Click "Authorize" button
- Enter your JWT token:
Bearer <your-token> - Test endpoints interactively
./gradlew build
docker build -t subscription-service .The service includes Spring Boot Actuator for monitoring:
- Health:
/actuator/health - Info:
/actuator/info - Metrics:
/actuator/metrics
Admin access required for detailed actuator endpoints.
The service includes comprehensive error handling:
- Validation errors with field-level details
- Authentication and authorization errors
- Stripe API errors with user-friendly messages
- Generic exception handling with logging
- Fork the repository
- Create a feature branch
- Add proper Swagger documentation
- Include authentication tests
- Submit a pull request
This project is licensed under the MIT License.