Payment Service ๐ณ
The Payment Service is responsible for handling payment processing and payment lifecycle management in the ShopVerse platform.
It integrates with external payment gateways (Razorpay), maintains payment state, and publishes events for downstream services such as Notification and Analytics.
๐ฏ Responsibilitiesโ
The Payment Service handles:
- Payment order creation
- Integration with Razorpay
- Payment status tracking
- Handling payment callbacks/webhooks
- Publishing payment-related events
- Providing payment history to users
๐ง Why a Separate Payment Service?โ
Payments are:
- Security-sensitive
- External-system dependent
- Failure-prone
Separating them into a dedicated service ensures:
- Clear isolation of payment logic
- Safer handling of third-party integrations
- Independent scaling
- Easier compliance and auditing
๐๏ธ High-Level Architectureโ
๐ Security Modelโ
-
All APIs are accessed via API Gateway
-
Gateway injects:
X-User-EmailX-User-Role
-
Only authenticated users can initiate payments
-
Admin access is restricted to reporting APIs
-
No payment secrets exposed to clients
๐ Payment Flow (Order โ Payment)โ
๐๏ธ Data Modelโ
Payment Entityโ
idorderIdcustomerId(email)amountrazorpayOrderIdrazorpayPaymentIdstatus(CREATED, SUCCESS, FAILED)createdAt
Payment records are immutable after success.
๐ก Kafka Events Publishedโ
| Event Type | Topic | Description |
|---|---|---|
| PAYMENT_CREATED | payment-events | Payment initiated |
| PAYMENT_SUCCESS | payment-events | Payment completed |
| PAYMENT_FAILED | payment-events | Payment failure |
Consumers:
- Notification Service
- Analytics Service
- Order Service (optional status sync)
๐ APIsโ
Customer APIsโ
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/payments/create | Create payment order |
| GET | /api/payments/my | Get user payment history |
Callback API (Internal)โ
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/payments/callback | Razorpay webhook |
Webhook endpoints are not exposed publicly.
๐ Payment Status Lifecycleโ
CREATEDโ Payment order generatedSUCCESSโ Payment confirmed via callbackFAILEDโ Payment failed or cancelled
๐ก๏ธ Reliability & Safety Measuresโ
- Razorpay signature verification
- Idempotent callback handling
- Payment state checks before updates
- No duplicate payment confirmations
- Secure secret storage (env variables)
โ ๏ธ Failure Scenariosโ
โ Razorpay API Failureโ
- Payment creation fails
- User receives retry message
โ Callback Delayโ
- Payment remains in
CREATED - Callback reconciles later
โ Duplicate Callbackโ
- Idempotency prevents duplicate updates
โ๏ธ Key Componentsโ
PaymentControllerโ Payment APIsPaymentServiceโ Core payment logicRazorpayClientConfigโ Gateway integrationPaymentRepositoryโ JPA persistenceKafkaEventPublisherโ Event publishingGlobalExceptionHandlerโ Error handling
๐ Scalability Considerationsโ
- Stateless service
- Async callbacks via Razorpay
- Kafka decouples post-payment workflows
- Can handle high payment concurrency
๐งช Testing Strategyโ
- Unit tests for payment creation
- Mock Razorpay responses
- Callback signature validation tests
- Failure and retry test cases
๐ Summaryโ
The Payment Service ensures:
- Secure and reliable payment processing
- Clean integration with third-party gateways
- Event-driven extensibility
- Accurate payment state tracking
It plays a critical role in completing the order lifecycle in ShopVerse.