Can we change the world with this hack?

Axway technology

A thrilling invite…

All a sudden, I had a meeting invite from a stranger in my inbox. I was contacted by an agency who wanted to change the world undercover. And they contacted me… Where exactly would this take me?

The stranger wanted to disrupt the transportation industry, amid the Corona crisis. He said he wanted to use Axway technology exclusively to start the disruption.

The real story

Frederick Elewaut, Senior Consultant at Axway, was inspired by the hackathon challenge and wanted to pull together a BeNeNo (Belgium-Netherlands-Nordics) team. He knew some of them, others not so much. After a little initial brainstorming, the team settled for helping elderly people get their needs for groceries and other shopping materials.

This crisis is interesting because it has truly brought out the best in people in so many ways. Many of us have seen a sprawling willingness for volunteering around us, especially to meet the needs of the elderly who are caught in very definitive isolation. We wanted to leverage this willingness and give people a platform to help their neighbors.

Axway technology: The Solution

We settled to solve a classic logistic problem: matching demand, supply and the logistics in between. The web application that we built supported three roles:

  1. Elderly or otherwise disadvantaged people, who could provide their shopping lists, picking from a combined catalog of all connected shops.
  2. Shops, who could publish their product catalog, get and pick orders.
  3. Volunteers, who could source the supplies for the needy and deliver them.

Teamwork in Cowork-20

The team, also known as Cowork-20, was geographically spread:

  • Frederick Elewaut (Team lead, Belgium)
  • Christian Browet (Belgium)
  • Peter Oosterlynck (Belgium)
  • Erik Steinholtz (Sweden)

Thanks to the Teams, it was a great experience to be able to work together regardless of our locations. Stockholm to Brussels is 18 hours by car, so we did our social distancing in this project. If you wanted to visit the team members, you would have a nice sightseeing trip in parts of Europe for free.

The components were able to cooperate freely within the Axway network. VPN filled in the last mile of networking for us since we worked from home. Peter Oosterlynck, Principal Pre-sales Architect, even managed to do some UAT while simultaneously shaving—working from home opens new possibilities!

Technical solution

The technical solution was a four-layered architecture:

  • Frontend Webserver
  • API Gateway/Manager as the Authorization server
    • Handles everything which is user related
    • Runs on Docker (EMT)
    • For authN & authZ we were using OAuth 2.0
    • Incoming connections are using HTTPS (SSL/TLS v1.2)
  • API Gateway/Manager as the Resource server
    • Handles everything else
    • Runs on Docker (EMT)
  • API Builder
    • API provides us with a connection to our MongoDB
    • Runs on Docker (EMT)
  • MongoDB in the cloud as storage.

In this very short amount of time, the app was thoroughly engineered with Salted Hash of passwords, token-based login, user roles, Sequence diagrams, state-of-the-art deployment, etc.

Screenshots

Christian Browet created some front-end magic:

Shop owner

Volunteer—order overview

Challenges

The biggest hurdle was how to get Authentication and Authorization right from an architecture perspective. After some initial discussion, the team settled on separating the Resource server and the AuthZ server.

A sequence for the AuthN/AuthZ was established:

 

How did AMPLIFY provide value to this hack?

  • API Builder made it much easier for us to create our APIs. (We truly experienced a new kind of RAD: “Rapid API development”). It also made it easy to connect to our MongoDB in the cloud due to the available connectors. With the generated Docker file, it was easy to create our Docker image.
    • You can easily extend functionality by creating a plugin.
  • API Gateway/Manager saved us a lot of time setting up our security for protecting our virtualized APIs using Axway AMPLIFY™ API Management out-of-the-box feature as the Authorization Server. The virtualization of APIs was easy because of API Manager.

Discover more about Axway technology. Download this whitepaper to learn more about Axway AMPLIFY API Management.

LEAVE A REPLY

Please enter your comment!
Please enter your name here