elnafateh opened a new pull request, #5674:
URL: https://github.com/apache/fineract/pull/5674
## Description
## Overview
This PR introduces a hybrid idempotency mechanism for command processing,
aimed at improving reliability of retries in scenarios where clients do not
provide an idempotency key.
## Problem
Currently, when a request is sent without an idempotency key:
- The system generates a random UUID.
- On retry (e.g., network failure), a new key is generated.
- This leads to duplicate command execution (e.g., duplicate transfers).
## Solution
This PR implements a hybrid approach:
1. Use client-provided `Idempotency-Key` header if present.
2. Otherwise, generate a deterministic key based on:
- Request payload
- A configurable time bucket
This ensures:
- Same request within a short window → same idempotency key
- Automatic deduplication without requiring client changes
## Key Changes
- Introduced `DeterministicIdempotencyKeyGenerator`
- Enhanced `IdempotencyKeyResolver` to:
- Prefer header key
- Fallback to deterministic key generation
- Retained DB-level uniqueness constraint:
(action_name, entity_name, idempotency_key)
## Behavior
| Scenario | Result |
|--------|--------|
| Retry after network failure | Deduplicated |
| Duplicate request within bucket | Blocked |
| Intentional repeat after bucket | Allowed |
| Concurrent requests | DB handles safely |
## Design Considerations
- Avoids over-reliance on client-provided keys
- Keeps implementation simple and backward compatible
- Leverages existing command framework and DB constraints
## Testing
- Verified successful deduplication on retry without header key
- Verified DB uniqueness prevents race condition duplicates
- Verified intentional repeat works outside time bucket
## Impact
Improves robustness of financial operations like transfers, especially in
unreliable network conditions.
---
This contribution is part of my preparation for Google Summer of Code and
aims to improve reliability in Fineract's command processing pipeline.
## Checklist
Please make sure these boxes are checked before submitting your pull request
- thanks!
- [x ] Write the commit message as per [our
guidelines](https://github.com/apache/fineract/blob/develop/CONTRIBUTING.md#pull-requests)
- [ x] Acknowledge that we will not review PRs that are not passing the
build _("green")_ - it is your responsibility to get a proposed PR to pass the
build, not primarily the project's maintainers.
- [ ] Create/update [unit or integration
tests](https://fineract.apache.org/docs/current/#_testing) for verifying the
changes made.
- [ x] Follow our [coding
conventions](https://cwiki.apache.org/confluence/display/FINERACT/Coding+Conventions).
- [ ] Add required Swagger annotation and update API documentation at
fineract-provider/src/main/resources/static/legacy-docs/apiLive.htm with
details of any API changes
- [ x] [This PR must not be a "code
dump"](https://cwiki.apache.org/confluence/display/FINERACT/Pull+Request+Size+Limit).
Large changes can be made in a branch, with assistance. Ask for help on the
[developer mailing list](https://fineract.apache.org/#contribute).
Your assigned reviewer(s) will follow our [guidelines for code
reviews](https://cwiki.apache.org/confluence/display/FINERACT/Code+Review+Guide).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
