Featured Project

Octopus Payment Gateway Microservice

Standalone multi-tenant payment gateway service with HMAC-SHA256 signing, JWT authentication, and merchant management system.

Role
Platform & DevSecOps Engineer
Timeline
September 2025 - October 2025
Category
professional
3,680+ lines of code
Multi-tenant architecture
APIP compliant

Overview

Architected and developed a production-ready payment gateway microservice that extracts and generalizes payment processing logic into a reusable service. Features comprehensive security infrastructure including APIP-compliant authentication, AES-256-GCM encryption, and automated webhook delivery with retry logic.

What I Built

  • Designed and implemented complete cryptographic service with SHA-256 hashing and AES-256-GCM encryption
  • Built HMAC-SHA256 request signature system with replay attack prevention
  • Created merchant management APIs with key rotation and profile management
  • Implemented async webhook delivery system with retry logic and failure handling
  • Developed comprehensive test suite with unit and integration tests

Key Achievements

  • Contributed 3,680+ lines of production code in 2 weeks
  • APIP-compliant multi-tenant architecture
  • Automatic API key rotation with graceful expiration
  • Production-ready with complete security infrastructure

Technologies Used

Java 17Spring BootSpring SecurityPostgreSQLDockerJWTHMAC-SHA256AES-256-GCM

Tags

MicroservicesSecurityPayment GatewaySpring Boot
Back to Projects
Octopus Payment Gateway Microservice | Daniel Chen Qi Rong