This project is a take-home exercise to help us understand your engineering skills, particularly in the context of payment systems.
You are an engineer at "Mystic Wares," an e-commerce company selling high-end (and slightly magical) sunglasses and headphones. Our current checkout process is a placeholder. Your task is to build a real payment integration using the Adyen payments platform.
Your primary goal is to implement a complete payment flow for a credit card payment. The existing Java/Spring Boot application provides a basic structure, but the core payment logic is missing.
You will need to:
- Implement the Checkout Flow:
- Fetch available payment methods from Adyen.
- Initiate a payment request when the user clicks "Pay".
- Handle the 3D Secure 2 authentication challenge.
- Process the final payment result and redirect the user to a success or failure page.
- Handle Payment Updates:
- Implement a webhook endpoint to receive asynchronous payment updates from Adyen.
- Ensure the webhook is secure by validating the HMAC signature.
The application should be fully functional for a test credit card payment upon completion.
If you have extra time and want to showcase more of your skills, please choose one or two of the following:
- Add a New Payment Method: Implement iDeal or Klarna, which are popular in our target market (the Netherlands). This will require handling different payment flows.
- Implement Recurring Payments (Tokenization): Our marketing team wants to launch a "Sunglass of the Month" club. Implement the logic to securely store a customer's card details (tokenization) and make a subsequent payment using the stored token.
- Implement Pre-authorisation: For high-value orders, we want to pre-authorise a card, and then "capture" the final amount later when the order ships. Implement the pre-authorisation and capture flow.
- Testing: The project is missing complete tests. Add unit or integration tests to validate the payment logic you've built.
- Code Critique & Suggestions: What would you improve in this codebase if you had more time? Add your thoughts in a
SUGGESTIONS.mdfile. We're interested in your thoughts on architecture, security, and overall code quality.
- The backend is a Java Spring Boot application. You can run it with
./gradlew bootRun. - You will need an Adyen test account to get API credentials. You can sign up here: Adyen Signup.
- Configure your credentials in
src/main/resources/application.properties.
- Architecture and API Design: Is the solution well-structured? Are the API endpoints clear and logical?
- Correctness: Does the payment flow work as expected?
- Code Quality: Is the code clean, maintainable, and easy to understand?
- Security: Have you considered security best practices, such as HMAC validation and handling credentials?
- Problem Solving: How did you approach the open-ended tasks?
Please submit your solution by providing a link to a private Git repository showing your commit history. Good luck!