docs: add architecture and design document#209
Conversation
Adds docs/architecture.md describing how the plugin integrates with the CAP Java messaging core, including boot flow, AMQP/OAuth2 connection mechanics, SEMP v2 management plane, validation handshake, and a comparison with cds-feature-enterprise-messaging.
SummaryThe following content is AI-generated and provides a summary of the pull request: Add Architecture & Design Documentation for
|
There was a problem hiding this comment.
The document is well-written and a valuable addition to the repository, but it contains several inaccuracies where the prose diverges from the actual source code — notably around getAemEndpoint's guard logic, the bytes-message branch in getMessageTopic, the payload shape of the validation handshake, a non-obvious race condition on the volatile Boolean validation guard, and the deferred/conditional nature of the validation binding's mandatory requirement. Please address the flagged comments before merging.
PR Bot Information
Version: 1.22.5
- File Content Strategy: Full file content
- Event Trigger:
pull_request.opened - LLM:
anthropic--claude-4.6-sonnet - Correlation ID:
1b85d086-6078-4143-8ea1-647b64b48c57
- Clarify that the validation binding throw is deferred to createMessagingService (line 159), not services(); silently ignored if no AEM bindings are present - Add missing bytes-message branch to getMessageTopic description (lines 153-162, both text and binary facades) - Note that validate() is called before the topic:// prefix in emitTopicMessage (line 145 before 146) - Correct validation payload: only the host component of managementUri is sent as hostName, not the full URI - Flag that aemBrokerValidated is a boxed Boolean with an unsynchronized check-then-act, allowing concurrent validation calls - Correct getAemEndpoint() fragility: key guard passes but iterator returns wrong value if insertion order is unexpected
t-bonk
left a comment
There was a problem hiding this comment.
All in all it LGTM. There is only one change that crucial. Also please remove all line references as the line numbers might change when fixing issue or adding features.
| | Binding | Tag/Name | Purpose | Auth | | ||
| |----------------|---------------------------|--------------------------------------------------------------------------|-----------------------------------------------------------------| | ||
| | AEM broker | `advanced-event-mesh` | AMQP+JMS data plane *and* SEMP management plane | OAuth2 client_credentials against IAS (`authentication-service`) | | ||
| | Validation | `aem-validation-service` | One-time handshake confirming the VMR is provisioned for this subaccount | OAuth2 against XSUAA (`handshake.oa2`) | |
There was a problem hiding this comment.
The goal of this validation is to check whether the AEM service is resold by SAP (reply with HTTP 20x) or the customer sourced it directly from Solace (HTTP > 399).
|
|
||
| `AemValidationClient.validate(managementUri, subaccountId)` POSTs `{"hostName": <host extracted from managementUri>, "subaccountId"?: ...}` to the validation service's handshake endpoint (the destination base URI from the validation binding). Only the *host* component of `managementUri` is sent, not the full URI. It runs at most once per service instance — guarded by the `aemBrokerValidated` volatile `Boolean` flag in `AemMessagingService.validate()` (line 165), and only on the first publish (lazily via `emitTopicMessage`). A 200 confirms this BTP subaccount is entitled to this VMR. Anything else → `ServiceException`, no message is sent. | ||
|
|
||
| This is a compliance / anti-misconfiguration check: it prevents an app from being mistakenly bound to a broker in the wrong subaccount. |
Co-authored-by: hyperspace-insights[bot] <209611008+hyperspace-insights[bot]@users.noreply.github.com>
Summary
docs/architecture.mddocumenting the plugin's overall designAbstractMessagingService,BrokerConnectionProvider,BrokerConnection)cds-feature-enterprise-messagingTest plan