[1.1 Prototype] Certificate Submission and Validation - FEUP-MEIC-DS-2025-26/madeinportugal.store GitHub Wiki
Certificate Submission and Validation Microservice Documentation
Overview
This service is a microservice dedicated to the submission, storage, and validation of product quality certificates. A certificate serves as definitive proof of a product's quality and adherence to specified standards, such as those related to eco-friendly or fair trade practices.
The fundamental objective of this service is to ensure that all products listed on the platform meet established high quality and compliance standards.
System Architecture and Integration
This service utilizes gRPC for efficient, high-performance inter-service communication within the larger platform architecture.
Technical Stack
- Backend Language: TypeScript
- Communication Protocol: gRPC
- Prototype Storage: Local Filesystem
Service Endpoints (gRPC API)
The service exposes the following methods, as defined by the gRPC contract (certificates.proto), which form the public API of this microservice:
| Method | Description | Request Payload | Response Payload | Implementing Service Method |
|---|---|---|---|---|
UploadCertificate |
Submits a certificate file associated with a product ID and initiates the validation process. | productId: number, file: NonSharedBuffer (binary data) |
success: boolean |
CertificatesService.uploadCertificate |
ListCertificates |
Retrieves a list of all Product IDs for which certificates are currently stored. | (None) | productIds: number[], total: number |
CertificatesService.listCertificates |
DeleteCertificate |
Removes a stored certificate based on the Product ID. | productId: number |
success: boolean |
CertificatesService.deleteCertificate |
Prototype Implementation Details
Certificate Validation Logic (Current)
Currently, a public API for programmatic certificate validation is unavailable. Consequently, the service employs a simulation to test the full submission and error handling workflows.
- Mechanism: Validation is performed via a random proxy function.
- Success Rate: The
uploadCertificatefunction is implemented to returntrue(successful validation) with a 70% probability andfalse(validation failure) with a 30% probability.
Data Persistence (Prototype)
For the current prototype phase, certificate files are persisted as follows:
- Storage Location: Files are stored on the local filesystem within the dedicated
certificates/directory. - Naming Convention: Each certificate file is named using the associated Product ID (e.g.,
[productId].pdf).
Note: This local filesystem persistence is a temporary solution and will be migrated to a scalable cloud storage service.
Validation Strategy and Future Development
API Analysis Summary
This section documents the certificates distributors we analysed in the search for an API we can use on this microservice.
- Ecocert - No public API or public certificate ID for programmatic validation.
- SGS - Focuses on non-food related certificates, making it unsuitable for our product scope.
- Certis - No API or direct certificate validation method; only product name search is available, which is insufficient for unique certificate validation.
- GT Portugal - Focuses on non-food related certificates, making it unsuitable for our product scope.
- C-GREEN - No verifiable method to check certificates programmatically.
- Fairtrade - Extremely limited scope for Portuguese products (under 30 certificates), which restricts its general applicability.
- ISCC (International Sustainability & Carbon Certification) - No official API available, but provides a search system on their website that is scrapable to allow for certificate ID comparison.
- FSC (Forest Stewardship Council) - Focuses on non-food related certificates (primarily wood/paper), making it unsuitable for our product scope.
- EU Ecolabel - Focuses on non-food related certificates, making it unsuitable for our product scope.
Strategic Approach: Web Scraping ISCC (Planned)
ISCC (International Sustainability & Carbon Certification) was identified as the most feasible option for automated checking due to its public web-based search system.
- Planned Action: The next development phase involves implementing a web scraping solution to programmatically query the ISCC public database. This will allow the service to validate a submitted certificate ID against existing records.
Future Roadmap
- Full Validation Implementation: Integrate the planned web scraping module for ISCC validation, replacing the random simulation.
- Scalable Storage Migration: Transition persistence from the local filesystem to a cloud-based storage service to ensure durability and scalability.
- Certificate data expansion: adapt our microservice to hold a certificate expiration date as well as its ID
Project Information
Class: 1
Group: 1