Code fix perform code refactoring

[amanfoundongithub]

Summary by Sourcery

Introduce containerization and consolidate configuration for the IAM service while centralizing token generation logic.

New Features:

• Add Dockerfile and docker-compose setup to run the IAM service with MongoDB and RabbitMQ.

Enhancements:

• Consolidate Spring Boot configuration into a single application.yaml with environment-driven settings for MongoDB, RabbitMQ, JWT, security, and management endpoints.
• Centralize creation of activation and password reset tokens in JwtService and adjust activation email URL construction.

Build:

• Add Gradle-based Docker image build stage and runtime image configuration for the IAM service.

Deployment:

• Define a docker-compose stack for the IAM service, MongoDB, and RabbitMQ with health checks and shared network configuration.

[sourcery-ai]

Reviewer's Guide

Refactors configuration management into a single application.yaml, centralizes token creation logic in JwtService, adjusts activation URL composition, and adds Docker/Docker Compose support for running the IAM service with MongoDB and RabbitMQ.

File-Level Changes

Change	Details	Files
Unify Spring Boot configuration into a single main application.yaml and remove old split config files.	Replace profile-based config imports with an explicit local profile and inline application, database, RabbitMQ, JWT, security (CORS), logging, management, and MDC settings in application.yaml. Configure base URLs, token expiry settings, and service metadata directly within application.yaml. Delete obsolete application-config.yaml, application-jwt.yaml, and application-security.yaml files and add placeholder profile-specific text config files for docker and local.	src/main/resources/application.yaml src/main/resources/application-config.yaml src/main/resources/application-jwt.yaml src/main/resources/application-security.yaml src/main/resources/application-docker.txt src/main/resources/application-local.txt
Centralize token generation logic inside JwtService and simplify its state.	Remove unused refresh token expiration configuration and repository dependencies from JwtService. Standardize refresh token generation using UUID.toString() implicitly and reuse JwtService helpers for password reset and account activation tokens. Expose createPasswordResetToken and new createAccountActivationToken methods and wire them into TokenManagementServiceImpl instead of generating UUIDs directly.	src/main/java/com/loan_org/identity_and_access_management/domain/auth/service/JwtService.java src/main/java/com/loan_org/identity_and_access_management/domain/token/service/impl/TokenManagementServiceImpl.java
Adjust activation email URL construction to respect configured base URL.	Change activation URL concatenation to avoid duplicating the /api/v1/auth prefix when baseUrl already contains it, aligning with new app.base-url config.	src/main/java/com/loan_org/identity_and_access_management/messaging/service/impl/EmailServiceImpl.java
Introduce containerization support with Docker and Docker Compose for the IAM service and dependencies.	Add a multi-stage Dockerfile that builds the Spring Boot JAR with Gradle and runs it on a lightweight JRE image exposing port 4200. Add docker-compose.yml defining iam-service, MongoDB, and RabbitMQ services with health checks, shared network, and named volumes.	Dockerfile docker-compose.yml

Possibly linked issues

• #N/A: The PR delivers the requested code refactoring and fixes, while also adding Docker and configuration improvements.

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've found 2 issues, and left some high level feedback:

• The configuration refactor removes the separate application-*.yaml files and hardcodes spring.profiles.active: local while introducing a docker profile in docker-compose; verify that the desired profile is selected in all environments and that equivalent settings from the deleted files are still available where needed.
• The new application-docker.txt and application-local.txt files will not be picked up as Spring Boot configuration sources; if these are meant to define profile-specific configs they should use a supported format and naming (e.g., application-docker.yaml or .properties).
• The docker-compose service for iam-service relies on MONGO_URI, RABBITMQ_HOST, RABBITMQ_PORT, etc. but does not set them, so the container may fail to start unless these variables are guaranteed to be provided from the environment; consider wiring them explicitly in docker-compose.yml or documenting the expectation.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The configuration refactor removes the separate `application-*.yaml` files and hardcodes `spring.profiles.active: local` while introducing a `docker` profile in docker-compose; verify that the desired profile is selected in all environments and that equivalent settings from the deleted files are still available where needed.
- The new `application-docker.txt` and `application-local.txt` files will not be picked up as Spring Boot configuration sources; if these are meant to define profile-specific configs they should use a supported format and naming (e.g., `application-docker.yaml` or `.properties`).
- The docker-compose service for `iam-service` relies on `MONGO_URI`, `RABBITMQ_HOST`, `RABBITMQ_PORT`, etc. but does not set them, so the container may fail to start unless these variables are guaranteed to be provided from the environment; consider wiring them explicitly in `docker-compose.yml` or documenting the expectation.

## Individual Comments

### Comment 1
<location path="src/main/resources/application.yaml" line_range="46-47" />
<code_context>
-  header: X-Trace-Id
-  key: traceId
-
-server:
-  port: 4200
-
-logging:
</code_context>
<issue_to_address>
**issue (bug_risk):** Server port and base URL / CORS configuration look inconsistent and may cause confusion or misrouting.

The backend is set to run on port 4200, while `app.base-url` points to `http://localhost:5600/api/v1/auth` and CORS allows `http://localhost:4200`. If 4200 is for the Angular UI and another port is for this API, consider aligning `server.port`, `app.base-url`, and `iam.security.cors.allowed_origins` to match the intended deployment, so it’s clear which port actually serves the API in local/docker setups.
</issue_to_address>

### Comment 2
<location path="docker-compose.yml" line_range="14-15" />
<code_context>
+      dockerfile: Dockerfile
+    ports:
+      - "4200:4200"
+    environment:
+      - SPRING_PROFILES_ACTIVE=docker
+    depends_on:
+      mongo-db:
</code_context>
<issue_to_address>
**issue (bug_risk):** Docker compose does not set the env vars referenced in `application.yaml`, which may break connectivity inside containers.

`application.yaml` expects `${MONGO_URI}`, `${RABBITMQ_HOST}`, `${RABBITMQ_PORT}`, `${RABBITMQ_USER}`, and `${RABBITMQ_PASS}`, but `iam-service`’s compose config only sets `SPRING_PROFILES_ACTIVE`. Unless these vars are injected externally, MongoDB/RabbitMQ connections will fail under `docker-compose`. Please add the relevant env vars here (e.g., using `mongo-db` / `rabbitmq` as hosts) so the compose stack works out of the box.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

issue (bug_risk): Server port and base URL / CORS configuration look inconsistent and may cause confusion or misrouting.

The backend is set to run on port 4200, while app.base-url points to http://localhost:5600/api/v1/auth and CORS allows http://localhost:4200. If 4200 is for the Angular UI and another port is for this API, consider aligning server.port, app.base-url, and iam.security.cors.allowed_origins to match the intended deployment, so it’s clear which port actually serves the API in local/docker setups.

[sourcery-ai]

issue (bug_risk): Docker compose does not set the env vars referenced in application.yaml, which may break connectivity inside containers.

application.yaml expects ${MONGO_URI}, ${RABBITMQ_HOST}, ${RABBITMQ_PORT}, ${RABBITMQ_USER}, and ${RABBITMQ_PASS}, but iam-service’s compose config only sets SPRING_PROFILES_ACTIVE. Unless these vars are injected externally, MongoDB/RabbitMQ connections will fail under docker-compose. Please add the relevant env vars here (e.g., using mongo-db / rabbitmq as hosts) so the compose stack works out of the box.