Tweet
Tweet

Slide 1

Slide 1 text

GraphQL for a Payments API Challenges and Lessons Sadique Ali Koothumadan @sdqali

Slide 2

Slide 2 text

No content

Slide 3

Slide 3 text

GraphQL at Braintree is part of our ongoing platform’s digital transformation, which allows us to deliver an always improving developer and online consumer experience.

Slide 4

Slide 4 text

https://graphql.braintreepayments.com

Slide 5

Slide 5 text

SDK ❤

Slide 6

Slide 6 text

Card API REST + JSON REST + XML GRPC Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁ JS SDK Python SDK Ruby SDK Java SDK Go SDK

Slide 7

Slide 7 text

No Absolutisms

Slide 8

Slide 8 text

Why GraphQL?

Slide 9

Slide 9 text

• Consumers of our API are tech-savvy • Direct Integrations • Added benefits for SDKs

Slide 10

Slide 10 text

• “Choose your payload” • Mobile friendly • Faster integration • Interactive tooling • Evolvability

Slide 11

Slide 11 text

Technology Choices

Slide 12

Slide 12 text

“GraphQL exists because JavaScript people love JSON too much”

Slide 13

Slide 13 text

ReportEdgeResolverFactory ?

Slide 14

Slide 14 text

ReportEdgeResolverFactory

Slide 15

Slide 15 text

• graphql-java • java-dataloader • graphql-java-tools

Slide 16

Slide 16 text

Schema files

Slide 17

Slide 17 text

• cards • tokenize • report • merchant Along domain boundary?

Slide 18

Slide 18 text

util and common are where things go to die.

Slide 19

Slide 19 text

• inputs • types • queries • mutations • ... Along GraphQL concepts?

Slide 20

Slide 20 text

To Relay or Not?

Slide 21

Slide 21 text

• Consistent input structure • Connections and pagination • IDs and Refetching Relay goodies

Slide 22

Slide 22 text

Global IDs

Slide 23

Slide 23 text

• /transactions/wv3e1js/close • /merchants/tw763ex IDs in the REST world

Slide 24

Slide 24 text

• Format • Backwards compatibility Global IDs

Slide 25

Slide 25 text

• Opaque url-safe Base64 encoded strings • Attach global_ids to legacy responses Global IDs

Slide 26

Slide 26 text

• Certain entities won’t have Global IDs Global IDs

Slide 27

Slide 27 text

Query Complexity

Slide 28

Slide 28 text

• Assign complexity factor to entities • Instrumentation to enforce limit Max Complexity

Slide 29

Slide 29 text

API Visibility

Slide 30

Slide 30 text

• Server side consumers • Client side consumers • Admin panel • ... Control what consumer can see what

Slide 31

Slide 31 text

• Detect consumer • Reject if invisible Visibility Instrumentation

Slide 32

Slide 32 text

Authorization

Slide 33

Slide 33 text

@NeedToBe(ADMIN) /admin-endpoint adminEndpoint() { // ... } REST

Slide 34

Slide 34 text

type Query { panelData: PanelData } type PanelData { transactions: [Transaction], # Merchant portal failures: [Transaction] # Admin panel } GraphQL

Slide 35

Slide 35 text

Design for Partial Success

Slide 36

Slide 36 text

Card GraphQL API REST + JSON REST + XML GRPC Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

Slide 37

Slide 37 text

Card GraphQL API REST + JSON REST + XML GRPC Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

Slide 38

Slide 38 text

Card GraphQL API REST + JSON REST + XML GRPC Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

Slide 39

Slide 39 text

Card GraphQL API REST + JSON REST + XML GRPC Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

Slide 40

Slide 40 text

• Be comfortable serving nulls • Collect all the errors Partial successes

Slide 41

Slide 41 text

Error handling

Slide 42

Slide 42 text

{ error : { “user_message”: “...”, “developer_message”: “...”, “details”: [{ “code”: “...”, “in”: “header”, “at”: “authorization” }] } } REST

Slide 43

Slide 43 text

• Represent multiple errors • Support legacy error codes

Slide 44

Slide 44 text

{ errors : [{ message: "No report exists because there are no transactions on that date.", locations: [{ line: 3, column: 5, }], path: [ "report", "transactions", ], extensions: { errorType: "user_error", errorClass: "NOT_FOUND", } }] }

Slide 45

Slide 45 text

No content

Slide 46

Slide 46 text

Team workflow

Slide 47

Slide 47 text

• Multiple products contributing to the schema • Custodians of the schema need to play a balancing act

Slide 48

Slide 48 text

• Collaboration • Always propose schema changes first

Slide 49

Slide 49 text

Focus on the Schema

Slide 50

Slide 50 text

Thank You :D