Upgrade to Pro — share decks privately, control downloads, hide ads and more …

GraphQL for a Payments API

7e92d8fa80b54b06ad9c97b768c7029f?s=47 Sadique Ali
November 09, 2018
Programming
2
270

GraphQL for a Payments API

7e92d8fa80b54b06ad9c97b768c7029f?s=128

Sadique Ali

November 09, 2018
Tweet

Other Decks in Programming

See All in Programming
Cfbe23392787cb3ad4689c5f72463fcc?s=48 makicamel
1
170
E473e5af1263c050599921981db46068?s=48 akatsukinewgrad
0
170
A73ed5cefbbd84abd2c5e14a5eb4a339?s=48 ippey
0
170
A7a5efde86e0137d32a93d8609b7a022?s=48 yumcyawiz
4
630
285cc95c4c9fe056b03afca581533266?s=48 fkubota
1
390
F04982ad61107b5408ad139966596316?s=48 hanhan1978
0
290
De266761b955b2636e454a1bc7a99ed4?s=48 masayaaoyama
4
540
D2f212ce418f3daa29c23914c9b6892b?s=48 kenmaz
1
100
5d8df7ad959b5b34fd68d715974c4e46?s=48 chichou
1
830
7eca3e06edc3c69004aaf57de51900c2?s=48 ajstarks
2
550
2102a6b8760bd6f57f672805723dd83a?s=48 line_developers_tw
1
450
9ed92fc8760bf8b6ea2a034022052b42?s=48 takaram
1
1.2k

Featured

See All Featured
761be20b5ebd271008bcee1244fc5b52?s=48 matthewcrist
73
7.5k
5f2da528927a2ec9ba4fec2069cbc958?s=48 kneath
294
39k
20bfe76b3d6105641f879fe45cfc9272?s=48 bkeepers
408
57k
465724d73fe3a92c0879fdfb43a3a6f3?s=48 philhawksworth
190
17k
766b9746b59e6f09e280cd33cf4ed419?s=48 skipperchong
7
670
F57e2136eb9895eb95ff5dc8a1c02677?s=48 zakiwarfel
88
3.3k
812e1705ff0f8bc1bcf18587bde687d5?s=48 62gerente
587
200k
7c8469ee8c9e594c65c59b919626c08d?s=48 scottboms
251
11k
06f8b41980eb4c577fa40c41d5030c19?s=48 keathley
17
640
C0b42577cfc2b321be3474618107e933?s=48 samanthasiow
56
6.3k
Aff5641764408271f7bc398f2097edd0?s=48 denniskardys
220
120k
20bfe76b3d6105641f879fe45cfc9272?s=48 bkeepers
321
53k

Transcript

  1. GraphQL for a Payments API Challenges and Lessons Sadique Ali

    Koothumadan @sdqali
  2. None

  3. GraphQL at Braintree is part of our ongoing platform’s digital

    transformation, which allows us to deliver an always improving developer and online consumer experience.

  4. https://graphql.braintreepayments.com

  5. SDK ❤

  6. Card API REST + JSON REST + XML GRPC Tokenize

    Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁ JS SDK Python SDK Ruby SDK Java SDK Go SDK

  7. No Absolutisms

  8. Why GraphQL?

  9. • Consumers of our API are tech-savvy • Direct Integrations

    • Added benefits for SDKs

  10. • “Choose your payload” • Mobile friendly • Faster integration

    • Interactive tooling • Evolvability

  11. Technology Choices

  12. “GraphQL exists because JavaScript people love JSON too much”

  13. ReportEdgeResolverFactory ?

  14. ReportEdgeResolverFactory

  15. • graphql-java • java-dataloader • graphql-java-tools

  16. Schema files

  17. • cards • tokenize • report • merchant Along domain

    boundary?

  18. util and common are where things go to die.

  19. • inputs • types • queries • mutations • ...

    Along GraphQL concepts?

  20. To Relay or Not?

  21. • Consistent input structure • Connections and pagination • IDs

    and Refetching Relay goodies

  22. Global IDs

  23. • /transactions/wv3e1js/close • /merchants/tw763ex IDs in the REST world

  24. • Format • Backwards compatibility Global IDs

  25. • Opaque url-safe Base64 encoded strings • Attach global_ids to

    legacy responses Global IDs

  26. • Certain entities won’t have Global IDs Global IDs

  27. Query Complexity

  28. • Assign complexity factor to entities • Instrumentation to enforce

    limit Max Complexity

  29. API Visibility

  30. • Server side consumers • Client side consumers • Admin

    panel • ... Control what consumer can see what

  31. • Detect consumer • Reject if invisible Visibility Instrumentation

  32. Authorization

  33. @NeedToBe(ADMIN) /admin-endpoint adminEndpoint() { // ... } REST

  34. type Query { panelData: PanelData } type PanelData { transactions:

    [Transaction], # Merchant portal failures: [Transaction] # Admin panel } GraphQL

  35. Design for Partial Success

  36. Card GraphQL API REST + JSON REST + XML GRPC

    Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

  37. Card GraphQL API REST + JSON REST + XML GRPC

    Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

  38. Card GraphQL API REST + JSON REST + XML GRPC

    Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

  39. Card GraphQL API REST + JSON REST + XML GRPC

    Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

  40. • Be comfortable serving nulls • Collect all the errors

    Partial successes

  41. Error handling

  42. { error : { “user_message”: “...”, “developer_message”: “...”, “details”: [{

    “code”: “...”, “in”: “header”, “at”: “authorization” }] } } REST

  43. • Represent multiple errors • Support legacy error codes

  44. { errors : [{ message: "No report exists because there

    are no transactions on that date.", locations: [{ line: 3, column: 5, }], path: [ "report", "transactions", ], extensions: { errorType: "user_error", errorClass: "NOT_FOUND", } }] }
  45. None

  46. Team workflow

  47. • Multiple products contributing to the schema • Custodians of

    the schema need to play a balancing act

  48. • Collaboration • Always propose schema changes first

  49. Focus on the Schema

  50. Thank You :D