GraphQL for a Payments API

7e92d8fa80b54b06ad9c97b768c7029f?s=47 Sadique Ali
November 09, 2018
Programming
2
260

GraphQL for a Payments API

7e92d8fa80b54b06ad9c97b768c7029f?s=128

Sadique Ali

November 09, 2018
Tweet

Other Decks in Programming

See All in Programming
C302e84057a922dce0ecbe80207e3fcc?s=48 mu_zaru
1
180
E6143330e12cd226c3dab99f3fe8cb3e?s=48 yanaemon
1
150
D9e4d5a4b36f83fbde1076815df1362f?s=48 bmack
0
370
D83b3739651001461f48763639b90b50?s=48 mazipan
4
940
E0e036f89c14b3e59640318eedf9670b?s=48 bkuhlmann
2
210
Fc96157614ee73039c4a575906167979?s=48 fukumura
0
260
3499a1d71fa70b8ee44816ca9e7329fe?s=48 bells17
1
420
9af444e4e7110845f0b3319efb1ca252?s=48 920oj
1
670
29bfc9e2bc82b775a30af70be3196386?s=48 hannaprinz
0
100
20c5ddcad23304aed77ce8c3aa020562?s=48 tkmru
0
110
354271902cd8ba2762d05b251dfa0f84?s=48 pluu
0
270
Fa54d97af93719f9aa82873de3acb3b3?s=48 decoc
1
440

Featured

See All Featured
9fa239b3154a0169d99ab7bf1422dd12?s=48 marcelosomers
221
14k
6804f1775cb4babfcc3851298566fbce?s=48 tanoku
84
8.3k
E43f8dfd01057f8304f5f8fb9a294d7d?s=48 jeffersonlam
323
14k
462dad0dd24c568a32dcdb0ae895ae1b?s=48 rasmusluckow
314
18k
Ba530e786553390f3fb271848485681c?s=48 3n
159
22k
Fe6b81005d1553accd6b2a28f6a2bef1?s=48 phodgson
83
3.8k
Aebc2d07a50011e2a30d38435fde564a?s=48 jrom
113
6.8k
1519587b1a0febb658c36c94f6272b0d?s=48 roundedbygravity
240
20k
9cde37f47e4a800ea081ea42de8d749a?s=48 dougneiner
55
5.3k
Fde6c3a50ca518a909ef35c22c0ee0e4?s=48 destraynor
144
19k
Aff5641764408271f7bc398f2097edd0?s=48 denniskardys
218
110k
96270e4c3e5e9806cf7245475c00b275?s=48 addyosmani
1348
190k

Transcript

  1. GraphQL for a Payments API Challenges and Lessons Sadique Ali

    Koothumadan @sdqali
  2. None

  3. GraphQL at Braintree is part of our ongoing platform’s digital

    transformation, which allows us to deliver an always improving developer and online consumer experience.

  4. https://graphql.braintreepayments.com

  5. SDK ❤

  6. Card API REST + JSON REST + XML GRPC Tokenize

    Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁ JS SDK Python SDK Ruby SDK Java SDK Go SDK

  7. No Absolutisms

  8. Why GraphQL?

  9. • Consumers of our API are tech-savvy • Direct Integrations

    • Added benefits for SDKs

  10. • “Choose your payload” • Mobile friendly • Faster integration

    • Interactive tooling • Evolvability

  11. Technology Choices

  12. “GraphQL exists because JavaScript people love JSON too much”

  13. ReportEdgeResolverFactory ?

  14. ReportEdgeResolverFactory

  15. • graphql-java • java-dataloader • graphql-java-tools

  16. Schema files

  17. • cards • tokenize • report • merchant Along domain

    boundary?

  18. util and common are where things go to die.

  19. • inputs • types • queries • mutations • ...

    Along GraphQL concepts?

  20. To Relay or Not?

  21. • Consistent input structure • Connections and pagination • IDs

    and Refetching Relay goodies

  22. Global IDs

  23. • /transactions/wv3e1js/close • /merchants/tw763ex IDs in the REST world

  24. • Format • Backwards compatibility Global IDs

  25. • Opaque url-safe Base64 encoded strings • Attach global_ids to

    legacy responses Global IDs

  26. • Certain entities won’t have Global IDs Global IDs

  27. Query Complexity

  28. • Assign complexity factor to entities • Instrumentation to enforce

    limit Max Complexity

  29. API Visibility

  30. • Server side consumers • Client side consumers • Admin

    panel • ... Control what consumer can see what

  31. • Detect consumer • Reject if invisible Visibility Instrumentation

  32. Authorization

  33. @NeedToBe(ADMIN) /admin-endpoint adminEndpoint() { // ... } REST

  34. type Query { panelData: PanelData } type PanelData { transactions:

    [Transaction], # Merchant portal failures: [Transaction] # Admin panel } GraphQL

  35. Design for Partial Success

  36. Card GraphQL API REST + JSON REST + XML GRPC

    Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

  37. Card GraphQL API REST + JSON REST + XML GRPC

    Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

  38. Card GraphQL API REST + JSON REST + XML GRPC

    Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

  39. Card GraphQL API REST + JSON REST + XML GRPC

    Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

  40. • Be comfortable serving nulls • Collect all the errors

    Partial successes

  41. Error handling

  42. { error : { “user_message”: “...”, “developer_message”: “...”, “details”: [{

    “code”: “...”, “in”: “header”, “at”: “authorization” }] } } REST

  43. • Represent multiple errors • Support legacy error codes

  44. { errors : [{ message: "No report exists because there

    are no transactions on that date.", locations: [{ line: 3, column: 5, }], path: [ "report", "transactions", ], extensions: { errorType: "user_error", errorClass: "NOT_FOUND", } }] }
  45. None

  46. Team workflow

  47. • Multiple products contributing to the schema • Custodians of

    the schema need to play a balancing act

  48. • Collaboration • Always propose schema changes first

  49. Focus on the Schema

  50. Thank You :D