Upgrade to Pro — share decks privately, control downloads, hide ads and more …

GraphQL for a Payments API

7e92d8fa80b54b06ad9c97b768c7029f?s=47 Sadique Ali
November 09, 2018
Programming
2
290

GraphQL for a Payments API

7e92d8fa80b54b06ad9c97b768c7029f?s=128

Sadique Ali

November 09, 2018
Tweet

Other Decks in Programming

See All in Programming
15bd11f2c2c5e3dd854153d03a102b0d?s=48 standfm
0
380
A0abebaaa72697006085b05fabefa1f6?s=48 ura0ka
0
120
9bf923e39671cde83584e3e926296c13?s=48 kishikawakatsumi
1
530
13824f545937c1ae0a80739aea2e396c?s=48 mlopskr
0
230
5d769d109697012317c09c6a27a6a4bf?s=48 linyows
1
150
Bf5ee9059859ed5d855b5ff4680e63e2?s=48 track3jyo
1
120
032eb5910248d5ffd0e0ac3820c45583?s=48 gorilla0513
4
850
744f1c2c6cbea2ff5104b0ac512936bd?s=48 hpgrahsl
0
150
67962a042668ffac9323b8e0c55eee6e?s=48 keisuke69
0
1.7k
21e251d97f836f77e7dce83fcaf6daff?s=48 ryitto
3
720
0620564f0125b8b3b7f4fe40c10b8b4e?s=48 tattn
6
570
36751965e79dca4618cccc3c08efc912?s=48 leichteckig
0
150

Featured

See All Featured
F57e2136eb9895eb95ff5dc8a1c02677?s=48 zakiwarfel
88
3.5k
7559f6cff1f5efc2d210965febd4d71c?s=48 bermonpainter
344
26k
4394ceb8b277f35ee3da7030384efb5d?s=48 davidbonilla
72
3.6k
C44e1f7e22c3f23cff7bc130871047ef?s=48 eileencodes
115
26k
D8fc2580cfaca035f666d9e4ee79a7f7?s=48 mongodb
23
4k
1519587b1a0febb658c36c94f6272b0d?s=48 roundedbygravity
243
21k
B47b288784fda77a94aeb234ca743c24?s=48 keavy
108
15k
8081b26e05bb4354f7d65ffc34cbbd67?s=48 chriscoyier
499
130k
5b6a2bd86ef643786a381a212e0ef2f1?s=48 geoffreycrofte
31
1.2k
5ce91fa49a613cbc3e20d5f96856473f?s=48 edds
56
9.4k
F383c6a4dc55e331bbe2987b622cee6b?s=48 stephaniewalter
262
11k
A415db3ac9e9668acbc1fb36eead84ac?s=48 mthomps
40
2.4k

Transcript

  1. GraphQL for a Payments API Challenges and Lessons Sadique Ali

    Koothumadan @sdqali
  2. None

  3. GraphQL at Braintree is part of our ongoing platform’s digital

    transformation, which allows us to deliver an always improving developer and online consumer experience.

  4. https://graphql.braintreepayments.com

  5. SDK ❤

  6. Card API REST + JSON REST + XML GRPC Tokenize

    Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁ JS SDK Python SDK Ruby SDK Java SDK Go SDK

  7. No Absolutisms

  8. Why GraphQL?

  9. • Consumers of our API are tech-savvy • Direct Integrations

    • Added benefits for SDKs

  10. • “Choose your payload” • Mobile friendly • Faster integration

    • Interactive tooling • Evolvability

  11. Technology Choices

  12. “GraphQL exists because JavaScript people love JSON too much”

  13. ReportEdgeResolverFactory ?

  14. ReportEdgeResolverFactory

  15. • graphql-java • java-dataloader • graphql-java-tools

  16. Schema files

  17. • cards • tokenize • report • merchant Along domain

    boundary?

  18. util and common are where things go to die.

  19. • inputs • types • queries • mutations • ...

    Along GraphQL concepts?

  20. To Relay or Not?

  21. • Consistent input structure • Connections and pagination • IDs

    and Refetching Relay goodies

  22. Global IDs

  23. • /transactions/wv3e1js/close • /merchants/tw763ex IDs in the REST world

  24. • Format • Backwards compatibility Global IDs

  25. • Opaque url-safe Base64 encoded strings • Attach global_ids to

    legacy responses Global IDs

  26. • Certain entities won’t have Global IDs Global IDs

  27. Query Complexity

  28. • Assign complexity factor to entities • Instrumentation to enforce

    limit Max Complexity

  29. API Visibility

  30. • Server side consumers • Client side consumers • Admin

    panel • ... Control what consumer can see what

  31. • Detect consumer • Reject if invisible Visibility Instrumentation

  32. Authorization

  33. @NeedToBe(ADMIN) /admin-endpoint adminEndpoint() { // ... } REST

  34. type Query { panelData: PanelData } type PanelData { transactions:

    [Transaction], # Merchant portal failures: [Transaction] # Admin panel } GraphQL

  35. Design for Partial Success

  36. Card GraphQL API REST + JSON REST + XML GRPC

    Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

  37. Card GraphQL API REST + JSON REST + XML GRPC

    Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

  38. Card GraphQL API REST + JSON REST + XML GRPC

    Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

  39. Card GraphQL API REST + JSON REST + XML GRPC

    Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁

  40. • Be comfortable serving nulls • Collect all the errors

    Partial successes

  41. Error handling

  42. { error : { “user_message”: “...”, “developer_message”: “...”, “details”: [{

    “code”: “...”, “in”: “header”, “at”: “authorization” }] } } REST

  43. • Represent multiple errors • Support legacy error codes

  44. { errors : [{ message: "No report exists because there

    are no transactions on that date.", locations: [{ line: 3, column: 5, }], path: [ "report", "transactions", ], extensions: { errorType: "user_error", errorClass: "NOT_FOUND", } }] }
  45. None

  46. Team workflow

  47. • Multiple products contributing to the schema • Custodians of

    the schema need to play a balancing act

  48. • Collaboration • Always propose schema changes first

  49. Focus on the Schema

  50. Thank You :D