Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up
for free
GraphQL for a Payments API
Sadique Ali
November 09, 2018
Programming
2
280
GraphQL for a Payments API
Sadique Ali
November 09, 2018
Tweet
Share
Other Decks in Programming
See All in Programming
ickx
3
600
manfredsteyer
PRO
0
280
tooppoo
1
440
hr01
1
4.2k
yusuke57
2
270
tarappo
4
390
devinjeon
2
830
yasuakiomokawa
0
450
hkusu
0
270
hanhan1978
14
3.4k
kaz29
2
120
daipresents
0
280
Featured
See All Featured
productmarketing
6
770
thoeni
3
660
hannesfritz
28
970
paulrobertlloyd
72
1.5k
addyosmani
494
110k
cassininazir
347
20k
maggiecrowley
10
540
reverentgeek
167
7.3k
trallard
15
790
mojombo
359
62k
chriscoyier
498
130k
holman
447
140k
Transcript
GraphQL for a Payments API Challenges and Lessons Sadique Ali
Koothumadan @sdqali
None
GraphQL at Braintree is part of our ongoing platform’s digital
transformation, which allows us to deliver an always improving developer and online consumer experience.
https://graphql.braintreepayments.com
SDK ❤
Card API REST + JSON REST + XML GRPC Tokenize
Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁ JS SDK Python SDK Ruby SDK Java SDK Go SDK
No Absolutisms
Why GraphQL?
• Consumers of our API are tech-savvy • Direct Integrations
• Added benefits for SDKs
• “Choose your payload” • Mobile friendly • Faster integration
• Interactive tooling • Evolvability
Technology Choices
“GraphQL exists because JavaScript people love JSON too much”
ReportEdgeResolverFactory ?
ReportEdgeResolverFactory
• graphql-java • java-dataloader • graphql-java-tools
Schema files
• cards • tokenize • report • merchant Along domain
boundary?
util and common are where things go to die.
• inputs • types • queries • mutations • ...
Along GraphQL concepts?
To Relay or Not?
• Consistent input structure • Connections and pagination • IDs
and Refetching Relay goodies
Global IDs
• /transactions/wv3e1js/close • /merchants/tw763ex IDs in the REST world
• Format • Backwards compatibility Global IDs
• Opaque url-safe Base64 encoded strings • Attach global_ids to
legacy responses Global IDs
• Certain entities won’t have Global IDs Global IDs
Query Complexity
• Assign complexity factor to entities • Instrumentation to enforce
limit Max Complexity
API Visibility
• Server side consumers • Client side consumers • Admin
panel • ... Control what consumer can see what
• Detect consumer • Reject if invisible Visibility Instrumentation
Authorization
@NeedToBe(ADMIN) /admin-endpoint adminEndpoint() { // ... } REST
type Query { panelData: PanelData } type PanelData { transactions:
[Transaction], # Merchant portal failures: [Transaction] # Admin panel } GraphQL
Design for Partial Success
Card GraphQL API REST + JSON REST + XML GRPC
Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁
Card GraphQL API REST + JSON REST + XML GRPC
Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁
Card GraphQL API REST + JSON REST + XML GRPC
Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁
Card GraphQL API REST + JSON REST + XML GRPC
Tokenize Tokenize Tokenize ACH ACH ACH Card Card ☁ ☁ ☁ ☁ ☁ ☁
• Be comfortable serving nulls • Collect all the errors
Partial successes
Error handling
{ error : { “user_message”: “...”, “developer_message”: “...”, “details”: [{
“code”: “...”, “in”: “header”, “at”: “authorization” }] } } REST
• Represent multiple errors • Support legacy error codes
{ errors : [{ message: "No report exists because there
are no transactions on that date.", locations: [{ line: 3, column: 5, }], path: [ "report", "transactions", ], extensions: { errorType: "user_error", errorClass: "NOT_FOUND", } }] }
None
Team workflow
• Multiple products contributing to the schema • Custodians of
the schema need to play a balancing act
• Collaboration • Always propose schema changes first
Focus on the Schema
Thank You :D