1click-api 中文文档教程

发布于 7年前 浏览 25 项目主页 更新于 3年前

1click-api Build Status


Handlers

Merchant

需要一个有效的商家 ApiKey 需要标头 Authorization: Bearer

Oyst

需要标头 Oyst-Authorization: Oyst

其中 是一个 base64 编码的 stringified object

{
    "m": "<MERCHANT_ID>",
    "t": "<MERCHANT_TOKEN>" // Generated by `POST` /orders/authorize
}

Sessions

Needs header oyst-session</

code> 如果 header 不存在则返回 403

Routes

Error handling

当调用此 API 除了内部错误,API 应该返回一个 json

{
    "success": false,
    "error": {
        "status": "<API-SHORT-CODE>-<ERROR-CODE>",
        "status_text": "<ERROR-MSG-USING-i18n>"
    }
}

POST /orders/authorize

处理服务器到服务器的 oneclick 身份验证。 此路由应由商家在 function getOneclickUrl() 期间调用。 返回 iframe url。

Payload:
Joi.object({
  product_reference: Joi.string().required(),
  variation_reference: Joi.string().optional(),
  user: Joi.object().optional(),
  quantity: Joi.number().integer().default(1)
})
Handler: merchant
Returns
  • 403 on authentication failure
  • On success
{
    "success": true,
    "url": "http://url_to_front_application"
}

GET /version

信息在 package.json

Returns
{
    "name": "APPLICATION_NAME",
    "version": "APPLICATION_VERSION"
}

POST /orders

已知用户时处理订单创建。

它调用:

  • payment-api
  • user-api
  • catalog-api
Payload
Joi.object({
  encrypted_card: Joi.string().required()
}).allow(null)

encrypted_card 只应在用户更改他的卡时发送

Handler: Oyst Session
Returns
{
    "success": true,
    "id": "ORDER_UUID",
    "product": {},
    "user": {},
    "order": {}
}

DELETE /orders/{:id}

删除特定订单并清理相关会话

它调用:

  • payment-api
  • user-api
  • catalog-api
QueryParams
Joi.object({
  id: Joi.string().guid().required()
})
Handler: Oyst Session
Returns
{
    "success": true
}

GET /users

使用电话号码检查用户是否存在。 如果找到,将发送带有链接的短信

QueryParams
Joi.object({
  phone: phoneRule.phone().mobile().required()
})

其中 phoneRule 是 npm 包 joi-phone-validator

Handler: Oyst
Returns
{
    "success": true, // When user is found or false otherwhise
    "sms": true, // Or false if sms was not send
    "channel": "PUSHER_CHANNEL_TO_LISTEN_TO",
    "event": "PUSHER_EVENT_TO_LISTEN_TO",
    "phone": "+33601020304",
    "can_retry": true // false if limit is reached
}

POST /users/card

当找不到用户时调用。 将 encrypted_card 存储在 REDIS 会话中。 然后发送带有显示代码链接的短信。 像 3DS

Payload
Joi.object({
  encrypted_card: Joi.string().required()
})
Handler: Oyst
Returns
{
    "success": true, // Or false if sms was not send
    "channel": "PUSHER_CHANNEL_TO_LISTEN_TO",
    "event": "PUSHER_EVENT_TO_LISTEN_TO",
    "phone": "+33601020304",
    "can_retry": true, // false if limit is reached
    "code": true
}

GET /users/phone/mfa

当用户点击 SMS 链接时激活代码

QueryParams
Joi.object({
    id: Joi.string().guid().required(),
    p: phoneRule.phone().mobile().required()
})

其中 phoneRule 是 npm 包 joi-phone-validator

Returns

重定向到 ${DISPLAY_CODE_URL}?${Querystring .stringify({ id, phone: p })} 其中 DISPLAY_CODE_URL 是 ReactAPP 的 url,用于在手机上显示代码

POST /users/phone/valid

当用户点击 SMS 链接时激活手机。 发送 PUSHER_EVENT 成功。

  • Remove phone from PhoneSession
  • Remove short-link from the PhoneChecker
Payload
Joi.object({
    id: Joi.string().guid().required(),
    phone: phoneRule.phone().mobile().required(),
    session: Joi.string().guid().required(),
    user_id: Joi.string().guid().required()
})

其中 phoneRule 是 npm 包 joi-phone-validator

Returns

重定向到 PHONE_SUCCESS_URL 是成功的静态 url

GET /mfa

  • Get the code from PhoneChecker
  • Send PUSHER_EVENT on success with params code: true and uuid
QueryParams
Joi.object({
    id: Joi.string().guid().required(),
    phone: phoneRule.phone().mobile().required()
})

Where phoneRule 是 npm 包 joi-phone-validator

Returns
{
    "code": "SECRET_CODE",
    "success": true
}

POST /mfa/codes

  • Get the code from PhoneChecker
  • Send PUSHER_EVENT on success with params code: true and uuid
Payload
Joi.object({
  code: Joi.string().required(),
  uuid: Joi.string().guid().required(),
  phone: phoneRule.phone().mobile().required()
})

其中 phoneRule 是 npm 包 joi-phone-validator

Returns
{
    "success": true,
    "can_retry": true // or false when success is false
}

POST /users

  • Add card with minimum authorization
  • Create the user using user-api
Handler: Oyst Session
Payload
Joi.object({
  address: address.required(),
  billing_address: address.default(Joi.ref('address')),
  email: Joi.string().email().required(),
  first_name: Joi.string().required(),
  language: Joi.string().length(2).optional(),
  last_name: Joi.string().required()
})

其中 address

Joi.object({
  city: Joi.string().required(),
  company_name: allowEmpty,
  complementary: allowEmpty,
  country: Joi.string().required(),
  first_name: Joi.string().required(),
  label: Joi.string().required(),
  last_name: Joi.string().required(),
  postcode: allowEmpty,
  region: allowEmpty,
  street: Joi.string().required()
})

并且 allowEmpty

Joi.string().empty('').optional()

phoneRule 是 npm 包 joi-phone-validator

Returns
{
    "success": true,
    "user": {}
}

POST /notifications

  • Handle payment-api notifications

现在不处理通知这只是有用的为了支付 API 不会崩溃

当 order-api 能够处理支付信息时修复

Payload
Joi.object({
  live: Joi.boolean().required(),
  notification: Joi.object().keys({
    additional_data: Joi.object().optional(),
    amount: Joi.object().keys({
      currency: Joi.string().required(),
      value: Joi.number().required()
    }).required(),
    event_code: Joi.string().required(),
    event_date: Joi.date(),
    is_3d: Joi.boolean().required(),
    operations: Joi.array().items(Joi.string()).required(),
    order_id: Joi.string().required(),
    payment_id: Joi.string().guid().required(),
    success: Joi.boolean().required(),
  }).required()
})
Returns

OK

1click-api Build Status


Handlers

Merchant

Needs an valid merchant ApiKey Needs header Authorization: Bearer <APIKEY>

Oyst

Needs header Oyst-Authorization: Oyst <DATA>

Where <DATA> is a base64 encoded stringified object

{
    "m": "<MERCHANT_ID>",
    "t": "<MERCHANT_TOKEN>" // Generated by `POST` /orders/authorize
}

Sessions

Needs header oyst-session

Returns a 403 if header is not present

Routes

Error handling

When calling this API except for internal errors, the API should return a json

{
    "success": false,
    "error": {
        "status": "<API-SHORT-CODE>-<ERROR-CODE>",
        "status_text": "<ERROR-MSG-USING-i18n>"
    }
}

POST /orders/authorize

Handle the server to server authentication for the oneclick. This route should be called by the merchant during the function getOneclickUrl(). The iframe url is returned.

Payload:
Joi.object({
  product_reference: Joi.string().required(),
  variation_reference: Joi.string().optional(),
  user: Joi.object().optional(),
  quantity: Joi.number().integer().default(1)
})
Handler: merchant
Returns
  • 403 on authentication failure
  • On success
{
    "success": true,
    "url": "http://url_to_front_application"
}

GET /version

Informations are in package.json

Returns
{
    "name": "APPLICATION_NAME",
    "version": "APPLICATION_VERSION"
}

POST /orders

Handle the order creation when user is known.

It calls:

  • payment-api
  • user-api
  • catalog-api
Payload
Joi.object({
  encrypted_card: Joi.string().required()
}).allow(null)

encrypted_card should be send only when user changes his card

Handler: Oyst Session
Returns
{
    "success": true,
    "id": "ORDER_UUID",
    "product": {},
    "user": {},
    "order": {}
}

DELETE /orders/{:id}

Delete specific order and clean associated session

It calls:

  • payment-api
  • user-api
  • catalog-api
QueryParams
Joi.object({
  id: Joi.string().guid().required()
})
Handler: Oyst Session
Returns
{
    "success": true
}

GET /users

Check if user exists using the phone number. If found, sms is send with a link

QueryParams
Joi.object({
  phone: phoneRule.phone().mobile().required()
})

Where phoneRule is the npm package joi-phone-validator

Handler: Oyst
Returns
{
    "success": true, // When user is found or false otherwhise
    "sms": true, // Or false if sms was not send
    "channel": "PUSHER_CHANNEL_TO_LISTEN_TO",
    "event": "PUSHER_EVENT_TO_LISTEN_TO",
    "phone": "+33601020304",
    "can_retry": true // false if limit is reached
}

POST /users/card

Called when user is not found. Store the encrypted_card in REDIS Session. Then send a SMS with a link that display a code. Like 3DS

Payload
Joi.object({
  encrypted_card: Joi.string().required()
})
Handler: Oyst
Returns
{
    "success": true, // Or false if sms was not send
    "channel": "PUSHER_CHANNEL_TO_LISTEN_TO",
    "event": "PUSHER_EVENT_TO_LISTEN_TO",
    "phone": "+33601020304",
    "can_retry": true, // false if limit is reached
    "code": true
}

GET /users/phone/mfa

Activate the code when user clicked on the SMS link

QueryParams
Joi.object({
    id: Joi.string().guid().required(),
    p: phoneRule.phone().mobile().required()
})

Where phoneRule is the npm package joi-phone-validator

Returns

Redirects to ${DISPLAY_CODE_URL}?${Querystring.stringify({ id, phone: p })} where DISPLAY_CODE_URL is the url of the ReactAPP to display the code on mobile

POST /users/phone/valid

Activate the phone when user clicked on the SMS link. Send PUSHER_EVENT on success.

  • Remove phone from PhoneSession
  • Remove short-link from the PhoneChecker
Payload
Joi.object({
    id: Joi.string().guid().required(),
    phone: phoneRule.phone().mobile().required(),
    session: Joi.string().guid().required(),
    user_id: Joi.string().guid().required()
})

Where phoneRule is the npm package joi-phone-validator

Returns

Redirects to PHONE_SUCCESS_URL that is the static url of success

GET /mfa

  • Get the code from PhoneChecker
  • Send PUSHER_EVENT on success with params code: true and uuid
QueryParams
Joi.object({
    id: Joi.string().guid().required(),
    phone: phoneRule.phone().mobile().required()
})

Where phoneRule is the npm package joi-phone-validator

Returns
{
    "code": "SECRET_CODE",
    "success": true
}

POST /mfa/codes

  • Get the code from PhoneChecker
  • Send PUSHER_EVENT on success with params code: true and uuid
Payload
Joi.object({
  code: Joi.string().required(),
  uuid: Joi.string().guid().required(),
  phone: phoneRule.phone().mobile().required()
})

Where phoneRule is the npm package joi-phone-validator

Returns
{
    "success": true,
    "can_retry": true // or false when success is false
}

POST /users

  • Add card with minimum authorization
  • Create the user using user-api
Handler: Oyst Session
Payload
Joi.object({
  address: address.required(),
  billing_address: address.default(Joi.ref('address')),
  email: Joi.string().email().required(),
  first_name: Joi.string().required(),
  language: Joi.string().length(2).optional(),
  last_name: Joi.string().required()
})

where address is

Joi.object({
  city: Joi.string().required(),
  company_name: allowEmpty,
  complementary: allowEmpty,
  country: Joi.string().required(),
  first_name: Joi.string().required(),
  label: Joi.string().required(),
  last_name: Joi.string().required(),
  postcode: allowEmpty,
  region: allowEmpty,
  street: Joi.string().required()
})

and allowEmpty is

Joi.string().empty('').optional()

Where phoneRule is the npm package joi-phone-validator

Returns
{
    "success": true,
    "user": {}
}

POST /notifications

  • Handle payment-api notifications

For now notification are not treated this is only usefull for the payment-api not to crashed

TO FIX when order-api will be able to handle payment informations

Payload
Joi.object({
  live: Joi.boolean().required(),
  notification: Joi.object().keys({
    additional_data: Joi.object().optional(),
    amount: Joi.object().keys({
      currency: Joi.string().required(),
      value: Joi.number().required()
    }).required(),
    event_code: Joi.string().required(),
    event_date: Joi.date(),
    is_3d: Joi.boolean().required(),
    operations: Joi.array().items(Joi.string()).required(),
    order_id: Joi.string().required(),
    payment_id: Joi.string().guid().required(),
    success: Joi.boolean().required(),
  }).required()
})
Returns

OK

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文