Adds verify source endpoint #359
Conversation
ob-stripe
force-pushed
the
ob-verify-sources
branch
2 times, most recently
from
5f1dbae to
3d396a7
Compare
|
After discussing it with @remi-stripe, I updated the PR to use the existing This will avoid a breaking change if we eventually add a generic |
|
LGTM |
source.go
Outdated
| AttemptsRemaining uint64 `json:"attempts_remaining"` | ||
| Status RedirectFlowStatus `json:"status"` | ||
| AttemptsRemaining uint64 `json:"attempts_remaining"` | ||
| Status VerificationFlowStatus `json:"status"` |
There was a problem hiding this comment.
Was this just a mistake from before?
There was a problem hiding this comment.
That's my assumption, yes. I should have mentioned it in the PR, sorry about that!
|
@ob-stripe do you know if this still needs to be merged? |
ob-stripe
changed the title
|
Yes, this still needs to be merged -- I forgot to remove the "[WIP]" tag in the PR's title. Assigning to you @brandur-stripe |
paymentsource/client.go
Outdated
| err = s.B.Call("POST", fmt.Sprintf("/customers/%v/sources/%v/verify", params.Customer, id), s.Key, body, ¶ms.Params, source) | ||
| } else { | ||
| err = errors.New("Only customer bank accounts can be verified in this manner.") | ||
| body.Add("values[]", strconv.Itoa(int(params.Amounts[0]))) |
There was a problem hiding this comment.
So in its most general form, code_verification expects strings. We assume here that they are always numbers, which is OK for ACH debits (on bank account or on /v1/sources) but is not general enough for /v1/sources in general?
There was a problem hiding this comment.
@stan-stripe You have lots of context on this, so would you mind pitching an alternative? Should we keep Amounts for customer-specific verification and add a Values here? Should we keep the two-element array?
There was a problem hiding this comment.
If you look at the signature of SourceVerifyParams[0], it was really built for bank account verification on customer attached bank account objects (despite the thoughtful intent of making it a generic name)
The right type for the payment agnostic /v1/sources/:id/verify endpoint[1] is:
type NewNameOrMaybeSameNameSourceVerifyParams struct {
Values []string
}
Unclear to me if we should rename the old one, or rename the new one, but these are two different constructs in the API. Hope that helps?
[0]
Line 37 in 8c52b2c
[1] https://github.com/stripe-internal/pay-server/blob/master/api/lib/api_method/source_verify.rb#L13
There was a problem hiding this comment.
Unclear to me if we should rename the old one, or rename the new one, but these are two different constructs in the API. Hope that helps?
Yep, that clears things up. Thanks!
@ob-stripe I'd probably suggest introducing a new struct like the one Stan has above and renaming the old one. The breaking change sucks, but looking at Splunk, it doesn't seem to be too widely used from the Go language right now (< 10 calls in the last week).
ob-stripe
force-pushed
the
ob-verify-sources
branch
from
3d396a7 to
1d47ff2
Compare
ob-stripe
force-pushed
the
ob-verify-sources
branch
3 times, most recently
from
e681731 to
c4d9607
Compare
|
I updated the PR to handle this with a non-breaking change: I added a If the @brandur-stripe @stan-stripe wdyt? |
payment_source.go
Outdated
| @@ -38,6 +38,7 @@ type SourceVerifyParams struct { | |||
| Params | |||
| Customer string | |||
| Amounts [2]uint8 | |||
| Values []string | |||
There was a problem hiding this comment.
Would you mind commenting Amounts here to indicate that it's for bank accounts only and essentially deprecated.
There was a problem hiding this comment.
ach_debit sources are not live yet so I think it's a little bit early to flag bank accounts as deprecated.
That said, I can add the comment and we can wait to merge the PR -- it might be a good idea anyway as there might be other changes before release (e.g. the change from verification to code_verification).
There was a problem hiding this comment.
Cool. Yeah I was just thinking that if you come into this with very little information, both Amounts and Values are extremely generic names so it's really not intuitive at all that one would be meant for bank accounts and the other sources. It might be helpful to try and annotate this for users in some way.
Personally, I'd say no: |
Fair enough. +1. |
|
@ob-stripe Can we proceed on this one? |
|
@ob-stripe could you have a look at this one again rebased on the latest master? |
ob-stripe
force-pushed
the
ob-verify-sources
branch
3 times, most recently
from
a5ccb81 to
f855eb1
Compare
|
Done. @brandur-stripe ptal |
paymentsource.go
Outdated
| Customer string `form:"-"` // Goes in the URL | ||
| Amounts [2]uint8 `form:"amounts"` // Amounts is used when verifying bank accounts | ||
| Customer string `form:"-"` // Goes in the URL | ||
| Values []string `form:"values"` // Values in used when verifying sources |
paymentsource/client.go
Outdated
| } else { | ||
| err = errors.New("Only customer bank accounts can be verified in this manner.") | ||
| } else if len(params.Values) > 0 { | ||
| err = s.B.Call("POST", fmt.Sprintf("/sources/%v/verify", id), s.Key, body, ¶ms.Params, source) | ||
| } |
There was a problem hiding this comment.
you're likely missing an else that raises an error no?
There was a problem hiding this comment.
👍 Added an else clause. The error message is a bit vague, I'm open to suggestions if you can think of something better!
ob-stripe
force-pushed
the
ob-verify-sources
branch
from
f855eb1 to
e7d25f1
Compare
Thanks for picking this back up again! @ob-stripe @remi-stripe One another kinda nit: I think one of the things Remi's doing with his big refactoring project right now is to just make all our integers the same type (not sure which one, but probably either Maybe |
ob-stripe
force-pushed
the
ob-verify-sources
branch
2 times, most recently
from
d44a7ac to
798b1ea
Compare
|
Rebased on master and updated to use |
ob-stripe
force-pushed
the
ob-verify-sources
branch
from
798b1ea to
26e8c33
Compare
|
Nice! |
|
Released as 28.3.0. |
Bumps [mocha](https://github.com/freerange/mocha) from 1.13.0 to 1.14.0. - [Release notes](https://github.com/freerange/mocha/releases) - [Changelog](https://github.com/freerange/mocha/blob/main/RELEASE.md) - [Commits](freerange/mocha@v1.13.0...v1.14.0) --- updated-dependencies: - dependency-name: mocha dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
r? @will-stripe
cc @stripe/api-libraries @stan-stripe @remi-stripe
This PR adds support for the
/v1/sources/src_.../verifyendpoint.AFAIK, only
ach_debitsources use this endpoint at the moment, so I hardcodedValuesas[2]uint8. I guess that in the future, other source types might expect different types for thevaluesparameter, and we might want to anticipate on that.Putting the PR up for review, but I'll leave it to you to decide whether we should merge as-is or wait.