The current client does not check POST/PATCH payloads at all, they're sent to the API as-is, and the API will validate the contents, possibly returning an error. We could apply basic checks on the payload before sending it to the Mollie API:
- Are all required keys for the request set?
- Are all values in the correct data type?
- Possibly: are values correctly formatted?
Example: for the Create Payment call, we could validate:
- Are the required keys (
amount, description, redirectUrl) in the payload all set?
- For the
amount field: is it a dict, with keys currency and value? Is the currency a non-empty string? Is the value a string, and is it a correctly formatted amount?
- For the
description field: is it a non-empty string?
- For the
redirectUrl field: is it a non-empty string, and formatted as a correct URI?
- For the optional
webhookUrl field: if set in the request, is it a non-empty string and formatted as a correct URI?
- For the optional
locale field: if set in the request, is it a non-empty string?
- etc ...
All of this could be validated easily using tools like pydantic, marshmallow or jsonschema. With local validation, we could provide the developer with better error messages than the API provides (not checked yet), and we avoid invalid calls to the API.
The current client does not check POST/PATCH payloads at all, they're sent to the API as-is, and the API will validate the contents, possibly returning an error. We could apply basic checks on the payload before sending it to the Mollie API:
Example: for the Create Payment call, we could validate:
amount,description,redirectUrl) in the payload all set?amountfield: is it a dict, with keyscurrencyandvalue? Is thecurrencya non-empty string? Is thevaluea string, and is it a correctly formatted amount?descriptionfield: is it a non-empty string?redirectUrlfield: is it a non-empty string, and formatted as a correct URI?webhookUrlfield: if set in the request, is it a non-empty string and formatted as a correct URI?localefield: if set in the request, is it a non-empty string?All of this could be validated easily using tools like pydantic, marshmallow or jsonschema. With local validation, we could provide the developer with better error messages than the API provides (not checked yet), and we avoid invalid calls to the API.