search

ConsumerDataStandardsAustralia / standards-maintenance

This repository houses the interactions, consultations and work management to support the maintenance of baselined components of the Consumer Data Right API Standards and Information Security profile.
41 stars 9 forks source link

Testing Clarification:Order of the response object fields in the payload #238

Closed Srimitra closed 4 years ago

Srimitra commented 4 years ago

Request For Clarification

Brief description of the issue that is leading to the clarification when the testing is being performed the order is not being maintained. please see the attached document.

ordering of objecs within the response.docx

bmangalaganesh commented 4 years ago

@Srimitra JSON objects are unordered based on the information in the RFC.

An object is an unordered collection of zero or more name/value pairs, where a name is a string and a value is a string, number, boolean, null, object, or array.

My understanding of the CDS specification is that it does not dictate the JSON objects to be in a specific order.

As a quick example, we can see how the Big4 are responding to the Product APIs.

https://openbank.api.nab.com.au/cds-au/v1/banking/products

The data returned by NAB is shown below

 {
                "productId": "06a0a0bb-f1ec-4eed-bcf2-60b171d0bbe2",
                "lastUpdated": "2019-09-30T23:59:59+10:00",
                "productCategory": "TRANS_AND_SAVINGS_ACCOUNTS",
                "name": "NAB Wealth Builder",
                "description": "The NAB Wealth Builder is a savings account designed for easy ongoing management of your deposits, making it simpler to achieve savings goals, subject to committing to a notice period for withdrawals.",
                "brand": "NAB",
                "applicationUri": "https://www.nab.com.au/personal/super-and-investments/nab-adviser-portal/nab-wealth-builder",
                "isTailored": false,
                "additionalInformation": {
                    "overviewUri": "https://www.nab.com.au/personal/super-and-investments/nab-adviser-portal/nab-wealth-builder",
                    "termsUri": "https://www.nab.com.au/personal/super-and-investments/nab-adviser-portal/nab-wealth-builder",
                    "eligibilityUri": "https://www.nab.com.au/personal/super-and-investments/nab-adviser-portal/nab-wealth-builder",
                    "feesAndPricingUri": "https://www.nab.com.au/personal/super-and-investments/nab-adviser-portal/nab-wealth-builder"
                }
            },

Here is a response from ANZ.

 {
                "additionalInformation": {
                    "eligibilityUri": "https://www.anz.com.au/business/products/accounts/savings-accounts/business-term-deposit/?CID=af:obank:bb",
                    "feesAndPricingUri": "https://www.anz.com.au/business/products/accounts/savings-accounts/business-term-deposit/?CID=af:obank:bb",
                    "overviewUri": "https://www.anz.com.au/business/products/accounts/savings-accounts/business-term-deposit/?CID=af:obank:bb",
                    "termsUri": "https://www.anz.com.au/business/help-support/terms-conditions/?section=SBS&CID=af:obank:bb"
                },
                "brand": "ANZ",
                "description": "Business term deposit with flexible terms requiring 31 days notice of withdrawal (fees apply)",
                "effectiveFrom": "2020-06-10T14:00:00Z",
                "isTailored": false,
                "lastUpdated": "2020-06-09T12:20:54.853934Z",
                "name": "ANZ Business Notice Term Deposit",
                "productCategory": "TERM_DEPOSITS",
                "productId": "4740c27d-eb72-375d-2d25-ad256ed37b1e"
            },

Notice that the order of JSON elements returned by ANZ and NAB are different, however they both have the required elements.

perlboy commented 4 years ago

Agree with @bmangalaganesh, if a parser is expecting object data to be ordered it is broken.

Also, from that tiny slivver a screenshot I'd highlight that x-IBM-Client..., account_id, x-user-type, x-min-v are either invalid for a CDR request (x-IBM-Client... is a vendor header), incorrectly formatted (account_ids is POSTed and is not applicable to customer) or impossible (x-min-v > x-v) to deliver.

Also, P.S, your content includes content to the bank in question. I assume they are ok with this....

CDR-API-Stream commented 4 years ago

Hi @Srimitra, the order of attributes in a JSON object is not required for the response to be valid JSON.

Please refer to the most recent applicable JSON RFC.

CDR-API-Stream commented 4 years ago

This issue has been answered and it is being closed accordingly.