sabineschaller
commented
1 year ago Duplicate of
I think this is already being worked on by @njlie and @BlairCurrey.
Closed matdehaast closed 1 year ago
sabineschaller
commented
1 year ago Duplicate of
I think this is already being worked on by @njlie and @BlairCurrey.
mkurapov
commented
1 year ago @sabineschaller @njlie @BlairCurrey I think we need a separate issue to "include resourceUrl in the wallet address response", right?
sabineschaller
commented
1 year ago That we do indeed.
sabineschaller
commented
1 year ago I get the issue now. Let's get that one worked on!
njlie
commented
1 year ago So uh...it looks like we already implement this. We could return this header on the unauthenticated GET /incoming-payments response, though - it is an unauthenticated request to a GNAP resource, after all.
sabineschaller
commented
1 year ago Yes please. Let's add the header to all unauthed requests, wether they are successful or return 401. So that means public incoming payment and wallet address. Should we then also roll back the inclusion of the auth server url in the body of the public incoming payment? Like roll that back right away and get the auth server url from the header in the receiver service?
njlie
commented
1 year ago On the heartbeat call, we discussed rolling back the authServer field in the unauthenticated GET /incoming-payments response body. We decided to keep it in the body, so it's more straightforward for the Open Payments client to retrieve and return that field and avoid some type breakage with having to return a header. Will still add the header so the endpoint behaves in a GNAP-y way.
Currently the incoming/outgoing payment urls are inferred via the URL pattern. An example is the following IP
Assume a payment pointer URL of
https://ilp.rafiki.money/mattusdRemoving the coupling does present a problem, in that clients need to know where the auth server is for resources. GNAP has a spec to define RS first discovery