Drupal Commerce allows for a completely custom checkout experience.
First: we cannot make any assumptions about the checkout or available features. We'll need the API to provide a description of what is required by the consumer.
Second: shipping. Shipping will probably have to be a second-class citizen, at first.
Third: We can't assume the cart module or API exists, but work well with them.
This returns a summary for a specified order. There are quite a few problems here, as we do not have any kind of "ownership" in the checkout. Ownership is decided by the cart module. So someone could enumerate through the summary and possibly expose another customer's order and information.
Drupal Commerce allows for a completely custom checkout experience.
First: we cannot make any assumptions about the checkout or available features. We'll need the API to provide a description of what is required by the consumer.
Second: shipping. Shipping will probably have to be a second-class citizen, at first.
Third: We can't assume the cart module or API exists, but work well with them.
References:
The community started some efforts:
Ideas
POST
/checkout/summary
This returns a summary of the order if it were to enter checkout.
We need to consider accepting an order ID AND a blob of purchasable entities (making a mock order.) Former discussed in next documented request.
If there is an error due to availability, or something else we should return a 400 status code and why the order would fail checkout.
Request
Response
Status code: 200
GET
/checkout/summary/{order_id}
This returns a summary for a specified order. There are quite a few problems here, as we do not have any kind of "ownership" in the checkout. Ownership is decided by the cart module. So someone could enumerate through the summary and possibly expose another customer's order and information.
Response
Status code: 200
POST
/checkout
Anonymous / New card
Existing user and card
POST
/checkout/{order_id}