The current client does not check POST/PATCH payloads at all, they're sent to the API as-is, and the API will validate the contents, possibly returning an error. We could apply basic checks on the payload before sending it to the Mollie API:
Are the required keys (amount, description, redirectUrl) in the payload all set?
For the amount field: is it a dict, with keys currency and value? Is the currency a non-empty string? Is the value a string, and is it a correctly formatted amount?
For the description field: is it a non-empty string?
For the redirectUrl field: is it a non-empty string, and formatted as a correct URI?
For the optional webhookUrl field: if set in the request, is it a non-empty string and formatted as a correct URI?
For the optional locale field: if set in the request, is it a non-empty string?
etc ...
All of this could be validated easily using tools like pydantic, marshmallow or jsonschema. With local validation, we could provide the developer with better error messages than the API provides (not checked yet), and we avoid invalid calls to the API.
The current client does not check POST/PATCH payloads at all, they're sent to the API as-is, and the API will validate the contents, possibly returning an error. We could apply basic checks on the payload before sending it to the Mollie API:
Example: for the Create Payment call, we could validate:
amount
,description
,redirectUrl
) in the payload all set?amount
field: is it a dict, with keyscurrency
andvalue
? Is thecurrency
a non-empty string? Is thevalue
a string, and is it a correctly formatted amount?description
field: is it a non-empty string?redirectUrl
field: is it a non-empty string, and formatted as a correct URI?webhookUrl
field: if set in the request, is it a non-empty string and formatted as a correct URI?locale
field: if set in the request, is it a non-empty string?All of this could be validated easily using tools like pydantic, marshmallow or jsonschema. With local validation, we could provide the developer with better error messages than the API provides (not checked yet), and we avoid invalid calls to the API.