Skip to content

feat: add merchant onboarding field definitions API#2214

Open
mirunagherman wants to merge 5 commits into
mainfrom
miruna/int1-658
Open

feat: add merchant onboarding field definitions API#2214
mirunagherman wants to merge 5 commits into
mainfrom
miruna/int1-658

Conversation

@mirunagherman

@mirunagherman mirunagherman commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

Context

Changes

  • Add terminal API for retrieving merchant onboarding field definitions
  • Add field_definitions and options tables to store form configuration
  • Add terminal model, controller, and service
  • Return part of onboarding form fields

@github-actions github-actions Bot added package: wallet/backend Wallet backend implementations type: source Source changes labels Jun 22, 2026
@mirunagherman mirunagherman self-assigned this Jun 22, 2026
@mirunagherman mirunagherman marked this pull request as ready for review June 22, 2026 13:17
@DaevMithran DaevMithran self-requested a review June 22, 2026 13:50
Comment thread packages/wallet/backend/src/terminal/controller.ts Outdated

// Terminal
router.get(
'/terminals/onboarding',

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Non-blocking:

Should this endpoint be public? or protected by a custom terminal auth middleware or a rate limiter if it's left public.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed with Daev. This endpoint should not be public. It is called only from Merchant API - We can pass some API key (uuid) in the request head for example and you can check if the header is correct - need to discuss about this.

Does testnet wallet has proper HTTP signatures (RFC 9421)?

@beniaminmunteanu beniaminmunteanu Jul 6, 2026

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

test wallet has different signature schemas based on who it's talking to.

In regards to RFC 9421 -> That is done by Rafiki, so the test wallet backend doesn't need to implement it directly. It only handles the key management. and verifies the webhooks with custom HMAC-SHA256.
The same HMAC signing is done for outbound requests towards the rafiki graphql api.

For gatehub, it also does signature verification, HMAC-SHA256 and outbound signing as well in the same style.

And stripe is handled by the stripe sdk.

So afaik the test wallet backend itself does not implement the RFC for http signatures, in case you were thinking of reusing that in some way. @golobitch

mirunagherman and others added 2 commits July 6, 2026 09:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

package: wallet/backend Wallet backend implementations type: source Source changes

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants