From 0d310b4462f8fd84ad76628bf1a03bdc9c2bcabe Mon Sep 17 00:00:00 2001 From: MS Date: Tue, 29 Sep 2020 18:47:41 +0200 Subject: typo + comment --- design-documents/007-payment.rst | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'design-documents/007-payment.rst') diff --git a/design-documents/007-payment.rst b/design-documents/007-payment.rst index 3bb233e8..7d309a6b 100644 --- a/design-documents/007-payment.rst +++ b/design-documents/007-payment.rst @@ -40,6 +40,9 @@ When *resource-URL* is requested, the storefront runs the following steps: 1. Extract the *resource name* from the *resource-URL*. 2. Extract the *session-ID* (or null) from the request's validated cookie (for example, by using signed cookies). 3. Extract the *order-ID* (or null) from the request's ``order_id`` cookie. This cookie may optionally be validated. +.. + is "invalid" equivalent to "null"? + 4. If *session-ID* or *order-ID* is invalid, assign a fresh session ID and create a new order for *resource name* by doing a ``POST /private/orders`` to the merchant backend. Set both in the cookie to be sent with the response. @@ -66,7 +69,7 @@ The merchant backend runs the following steps to generate the /private/orders/{order-ID}?session_id={session-ID}&timeout_ms={timeout}``: 1. Let *session-ID* be the session ID of the request or null if not given (note: **not** the last paid session ID) -2. If *order-ID* does not identify an existing order, return a 40 Not Found response. **Terminate**. +2. If *order-ID* does not identify an existing order, return a 404 Not Found response. **Terminate**. 3. If *order-ID* identifies an order that is *unclaimed* and has claim token *claim-token*, return the URL :: -- cgit v1.2.3