Struct HttpRequestHeaders

pub struct HttpRequestHeaders {
    pub accept: String,
    pub authorization: String,
    pub content_type: String,
    pub paypal_auth_assertion: Option<String>,
    pub client_client_metadata_id: Option<String>,
    pub paypal_partner_attribution_id: Option<String>,
    pub paypal_request_id: Option<String>,
    pub user_agent: String,
}

The commonly used HTTP request headers

Fields

accept: String

The response format, which is required for operations with a response body.

authorization: String

Required to get an access token or make API calls:

• Get an access token partial:partials/docs/oauth-credentials.en-XC partial:partials/docs/access-tokens.en-XC partial:partials/docs/rest/bearer-token.en-XC
• Make REST API calls

Include the access token in the Authorization header with the Bearer authentication scheme.

content_type: String

The request format, which is required for operations with a request body.

paypal_auth_assertion: Option<String>

An API client-provided JSON Web Token (JWT) assertion that identifies the merchant.

To use this header, you must get consent to act on behalf of a merchant. You might want to use a JWT if you act on behalf of multiple merchants at the same time, because it is difficult and expensive to generate and manage multiple access tokens. Instead of managing multiple access tokens, you can use this header to provide a JWT assertion that identifies the merchant when you call the API.

Constructing the JWT

While you can use either a signed or unsigned (unsecured) JWT, PayPal recommends using the unsigned JWT for simplicity because the information you pass with the JWT is not sensitive data.

A JWT consists of three parts:

• Header: Identifies the algorithm that generated the signature. Because PayPal recommends an unsigned JWT, pass an alg of none for the header.
• Payload: Defines a set of claims, or statements, about an entity. In the case of the PayPal-Auth-Assertion header, the entity is typically the merchant. The payload can contain iss, which identifies the third-party calling the API, and one of the following to identify the merchant for whom the call is made: email or payer_id. Note: Because a merchant’s email address can change, PayPal recommends using payer_id to specify a merchant.
• Signature: Validates the token and consists of the encoded header, the encoded payload, a secret, and the algorithm. Because PayPal recommends an unsigned JWT, pass an empty string for the signature. Note: If you prefer a signed JWT, you can sign it using your secret from your API credentials.

Examples

JOSE header: “alg”: “none” Payload:

"iss": "client_id",
"payer_id": "merchant_payer_id"

Signature. Use “” for the unsigned case.

To pass the JWT easily in HTTP environments, use Base64 to encode all three parts of the JWT separately, then concatenate them with a period (.). The following code shows the previous example after Base64 encoding and compact serialization (or concatenation): ew0KICAiYWxnIjogIm5vbmUiDQp9.ew0KICAiaXNzIjogImNsaWVudF9pZCIsDQogICJwYXllcl9pZCI6ICJtZXJjaGFudF9wYXllcl9pZCINCn0=.

Refer to Issue a Refund in the PayPal Commerce Platform documentation for an example of using the PayPal-Auth-Assertion header in an API call.

client_client_metadata_id: Option<String>

Verifies that the payment originates from a valid, user-consented device and application. Reduces fraud and decreases declines. Transactions that do not include a client metadata ID are not eligible for PayPal Seller Protection.

paypal_partner_attribution_id: Option<String>

Optional. Identifies the caller as a PayPal partner. To receive revenue attribution, specify a unique build notation (BN) code. BN codes provide tracking on all transactions that originate or are associated with a particular partner. To find your BN code, see Code andCredential Reference.

paypal_request_id: Option<String>

For example, a user calls refund captured payment with the PayPal-Request-Id header that contains a unique user-provided ID. The user can make the call again with the same ID in the PayPal-Request-Id header for up to 45 days because the server stores this ID for this long for this call.

If the initial call fails with the HTTP 500 status code but the server has already refunded the payment, the caller does not need to worry that the server will refund the payment again.

Note: Not all APIs support this header. To determine whether your API supports it and for information about how long the server stores the ID, see the reference for your API.

user_agent: String

Implementations

impl HttpRequestHeaders

pub fn new(authentication: impl Into<String>) -> Self

pub fn to_vec(&self) -> Vec<(&str, &str)>

Trait Implementations

impl Clone for HttpRequestHeaders

fn clone(&self) -> HttpRequestHeaders

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for HttpRequestHeaders

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for HttpRequestHeaders

fn default() -> Self

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for HttpRequestHeaders

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Serialize for HttpRequestHeaders

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.