1.SDKS ARE APIS TOO! Jeff Brateman Senior Software Engineer PayPal

2. 2 BACKGROUND Software Engineer developing server and client-side APIs for 10+ years Senior Android SDK developer at PayPal Lazy developer 3. 3 OUTLINE APIs, SDKs, and OAuth2 PayPal Mobile SDKs PayPal Server SDKs Releasing Support 4. 4 GOALS OF AN API APIs are an important way for a company, like PayPal, to extend reach Principles when delivering a great developer experience Delightful experience for end users Simple, yet complete API design (easy to learn and integrate) Successful APIs come from Familiar API standards Good API design process Simple and complete developer experience 5. 5 SOME TERMS API An application programming interface (API) specifies how some software components should interact with each other. Generally, this refers to Web APIs SDK A software development kit (SDK or "devkit") is typically a set of software development tools that allows for the creation of applications for a certain software package, software framework, hardware platform, computer system, video game console, operating system, or similar development platform. SDKs are just client-side Programming APIs with some plumbing 6. 6 OAUTH2 Token Granting Public Clients (no secret) Confidential Clients (with secret) User Approval / Consent OAuth2 scopes to represent ability for an application to: Use certain functionality Access and operate on a resource E.g, capture funds authorized previously, read financial instrument from wallet,... Auth != Security Always use SSL Data at rest is always encrypted! 7. 7 PAYPAL MOBILE SDKS 8. 8 ANDROID SDK One tidy package Oauth2 tokens, login, and consent Confirm card.io Easy to use and configure, because developers are lazy One .jar file and some native libs No xml or resource files to update All configuration is via native Android extras Small library footprint No external library dependencies 9. 9 ANDROID OPEN SOURCE LIBRARIES Android Support Library Spring REST Async http libraries: LoopJ RoboSpice OkHttp Volley Robotium MonkeyRunner 10. 10 ANDROID SDK INTEGRATION 1. Add libs 2. Add AndroidManifest.xml entry 3. Copy/paste sample code from GitHub 4. Edit configuration 5. 6. Profit Note that there are no layout xml or resource files to update, making integration and upgrades easy! card.io Android SDK integration on GitHub PayPal Android SDK integration on GitHub 11. 11 IOS SDK INTEGRATION 1. Add libs 2. Add some linker options and frameworks 3. Copy/paste sample code from GitHub 4. Edit configuration 5. 6. Profit card.io iOS SDK integration on GitHub PayPal iOS SDK integration on GitHub 12. 12 LINKING TO YOUR APP e.g. Make a payment via SDK by using Fingerprint Authentication (Samsung S5) Hook up the SDK to the Wallet App, and release new version of the SDK On Android, this requires no additional configuration from the application developer SDK can immediately make use of more authentication mechanisms as they become available developer just needs to upgrade their SDK The Saga of my Crush on Candy Android App PayPal Android SDK PayPal Wallet Android App 13. 13 GITHUB.IO GitHub has tools to host your docs Create gh-pages branch to get a pretty, github.io hosted doc page http://paypal.github.io/PayPal-Android-SDK/ http://card-io.github.io/card.io-Android-SDK/ 14. 14 PAYPAL SERVER SDKS Shouldnt a RESTful API be easy enough to consume without an SDK? Yes, but PayPal SDKs provide useful benefits: Abstract OAuth2 details Native language interfaces and objects (e.g., Java POJOs) easy code gen Updates for new APIs Community support Write/fork your own! 15. 15 OPEN SOURCE? Pros: Community contributions Open and honest Street cred Public forks Cons: Cannot reveal proprietary information Secret APIs or algorithms Potentially embarrassing bugs Cannot control usage 16. 16 BRANCHING, BUILDING, AND TESTING Git Flow Android Build Tools: Ant Gradle Buck CI Tools: Jenkins TestDroid TestFlight TravisCI 17. 17 RELEASING Distribute via: GitHub Language specific package manager (e.g., Sonatype, PyPI) Semantic versioning + Changelog Announce over: Twitter Google Groups Blog posts Evangelists Close open GitHub issues 18. 18 A LITTLE HELP? 19. 19 WHAT MAKES A GOOD SDK? Solves a specific problem above and beyond the API Minimal handholding Documentation SDK and code samples Mock mode (mobile SDKs) Sandbox Unit tests Sandbox tests 20. 20 WHAT IF THINGS GO WRONG? Developer support (client side problems) GitHub issues StackOverflow Issues sometimes reported long after it was introduced Release often, encourage upgrades Practice culture of being polite while asking common questions: Are you using the latest SDK? What environments/devices do you encounter the problem? Have you tried turning it off and on again? Account or server problem SDK developers end up being the QA for server side APIs experts at what the API really does Defer or engage Developer Technical Support 21. THANK YOU Were hiring! Apply online (ebaycareers.com), or send resume, cover letter, or GitHub id to Deepak Nadig - dn@paypal.com 04/23/2014