SDKs are APIs with additional development tools and libraries to make integration easier. The document discusses PayPal's mobile and server SDKs, which provide OAuth authentication, API object models, and sample code to simplify making payments and accessing financial data. Well-designed SDKs should solve problems beyond what the base API provides through good documentation, mock environments for testing, and developer support for issues.
3. 3
OUTLINE
APIs, SDKs, and OAuth2
PayPal Mobile SDKs
PayPal Server SDKs
Releasing
Support
4. 4
GOALS OF AN API
APIs are an important way for a company, like PayPal, to extend reach
Principles when delivering a great developer experience
Delightful experience for end users
Simple, yet complete API design (easy to learn and integrate)
Successful APIs come from
Familiar API standards
Good API design process
Simple and complete developer experience
5. 5
SOME TERMS
API
An application programming interface (API) specifies how some software
components should interact with each other.
Generally, this refers to Web APIs
SDK
A software development kit (SDK or "devkit") is typically a set of
software development tools that allows for the creation of applications
for a certain software package, software framework, hardware platform,
computer system, video game console, operating system, or similar
development platform.
SDKs are just client-side Programming APIs with some plumbing
6. 6
OAUTH2
Token Granting
Public Clients (no secret)
Confidential Clients (with secret)
User Approval / Consent
OAuth2 scopes to represent ability for an application to:
Use certain functionality
Access and operate on a resource
E.g, capture funds authorized previously, read financial instrument from
wallet,...
Auth != Security
Always use SSL
Data at rest is always encrypted!
8. 8
ANDROID SDK
One tidy package
Oauth2 tokens, login, and consent
Confirm
card.io
Easy to use and configure, because developers are lazy
One .jar file and some native libs
No xml or resource files to update
All configuration is via native Android extras
Small library footprint
No external library dependencies
9. 9
ANDROID OPEN SOURCE LIBRARIES
Android Support Library
Spring REST
Async http libraries:
LoopJ
RoboSpice
OkHttp
Volley
Robotium
MonkeyRunner
10. 10
ANDROID SDK INTEGRATION
1. Add libs
2. Add AndroidManifest.xml entry
3. Copy/paste sample code from GitHub
4. Edit configuration
5. …
6. Profit
Note that there are no layout xml or resource files to update, making
integration and upgrades easy!
card.io Android SDK integration on GitHub
PayPal Android SDK integration on GitHub
11. 11
IOS SDK INTEGRATION
1. Add libs
2. Add some linker options and frameworks
3. Copy/paste sample code from GitHub
4. Edit configuration
5. …
6. Profit
card.io iOS SDK integration on GitHub
PayPal iOS SDK integration on GitHub
12. 12
LINKING TO YOUR APP
e.g. Make a payment via SDK by using Fingerprint Authentication (Samsung S5)
Hook up the SDK to the Wallet App, and release new version of the SDK
On Android, this requires no additional configuration from the application developer
SDK can immediately make use of more authentication mechanisms as they become available –
developer just needs to upgrade their SDK
The Saga of my Crush
on Candy Android App
PayPal Android SDK
PayPal Wallet Android App
13. 13
GITHUB.IO
GitHub has tools to host your docs
Create gh-pages branch to get a pretty, github.io hosted doc page
http://paypal.github.io/PayPal-Android-SDK/
http://card-io.github.io/card.io-Android-SDK/
14. 14
PAYPAL SERVER SDKS
Shouldn’t a RESTful API be easy enough to consume without an SDK?
Yes, but PayPal SDKs provide useful benefits:
Abstract OAuth2 details
Native language interfaces and objects (e.g., Java POJOs) – easy code gen
Updates for new APIs
Community support
Write/fork your own!
15. 15
OPEN SOURCE?
Pros:
Community contributions
Open and honest
Street cred
Public forks
Cons:
Cannot reveal proprietary information
• Secret APIs or algorithms
• Potentially embarrassing bugs
Cannot control usage
16. 16
BRANCHING, BUILDING, AND TESTING
Git Flow
Android Build Tools:
• Ant
• Gradle
• Buck
CI Tools:
• Jenkins
• TestDroid
• TestFlight
• TravisCI
17. 17
RELEASING
Distribute via:
GitHub
Language specific
package manager
(e.g., Sonatype, PyPI)
Semantic versioning + Changelog
Announce over:
Twitter
Google Groups
Blog posts
Evangelists
Close open GitHub issues
19. 19
WHAT MAKES A GOOD SDK?
Solves a specific problem above and beyond the API
Minimal handholding
• Documentation
• SDK and code samples
Mock mode (mobile SDKs)
Sandbox
Unit tests
Sandbox tests
20. 20
WHAT IF THINGS GO WRONG?
Developer support (client side problems)
GitHub issues
StackOverflow
Issues sometimes reported long after it was introduced
Release often, encourage upgrades
Practice culture of being polite while asking common questions:
• “Are you using the latest SDK?”
• “What environments/devices do you encounter the problem?”
• “Have you tried turning it off and on again?”
Account or server problem
SDK developers end up being the QA for server side APIs – experts at
what the API ‘really’ does
Defer or engage Developer Technical Support
21. THANK YOU
We’re hiring!
Apply online (ebaycareers.com), or send resume, cover letter,
or GitHub id to Deepak Nadig - dn@paypal.com
04/23/2014