Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

PayPal Access GDG DevFest

These slides were presented at the Google DevFest 2012 in Berlin. They provide information about the implementation & functionality of PayPal Access.

  • Identifiez-vous pour voir les commentaires

PayPal Access GDG DevFest

  1. 1. IDENTIFY YOURSELF WITH ACCESS Tim Messerschmidt Developer EvangelistGDG DEVFEST 2012 developer.PayPal 1  November 2012, Karlsruhe (via Hangout) @SeraAndroid
  2. 2. Who am I? 2  
  3. 3. Agenda•  What is PayPal Access?•  How does it work?•  Why should I use this?•  How to implement that? 3  
  4. 4. Slides goo.gl/u3Rix SlideShare: PayPalEuDevs 4  
  5. 5. WHAT ISACCESS? 5  
  6. 6. Can be used to login with your existing PayPal credentials 6  
  7. 7. Figure:Q3 2012 active users 7  
  8. 8. Leverage existingtechnology to push your own service(s) 8  
  9. 9. Based on OAuth 2.0 or OpenID Connect 9  
  10. 10. Not related to payments 10  
  11. 11. Free to use 11  
  12. 12. Introduced in 2011 12  
  13. 13. Additional features coming soon! 13  
  14. 14. Registration of apps: devportal.x.com 14  
  15. 15. 15  
  16. 16. HOW DOES IT LOOK LIKE? 16  
  17. 17. 17  
  18. 18. 18  
  19. 19. 19  
  20. 20. HOW DOESIT WORK?20   20  
  21. 21. OAuth? OpenID?OpenID Connect? 21  
  22. 22. OAuth 1.0 22  
  23. 23. OAuth 2.0 23  
  24. 24. OPINIONS ON OAUTH 2 24  
  25. 25. OAuth 2.0 & the Road to HellEran Hammer: http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/ 25  
  26. 26. “OAuth 2.0 offers little to none code re-usability” 26  
  27. 27. “What 2.0 offers is a blueprint for anauthorization protocol” 27  
  28. 28. On the Deadness of OAuth 2Tim Bray: http://www.tbray.org/ongoing/When/201x/2012/07/28/Oauth2-dead 28  
  29. 29. “OAuth 2 isuseful today.” 29  
  30. 30. “OAuth 2 may not beperfect, and may have been harmed by the Enterprise crap, but the core of Web functionality […] seems to have survived.” 30  
  31. 31. OpenIDConnect 31  
  32. 32. 5 scopes 1.  profile 2.  emailfor access 3.  address to the 4.  phone profile: 5.  attributes 32  
  33. 33. THEDIFFERENCE 33  
  34. 34. OAuth 2.0 implementation can be easily changed to OpenID Connect Jonathan LeBlanc: https://www.x.com/developers/community/blogs/jcleblanc/migrating-paypal-access-integration-oauth-2-openid-connect   34  
  35. 35. WHYSHOULD IUSE THIS? 35  
  36. 36. People forget passwords…“45 % admit to leaving a websiteinstead of re-setting their passwordor answering security questions” ** Blue Inc. 2011 36  
  37. 37. People don’t like to register…Out of 657 surveyed users 66 %think that social sign-in is a desirablealternative. ** Blue Inc. 2011 37  
  38. 38. THE VALUE 38  
  39. 39. Leveragean existing profile 39  
  40. 40. Verified user accounts 40  
  41. 41. THE FLOW &SOME CODE 41  
  42. 42. Authorization Flow Client Server1.  Open Authorization 2.  Provide login page Endpoint URL 3.  Return Authorization4.  Check callbacks for Token after Authorization Token successful login5.  Request a valid 6.  Check Authorization Access Token Token & return7.  Retrieve user’s Access Token if valid resources 42  
  43. 43. Your components (OAuth 2)Server endpoints: Client details: 43  
  44. 44. Load the Authorization URL in a WebView and… 44  
  45. 45. … start checking the URLs your WebView is loading   45  
  46. 46. Retrieve the Access Token   46  
  47. 47. THE REPLY{ "access_token": "something not so long", "token_type": "Bearer", "refresh_token": ”something not so long", "expires_in": 900, "id_token": "something very long"} 47  
  48. 48. REFRESHING A TOKEN Do a POST including theRefresh Token to this endpoint: https://www.paypal.com/ webapps/auth/protocol/openidconnect/v1/tokenservice 48  
  49. 49. REFRESHING A TOKEN Change the Grant Type:grant_type=refresh_token Add the profile’s scope scope=profile 49  
  50. 50. VALIDATION Do a POST including theAccess Token to this endpoint: https://www.paypal.com/ webapps/auth/protocol/ openidconnect/v1/checkid 50  
  51. 51. VALIDATIONProvide the id_token value you got when receiving the Access Token access_token=myToken 51  
  52. 52. LOGGING OUT THE USER Do a POST including theAccess Token to this endpoint: https://www.paypal.com/ webapps/auth/protocol/openidconnect/v1/endsession 52  
  53. 53. LOGGING OUT THE USER Furthermore you have toadd the following parameters to the POST: redirect_url=myFancyUrl.com logout=true 53  
  54. 54. FURTHERINFORMATION 54  
  55. 55. Useful links•  goo.gl/y9HKO – Migrating PayPal Access to from OAuth 2 to OpenID Connect (Jonathan LeBlanc) •  goo.gl/1wjRV –  Sample project which has some helper classes that enable easy integration Access into your Android app –  Apache V2 55  
  56. 56. Official developer resources•  x.com/identity –  PayPal Access Developer Guide •  x.com/mobile –  PayPal payment products •  Mobile Payments Library (native) •  Mobile Express Checkout (web) 56  
  57. 57. Help!!?! Problems?•  paypal.com/dts –  Developer Technical Services –  Ticketing•  x.com/developers/paypal/forums –  PayPal Developer Forums 57  
  58. 58. INNOVATION 58  
  59. 59. QR Code adoptionbetween different countries 59  
  60. 60. % of Smartphone Audience 20   18   16   14   12   10   8   6   4   2   0   Germany   France   UK   Italy   Spain  * comScore MobiLens July 2012 60  
  61. 61. Adoption of QR Codes70% of 30.000.000 surveyedGerman households recognize QRCodes and know how to use them ** Nielsen 2011 61  
  62. 62. Available" for " Android" & iOS 62  
  63. 63. TL;DR PayPal Access enhancesapplications by adding a verified user-base 63  
  64. 64. QUESTIONS? 64  
  65. 65. THANKS! tmesserschmidt@paypal.com@seraandroid / @paypaleurodev +tim messerschmidt slideshare.net/PayPalEuDev 65  

×