As you might have read over at our PayPal Forward Blog it’s time to celebrate for PayPal | Developer. One year ago we relaunched our Developer Platform with way clearer documentation, new REST APIs and our CardIO-enhanced Mobile SDK that allows for frictionless payments on Android and iOS.
Today I want to quickly elaborate on an amazing new feature of our mSDK version 2.0 called Future Payments that allows for great use-cases like subscription payments without requiring the user to re-authorize each payment by logging in again. Great experiences like the ones that you can find when using Uber can be created by using this kind of payment. By authorizing the application once to handle future transaction the user grants the application a revokable token that will be passed in all future transactions and therefore skips the login step.
Implementing this step is actually very easy as our SDK got even easier with version 2. First of all we need to change the configuration of the SDK slightly. In the following examples I will showcase how to do so when working on Android apps – bear in mind that implementing this feature in iOS is equally easy to handle:
| private static PayPalConfiguration config = new PayPalConfiguration() | |
| .environment(CONFIG_ENVIRONMENT) | |
| .clientId(CONFIG_CLIENT_ID) | |
| // The following are only used in PayPalFuturePaymentActivity. | |
| .merchantName("Innovative cab app") | |
| .merchantPrivacyPolicyUri(Uri.parse("https://www.example.com/privacy")) | |
| .merchantUserAgreementUri(Uri.parse("https://www.example.com/legal")); |
by If you’ve worked with our SDK prior this version you will see that the configuration got much easier by removing all Intent Extras and adding dedicated methods for initializing the SDK.
After the user logged in an OAuth 2.0 authorize token is being returned which can be exchanged against a short-lived access token. Furthermore a refresh token is being returned which we will need to acquire a new access token once the previous one becomes invalid.
| Intent intent = new Intent(MyActivity.this, PayPalFuturePaymentActivity.class); | |
| startActivityForResult(intent, REQUEST_CODE_FUTURE_PAYMENT); |
By using the startActivityForResult mechanism we receive the PayPalAuthorization in onActivityForResult:
| @Override | |
| protected void onActivityResult(int requestCode, int resultCode, Intent data) { | |
| if (requestCode == REQUEST_CODE_FUTURE_PAYMENT) { | |
| if (resultCode == Activity.RESULT_OK) { | |
| PayPalAuthorization auth = data | |
| .getParcelableExtra(PayPalFuturePaymentActivity.EXTRA_RESULT_AUTHORIZATION); | |
| if (auth != null) { | |
| String authorization_code = auth.getAuthorizationCode(); | |
| // send authorization code to server to receive the access & refresh code | |
| } | |
| } | |
| } | |
| } |
The payment is being handled on server-side – to do so we hand over the app’s correlation ID and payment details to the backend. To acquire the correlation ID we leverage a method that we introduced with version 2.0 of the SDK:
| String correlationId = PayPalConfiguration.getApplicationCorrelationId(this); |
It is required that the application provides a way to revoke the token on client-side to ensure a user-friendly experience.
We are looking forward to bringing even more great features to the SDK and are as always keen for your feedback!
Best regards,
Tim