Post on 12-Apr-2017
transcript
Co musí banka udělat pro zapojení do Zingly?
Petr Dvořák CEO at Lime
E-mail: petr@lime-company.eu
Twitter: @joshis_tweets
Sdílejte přátelům a známým
Otázky lze klást v Q&A boxu
Odkaz na Slideshare v popisu videa
Záznam bude dostupný on-line
Infrastruktura Zingly
PowerAuth Server PowerAuth Server
Zingly API Server Zingly API Server
Zingly Multi-Banking Hub Server
Banka A Banka B
Ban
kyUži
vate
lé
PowerAuth Server
Zin
gly
Internetové bankovnictví
Internetové bankovnictví
PowerAuth Server PowerAuth Server
Zingly API Server Zingly API Server
Zingly Multi-Banking Hub Server
Banka A Banka B
Ban
kyUži
vate
lé
PowerAuth Server
Zin
gly
Internetové bankovnictví
Internetové bankovnictví
PowerAuth Server PowerAuth Server
Zingly API Server Zingly API Server
Zingly Multi-Banking Hub Server
Banka A Banka B
Ban
kyUži
vate
lé
PowerAuth Server
Zin
gly
Internetové bankovnictví
Internetové bankovnictví
PowerAuth Server
Zingly API ServerInternetové bankovnictví
SOAP REST-ish
SOAP REST-ish
PowerAuth 2.0 Standard API Zingly Banking API
PowerAuth Server
Zingly API ServerInternetové bankovnictví
Internal Banking Infrastructure
Plugin / Adapter Plugin / Adapter
Connector
Použité technologie
Spring Boot
JPA + Hibernate
Aplikace - Java EE 7
OracleDB, IBM DB2,
MySQL, PostgreSQL
Databáze - JPA2.0
Github
Maven
Development
*
* komerční support
SOAP
REST
Service API
Postup nasazování
PowerAuth Server
Zingly API ServerInternetové bankovnictví
1. Nasazení PowerAuth 2.0 Serveru
PowerAuth Server
Zingly API ServerInternetové bankovnictví
2. Integrace s IB
PowerAuth Server
Zingly API ServerInternetové bankovnictví
3. Nasazení Zingly API Serveru
Nasazení PowerAuth 2.0 Serveru
https://github.com/lime-company/lime-security-powerauth/blob/master/powerauth-docs/source/tutorial/deployment.md
1. Stáhněte si PowerAuth 2.0 Serverhttps://github.com/lime-company/lime-security-powerauth/releases/tag/0.8
2. Přidejte DB connector na classpathmysql-connector-java-${VERSION}.jar
3. Vytvořte databázové schéma
4. Nastavte parametry pro připojení PowerAuth serveru do DB
spring.datasource.url=jdbc:mysql://localhost:3306/powerauth spring.datasource.username=powerauth spring.datasource.password= spring.datasource.driver-class-name=com.mysql.jdbc.Driver spring.jpa.hibernate.ddl-auto=none
5. Nasaďte WAR soubor do Java EE aplikačního containeru
Nebo spusťte ”java -jar powerauth-java-server.war”
Demo
PowerAuth Server
Zingly API ServerInternetové bankovnictví
SOAP REST-ish
PowerAuth 2.0 Standard API Zingly Banking API
SOAP REST-ish
PowerAuth 2.0 Admin
Správa aplikací
Přehled aktivací uživatele
Nová aktivace
Detail a správa aktivace
1. Stáhněte si PowerAuth 2.0 Adminhttps://github.com/lime-company/lime-security-powerauth/releases/tag/0.8
2. Nastavte cestu k PowerAuth Serveru
powerauth.service.url=http://localhost:8080/powerauth/soap
3. Nasaďte WAR soubor do Java EE aplikačního containeru
Nebo spusťte ”java -jar powerauth-admin.war”
Demo
PowerAuth Server
Zingly API ServerInternetové bankovnictví
SOAP REST-ish
PowerAuth 2.0 Standard API Zingly Banking API
SOAP REST-ish
PowerAuth Admin
Integrace PowerAuth 2.0 a Internetbankingu
https://github.com/lime-company/lime-security-powerauth/blob/master/powerauth-docs/source/tutorial/internet-banking.md
Admin ~ Internetbanking
1. Přidejte do projektu Maven závislost
<dependency> <groupId>io.getlime.security</groupId> <artifactId>powerauth-java-client</artifactId> <version>0.0.8</version> </dependency>
<dependency> <groupId>io.getlime.security</groupId> <artifactId>powerauth-java-client</artifactId> <version>0.0.8</version> </dependency>
<dependency> <groupId>io.getlime.security</groupId> <artifactId>powerauth-java-client</artifactId> <version>0.0.8</version> </dependency>
<dependency> <groupId>io.getlime.security</groupId> <artifactId>powerauth-java-client</artifactId> <version>0.0.8</version> </dependency>
2. Napojte se na PowerAuth Server
@Configuration @ComponentScan(basePackages = {"io.getlime"}) public class PowerAuthWebServiceConfiguration {
@Bean public Jaxb2Marshaller marshaller() { Jaxb2Marshaller marshaller = new Jaxb2Marshaller(); marshaller.setContextPath("io.getlime.powerauth.soap"); return marshaller; }
@Bean public PowerAuthServiceClient powerAuthClient(Jaxb2Marshaller m) { PowerAuthServiceClient client = new PowerAuthServiceClient(); client.setDefaultUri("http://localhost:8080/powerauth/soap"); client.setMarshaller(marshaller); client.setUnmarshaller(marshaller); return client; }
}
@Configuration @ComponentScan(basePackages = {"io.getlime"}) public class PowerAuthWebServiceConfiguration {
@Bean public Jaxb2Marshaller marshaller() { Jaxb2Marshaller marshaller = new Jaxb2Marshaller(); marshaller.setContextPath("io.getlime.powerauth.soap"); return marshaller; }
@Bean public PowerAuthServiceClient powerAuthClient(Jaxb2Marshaller m) { PowerAuthServiceClient client = new PowerAuthServiceClient(); client.setDefaultUri("http://localhost:8080/powerauth/soap"); client.setMarshaller(marshaller); client.setUnmarshaller(marshaller); return client; }
}
@Configuration @ComponentScan(basePackages = {"io.getlime"}) public class PowerAuthWebServiceConfiguration {
@Bean public Jaxb2Marshaller marshaller() { Jaxb2Marshaller marshaller = new Jaxb2Marshaller(); marshaller.setContextPath("io.getlime.powerauth.soap"); return marshaller; }
@Bean public PowerAuthServiceClient powerAuthClient(Jaxb2Marshaller m) { PowerAuthServiceClient client = new PowerAuthServiceClient(); client.setDefaultUri("http://localhost:8080/powerauth/soap"); client.setMarshaller(marshaller); client.setUnmarshaller(marshaller); return client; }
}
@Configuration @ComponentScan(basePackages = {"io.getlime"}) public class PowerAuthWebServiceConfiguration {
@Bean public Jaxb2Marshaller marshaller() { Jaxb2Marshaller marshaller = new Jaxb2Marshaller(); marshaller.setContextPath("io.getlime.powerauth.soap"); return marshaller; }
@Bean public PowerAuthServiceClient powerAuthClient(Jaxb2Marshaller m) { PowerAuthServiceClient client = new PowerAuthServiceClient(); client.setDefaultUri("http://localhost:8080/powerauth/soap"); client.setMarshaller(marshaller); client.setUnmarshaller(marshaller); return client; }
}
3. Používejte PowerAuthServiceClient ve vaší aplikaci
@Controller @RequestMapping(value = "/ib/settings") public class AuthenticationController {
@Autowired private PowerAuthServiceClient client;
// ... Controller code
List<Activations> aL = client.getActivationListForUser(uid);
}
@Controller @RequestMapping(value = "/ib/settings") public class AuthenticationController {
@Autowired private PowerAuthServiceClient client;
// ... Controller code
List<Activations> aL = client.getActivationListForUser(uid);
}
Blokace / odblokování aktivace
Odstranění aktivace
Nová aktivace a “commit” aktivace
Přehled aktivací
PowerAuth Server
Zingly API ServerInternetové bankovnictví
SOAP REST-ish
PowerAuth 2.0 Standard API Zingly Banking API
SOAP REST-ish
PowerAuth Admin
Nasazení Zingly API Serveru
Open-source *
* již brzy
PowerAuth Server
Zingly API ServerInternetové bankovnictví
SOAP REST-ish
PowerAuth 2.0 Standard API Zingly Banking API
SOAP REST-ish
PowerAuth Admin
PowerAuth Server
Zingly API ServerInternetové bankovnictví
SOAP REST-ish
SOAP REST-ish
PowerAuth 2.0 Standard API Zingly Banking API
Bankovní službyPowerAuth
Admin
Orchestruje obchodní logiku
Služby pro přehledy účtů a transakcí
Vystavuje PowerAuth 2.0 Standard API
Integrace s PowerAuth 2.0 Serverem
Služby pro realizaci platby
Orchestruje obchodní logiku
Služby pro přehledy účtů a transakcí
Vystavuje PowerAuth 2.0 Standard API
Integrace s PowerAuth 2.0 Serverem
Služby pro realizaci platby
1. Stáhněte si Zingly API ServerTBD - TODO - SOON
2. Nastavte cestu k PowerAuth Serveru
powerauth.service.url=http://localhost:8080/powerauth/soap
3. Rozšiřte projekt o vaše specifické technologie a knihovny
4. Naimplementujte bankovní službu
public interface ZinglyService { public List<AccountModel> getAccountsForUser(String userId); public boolean canGetTransactions(String userId, String iban); public List<TransactionModel> getTransactionsForAccount( String iban, Date dateFrom, Date dateTo, BigInteger offset, BigInteger itemCount ); public boolean canExecutePayment(String userId, String iban); public List<ErrorModel> validatePayment(PaymentModel payment); public PaymentModel executePayment(PaymentModel payment);
// ...
}
public interface ZinglyService { public List<AccountModel> getAccountsForUser(String userId); public boolean canGetTransactions(String userId, String iban); public List<TransactionModel> getTransactionsForAccount( String iban, Date dateFrom, Date dateTo, BigInteger offset, BigInteger itemCount ); public boolean canExecutePayment(String userId, String iban); public List<ErrorModel> validatePayment(PaymentModel payment); public PaymentModel executePayment(PaymentModel payment);
// ...
}
Ukázka kódu
PowerAuth Server
Zingly API ServerInternetové bankovnictví
SOAP REST-ish
SOAP REST-ish
PowerAuth 2.0 Standard API Zingly Banking API
Bankovní službyPowerAuth
Admin
Testování integrace
https://github.com/lime-company/lime-security-powerauth/blob/master/powerauth-docs/source/tutorial/console-client-app.md
1. Stáhněte si PowerAuth 2.0 CMDhttps://github.com/lime-company/lime-security-powerauth/releases
2. Připravte si konfigurační soubor
$ cat /tmp/pamk.json { "applicationName": "PowerAuth 2.0 Reference Client", "applicationId": "Xg2sNup4wH7UQdchEld10w==", "applicationSecret": "+k9EBCszvcDOalMK9FZYiQ==", "masterPublicKey": "BByU43YKRNkzB+1/rahhaJC4kiGNiciYrcTBrL8=" }
3. Testujte integraci :-)
$ java -jar powerauth-java-cmd.jar --url "http://localhost:8080/zingly-api" --config-file "/tmp/pamk.json" --status-file "/tmp/pa_status.json" --method "prepare" --password "1234" --activation-code "F3CCT-FNOUS-GEVJF-O3HMV"
$ cat /tmp/pa_status.json { "activationId" : "24ac43a6-375e-4428-843a-84a2faa87e8e" "counter" : 4, "signaturePossessionKey" : "CwCviJR/wGqm8wNrNe4JGA==", "signatureKnowledgeKeyEncrypted" : "WFKHFrezmYuFAUToAQ==", "signatureKnowledgeKeySalt" : "RmDQ8hwsy0V/Gi1GHDKjWw==", "signatureBiometryKey" : "K2ZrnBP/AU2dWheFJOQKvw==", "transportMasterKey" : "kp2sNKVGepV9xtTwLXs/5g==", "encryptedDevicePrivateKey" : "17LLl/C8pYo/YA+w4Z6z1LLZa2U", "serverPublicKey" : "BEWx7a6LnkW7ckbJKUz2IINY5VSL0U6INwM=" }
$ cat /tmp/pa_status.json { "activationId" : "24ac43a6-375e-4428-843a-84a2faa87e8e" "counter" : 4, "signaturePossessionKey" : "CwCviJR/wGqm8wNrNe4JGA==", "signatureKnowledgeKeyEncrypted" : “WFKHFrezmYuFAUToAQ==", "signatureKnowledgeKeySalt" : "RmDQ8hwsy0V/Gi1GHDKjWw==", "signatureBiometryKey" : "K2ZrnBP/AU2dWheFJOQKvw==", "transportMasterKey" : "kp2sNKVGepV9xtTwLXs/5g==", "encryptedDevicePrivateKey" : "17LLl/C8pYo/YA+w4Z6z1LLZa2U", "serverPublicKey" : "BEWx7a6LnkW7ckbJKUz2IINY5VSL0U6INwM=" }
$ cat /tmp/pa_status.json { "activationId" : "24ac43a6-375e-4428-843a-84a2faa87e8e" "counter" : 4, "signaturePossessionKey" : "CwCviJR/wGqm8wNrNe4JGA==", "signatureKnowledgeKeyEncrypted" : "WFKHFrezmYuFAUToAQ==", "signatureKnowledgeKeySalt" : "RmDQ8hwsy0V/Gi1GHDKjWw==", "signatureBiometryKey" : "K2ZrnBP/AU2dWheFJOQKvw==", "transportMasterKey" : "kp2sNKVGepV9xtTwLXs/5g==", "encryptedDevicePrivateKey" : "17LLl/C8pYo/YA+w4Z6z1LLZa2U", "serverPublicKey" : "BEWx7a6LnkW7ckbJKUz2IINY5VSL0U6INwM=" }
$ cat /tmp/pa_status.json { "activationId" : "24ac43a6-375e-4428-843a-84a2faa87e8e" "counter" : 4, "signaturePossessionKey" : "CwCviJR/wGqm8wNrNe4JGA==", "signatureKnowledgeKeyEncrypted" : "WFKHFrezmYuFAUToAQ==", "signatureKnowledgeKeySalt" : "RmDQ8hwsy0V/Gi1GHDKjWw==", "signatureBiometryKey" : "K2ZrnBP/AU2dWheFJOQKvw==", "transportMasterKey" : "kp2sNKVGepV9xtTwLXs/5g==", "encryptedDevicePrivateKey" : "17LLl/C8pYo/YA+w4Z6z1LLZa2U", "serverPublicKey" : "BEWx7a6LnkW7ckbJKUz2IINY5VSL0U6INwM=" }
$ cat /tmp/pa_status.json { "activationId" : "24ac43a6-375e-4428-843a-84a2faa87e8e" "counter" : 4, "signaturePossessionKey" : "CwCviJR/wGqm8wNrNe4JGA==", "signatureKnowledgeKeyEncrypted" : "WFKHFrezmYuFAUToAQ==", "signatureKnowledgeKeySalt" : "RmDQ8hwsy0V/Gi1GHDKjWw==", "signatureBiometryKey" : "K2ZrnBP/AU2dWheFJOQKvw==", "transportMasterKey" : "kp2sNKVGepV9xtTwLXs/5g==", "encryptedDevicePrivateKey" : "17LLl/C8pYo/YA+w4Z6z1LLZa2U", "serverPublicKey" : "BEWx7a6LnkW7ckbJKUz2IINY5VSL0U6INwM=" }
$ cat /tmp/pa_status.json { "activationId" : "24ac43a6-375e-4428-843a-84a2faa87e8e" "counter" : 4, "signaturePossessionKey" : "CwCviJR/wGqm8wNrNe4JGA==", "signatureKnowledgeKeyEncrypted" : "WFKHFrezmYuFAUToAQ==", "signatureKnowledgeKeySalt" : "RmDQ8hwsy0V/Gi1GHDKjWw==", "signatureBiometryKey" : "K2ZrnBP/AU2dWheFJOQKvw==", "transportMasterKey" : "kp2sNKVGepV9xtTwLXs/5g==", "encryptedDevicePrivateKey" : "17LLl/C8pYo/YA+w4Z6z1LLZa2U", "serverPublicKey" : "BEWx7a6LnkW7ckbJKUz2IINY5VSL0U6INwM=" }
$ cat /tmp/pa_status.json { "activationId" : "24ac43a6-375e-4428-843a-84a2faa87e8e" "counter" : 4, "signaturePossessionKey" : "CwCviJR/wGqm8wNrNe4JGA==", "signatureKnowledgeKeyEncrypted" : "WFKHFrezmYuFAUToAQ==", "signatureKnowledgeKeySalt" : "RmDQ8hwsy0V/Gi1GHDKjWw==", "signatureBiometryKey" : "K2ZrnBP/AU2dWheFJOQKvw==", "transportMasterKey" : "kp2sNKVGepV9xtTwLXs/5g==", "encryptedDevicePrivateKey" : "17LLl/C8pYo/YA+w4Z6z1LLZa2U", "serverPublicKey" : "BEWx7a6LnkW7ckbJKUz2IINY5VSL0U6INwM=" }
PowerAuth Server
Zingly API ServerInternetové bankovnictví
SOAP REST-ish
SOAP REST-ish
PowerAuth 2.0 Standard API Zingly Banking API
Bankovní službyPowerAuth
Admin
PowerAuth Server PowerAuth Server
Zingly API Server Zingly API Server
Zingly Multi-Banking Hub Server
Banka A Banka B
Ban
kyUži
vate
lé
PowerAuth Server
Zin
gly
Internetové bankovnictví
Internetové bankovnictví
Děkuji
Petr Dvořák e-mail: petr@lime-company.eu twitter: @zinglyapp
http://zingly.cz/
31.3., 15:00 - 16:00 Dopad multi-bankingu a otevřených bankovních API do obchodního fungování bank
Otázky? :-)
Petr Dvořák e-mail: petr@lime-company.eu twitter: @zinglyapp
http://zingly.cz/