Upgrade to Pro — share decks privately, control downloads, hide ads and more …

KhunThong From Zero To One

KhunThong From Zero To One

LINE Developers Thailand

September 13, 2020
Tweet

More Decks by LINE Developers Thailand

Other Decks in Technology

Transcript

  1. KhunThong From Zero to One
    ex-Delivery Manager &
    ex-Advanced Innovation Engineer,
    KBTG
    Chayakorn
    Pamonratthanakul
    Worakrit
    Louwitawas
    Advanced Innovation
    Product Manger, KBTG
    Kannapon
    Pakdeewattanakul
    Advanced Innovation
    Engineer, KBTG

    View full-size slide

  2. From Zero to One
    KHUNTHONG
    DEVELOPMENT
    by

    View full-size slide

  3. The social chatbot that helps friends settle
    expenses in a LINE group
    KHUNTHONG

    View full-size slide

  4. From Garage to Production
    KHUNTHONG

    View full-size slide

  5. Our First
    Version!

    View full-size slide

  6. POC
    Within 2 Weeks
    and Zero Budget

    View full-size slide

  7. Actualize
    with Customers

    View full-size slide

  8. Alpha
    Phase
    Beta
    Phase
    Public
    Launch
    Now
    3.5K 34K 380K
    1K
    KHUNTHONG USERS
    #Number of Members in All Groups

    View full-size slide

  9. KHUNTHONG STATS
    4M
    Messages Monthly
    190k
    Added Friends
    70k
    Groups

    View full-size slide

  10. AGENDA
    • Why LINE APIs?
    • Architecture Design
    • OCR Technique
    • Security Practices
    • KhunThong 2.0

    View full-size slide

  11. LINE LOGIN
    3 GREAT THINGS
    Enhanced by LINE APIs
    Instant
    Onboard
    Zero-Baht
    Initial Cost

    View full-size slide

  12. REQUESTER:
    Create Bill
    Reading Receipt (OCR)
    Daily Auto-Reminder
    Create Scheduled Bill NEW!
    Dummy Account NEW!
    KHUNTHONG FEATURES

    View full-size slide

  13. KHUNTHONG FEATURES
    PAYER:
    E-Slip Verified with QR
    Link Acc. with KhunThong

    View full-size slide

  14. #Medal
    Campaign Center
    KHUNTHONG FEATURES

    View full-size slide

  15. #Covid19
    Donate with Share Target
    Picker
    KHUNTHONG FEATURES

    View full-size slide

  16. LINE API REFERENCE
    - Token Verify
    - Push/Reply Message
    - Get Group Members
    - Get Member Profile
    - Get Image
    - Leave Group
    - LINE Login
    - Open/Close Window
    - Get AccessToken
    - Send Message
    - Get OS
    - Get Context
    - Share TargetPicker(#Covid19)
    #LINE FrontEnd Framework
    (LIFF V2) and LINE Login
    #LINE Messaging API

    View full-size slide

  17. KHUNTHONG TECHSTACK
    LINE API PROGRAMING LANGUAGE CLOUD & SERVICES DEPLOYMENT
    ANALYTICS
    SUPPORT SERVICES
    ● ReactJS + LIFFv2
    ● OATH2.0
    ● Encrypt + Decrypt Request And
    Response
    WEB
    ● GIN Gonic framework
    ● ECHO Labstack framework
    ● CI/CD deployment
    ● OCR Formatter engine.
    APP
    ● NO-SQL Database Structure
    ● Encrypt/Decrypt DB
    DATABASE
    Bot and OCR Engine

    View full-size slide

  18. DB Replicas
    EC2 Medium
    MQM
    EC2 Large
    OCR/Formatter
    AWS EKS Cluster
    SYSTEM ARCHITECTURE
    K8S
    Pods
    Bot
    LINE
    Application
    K8S
    Pods
    Web
    K8S
    Pods
    OCR
    K8S
    Pods
    api-service
    Cloudfront ELB
    VPC
    Network
    KBank OpenAPI

    View full-size slide

  19. OCR Technique
    KHUNTHONG

    View full-size slide

  20. OCR Working
    with Customized
    Formatter

    View full-size slide

  21. OCR Working
    with Customized
    Formatter

    View full-size slide

  22. OCR Working
    with Customized
    Formatter

    View full-size slide

  23. OCR X CUSTOMIZED FORMATTER
    2. Run in the OCR Engine
    3. Return Array of Items and Prices
    1. Get Message ID (Image)
    Google
    Vision
    S3
    Image
    Extract the data
    Template
    Matcher

    View full-size slide

  24. Security Practices in LIFF
    KHUNTHONG

    View full-size slide

  25. 2. Encryption / Decryption
    3. Local Storage in Device
    SECURITY PRACTICES IN LIFF
    1. LINE Login and OAuth2.0

    View full-size slide

  26. SECURITY PRACTICES IN LIFF
    var token string
    if strings.HasPrefix(c.Request.Header.Get("Authorization"),
    "Bearer") {
    //Handle Permission Denied
    return
    }
    //Send Request to Validate token With LINE OATH2.0
    LINE Login and OAuth

    View full-size slide

  27. KHUNTHONG ENCRYPT/DECRYPT DIAGRAM
    Start Session
    - Verify Token by OAUTH2
    - Generate Dynamic ShareKey and Salt
    - Verify Token by OAUTH2
    - Validate HMAC
    - AES Decrypt request data
    - AES Encrypt (ShareKey + request data)
    - HMAC(AES + SALT)
    - Send Request

    View full-size slide

  28. SECURITY PRACTICES IN LIFF
    Encryption / Decryption
    //update every time when open LIFF
    bodyEncryptString := string(req.Data)
    decodedMsgWithHmac, err := base64.StdEncoding.DecodeString(bodyEncryptString)
    //Handle error
    hMacCli := decodedMsgWithHmac[:BlockSizeHmac]
    decodedMsg := decodedMsgWithHmac[BlockSizeHmac:]
    statusHMac := ValidMAC(decodedMsg, hMacCli, []byte(salt))
    //Validate HMAC
    iv := decodedMsg[:NONCESIZE]
    msg := decodedMsg[NONCESIZE:]
    //decrypt Body
    bodyDecryptString, err := DecryptAES([]byte(key), msg, iv)

    View full-size slide

  29. SECURITY PRACTICES IN LINE
    Local Storage in Device
    LINE
    Device#1
    With Authenticated
    Local Key Storage
    Validate pass
    LINE
    Device#2
    (New)
    Without Authenticated
    Local Key Storage
    *Require New Authentication
    with K PLUS

    View full-size slide

  30. Scheduled Bill
    Multiple Bill
    Trip Mode
    Let’s Split the Bill!
    LINE OA: @Khunthong

    View full-size slide