I'm trying to implement below doc , where in my website there will be a stripe connect button after click on button if user login then user will connect and I will save user stripe session id.
https://stripe.com/docs/building-extensions
But this doc is deprecated.
In stripe docs not getting any clue how I will do the same thing. I have tried by
$stripeAccountLink = $this->StripeClient->accountLinks->create([
'account' => 'acct_1MQqv1SHt2ASWOGp',
'refresh_url' => url("/profile-edit"),
'return_url' => url("/profile-edit"),
'type' => 'account_onboarding',
]);
So here after redirect user always user need to create a new account. Why it's not just connect and redirect me if user already log in and am I in right way ?
docs : https://stripe.com/docs/connect/standard-accounts
Related
I'm retrieving a connected account thanks to Stripe PHP library, updating a few information and trying to save it. But, it throws this error message:
This account can only be updated with an account token, because it was
originally created with an account token. (Attempted to update param
'legal_entity' directly.)
Here is my code:
\Stripe\Stripe::setApiKey('sk_MYSTRIPESECRETKEY');
$account = \Stripe\Account::retrieve(ACCOUNT_ID);
$account['legal_entity'] = array('dob' => array('day' => 01,'month' => 01,'year' => 1970));
$account->save();
What am I doing wrong ?
The solution was: creating a token and filling it with the legal entity fields I needed.
I am using laravel 5.5 and trying to do integrate a payment processor (local one) into the solution I am building. The issue : The processor is giving data needed on requests as data that needs to posted, and the problem is that some of that data are confidential !
So if I integrate them as hidden inputs in the form and post them using JS or even as a normal form, any user could access that data.
The solution for me is to handle the request of the user (his choice of paying online) and from there, I redirect him to the payment gateway with a POST method that contains all the data needed by the procesor.
What I've tried so far is using Guzzle, but guzzle is somehow acting like an ajax request, actualy even like an API request, it waits for data to return, while I don't need it, in fact, I have to redirect the user so that he can enter his payment details and authorize the payment.
$user = Auth::user();
$processorData = [
'NumSite' => 'XXXXXX',
'Password' => 'XXXXXXX',
'Amount' => $invoice->total,
'Devise' => 'TND',
'orderId' => $id,
'PayementType' => 1,
'EMAIL' => $user->email,
'signture' => sha1('XXXXXX'.'XXXXXXX'.$id.$invoice->total.'TND')
];
$client = new Client();
$request = $client->post('https://preprod.gpgcheckout.com/Paiement_test/Validation_paiement.php',
['paiment' => $processorData]);
I also tried a redirect, a curl .. same thing.
What I'm looking to achieve is like posting some data on behalf of user choice but without letting anyone see the hidden fields in my source code (html page)
Thank you
I am trying to create a log in using AWS Cognito
I have setup the federated identities, and added a user pool, and added a email address to the user pool.
I have created some PHP code to getID and to OpenIDToken.
Which is a good start, but this only works in an unauthenticated setup I want to be able to log a user in using the username and password that was given to them .
I can't seem to find any information that I am able to understand to get this to work.
How do I go about logging a user in from a user Pool using PHP and AWS API v3?
Here is the code I have now:
include "vendor/autoload.php";
use Aws\CognitoIdentity\CognitoIdentityClient;
$identityClient = CognitoIdentityClient::factory(array(
'region' => 'us-east-1',
'version'=>'latest',
'credentials' => array(
'key' => $awsuser,
'secret' => $awssecret,
)
));
$idResp = $identityClient->getId(array(
'AccountId' => 'XXXXXXXXXXX',
'IdentityPoolId' => 'us-east-1:0689a59d-d385-4f80-88ce-XXXXXXXXXXXX',
));
$identityId = $idResp["IdentityId"];
echo $identityId;
$tokenResp = $identityClient->getOpenIdToken(array(
'IdentityId' => $identityId
));
$token = $tokenResp["Token"];
echo $token;
Sorry for the confusion. When you sign in with Cognito User Pools, you'll get a few tokens. One of which is the id token, you'll need to pass that in to the Cognito federated identities client logins map with 'cognito-idp..amazonaws.com/' as the key. More information is available in the developer guide. You might also find this blog post useful, it has examples of how to set logins using the PHP SDK.
I am the owner and admin of a LinkedIn company page: https://www.linkedin.com/company/{id}/.
I want to connect to LinkedIn and get return a JSON-feed with latest 10 posts on my company wall to display on my website so I touch on the service https://api.linkedin.com/v1/companies/{id}/updates?format=json.
The JSON is outputted in linkedin.php. This file is then included in my web page, say index.php.
I have registrered an app at https://developer.linkedin.com. I have entered my Client ID and Client Secret in PHP-LinkedIn-SDK available here https://github.com/ashwinks/PHP-LinkedIn-SDK.
I followed the developer documentation I need to authenticate first. When I run linkedin.php I am redirected to sign into my LinkedIn profile. I have to finish this step in order to touch the service above.
With the current solution my users will have to login into LinkedIn when they access my website.
How can I access a list of my company's LinkedIn posts without prompting my users to sign in?
Thanks.
1. Generate your access token
Follow the documentation https://github.com/ashwinks/PHP-LinkedIn-SDK to create a login link.
2. Save your access token
Once you get it, it will be available for 60 days. Save it into your database.
3. Fetch your company posts
You can use the same access token to fetch company contents
$li = new LinkedIn(...);
$li->setAccessToken(YOUR_ACCESS_TOKEN);
$posts = $li->get('/companies/YOUR_COMPANY_ID/updates/');
4. Manage response
Cache or display the response after parsing it.
Hope that helps,
Use https://packagist.org/packages/linkedinapi/linkedin
$li = new LinkedIn(
array(
'api_key' => 'yourapikey',
'api_secret' => 'yourapisecret',
'callback_url' => 'https://yourdomain.com/redirecthere'
)
);
//Get the login URL - this accepts an array of SCOPES
$url = $li->getLoginUrl(
array(
LinkedIn::SCOPE_BASIC_PROFILE,
LinkedIn::SCOPE_EMAIL_ADDRESS,
LinkedIn::SCOPE_NETWORK
)
);
/*LinkedIn will redirect to 'callback_url' with an access token as the 'code' parameter. You might want to store the token in your session so the user doesn't have to log in again*/
$token = $li->getAccessToken($_REQUEST['code']);
$token_expires = $li->getAccessTokenExpiration();
//Make a request to the API
$info = $li->get('/people/~:(first-name,last-name,positions)');
$li = new LinkedIn(
array(
'api_key' => 'yourapikey',
'api_secret' => 'yourapisecret',
'callback_url' => 'https://yourdomain.com/redirecthere',
'curl_options' => array(
CURLOPT_PROXY => '127.0.0.1:80',
),
)
)
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
The majority are looking for a login system with Facebook, but that's not my intention here. I've been reading all around for Facebook's login system via oAuth 2.0, but I'm looking for a registration system. I've also read about Facebook-like registration system, where you get a form that is styled like Facebook - Again, not looking for this one.
What I'm interested in is this:
User goes to my website's native registration page
The user is shown with the common registration fields and a Register with Facebook button
If the user decides to use the Facebook button, he automatically skips over the normal method
User clicks the Facebook register button
I grab all the data somehow via oAuth (ID, Nickname, email) and register the user to my own DB (?)
Once the user returns from Facebook to my website (callback URI), they can set a password for their account (?)
User logs in as he's having a normal account on my website, through the normal login page
The list items marked with (?) are the steps I'm having trouble to achieve and understand.
So basically, I don't want to rely on Facebook each time an user comes to my website. I want to use Facebook only once and then the account is independent.
If this is a bad approach, please let me know why and tell me how the majority does it exactly. If someone could help me out with this I'd be very grateful.
My application is written in PHP and the DBMS is MySQL.
Basically the main thing that you don't want to happen is for your users to need to use 2 different systems to log into your application. They should be able to choose one and then continue using it without ever having to use the other method.
If your user chooses to use your native login, you take control and insert their information into the database. It'll probably be with a username + password so when they return, you would match their login form to the data you have stored and verify their identity like that.
If the user chooses Facebook as their login method, they will be redirected to the Facebook app login, get authenticated, get sent back to your site (callback URI) and then you'll be able to extract their information from Facebook's Graph API and save what you need to in your database for future use so that you wouldn't need to re-request that data again from Facebook. Stuff like the users first name, birthday, etc... Things that are not going to change.
You'll still have to use some unique identity field of the user for your database, I recommend that you use their Facebook user id.
When a Facebook user returns to your site - they will still click on the Facebook login button and still go through the same process as before - only this time, Facebook knows that they have already authenticated with this application, so the login process is handled behind the scene and the user arrives at your site already logged in. All you need to do from there is know what that user's id is (/me) and that's it!
One more scenario I should mention, is the case that the user is entirely logged out of Facebook when arriving at your site. In this case, you would still display a "login with Facebook" button and when the user enters the Facebook login flow, they will be requested to sign into Facebook first. Once that is done, still as part of the flow, the user will be redirected back to the app login, and then back to your site all in one go. It's something that Facebook handles and you don't need to worry about it at all.
NOTE
There is no need for an additional password on your side... This would cancel out the whole one-click-easy-login-hey-presto magic that makes the Facebook login plugin so effective.
I recommend taking look at the source code in the question I've asked:
Facebook PHP SDK - User still shows as logged in on web app even though logged out of Facebook
You'll be specifically interested in the following part, which is after a user has logged in and authenticated your site to access their profile information:
`
$user_profile = $facebook->api('/me','GET');
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$id = test_input($user_profile['id']);
$name = test_input($user_profile['name']);
$first_name = test_input($user_profile['first_name']);
$last_name = test_input($user_profile['last_name']);
$link = test_input($user_profile['link']);
$username = test_input($user_profile['username']);
$gender = test_input($user_profile['gender']);
$email = test_input($user_profile['email']);
$timezone = test_input($user_profile['timezone']);
$locale = test_input($user_profile['locale']);
$verified = test_input($user_profile['verified']);
$table_name= $wpdb->prefix . "fcm_fbusercreds";
$currentmember_result = $wpdb->get_results(
"
SELECT *
FROM $table_name
WHERE id = $id
"
);
if(empty($currentmember_result)){
$wpdb->insert( $table_name, array( 'lastupdated' => current_time('mysql'), 'id' => $id, 'name' => $name, 'first_name' => $first_name, 'last_name' => $last_name, 'link' => $link, 'username' => $username, 'gender' => $gender, 'email' => $email, 'timezone' => $timezone, 'locale' => $locale, 'verified' => $verified, 'coach' => "0" ) );
} else {
foreach ($currentmember_result as $result){
$wpdb->update( $table_name, array( 'lastupdated' => current_time('mysql'), 'name' => $name, 'first_name' => $first_name, 'last_name' => $last_name, 'link' => $link, 'username' => $username, 'gender' => $gender, 'email' => $email, 'timezone' => $timezone, 'locale' => $locale, 'verified' => $verified, 'coach' => "0" ), array( 'id' => $result->id ) );
}
}
`
The code parses the Facebook user profile information and then either adds a user record into a database, or updates the user profile within the database.
If you have no intention of retaining permissions for future use, then I believe you can remove your "app" from having permissions to the user's profile. You'll want to research that further.