I'm not using Stripe.JS because I need custom UI.
I have collected card information from my customer. I'm using the PHP SDK.
My workflow is
create customer
add/attach payment method to customer
create payment intent
Every works fine. Now the issue that is if the end user uses a 3D secure card, I get a next_action in the response
"next_action": {
"type": "use_stripe_sdk",
"use_stripe_sdk": {
"type": "three_d_secure_redirect",
"stripe_js": "https://hooks.stripe.com/redirect/authenticate/xxxxxx?client_secret=src_client_secret_xxxxxxx",
"source": "src_xxxxxx"
}
},
"next_source_action": {
"type": "use_stripe_sdk",
"use_stripe_sdk": {
"type": "three_d_secure_redirect",
"stripe_js": "https://hooks.stripe.com/redirect/authenticate/src_xxxxxx?client_secret=src_client_secret_xxxxxx",
"source": "src_xxxxxx"
}
},
The documentation then relies on Stripe.JS for this step to open a verification popup. I'm not using Stripe.JS for the first part of the implementation due to custom UI. Can I use Stripe.JS for this part only? Or how do I do this part WITHOUT using Stripe.JS ? How do I know if this next step is successful so I can confirm the payment? I also see in my dev dashboard that the payment so successful (confusing). But the documentation says I still need to confirm that payment intent?
Stripe has documentation about handling 3D Secure manually without Stripe.js which will guide you through what you need to do.
That said, you can create your own custom payment form with Stripe.js using Stripe Elements, which is strongly recommended to increase security and reduce your PCI compliance burden.
check https://stripe.com/docs/payments/payment-intents/migration-synchronous#elements-step-3. You need to use stripe.js, just to handle 3D secure.
Also check this example:
pay.php:
<?php
require './../vendor/autoload.php';
// This is your test secret API key.
\Stripe\Stripe::setApiKey('sk_test_51M5C27LYhXp3iY7Hp8Oz2PRPoUpYXbkTzMcx4xuiEmqayIIJTbGe1uTE2gtPg3mhJJpmoOBnFzZna9eQYr3xmV6T006etitKBC');
header('Content-Type: application/json');
try {
$stripe = new \Stripe\StripeClient('sk_test_51M5C27LYhXp3iY7Hp8Oz2PRPoUpYXbkTzMcx4xuiEmqayIIJTbGe1uTE2gtPg3mhJJpmoOBnFzZna9eQYr3xmV6T006etitKBC');
$cardData = [
'number' => '4000000000003220',
'exp_month' => 12,
'exp_year' => 2029,
'cvc' => '314',
];
$paymentData = [
'amount' => 1400,
'currency' => 'usd',
];
$token = $stripe->tokens->create([
'card' => $cardData,
]);
$paymentMethod = $stripe->paymentMethods->create([
'type' => 'card',
'card' => $cardData,
]);
// Create a PaymentIntent with amount and currency
$paymentIntent = \Stripe\PaymentIntent::create([
'amount' => $paymentData['amount'],
'currency' => $paymentData['currency'],
'payment_method' => $paymentMethod,
'confirmation_method' => 'manual' // required to make 3d secure work
]);
$payment = $stripe->paymentIntents->confirm(
$paymentIntent->id,
[
'return_url' => 'YOUR_URL'
]);
if($payment->status == 'succeeded' || $payment->status == 'pending') echo json_encode(['redirect' => './succeed.php']);
// check if the status === requires_action, it means that 3D secure is required
elseif ($payment->status == 'requires_action') {
// Tell the client to handle the action
echo json_encode([
'requiresAction' => true,
'clientSecret' => $paymentIntent->client_secret
]);
exit();
}
else echo json_encode(['unexpected_error' => true]);
$charge = $stripe->charges->create([
'source' => $token,
'currency' => $paymentData['currency'],
'amount' => $paymentData['amount'],
'description' => 'My First Test Charge (created for API docs at https://www.stripe.com/docs/api)',
]);
} catch (Error $e) {
http_response_code(500);
echo json_encode(['error' => $e->getMessage()]);
}
pay.js:
// This is your test publishable API key.
const stripe = Stripe("pk_test_51M5C27LYhXp3iY7HJOk6mEZu6caLGHi8QzyaAgMK1Ek1X7W8yeSSkeMVTTg9tO0S8UPnGX4Qo0tSJQzjJuUavbaH00qAFwCPbw");
document
.querySelector("#payment-form")
.addEventListener("submit", handleSubmitBackend);
async function handleSubmitBackend(e) {
e.preventDefault();
let response = await fetch("./php/pay.php", {
method: "POST",
});
let result = await response.json();
console.log(result);
if (result.requiresAction) {
// Use Stripe.js to handle the required card action
const { error: errorAction, paymentIntent } = await stripe.handleCardAction(result.clientSecret);
if (errorAction) {
// Show error from Stripe.js in payment form
console.log(errorAction);
} else {
// The card action has been handled
// The PaymentIntent can be confirmed again on the server
const serverResponse = await fetch('/pay.php', {
method: 'POST',
});
}
}
else if(result.redirect) {
window.location.href = result.redirect;
}
}
Related
My current Stripe code is as below: as I pass to stripe.
Had been using following Stripe Library:
https://github.com/stripe/stripe-php
Its working fine as of now. Now I need to change code according to SCA. But I am total lost with code update.
My controller
$this->stripe_->add_charge_array($stripe_user_id, $order_info, $price * 100, $currency, $metadata);
$this->stripe_->pay($currency_id, , $stripeToken, $card_id);
$data = $this->stripe_->get_charge_response($stripe_user_id, , $order_id);
$order->setStripeChargeId($data['charge_id']);//Here I save to db
And in stripe library:
public function pay($currency_id, $stripe_token = null, $card_id = null, $account_id = null){
$charge = $this->charge_card($cart['amount'], $cart['currency'], $stripe_token, $description, $cart['metadata'], $currency_id, $account_id);
}
And my charge_card method connecting to Stripe
public function charge_card(){
try {
\Stripe\Stripe::setApiKey($STRIPE_KEY);
$charge = \Stripe\Charge::create(array(
"amount" => intval($amount),
"currency" => $currency,
"source" => $stripe_token, // obtained with Stripe.js
"description" => $description,
"metadata" => $metadata
));
} catch (\Stripe\Error\Base $e) {
// Display a very generic error to the user, and maybe send
// yourself an email
$result = self::put_stripe_error($e);
} catch (Exception $e) {
// Something else happened, completely unrelated to Stripe
self::put_stripe_error($e);
}
return $charge;
}
Stripe library:
https://js.stripe.com/v3/
From what I did understand from documentation is that I need to change my charge_card method like below.
$intent = \Stripe\PaymentIntent::create([
'payment_method' => '{{PAYMENT_METHOD_ID}}',
'customer' => '{{CUSTOMER_ID}}',
'amount' => 1099,
'currency' => 'gbp',
'confirmation_method' => 'manual',
'confirm' => true,
'setup_future_usage' => 'off_session',
]);
But then I get payment method Id in $intent . How to proceed from here.
Documentation misses this.
I am trying to migrate my payment flow from the charges API to payment intents.
The stripe migration docs indicate in step 2 you need to create the payment intent on the server https://stripe.com/docs/payments/payment-intents/quickstart#creating-with-manual-confirmation
If the payment fails and user attempt another payment then I'd be creating multiple payment intents for the same order.
Is there a way that I can reuse the same payment intent if let's say I created the payment intent as soon as the amount is known and then stored the payment intent for that order in a database table using the manual confirmation method?
So something like this:
// create intent
$intent = \Stripe\PaymentIntent::create([
'amount' => 1099,
'currency' => 'usd',
'confirmation_method' => 'manual',
],[
'idempotency_key' => $orderId,
]);
// Update orders table with payment intent id and set order status to unpaid
Then when user makes payment:
# vendor using composer
require_once('vendor/autoload.php');
\Stripe\Stripe::setApiKey(getenv('STRIPE_SECRET_KEY'));
header('Content-Type: application/json');
# retrieve json from POST body
$json_str = file_get_contents('php://input');
$json_obj = json_decode($json_str);
#$intent = null;
$order = // get from database
$intent = \Stripe\PaymentIntent::retrieve($order->payment_intent_id);
try {
if (isset($json_obj->payment_method_id)) {
# Create the PaymentIntent
#$intent = \Stripe\PaymentIntent::create([
# 'payment_method' => $json_obj->payment_method_id,
# 'amount' => 1099,
# 'currency' => 'usd',
# 'confirmation_method' => 'manual',
# 'confirm' => true,
#]);
# Instead of creating a new payment intent we update the previously saved PaymentIntent
\Stripe\PaymentIntent::update($intent->id,
[
'payment_method' => $json_obj->payment_method_id,
'confirm' => true,
]
);
}
if (isset($json_obj->payment_intent_id)) {
$intent = \Stripe\PaymentIntent::retrieve(
$json_obj->payment_intent_id
);
$intent->confirm();
}
generatePaymentResponse($intent);
} catch (\Stripe\Error\Base $e) {
# Display error on client
echo json_encode([
'error' => $e->getMessage()
]);
}
function generatePaymentResponse($intent) {
# Note that if your API version is before 2019-02-11, 'requires_action'
# appears as 'requires_source_action'.
if ($intent->status == 'requires_action' &&
$intent->next_action->type == 'use_stripe_sdk') {
# Tell the client to handle the action
echo json_encode([
'requires_action' => true,
'payment_intent_client_secret' => $intent->client_secret
]);
} else if ($intent->status == 'succeeded') {
# The payment didn’t need any additional actions and completed!
# Handle post-payment fulfillment
echo json_encode([
"success" => true
]);
} else {
# Invalid status
http_response_code(500);
echo json_encode(['error' => 'Invalid PaymentIntent status']);
}
}
Any tips and advice appreciated.
I followed this link.
I did what it said, but its throwing some error:
FatalErrorException in routes.php line 29:
Class 'Stripe' not found
Line 29 Stripe::setApiKey('sk_test_bDgMM85Y8hWWaRRBrulWNeng');
A few things to check...
Did you install your stripe dependency? composer require stripe/stripe-php
Did you composer dump-auto
Your tutorial link runs stripe from the Routes file. Which is in the global namespace. Are you executing this code from a Controller or from the routes file? If from a controller, then you will need to add a use statement at the top use Stripe\Stripe;
Finally, which version of the https://github.com/stripe/stripe-php package are you using? According to the readme, there is a legacy version and a new version. The new version is has an extra level of nesting and is accessed via Stripe\Stripe and Stripe\Charge:
Legacy Version
Stripe::setApiKey('d8e8fca2dc0f896fd7cb4cb0031ba249');
$myCard = array('number' => '4242424242424242', 'exp_month' => 8, 'exp_year' => 2018);
$charge = Stripe_Charge::create(array('card' => $myCard, 'amount' => 2000, 'currency' => 'usd'));
echo $charge;
New Version
\Stripe\Stripe::setApiKey('d8e8fca2dc0f896fd7cb4cb0031ba249');
$myCard = array('number' => '4242424242424242', 'exp_month' => 8, 'exp_year' => 2018);
$charge = \Stripe\Charge::create(array('card' => $myCard, 'amount' => 2000, 'currency' => 'usd'));
echo $charge;
Here is the thing I did and its working. Hope its work is case of your:
try {
Stripe\Stripe::setApiKey(env('STRIPE_SECRET'));
$customer = \Stripe\Customer::create([
'name' => 'Jenny Rosen',
'email' => 'jenyy#hotmail.co.us',
'address' => [
'line1' => '510 Townsend St',
'postal_code' => '98140',
'city' => 'San Francisco',
'state' => 'CA',
'country' => 'US',
],
]);
\Stripe\Customer::createSource(
$customer->id,
['source' => $request->stripeToken]
);
Stripe\Charge::create ([
"customer" => $customer->id,
"amount" => 100 * 100,
"currency" => "usd",
"description" => "Test payment from stripe.test." ,
]);
Session::flash('success', 'Payment successful!');
} catch (\Exception $ex) {
return $ex->getMessage().' error occured';
Session::flash('error','Payment Failed.');
}
Charge Card
First of All create your stripe account
Stripe Register Page
if you already have Stripe account good to Go
Get API key from your Stripe and Add it to your project .env
Test API Key link : https://dashboard.stripe.com/test/apikeys
Live API Key link : https://dashboard.stripe.com/apikeys
NOTE : You can use API key directly in code but it is not good for security Install stripe-php via composer`
composer require stripe/stripe-php `
IF YOU ARE USING IN API
Setup client and API In code
Stripe\Stripe::setApiKey(env('STRIPE_SECRET'));
$stripe = new \Stripe\StripeClient(env('STRIPE_SECRET'));
Create token for Payment
$token = $stripe->tokens->create([
'card' => [
'number' => $card_number,
'exp_month' => $exp_month,
'exp_year' => $exp_year,
'cvc' => $cvc,
],
]);
Create Charge
$charge = Stripe\Charge::create ([
"amount" => $request->amount *100,
"currency" => $request->currency,
"source" => $token->id,
"description" => 'payment with credit/debit card'
]);
SECURITY RISK:
We should create token in front-end instead of sending card details on network we should send token
Add JS stripe to your blade file
<script type="text/javascript" src="https://js.stripe.com/v2/"></script>
Creating token On front-end using javaScript
Stripe.setPublishableKey($form.data('stripe-publishable-key'));
Stripe.createToken({
number: $('.card-number').val(),
cvc: $('.card-cvc').val(),
exp_month: $('.card-expiry-month').val(),
exp_year: $('.card-expiry-year').val()
}, stripeResponseHandler);
About stripeResponseHandler
This response handler will be a function where Stripe will redirect after success or failure of creating token
function stripeResponseHandler(status, response) {
if (response.error) {
/* token failed to create */
} else {
var token = response['id'];
/* you can send this token to back-end [Laravel Controller] then you need to charge function on backed */
}
}
Hope it will helpful for you
This question is maybe similar to THIS and THIS but I'm not entirely sure.
I've made a shopping cart that sends the product details and quantity/total amount to Paypal on checking out. I'm using Laravel 4 and the Omnipay Paypal plugin (Paypal_Express). I can send product details fine using the 'setItems' function and am now looking to pre-populate the credit card field on the Paypal summary page with my User's details.
I have seen in other SO threads such as THIS that other people use the creditCard function to pass details to the Paypal summary credit card info page.
My question: 1) Do you need to be using Paypal_Pro for the creditCard function to worK?
I get this error when I try (call_user_func_array() expects parameter 1 to be a valid callback, class 'Omnipay\Common\GatewayFactory' does not have a method 'creditCard').
I don't want to enter all the credit card details - Just speed the process up by entering the User's Name, Adress etc...
Also I tried changing to Paypal_Pro and it didn't work. (same error as above) I changed config plus gateways in my payment controller.
2)How do you change PayPal_Express to PayPay_Pro?
My code:
public function postPayment() {
$cart = Session::get('cart');
$allProducts = [];
foreach($cart->aContents as $productID=>$quantity){
$product = Product::find($productID);
// get the product id
// load the product from the id
// store data in the allProduct array
$allProducts[] = array('name' => $product->name, 'quantity' => $quantity, 'price'=> $product->price);
}
$cardInput = array(
'first_name' => Input::get('first_name'),
'last_name' => Input::get('last_name'),
'address1' => Input::get('address1'),
'city' => Input::get('city'),
'zip' => Input::get('zip'),
'email' => Input::get('email')
);
$card = Omnipay::creditCard($cardInput);
$params = array(
'cancelUrl' => \URL::to('cancel_order'),
'returnUrl' => \URL::to('payment_success'),
'amount' => Input::get('price'),
'currency' => Input::get('currency'),
'card' => $card,
);
Session::put('params', $params);
Session::save();
$gateway = Omnipay::create('PayPal_Express');
$gateway->setUsername('tjmusicmanagement-facilitator_api1.gmail.com');
$gateway->setPassword('K2LWQVP2L8472BPY');
$gateway->setSignature('AwTOuAJWzCkdc5PldYeiz.l3iy5UAwOucYW6EFLLA9zUQqXaWyEGbebq');
$gateway->setTestMode(true);
$gateway->setLogoImageUrl(URL::to('images/logoSmall.png'));
$response = $gateway->purchase($params)->setItems($allProducts)->send();
if ($response->isSuccessful()) {
// payment was successful: update database
print_r($response);
} elseif ($response->isRedirect()) {
// redirect to offsite payment gateway
$response->redirect();
} else {
// payment failed: display message to customer
echo $response->getMessage();
}
}
And also the ignited\laravel-omnipay\config.php is unchanged (though I did try changing the driver)
return array(
// The default gateway to use
'default' => 'paypal',
// Add in each gateway here
'gateways' => array(
'paypal' => array(
'driver' => 'PayPal_Express',
'options' => array(
'solutionType' => '',
'landingPage' => '',
'headerImageUrl' => ''
)
)
)
);
Thanks for your tinme!!
EDIT: Here is my getSuccessPayment function where I can hopefully get the users paypal details (just name and address etc) from paypal. But how and where do I specify this?
public function getSuccessPayment()
{
$gateway = Omnipay::create('PayPal_Express');
$gateway->setUsername('lillyloverofwar-facilitator_api1.gmail.com');
$gateway->setPassword('U6LM3SG2MNCA3QE2');
$gateway->setSignature('AJVP9tUtdotIeVt82RpcG7n9ld-tAdCG1Ramb1u8yZECHhSpiXc0BO04');
$gateway->setTestMode(true);
$params = Session::get('params');
$response = $gateway->completePurchase($params)->send();
$paypalResponse = $response->getData(); // this is the raw response object
if(isset($paypalResponse['PAYMENTINFO_0_ACK']) && $paypalResponse['PAYMENTINFO_0_ACK'] === 'Success') {
// return View::make('successfulPayment')->with($params);
// Session::flush();
// Response
// print_r($paypalResponse);
} else {
//Failed transaction
}
// FLUSHING SESSION HERE GETS AN ERROR
// Session::flush();
return View::make('successfulPayment');
}
1) I get this error when I try (call_user_func_array() expects parameter 1 to be a valid callback, class 'Omnipay\Common\GatewayFactory' does not have a method 'creditCard').
You can't use credit cards on the PayPal Express gateway, only on Pro or REST. I recommend that you use the REST gateway not the Pro gateway (REST supersedes Pro and has more features).
I don't want to enter all the credit card details - Just speed the process up by entering the User's Name, Adress etc...
There is no need to do that if you are using PayPal Express anyway, because PayPal will provide you the necessary details after the user has gone through the PayPal login process and authorized the transaction.
Also I tried changing to Paypal_Pro and it didn't work. (same error as above) I changed config plus gateways in my payment controller.
2)How do you change PayPal_Express to PayPay_Pro?
I suggest you have a look at my fork of the omnipay-paypal gateway, https://github.com/delatbabel/omnipay-paypal -- on the accept-paypal-payments branch there are additional commits (sent as a PR to the main repository but not merged yet) with additional features such as using the REST gateway for either Credit Card or PayPal purchases, and additional API documentation including code examples on how to use the REST gateway.
Here is the code example for using the Rest gateway for a purchase transaction with a credit card:
// Create a gateway for the PayPal RestGateway
// (routes to GatewayFactory::create)
$gateway = Omnipay::create('RestGateway');
// Initialise the gateway
$gateway->initialize(array(
'clientId' => 'MyPayPalClientId',
'secret' => 'MyPayPalSecret',
'testMode' => true, // Or false when you are ready for live transactions
));
// Create a credit card object
// DO NOT USE THESE CARD VALUES -- substitute your own
// see the documentation in the class header.
$card = new CreditCard(array(
'firstName' => 'Example',
'lastName' => 'User',
'number' => '4111111111111111',
'expiryMonth' => '01',
'expiryYear' => '2020',
'cvv' => '123',
'billingAddress1' => '1 Scrubby Creek Road',
'billingCountry' => 'AU',
'billingCity' => 'Scrubby Creek',
'billingPostcode' => '4999',
'billingState' => 'QLD',
));
// Do a purchase transaction on the gateway
$transaction = $gateway->purchase(array(
'amount' => '10.00',
'currency' => 'AUD',
'description' => 'This is a test purchase transaction.',
'card' => $card,
));
$response = $transaction->send();
if ($response->isSuccessful()) {
echo "Purchase transaction was successful!\n";
$sale_id = $response->getTransactionReference();
echo "Transaction reference = " . $sale_id . "\n";
}
I am using Omnipay to allow users to pay using Cardsave.
I have the following:
\Omnipay::setTestMode(true);
$transactionId = date('YmdHis').$booking->space->id.$booking->user->id;
$response = $gateway->purchase([
'amount' => $booking->price,
'currency' => 'GBP',
'card' => $card,
'transactionId' => $transactionId,
'cancelUrl' => \base_url('cardsave/cancel/'.$booking->id),
'returnUrl' => \base_url('cardsave/confirm/'.$booking->id)
])->send();
if ($response->isSuccessful()) {
$transactionReference = $response->getTransactionReference();
//save the transaction reference in case of refund
return ['status' => 'success', 'message' => 'Reservation process complete'];
} elseif ($response->isRedirect()) {
\Log::info('3DSecure redirect');
$booking->addAdditional(['3dsecure_transaction_id' => $transactionId]);
return [
'status' => 'redirect',
'form_html' => $response->getRedirectResponse()->getContent()
];
}
throw new PaymentException ($response->getMessage());
and my confirm url goes to the following method:
$transactionId = $booking->getAdditional('3dsecure_transaction_id');
$response = $gateway->completePurchase([
'amount' => $amount,
'transactionId' => $transactionId,
'currency' => 'GBP',
])->send();
if ($response->isSuccessful()) {
$transactionReference = $response->getTransactionReference();
return $this->finalise($booking, $transactionReference);
} else {
$this->cancel($booking);
}
But looking through the code for league/omnipay-cardsave, I see the following:
$md = $this->httpRequest->request->get('MD');
$paRes = $this->httpRequest->request->get('PaRes');
if (empty($md) || empty($paRes)) {
throw new InvalidResponseException;
}
So my question is (and I realise it is probably dumb, but I can't seem to grok this, for some reason), where is that request coming from, if I just instantiated the gateway?
I think I am doing this wrong.
EDIT:
I have discovered that the return call from the 3DSecure thing comes with the MD and PaRes values as POST parameters. This allows me to set them on the gateway. How do I do that? Is it done automatically when I instantiate the gateway?
I was right, the question was dumb.
After reading the code, and trying it out, I found out that the AbstractGateway uses Symfony's request class to automatically pickup POST variables, amongst which are in this case, 'MD' and 'PaRes'.
In fact, it says so in the CompletePurchase class:
$md = $this->httpRequest->request->get('MD');
$paRes = $this->httpRequest->request->get('PaRes');
httpRequest is setup in AbstractGateway.
Basically, it just works.