I have set up subscription based website that allows people to have multiple subscriptions. I decided to go with Stripe for payment and card processing. It took very little time to get it integrated into my Symfony2 project. I was able to create subscriptions, customers, and add cards within a couple of hours. Then I ran into an issue. If a customer has multiple cards, I wanted to be able to allow them to choose which card they wanted to use when they create a new subscription. It sounded easy. After 2 days and about 30 hours of combing through their documentation I have to say that I cannot figure out how to get this to work.
The way I have this set up is that when the customer creates a card I store the "card id" in my database along with the brand. This just makes it easy to load details on the server side when the page is being requested. The customer creating the new subscription sees their cards and choose which one they want to use for the new subscription. This is passed to my php script via AJAX to create the new subscription. However, when I try to use a specific card, I am getting a 400 error indicating that the "card id" is not a token. I know that it is not a token since the token was used to add the card to the customer account but how in the world do I specify the exact card that the customer wants to use?
NOTE: Using an a new token creates another instance of the card.Not an option.
PHP:
require_once('../stripe-php/init.php');
//Set Secret API Key
\Stripe\Stripe::setApiKey("sk_test_XXXXXXXXXXXXXXXXXXXXX");
//Retrieve Customer
$cu = \Stripe\Customer::retrieve($_POST['customer_id']);
//Create Subscription using saved customer "card id"
$createSubscription = $cu->subscriptions->create(array("plan" => $_POST['sub_option'], "source" => $card));
POSTED TO STRIPE:
plan: "500-2016"
source: "card_xxxxxxxxxxxxxxxxxxxxx"
STRIPE ERROR: TYPE 400
error:
type: "invalid_request_error"
message: "No such token: card_xxxxxxxxxxxxxxxxxxxxxxx"
param: "source"
I got a reply from Stripe support on this: it is not possible for one Customer to have subscriptions with different payment sources. All invoices for subscriptions are always billed to the current default_source for the Customer. So if you change the default as Giles Bennett suggested, you'll be changing it for all subscriptions, regardless of what the default was at time of creation.
If you need one user to have subscriptions with more than one source, you need to create multiple stripe Customer objects for that user, with a different default_source for each.
Since I have not received any input from SO or Stripe, I have somewhat came to the conclusion that this cannot be done. I found a similar question on a different forum that ended with the results being - No Response From Stripe - and that this cannot be done. Though the Stripe documentation does not hit on this subject it does appear that a Subscription can only be charged to the default card. There is no "Card" object for subscriptions as there is for a "Charge".
I realise this thread is quite old, but having come across it whilst trying to answer the same question myself, this solution may be of use to those who come along afterwards.
The Stripe API says that the "source" parameter for the API call to create a new subscription is optional - if ommitted, then it will default to the customer's default card. If included, then it can only be a token (ie. a new card) or a dictionary entry (again, for a new card, just not tokenised).
The solutionĀ could be to update the customer's default source first. Using Cartalyst through Laravel, as we are :
$customer = Stripe::customers()->update( "customer_id", [
'default_source' => "card_id"
]);
You can then proceed to add your subscription as normal - the newly-defaulted card will be assigned to it. If needs be (depending on your application) then you may also wish to save the previous default card ID to a variable first, to then allow you to set it back to being the default card after your new subscription.
I hope that helps.
Related
I am trying to create a word-press plugin with stripe that support strong customer authentication. charges with stripe is working fine for me. I have referred this link https://www.codexworld.com/stripe-payment-gateway-integration-php/ for creating payments. Any such reference link for sca implementation in stripe? Thanks in advance
I just moved my company over from the old Charges API to SCA. It wasn't pretty. I'm a back-end engineer so I'm only going to tackle the back-end components needed to make this work. If you want a fully customised front-end too, you're going to need to read the Stripe docs and do a lot more bounces around form submit -> enhanced validation -> collect more data -> submit more data. This workflow was too complicated and thankfully my company went with the Stripe checkout solution for this part.
I work for a SaaS company and we take money for room bookings, so we have non-fungible time dependent 'stock' items. Since we sell booking slots on behalf of our customers we also have Stripe connected accounts in play. Basically, all the nightmare corner cases you could wish for. Since the checkout session is live for 24 hours we have to allocate then collect - if you start the process and then go for lunch there is no guarantee that when the payment is processed the room you want will still be free for your timeslot.
My process looks like:
Back-end calls Stripe and starts a checkout session with Session::create(). Set your payment_method_types and line_items in this as well as your return URLs. Also send up a payment_intent_data. Mine looks like this:
'payment_intent_data' => [
'transfer_data' => [
'destination' => 'acct_ number of linked account',
],
'capture_method' => 'manual',
'description' => 'description of item',
'statement_descriptor' => 'description of item, max 22 chars',
],
Obviously if you don't have connected accounts then omit the transfer_data but definitely include both descriptors. If you are sure of your stock levels (eg: digital goods) you can change your capture_method to automatic.
On a return from Stripe I send the session key (sk_) to the front-end who then hand this over to Stripe's payment form. This is the point you'll need to do a lot more work if you want a totally custom front-end. Good luck.
When the checkout session is successful I have a webhook event on checkout.session.completed to call my API, as well as handling the URL returns from the front-end. I keep extra data in my database about the payment state so I only handle each return once.
Either return leads me back to the session - the ID is in the front-end links and the session can be retrieved from $session = $event->data->object in the webhook callback. You can then get the intent out of the session with $intent = PaymentIntent::retrieve($session->payment_intent);
At this point, I handle the various status codes in the PaymentIntent;
requires_payment_method
requires_confirmation
requires_action
canceled
requires_capture
succeeded
The one I'm really interested in is requires_capture where I then check to see if the resource is still free. If it is, I $intent->capture() to finalise the payment and create the booking for the user. You can handle each of them as needed by your business process.
If you are dealing with connected accounts you will also need to load the transfer item associated with the PaymentIntent Charge object and then load the Charge referenced in the destination_payment field (you can load charges with the py_ key). Then set the description and statement_descriptor fields and save the charge back so your connected customers know what the payment is for.
I have a paid membership site which takes payments via Stripe Checkout (server integration). When a user registers, they are redirected to the Stripe checkout (with their ID passed as the 'client_reference_id') where they enter their card details. For the checkout fulfillment, I have a webhook setup that is linked to the event 'checkout.session.complete'.
Everything is working fine, the webhook triggers and the endpoint processes the data and marks the corresponding account as activated, sends an email to the account holder as well as the site admin to let them both know the account has been created and a payment has been successful.
However, if a payment fails, I don't know what event to attach to the webhook to detect failed payments via Stripe Checkout. The only checkout event documented is 'checkout.session.complete', there isn't one for something like 'checkout.session.failed'. There's 'invoice.payment_failed' but this is used in subscriptions not one-off checkout payments.
We're wanting to basically notify the site admin when a payment fails so they are aware an account has been created but it still awaiting payment.
Is there a checkout event I'm missing or another way to go about finding failed checkout transactions?
To charge a credit or a debit card, you create a Charge object. You can retrieve and refund individual charges as well as list all charges. Charges are identified by a unique, random ID.
-- From the Stripe API Documentation.
You can then detect a webhook response of charge.failed to show that an attempted use of a charge object has failed.
Stripe used to be very cleanly documented, but they've lost their way a little, recently.
Stripe card payments ALWAYS use Charge objects, sometimes these are set by you (invoices, subscriptions, etc.) and sometimes these are set behind the scenes by Stripe ("Checkout Process", etc) -- but they are always set, so your webhook can always detect a charge.failed event.
Addendum
This does work, however, since the client_reference_id is not in the charge.failed data, I can't link the failed payment to a specific account anyway. But in regards to my actual question, this event does work and is the correct answer, just unfortunate that it doesn't solve my specific situation.
To solve this; either using the Stipe interface or by coding:
1) Create a Customer object and keep some sort of record of this customer Id.
2) When the Stripe Charge runs, an associated $charge->customer is set. This is available to your webhook.
3) When the webhook result appears, use this (typically) $event->data->object->customer value to cross reference the charge with the correct customer on your server.
4) As mentioned in comments, Stripe Webhook Testing does not populate the webhooks with example data such as ->customer... :-(
I know this is a bit late for a reply - but I have a working solution!!
When I create a "Session" in Stripe, I make sure to fill out the SessionCreateOptions so that the PaymentIntentData.Metadata field is setup to have my customer's ID and stuff in it. When I do that, the metadata not only shows up in payment_intent.created and payment_intent.succeeded webhooks, but it ALSO shows up in charge.succeeded/failed!
This means that when a payment fails I can look up the attempted payment that I keep track of and email them back letting them know that it failed and why, and I can also log it for myself for reference when I go look up that customer in my customer service tools.
It's not clear from the documentation and I spent a lot of time grokking how it works, so I hope this will save you some time.
The checkout session CANNOT fail (!)
A Checkout Session can have one of 3 states: "open" is an active session which can be paid, "completed" is paid ("happy path"), and "expired" if within the expiration time the session was not completed.
A session can only expire with two options:
After 24 hours if not paid (or sooner, if you set a shorter expiration time https://stripe.com/docs/api/checkout/sessions/create#create_checkout_session-expires_at)
Manually by calling https://stripe.com/docs/api/checkout/sessions/expire
A session's URL can be accessed unlimited number of times for payment attempts until it is either paid or expires. This is by design, so a user can have a couple of failed attempts to pay until she actually pays. With a session, you do not care about those attempts, and in most cases you do not need to track them.
So one option for your workflow can be the following, for example:
For creating a new order, create a new session, save it's ID in the order's record in the DB, and redirect the user to the session's URL
On the back-end, listen for "session completed" event, which is the happy path - everything is paid (watch out for the async payments, if you accept any! See herehttps://stripe.com/docs/payments/checkout/fulfill-orders#delayed-notification)
Also listen for "session expired" event. This will tell you that the user bailed and hasn't paid the order. You can send them a "failed payment, try again" email in this case (see below for Recovery workflow)
If the user returns to your website before paying for the order, you can display "NOT PAID, TRY AGAIN" message next to the unpaid order.
Attention: it is perfectly safe for the user to open a dozen of the session's URL and attempt to pay as Stripe won't allow the double payment after card information is submitted.
So you are thinking about creating expiring the old session and creating a new one for this unpaid order? Wrong! You can retrieve it by ID (you saved it in the DB, right?) and send the same URL to the user.
However, if the retrieved session is "expired", there will be no URL to send, so you will be forced to create a new session, save it in DB, and the whole cycle repeats.
Another possibility is for the repayment workflow to happen in rare state between the payment and "session is completed" webhook event (the user already paid in another tab, but you haven't received the "paid" event yet), you will get that the retrieved session state is "completed", in this case you will need the capability for the front-end not only to redirect the customer to a session's URL, but instead sometimes show a message like "nope, it's already paid".
As you can see, there is no "failed" state for the checkout session.
Now, another thing for recovering the unpaid and expired sessions is the Recovery workflow (https://stripe.com/docs/payments/checkout/abandoned-carts). The gist of it is the following:
When creating a session, you set "recovery" to true, so if the session expires, you will have access to a special URL that will "revive the same session with the same parameters" that will be active for 30 days after the original session expiration. You then send this URL to users with possibly some discount to recover their abandoned cart. Also, you can track whether the session is "original" or "revived". However, I did not use this way, and instead opted to simply creating a new session manually if the old one is expired.
Is it possible to associate a one-off Stripe charge/payment with a Stripe Customer profile but not save the card to the profile? I'd really like to organize my Customers and their purchases within the Stripe dashboard, but I can't see any way to do this. From what I can tell there are three ways to create a payment:
Using the source parameter and no customer parameter. The source parameter in this instance starts with tok_
Using the customer parameter, which will use the default card on file.
Using the customer and source parameters, where source is the card ID associated with the customer starting with card_.
I've looked through the docs and can't see anything that alludes to being able to create a payment using customer and a tok_ source. Am I missing something here?
This is not supported by Stripe at the moment. You can still do this though with a few steps:
You create a card token
You add the card to a customer
You charge that card
You delete the card from the customer
This ensures that you don't save the card but still have the charge associated with the right customer.
I am implementing PayPal payment to my application.
I am using Laravel Framework and merchant-sdk-php package to handle NVP/SOAP API. I would accually prefer REST API, but i need customers to make Reference Transactions with various amount, in non regular time periods and as far as i know it's possible only with NVP/SOAP API.
The payment flow in shortcut:
1. Payer clicks "connect" button, which is to create billing agreement using "SetExpressCheckout" method. Amount is set to 0 and adding a Billing Agreement field to request. Customer is redirected to PayPal, log in to his account, agreeing to direct debit and finally redirected to my return url.
2. After response is come, return action is fired (the one, which is passed in returnurl field). Next using token from paypal resposne i use CreateBillingAgreement method to get "BillingAgreementID" which i store in database.
3. Using "BillingAgreementID" i make "DoReferenceTransaction" request. No prompt to login is occurring, everything is happening behind the scene. Finally i get response after transaction.
The thinks i want to know are:
1. Is there a way, to get an email address, which consumer used to log in when creating billing agreemenet? I want to show in application which PayPal account (related to mentioned email) is direct debit set to?
2. I want to make some action in databse both after "BillingAgreementID" and "DoReferenceTransaction". Is the response status "Success" and additionally in "DoReferenceTransaction" field "PaymentStatus" set to "Completed" enought to conclude, that transaction is fully completed, and i cant i.e. share some digital goods or should i wait for IPN from this request?
Thanks for all contributions!
Found solution to question 1.
After betting billing agreement id i had to make "GetBillingAgreementCustomerDetails" action. In response i got customer details including email.
Still watching for hint to second question
I am using Stripe as a payment gateway. Now there's a big problem bothers me.
I used code below to create a subscription:
<?php
require_once('lib/Stripe.php');
Stripe::setApiKey(API_KEY);
$token = $_POST['stripeToken'];
$customer = Stripe_Customer::create(array(
"card" => $token,
"plan" => $_POST['plan'],
"email" => "fakeuser#gmail.com",
));
This works fine, but I can not get Charge ID from $customer, and I found out there's no way in Stripe API to get it.
How to get it when creating a subscription? I really need Charge ID.
This is exactly what Stripe's webhooks are for. After creating a customer with an initial subscription, you'll get six webhook notifications:
customer.created, with the customer data (which you already have if you're saving what the API returns)
charge.succeeded (or charge.failed), which contains the initial charge data you're looking for
invoice.created, which is the associated invoice
invoice.payment_succeeded (or invoice.payment_failed), also telling you the status of the charge
customer.card.created, with the details of the new card
customer.subscription.created, with the details of the customer's subscription.
Stripe's API, like many APIs and many payment solutions, is built to be used with webhooks. If you're not taking advantage of webhooks, you're going to be missing functionality, and you're probably working too hard for what can be done without webhooks.
Stripe works to deliver the data to you. If you're writing code to poll Stripe, you're working way, way too hard.
I just ran into the same issue myself. I'm using the python library but the answer is more about Stripe's API than what language the client is in.
Ultimately, since I'm creating a new customer with each subscription, I was able to look up the invoice against the customer_id and grab its charge id. Here's what the python code for that looks like:
stripe_api.Invoice.all(customer=subscribe_result['customer'])['data'][0]['charge']
Again, note that this method would not work if you re-use customers, only if creating new customers with each subscription create.
It's certainly not ideal. It would be far better if the charge id were included in the return. Even knowing the Invoice ID would at least solve the issue of re-using customers though it would still require an unnecessary API call to fetch the invoice.
Another option you can use if you need the charge id right away and can't wait for a webhook is use the latest_invoice field on the returned subscription object.
A python example:
inv_id = subscription.latest_invoice
inv = stripe.Invoice.retrieve(inv_id)
charge_id = inv.charge
Well there is no straight-forward way to do this. There is however a hack to get charge_id for that subscription with out waiting for invoice.payment_succeeded callback.
This how I did in Ruby, you can treat this as a pseudo code. May be you can do this using PHP APIs
# Lets not retrieve all the invoices
# use filter
lower_limit_date = DateTime.strptime(that_subscription.start.to_s, '%s') - 1.hour
upper_limit_date = 2.hours.from_now
list_object_of_all_invoices_in_range = Stripe::Invoice.all(
{
customer: customer_id,
date: {
gt: lower_limit_date.to_i, # Start TimeStamp
lt: upper_limit_date.to_i # End TimeStamp
}
})
particular_invoice = list_object_of_all_invoices_in_range.data.
keep_if { |s| s[:subscription] == that_subscription.id }.first
stripe_charge_id = particular_invoice.charge # gives charge_id
See structure of ListObject for Invoices
Came across this question while searching for how to extract subscription ID in Java. Turns out the new version of the API (1.7.1 for Java) has ID field built right into the subscription object. The same is probably true for the PHP API.
I was stuck over the same problem after spending some time it turns out to be pretty simple.
Step 1: Call retrieve all invoice API with subscription id as a parameter.
Example in PHP:
$invoice = \Stripe\Invoice::all(array("subscription" => your_subscription_id));
In $invoice you will get Charge ID and hence, you can get everything after that.