I have problem with providing the Stripe API key. Everything is included, packages, all dependencies...
The error message I get: No API key provided. (HINT: set your API key using "Stripe::setApiKey()". You can generate API keys from the Stripe web interface. See https://stripe.com/api for details, or email support#stripe.com if you have any questions.
Controller:
public function upgradeBronze() {
$bid = Session::get('builderId');
Stripe::setApiKey(env('KEY_SECRET'));
$token = $_POST['stripeToken'];
// Create the charge on Stripe's servers - this will charge the user's card
try {
$user = \App\User::find($bid);
$user->subscription('monthly')->create($token);
return Redirect::route('builders-packages');
} catch(\Stripe\Error\Card $e) {
return Redirect::route('builders-packages');
}
}
Error SS: http://pokit.org/get/img/5f7886d0d9a50ecf349312225c8c47ea.jpg
SOLVED
It seems that Stripe integration doesn't work fine on Laravel 5.1 version, if you follow the default documentation you probably won't succeed.
In this case the solution was to put the stripe api key into AppServiceProvider, into register() class.
Setting stripe API keys in my .env file (worked for me, Laravel 5.8):
STRIPE_KEY=your pk key here
STRIPE_SECRET=your sk key here
Set the Stripe API key from stripe.php like
public static $apiKey='sk_test_your api_key';
Related
I had to install shopify-cli for develop shopify app with laravel. installation and test app are created successfully but when am i calling the API of shopify in Laravel app i got this error.
I am check header but no authorisation token pass. So my question how to get authenticate token get in Laravel starter app and call API of Shopify and i was follow PHP guide REST Admin API reference but without session i can not access shopify REST Admin API reference.
my code show like this...
Route::get('/rest-example', function (Request $request) {
/** #var AuthSession */
// $session = $request->get('shopifySession'); // Provided by the shopify.auth middleware, guaranteed to be active
$session = OAuth::callback(
$request->cookie(),
$request->query(),
['App\Lib\CookieHandler', 'saveShopifyCookie'],
);
$client = new Rest($session->getShop(), $session->getAccessToken());
$result = $client->get('products', [], ['limit' => 5]);
return response($result->getDecodedBody());
})->middleware('shopify.auth:online')->name('rest-api');
I think you want to create Custom App (not embedded) for your store.
You can read here about difference. I spent the whole day searching for solutions until get the idea.
All you need to do is to create a Custom App in your store, then get Admin API access token with you can use for REST API calls.
Here is my small example how I get it.
use Shopify\Clients\Rest;
Route::get('/test', function(Request $request) {
$client = new Rest(
env('SHOPIFY_APP_HOST_NAME'),
env('SHOPIFY_APP_ADMIN_ACCESS_TOKEN') // shpat_***
);
dd($client->get('products')->getDecodedBody());
});
I would like to implement stateless method to Twitter but it seems that it is not available for TwitterProvider class as it returns
Call to undefined method Laravel\Socialite\One\TwitterProvider::stateless()
Here is my redirectToProvider method currently.
public function redirectToProvider($socialMedia)
{
$provider = strtolower($socialMedia);
return Socialite::driver($provider)->stateless()->redirect();
throw new NotFoundHttpException;
}
What is the correct implementation or what do I miss?
As mentioned by #driesvints from this question #415 I've opened at the Laravel Socialite repository, stateless is unavailable for Twitter since it uses OAuth 1.0.
They already pushed a PR #5661 to update also the Laravel Docs mentioning this specification. Click the link to see the update. Staless Authentication
I would update this answer if whatever my solution would be.
I am using this tutorial to integrate Stripe into my Laravel site using Cashier:
https://appdividend.com/2018/12/05/laravel-stripe-payment-gateway-integration-tutorial-with-example/
This tutorial was written for Cashier 9, so it does not work out of the box with Cashier 10. However, it does work making the adjustments in this SO answer: https://stackoverflow.com/a/57812759/2002457
Except, it only works for existing Stripe customers. When I register a brand new user and try to view a plan, it gives this error: User is not a Stripe customer. See the createAsStripeCustomer method.
So, I try to do just that:
public function show(Plan $plan, Request $request)
{
if($request->user()->stripe_id === null)
{
$request->user()->createAsStripeCustomer();
}
$paymentMethods = $request->user()->paymentMethods();
$intent = $request->user()->createSetupIntent();
return view('plans.show', compact('plan', 'intent'));
}
Which yields this error: No API key provided. (HINT: set your API key using "Stripe::setApiKey(<API-KEY>)". You can generate API keys from the Stripe web interface. See https://stripe.com/api for details, or email support#stripe.com if you have any questions.
This SO answer addresses this problem: https://stackoverflow.com/a/34508056/2002457
But the solution only works in Cashier 9, because Billable changed, so it's not clear how to set the API key.
What am I doing wrong here to create a new customer if they're not a Stripe customer already?
EDIT
- I am using the default cashier config, and I've confirmed it is pointing at the .env vars.
I put in a dd(config('cashier.key')); to confirm that config is working
I removed the old services.php config parts
The env vars are set correctly
Here's the show method:
public function show(Plan $plan, Request $request)
{
$paymentMethods = $request->user()->paymentMethods();
$intent = $request->user()->createSetupIntent();
return view('plans.show', compact('plan', 'intent'));
}
And here's the error now: User is not a Stripe customer. See the createAsStripeCustomer method.
Cashier 10 introduced some changes to the configuration including setting up the cashier.php configuration file. The upgrade guide details how, this pull request commit shows the file.
Few things to debug this:
make sure you've setup the config for cashier 10 correctly.
make sure that the config key cashier.key is available (e.g. ddd(config('cashier.key'));
double check that that your .env var's are setup correctly for stripe's API key
I am working on a project and currently writing the backend. I have decided to implement it as a rest api since i need to write a web app as well as a mobile app. I am having problem understanding how do i login the user since rest api are stateless. I have read some material which mention basic authentication (sending login credentials) with each request or Oauth2.0. Basic authentication is not recommended and i don't understand why i should use Oauth2.0 because no third party will be using my api. My question is how should i implement login functionality and what are the standards ?
add passport package to your project ,see this for more info https://laravel.com/docs/5.4/passport
create password grant client
create new user with token
use retrofit or another package to call Laravel api
/* prepare httpClient */
httpClient.addInterceptor(new Interceptor() {
#Override
public Response intercept(Chain chain) throws IOException {
Request orginal = chain.request();
Request.Builder builder = orginal.newBuilder();
builder.addHeader("Accept", "application/json");
if (tools.isAuthorized()) {
builder.addHeader("Authorization", "Bearer " + tools.getAccessToken());
}
builder.method(orginal.method(), orginal.body());
Request build = builder.build();
return chain.proceed(build);
}});
5- call api and get response then save user token.
You'll need to add a unique api_token column for your Users table.
$table->string('api_token', 60)->unique();
In Laravel 5.4, api.php holds the API routes, you'll need to use an out-of-the-box middleware auth:api, so you can authenticate requests by api_token.
Read more
http://bootstrapdojo.com/rest-api-laravel-5-4-with-token-authentication/
I guess you can create a REST API that offers CRUD operations on JSON web tokens.
I have followed the instructions here to obtain an access token for a web API.
https://msdn.microsoft.com/en-us/library/azure/dn645542.aspx
I have this working but the documentation is vague when it comes to figuring out how to validate the token in PHP.
You can use the access token that is returned in the response to authenticate to a protected resources, such as a web API. Typically, the token is presented to the web API in an HTTP request using the Bearer scheme, which is described in RFC 6750. This specification explains how to use bearer tokens in HTTP requests to access protected resources.
When the web API receives and validates the token, it gives the native client application access to the web API.
How do I validate the JWT in application? I have a PHP framework which is using PHP openssl_verify() function with the token, signiture, key and algorithm but I receive error of when I use the private key from Azure with the SHA256 algorithm:
openssl_verify(): supplied key param cannot be coerced into a public key
This leads me to believe that the key I am using in PHP to validate is not correct. At the moment, I am using the private key I generated for the Active Directory Application, which happens to also be the same value I am using for the "client_secret" parameter when hitting the oauth2/token url (any other value causes no token to be generated so this is probably correct).
The key is similar to (BUT IT NOT ACTUALLY):
cLDQWERTYUI12asdqwezxctlkjpoiAn7yhjeutl8jsP=
Where I beleive openssl needs to have a certificate... if so I can't seem to find where this certificate is in the Azure portal.
What am I missing here? What is the key I should be using with openssl_verify() to verify the JWT and where do I find it in Azure?
Thanks
--
UPDATE:
I have found the public keys here: https://login.windows.net/common/discovery/keys
However I still cannot use the X5C provided to verify the signature. How do you do this in PHP?
--
UPDATE 2:
I used a converted to create a .pem file for the public key using both the 'e' and 'n' parameters. This received a public key.
Now I get OPEN SSL errors when decrypting with it:
error:0906D06C:PEM routines:PEM_read_bio:no start line
Closing this question as I have moved on from the origional issue. Updated my question with comments showing how I have progressed.
Created a new question for the new specific issue: How do I verify a JSON Web Token using a Public RSA key?
--
Just in case it helps anyone else:
For further information on a solution to obtaining a public key from Microsoft in PHP I did the following:
$string_microsoftPublicKeyURL = 'https://login.windows.net/common/discovery/keys';
$array_publicKeysWithKIDasArrayKey = loadKeysFromAzure($string_microsoftPublicKeyURL);
function loadKeysFromAzure($string_microsoftPublicKeyURL) {
$array_keys = array();
$jsonString_microsoftPublicKeys = file_get_contents($string_microsoftPublicKeyURL);
$array_microsoftPublicKeys = json_decode($jsonString_microsoftPublicKeys, true);
foreach($array_microsoftPublicKeys['keys'] as $array_publicKey) {
$string_certText = "-----BEGIN CERTIFICATE-----\r\n".chunk_split($array_publicKey['x5c'][0],64)."-----END CERTIFICATE-----\r\n";
$array_keys[$array_publicKey['kid']] = getPublicKeyFromX5C($string_certText);
}
return $array_keys;
}
function getPublicKeyFromX5C($string_certText) {
$object_cert = openssl_x509_read($string_certText);
$object_pubkey = openssl_pkey_get_public($object_cert);
$array_publicKey = openssl_pkey_get_details($object_pubkey);
return $array_publicKey['key'];
}
Its better however to cache these to disk so your not loading these them every time, but this is just a simple example of how to do this.
Then, using the array of public keys, check the JWT header for the 'kid' value to find the correct public cert to verify against and use this in parameter 3 within openssl_verify(). I used the JWT class to deal with this for me.
Using this public key array created above and the JWT class should allow you to validate microsoft JWTs.
Link to JWT class from firebase: https://github.com/firebase/php-jwt
Call JWT::Decode with param 1 of your JWT, param 2 of this public key array and param three of an array of just 'RS256'.
JWT::decode($string_JSONWebToken, $array_publicKeysWithKIDasArrayKey, array('RS256'));
This will throw an exception if the JWT is invalid or return a decrypted JWT for you to use (and check the claims).
If you want to verify the jwt then go to jwt.io
This will allow you to paste the JWT and it will then verify the header, claims, and if you add the Public key or private key (depending how the server verifies the signature) it will also verify the signature of the JWT.