【问题标题】:Cant receive an access token in Stripe无法在 Stripe 中接收访问令牌
【发布时间】:2016-11-21 12:15:01
【问题描述】:

我是 Stripe 集成的新手。我已经阅读了 Stripe 的 API 文档,这里是 OAuth 流程。但我仍然没有收到任何 OAuth 访问令牌。有人可以解释我如何接收访问令牌吗?谢谢!

if (isset($_GET['code'])) { // Redirect w/ code
  $code = $_GET['code'];

  $token_request_body = array(
    'grant_type' => 'authorization_code',
    'client_id' => 'ca_32D88BD1qLklliziD7gYQvctJIhWBSQ7',
    'code' => $code,
    'client_secret' => ''
  );

  $req = curl_init(TOKEN_URI);
  curl_setopt($req, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($req, CURLOPT_POST, true );
  curl_setopt($req, CURLOPT_POSTFIELDS, http_build_query($token_request_body));

  // TODO: Additional error handling
  $respCode = curl_getinfo($req, CURLINFO_HTTP_CODE);
  $resp = json_decode(curl_exec($req), true);
  curl_close($req);

  echo $resp['access_token'];
} else if (isset($_GET['error'])) { // Error
  echo $_GET['error_description'];
} else { // Show OAuth link
  $authorize_request_body = array(
    'response_type' => 'code',
    'scope' => 'read_write',
    'client_id' => 'ca_32D88BD1qLklliziD7gYQvctJIhWBSQ7'
  );

  $url = AUTHORIZE_URI . '?' . http_build_query($authorize_request_body);
  echo "<a href='$url'>Connect with Stripe</a>";
}

【问题讨论】:

  • 您应该立即滚动该 API 密钥,因为您已将其发布在此处。即使它是测试密钥,您也不应该公开共享密钥。

标签: php oauth stripe-payments access-token


【解决方案1】:

他们实际上有一个官方的 github 库,看起来像什么

他们有一个关于 oauth 的例子

只是出于某种原因在文档中丢失...

https://github.com/stripe/stripe-php/blob/master/examples/oauth.php

如果他们删除它,我会在此处包含该文件,注意:他们使用他们的库,因此您必须在此之前安装它才能工作

<?php

require('../init.php');

\Stripe\Stripe::setApiKey(getenv('STRIPE_SECRET_KEY'));
\Stripe\Stripe::setClientId(getenv('STRIPE_CLIENT_ID'));


if (isset($_GET['code'])) {
    // The user was redirected back from the OAuth form with an authorization code.
    $code = $_GET['code'];

    try {
        $resp = \Stripe\OAuth::token([
            'grant_type' => 'authorization_code',
            'code' => $code,
        ]);
    } catch (\Stripe\Error\OAuth\OAuthBase $e) {
        exit("Error: " . $e->getMessage());
    }

    $accountId = $resp->stripe_user_id;

    echo "<p>Success! Account <code>$accountId</code> is connected.</p>\n";
    echo "<p>Click <a href=\"?deauth=$accountId\">here</a> to disconnect the account.</p>\n";

} elseif (isset($_GET['error'])) {
    // The user was redirect back from the OAuth form with an error.
    $error = $_GET['error'];
    $error_description = $_GET['error_description'];

    echo "<p>Error: code=" . htmlspecialchars($error, ENT_QUOTES) . ", description=" . htmlspecialchars($error_description, ENT_QUOTES) . "</p>\n";
    echo "<p>Click <a href=\"?\">here</a> to restart the OAuth flow.</p>\n";

} elseif (isset($_GET['deauth'])) {
    // Deauthorization request
    $accountId = $_GET['deauth'];

    try {
        \Stripe\OAuth::deauthorize([
            'stripe_user_id' => $accountId,
        ]);
    } catch (\Stripe\Error\OAuth\OAuthBase $e) {
        exit("Error: " . $e->getMessage());
    }

    echo "<p>Success! Account <code>" . htmlspecialchars($accountId, ENT_QUOTES) . "</code> is disconnected.</p>\n";
    echo "<p>Click <a href=\"?\">here</a> to restart the OAuth flow.</p>\n";

} else {
    $url = \Stripe\OAuth::authorizeUrl([
        'scope' => 'read_only',
    ]);
    echo "<a href=\"$url\">Connect with Stripe</a>\n";
}

【讨论】:

    【解决方案2】:

    您应该为此使用 OAuth 2.0 客户端库,而不是按照 Stripe 的建议尝试自己滚动: https://stripe.com/docs/connect/standalone-accounts#sample-code

    其中有很多,但这是一个不错的选择: https://github.com/thephpleague/oauth2-client

    您可以修改此示例并检索帐户 ID,如下所示:

    $provider->getResourceOwner($accessToken)->getId();
    

    一旦您检索到帐户 ID,您将按照 Stripe 的建议存储并使用它作为连接帐户进行身份验证: https://stripe.com/docs/connect/authentication#authentication-via-the-stripe-account-header

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 2021-12-26
      • 1970-01-01
      • 2013-06-21
      • 2021-10-31
      • 2013-11-06
      • 1970-01-01
      • 2019-03-01
      • 2012-07-01
      相关资源
      最近更新 更多