Untitled

mail@pastecode.io avatar
unknown
plain_text
2 years ago
7.1 kB
1
Indexable
# coding: utf-8
import json
import stripe
import datetime

# Required for OAuth flow
from rauth import OAuth2Service

# Our secret key from stripe
STRIPE_SECRET_KEY = 'sk_test_xxxxxxxxxxxxx'
STRIPE_OAUTH_CLIENT_ID = 'ca_xxxxxxxxxxxxxxx'
NOW = datetime.datetime.now()

"""

The use of Stripe Connect to create a payment platform isn't as well documented as I'd like.  

Here's a bit of code that walks you through the whole process from the start - 

+ The OAuth flow
+ Creating a customer
+ Saving their credit card
+ Charging the customer
+ Creating a connect customer
+ Charging the connect customer
+ Updating the connect customer's credit card

+ Charging somebody via Connect without saving the customer

"""

# Set up your OAuth flow parameters
params = {'response_type': 'code', 'scope': 'admin'}
stripe_connect_service = OAuth2Service(
        name='stripe',
        client_id=STRIPE_OAUTH_CLIENT_ID,
        client_secret=STRIPE_SECRET_KEY,
        authorize_url='https://connect.stripe.com/oauth/authorize',
        access_token_url='https://connect.stripe.com/oauth/token',
        base_url='https://api.stripe.com/',
    )
    
# Build a URL to send them off to.  Redirect them to this URL
url = stripe_connect_service.get_authorize_url(**params)

# They return to your site from filling out a form on stripe and...
# There's a temporary code returned when they're redirected to your site.  
# In Django, you would grab it like this
code = request.GET.get('code', '')
  
# Tell stripe what you want
data = {
  'grant_type': 'authorization_code',
  'code': code
}

# Use your OAuth service to get a response
resp = stripe_connect_service.get_raw_access_token(method='POST', data=data)

# They returned JSON
stripe_payload = json.loads(resp.text)

# They return four parameters.  We only care about the 'access_token' right now, 
# but its important to store all of them.
connect_public_key = stripe_payload['stripe_publishable_key']
connect_access_token = stripe_payload['access_token']
connect_user_id = stripe_payload['stripe_user_id']
connect_refresh_token = stripe_payload['refresh_token']

# Now we make a card and a customer
my_customer = stripe.Customer.create(email='adam@telemericorp.com', api_key=STRIPE_SECRET_KEY)

# Use Stripe's dummy card data
DUMMY_CARD = {
    'number': '4242424242424242',
    'exp_month': NOW.month,
    'exp_year': NOW.year + 4
}

# You need a token for the customer in order to make a connect version of the customer
# The next line simulates the response from using stripe.js to tokenize a customer's card details
# You should not be replicating this on the server
pretendStripeJSToken = stripe.Token.create(api_key=STRIPE_SECRET_KEY, card=DUMMY_CARD)

# Your customer needs a card on file, and that's why we need that token
my_customer.cards.create(card=pretendStripeJSToken.id)

# Now we can charge this customer
i_get_ten_dollars = stripe.Charge.create(
    1000, 
    currency='usd', 
    customer=my_customer.id, 
    description='Frog toy', 
    api_key=STRIPE_SECRET_KEY
)

# And again.  Note we don't need any additional tokens or approval
my_money = stripe.Charge.create(
  100, 
  currency='usd', 
  customer=my_customer.id, 
  description='Money for me, the website creator',
  api_key=STRIPE_SECRET_KEY
)


# The customer MUST have a card on file before you can make a Shared Connect customer
# Need to create a Connect customer so the charges will go to our provider, not ourselves
connect_customer = stripe.Customer.create(
    card=customer_token.id, 
    email=my_customer.email, 
    api_key=connect_access_token ## <-- Note we are using the secret key from the OAuth flow
)
# THIS CONNECT_CUSTOMER HAS A TOTALLY DIFFERENT ID THAN MY_CUSTOMER.  
# IT CAN ONLY BE ACCESSED USING connect_access_token, NOT USING STRIPE_CUSTOMER_SECRET

# Even though the ID is different this connect_customer now has same credit card as my_customer
# If you charge connect_customer, it will be charged to that card
# This person got 90% off on their frog toy
connect_charge = stripe.Charge.create(
  amount=100, 
  currency='usd', 
  customer=connect_customer.id, ## <- PAY ATTENTION TO CUSTOMER IDs
  description='Frog toy', 
  api_key=connect_access_token ## <- PAY ATTENTION TO TOKENS
)

# Now that we've successfully charged them, lets add a new credit card
DUMMY_CARD2 = {
    'number': '5555555555554444',
    'exp_month': NOW.month,
    'exp_year': NOW.year + 4
}

# Add this card to their list.  It will be set as default.  If we charge them again,
# the charge will go on the card ending in 4444
# THIS DOES NOT UPDATE my_customer even though they're the same person.  Any update to
# a customer does not propagate to any other customer, even though they're related to 
# the same user
yetAnotherPretendJSKey = stripe.Token.create( # Note this is emulating stripe.js, not a server token creation
  card=DUMMY_CARD2, 
  api_key=STRIPE_SECRET_KEY
)
connect_customer.cards.create(card=yetAnotherPretendJSKey.id)

# We can create many connect customers even for the same vendors using the same email.
# In fact, if we call Customer.create again, we'll get another totally unrelated platform customer,
# even though they both have the same email and my_customer id
# Get a token
another_customer_token = stripe.Token.create(
  customer=my_customer.id, 
  api_key=connect_access_token
)

# Create the customer
another_connect_customer = stripe.Customer.create(
  card=another_customer_token.id, 
  email=my_customer.email, 
  api_key=connect_access_token
)

# Now we have two Connect customers that work just the same but have different IDs
connect_customer.id == another_connect_customer.id
# False

# Why would you ever do this? Stripe appears to invalidate your connect customers
# if the OAuth secret key changes, so sometimes you have to make new ones
# Other than that I don't know. 

# Now I can charge either whenever I want without any extra work.
# How nice
new_charge = stripe.Charge.create(
  amount=3200, 
  currency='usd', 
  customer=connect_customer.id,
  description='WoW Larping fees', 
  api_key=connect_access_token 
)
another_new_charge = stripe.Charge.create(
  amount=123000, 
  currency='usd', 
  customer=another_connect_customer.id,
  description='Bear Suit', 
  api_key=connect_access_token 
)


"""
 This next part is a shortcut if you don't want to save the customer. 
 You usually want to save them, because it streamlines the purchase
 process in the future, but if you want to make a single charge and forget 
their info forever, here's how
"""

# Make a token with your customer who already has a card attached
single_charge_token = stripe.Token.create(
  customer=my_customer.id,
  api_key=connect_access_token
)

# And now charge them.  Money goes to your vendor
single_charge = stripe.Charge.create(
  amount=400, 
  currency='usd', 
  card=single_charge_token.id, 
  description='single charge', 
  api_key=connect_access_token # <- Use key from OAuth
)