I'm setting up payments using the Stripe API to allow a user to log into their Stripe account on an iPad and accept payments from anyone. To do this, I'm using Stripe Connect to log them in and save their account id, then I'm using the STPPaymentCardTextField to obtain credit card details, then using the Stripe iOS SDK I'm submitting a card (with the test card info - 4242...) and getting back a token via createTokenWithCard. This successfully returns a token. At this point I need to submit that token along with the destination account id (provided to the app after the user logged in) and other info (currency, amount, etc) to my own server to submit the payment to Stripe. I have verified that information is being submitted and forwarded onto Stripe, but Stripe is returning an error:
{ type: 'invalid_request_error',
app[web.1]: message: 'No such token: tok_13vxes2eZkKYli2C9bHY1YfX',
app[web.1]: param: 'source',
app[web.1]: statusCode: 400,
app[web.1]: requestId: 'req_7AIT8cEasnzEaq' },
app[web.1]: requestId: 'req_7AIT8cEasnzEaq',
app[web.1]: statusCode: 400 }
If we submit the credit card info directly, avoiding the token altogether, the payment succeeds. Something is wrong with this token, and we are not sure why it is failing. What could be going wrong here?
[[STPAPIClient sharedClient] createTokenWithCard:card completion:^(STPToken *token, NSError *error) {
//submit tokenId and other info to 'charge' endpoint below
}
NodeJS:
app.post('/charge', (req, res, next) => {
stripe.charges.create({
amount: req.body.amount,
currency: req.body.currency,
source: req.body.token,
description: req.body.description,
destination: req.body.destination
}, (err, charge) => {
if (err) return next(err)
res.json(charge)
})
})
Are you sure you're using the same API keys on your server and client?
Your server should be using your (live/test) secret key, and your iOS app should be using your (live/ test) publishable key as mentioned here on Stripe Testing.
I had been facing same issue for my test environment and the mistake i had been doing, i was adding the token received by Stripe like this one source: 'tok_18nnwSJ6tVEvTdcVs3dNIhGs' , but for the test environment we have to use source: 'tok_visa'.
Here is the list of test sources provided by Stripe. https://stripe.com/docs/testing#cards
It created customer for me, let me know if it helped anyone else as well.
The accepted answer does not work for me. I am using correct key for client and server, but still the issue is still there. I am sending source from iOS to the server as well, based on stripe example RocketRides, it is sending source ID of the credit card, which is "card_xxx", and that is not gonna work. You will have to add "customer" attribute for the call on your server side.
For example: (python)
stripe.Charge.create(amount=1000, currency='usd', source="card_xxxxx", **customer**='cus_xxxx', application_fee=600,destination={'account': 'acct_xxxx'})
Neither of the answers here worked for me.
I was trying to use Stripe's PHP library to charge a card that I already had on file like this...
$charge = \Stripe\Charge::create([
'amount' => 1000,
'currency' => 'gbp',
'card' => 'card_xxx',
'description' => 'Payment for Sam',
]);
And I was receiving the no such token error above.
To get it to work, I also had to provide the customer id like so...
$charge = \Stripe\Charge::create([
'amount' => 1000,
'currency' => 'gbp',
'customer' => 'cus_xxx',
'card' => 'card_xxx',
'description' => 'Payment for Sam',
]);
First check api keys wheather they are the same at front end and backend.
If you are using testing api keys then you have to pass source: 'tok_visa' instead of your card source token source: 'tok_kb3kb23k2bk32bk3b2'.
Related
Following the SP-API developer guide, I created an app to be able to access SP-API. The app is in published state now and we tried the authorisation workflow as per the amazon guide steps:
https://github.com/amzn/selling-partner-api-docs/blob/main/guides/en-US/developer-guide/SellingPartnerApiDeveloperGuide.md#amazon-seller-central-partner-network-authorization-workflow
We are using the website authorisation workflow, the steps 1-3 work as per the guide,
Step 1. Initiate the authorization from the Amazon Seller Central Partner Network.
Step 2. The selling partner consents to authorize your application, we authorise the app from seller Central and start the process, this url loads
https://sellercentral.amazon.com/apps/authorize/consent?application_id=amzn1.sp.solution.6cf699bd-f89a-4afd-b64e-7d21351aaaaa
Step 3. The selling partner signs into your website, we are redirected to the website login and that is done, then we get the amazon state and partner id as part of the url:
https://dashboard.aaa.com/api/amzn/login?amazon_callback_uri=https%3A%2F%2Fsellercentral.amazon.com%2Fapps%2Fauthorize%2Fconfirm%2Famzn1.sp.solution.6cf699bd-f89a-4afd-b64e-7d21351aaaa&amazon_state=MTY0MzgzMjI2NzU2OADvv71PY8KzGA0Iaih1Nzjvv71bHNqRGO-_ve-_ve-_ve-_vRnvv70a77-9eTF577-9Ee-_vRDvv70W77-9FEnvv73vv71ueO-_vR7vv73vv70PYu-_vUJd77-9B--_vTxF77-977-9f--_vQ%3D%3D&selling_partner_id=A2079RJZNKAAAA
Step 4. Amazon sends you the authorization information - Then we are redirected back to Seller Central -
https://sellercentral.amazon.com/apps/authorize/confirm/amzn1.sp.solution.6cf699bd-f89a-4afd-b64e-7d21351aaaa?state=1d477f90edfa493a1d15&amazon_state=MTY0MzgzMjI2NzU2OADvv71PY8KzGA0Iaih1Nzjvv71bHNqRGO-_ve-_ve-_ve-_vRnvv70a77-9eTF577-9Ee-_vRDvv70W77-9FEnvv73vv71ueO-_vR7vv73vv70PYu-_vUJd77-9B--_vTxF77-977-9f--_vQ==&selling_partner_id=A2079RJZNKAAAA&redirect_uri=https://dashboard.aaa.com/api/amzn/redirect
We are getting the sp_oauth_code in the url and tried using that to request for refresh token via POSTMAN request but unable to proceed to request the token from amazon oauth service.
We are getting error 400 as response, this is request format from the postman code section:
var axios = require('axios');
var qs = require('qs');
var data = qs.stringify({
'grant_type': 'authorization_code',
'code': 'ANnGBdMPnXAlrMyfUdwaaa',
'client_id': 'amzn1.application-oa2-client.cf71c857f2fd4f2c968851619bdaaaaa',
'client_secret': 'bba375434456e9917fcd5539c4324cc0e3182cccb9f1694ce3c63bee4f1aaaaa',
'redirect_uri': 'https://dashboard.aaa.com/api/amzn/redirect'
});
var config = {
method: 'post',
url: 'https://api.amazon.com/auth/o2/token',
headers: { },
data : data
};
axios(config)
.then(function (response) {
console.log(JSON.stringify(response.data));
})
.catch(function (error) {
console.log(error);
});
We are sending data as x-www-form-urlencoded as Json in the POST request.
Any pointers on what we could differently or check for any missing params - any inputs on what to look for would be greatly appreciated.
The SP-API documentation is a little vague on this as it says you should include the grant type, code, seller id and secret as query parameters which by definition means within the url.
You actually need to add them to the body of the POST request.
This is an interesting discussion which revealed the above to me: https://github.com/amzn/selling-partner-api-docs/issues/79
Hope it helps.
I had Discord Oauth2 implemented so that my users could log into my website by authenticating through Discord. For months, everything worked great and now all of the sudden it stopped working.
Per Discord's oauth2 instructions,https://discordapp.com/developers/docs/topics/oauth2#shared-resources, I am able to successfully acquire the access code that is meant to be traded for the access token. However, when I try to receive the access token I receive an 'invalid_client' error.
First, I am hitting this endpoint:
https://discordapp.com/api/oauth2/authorize?client_id=${process.env.CLIENT_ID}&redirect_uri=http%3A%2F%2Flocalhost%3A5000%2Flogin%2Fdiscord%2Fcallback&response_type=code&scope=identify%20email%20gdm.join
which successfully returns the following:
http://localhost:5000/login/discord/callback?code={some_access_code}
The access code is then sent back to discord to obtain the access token. Here is the code that is failing:
export function getDiscordAccessToken(accessCode, call) {
const redirect = call === 'login' ? process.env.DISCORD_LOGIN_REDIRECT : process.env.DISCORD_CONNECT_REDIRECT
return new Promise((resolve, reject) => {
axios
.post(
`https://discordapp.com/api/oauth2/token?client_id=${process.env.DISCORD_CLIENTID}&client_secret=${process.env.DISCORD_SECRET}&grant_type=authorization_code&code=${accessCode}&redirect_uri=${redirect}&scope=identify%20email%20gdm.join`
)
.then(res => {
resolve(res.data)
})
.catch(err => {
// log error to db
console.log("Here is your error: ", err.response)
reject(err.response)
})
})
}
This code was working for months with no problems. Then, all of the sudden it stopped working. I even checked the Discord change logs which can be found here, https://discordapp.com/developers/docs/change-log, but I found no reference to authentication changes.
Any help you can provide is greatly appreciated!
The query parameters should be in the BODY of the POST request, not the URL for the oauth/token url.
Discord recently pushed a update to the oAuth2 which makes it confine more with the standard. This means they no longer support parameters in the URL for POST, but instead require them to be in the body and form encoded (basically the same, but in the body and without the leading ?).
So you basically need (not tested):
axios.post(
`https://discordapp.com/api/oauth2/token`,
`client_id=${process.env.DISCORD_CLIENTID}&client_secret=${process.env.DISCORD_SECRET}&grant_type=client_credentials&code=${accessCode}&redirect_uri=${redirect}&scope=identify%20email%20gdm.join`
)
I know the question has already been answered, but in my case I copied a wrong secret key. Just make sure that you copy the right one.
Secret Key is located under OAuth2 Tab and not under General Information tab on discord developer's dashboard.
I'm using stripe to verify a profile before any transactions happen, so I want to see webhooks that have type account.updated and check the verification.status.
Im receiving a 404 error '(Status 404) (Request req_AwRiJSFxaOn1Jq) No such event: evt_1AaW9jFzjmmh0zTvsNSlfDLv
I realize that i need a stripe account header for the specific account that the webhook is being made for. I cant figure out how to add an account header to my stripe.rb code. I saved the stripe_account_id in the database on account creation so i can pull that id out from the database. The part that confuses me is when the webhook sends to my app the account_id is in the webhook, so it seems I have to pull that part out of the webhook and paste into stripe.rb {:stripe_account => CONNECTED_STRIPE_ACCOUNT_ID}. how is this possible?
This is the webhook that was sent from stripe in console (this is test data so i dont mind that people can see this cause its getting deleted soon anyways)
stripe.rb
require 'stripe'
Rails.configuration.stripe = {
:publishable_key => ENV["STRIPE_PUBLISHABLE_KEY"],
:secret_key => ENV["STRIPE_SECRET_KEY"]
}
Stripe.api_key = ENV["STRIPE_SECRET_KEY"]
StripeEvent.configure do |events|
events.all do |event|
# target specific events here
puts "this is working so far"
if event.type == 'account.updated'
account_event = event.data.object
puts "account updated working"
puts "#{account_event}"
end
end
end
I received the webhook in stripe connected account dashboard and my app console.
You're likely missing the Stripe-Account header, so it's trying to fetch the Event from your Account, rather than from the Stripe Account in which it exists.
EDIT: Sorry, I totally misunderstood your question. I think you need to configure the StripeEvent receiver to use the Stripe Account.
We are trying to integrate Google Wallet for digital goods with or php app and 2 days ago, on 15 November we've managed to get it working. However, when checking again the next day and even today, although the code remained the same, we didn't change a letter in it, it is still not working, giving us this error:
Uh oh. There was a problem.
We couldn't complete your purchase because of a technical issue.
Details of the problem below: Unfortunately, we could not confirm your purchase with the merchant's server. Your order has been canceled. Please contact the merchant if this problem continues.
The code we're using is this:
$response = isset($HTTP_RAW_POST_DATA) ? $HTTP_RAW_POST_DATA : file_get_contents("php://input");
$response = substr_replace($response, "", 0, 4); //remove "
$response = JWT::decode($response, $sellerSecretKey);
header("HTTP/1.1 200 OK");
and like I said it worked fine two days ago and I have the feeling it's working now also, because in our log file we get printed this response
stdClass Object
(
[iss] => Google
[request] => stdClass Object
(
[name] => Product 1.
[description] => You are purchasing a total of 1 products from our Store. Thank you.
[price] => 9.99
[currencyCode] => USD
[sellerData] => client name,email address
)
[response] => stdClass Object
(
[orderId] => GWDG_S.c7a66f5b-4674-43f0-be16-2b72f69a7445
)
[typ] => google/payments/inapp/item/v1/postback/buy
[aud] => 03083876603093172875
[iat] => 1384689627
[exp] => 1384689647
)
The postback url is correctly specified and we are using sandbox to do the tests.
Is this a problem from Google? Are they working on the software or something and this is what's causing the problem? Or are we doing something wrong here?.
Any help would be much apreciated. Thank you.
Meant to comment but it won't fit...
That error points to something in your Postback handler. I just tried sandbox and things seem fine.
I'm not a php dev so this maybe inaccurate - are you responding to Postback with the orderId? Again, this is only based on my read of the code above (I think I only see http 200?)
The only other thing I can think of is that the lag for you to respond is more than 10 seconds(?) - which could explain why could be another reason you have logged data, but Google still cancelled it.
*Strike through text: you'd get data to log because Google will send you the data, it's whether or not you respond properly that matters
Once you decode the JWT with your Seller Secret, you can make sure that the cake purchase is OK and record it. Within 10 seconds of receiving the postback, your server must send a 200 OK response where the only content is the value of the "orderId" field. If it doesn't, Google cancels the transaction.
REF: https://developers.google.com/commerce/wallet/digital/docs/postback#responding
Hth.
I have created a test account with Authorize.net. My development environment is rails 3 and I am trying to implement the Server Integration Method (SIM) by using static IP. But I am getting an error:
"3,1,87,(TESTMODE) Transactions of this market type cannot be processed on this system.,000000,P,0,,,199.00,,auth_capture,,,,,,,,,,,,,,,,,,,,,,,,,,D3EA25CA1DF97765286A48C6B22287F4,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,✓,uSIUUgX0d++dIheYjcHdlztlViD/r4YDUP9rEuEy9U8=,Purchase" when send request to "AuthorizeNet::SIM::Transaction::Gateway::TEST" gateway.
I also found this link: others got similar type error
But not helpful. Any suggestions how to resolve this error? I wrote following codes in the action.
#amount = 10.00
#sim_transaction = AuthorizeNet::SIM::Transaction.new('API Login ID', 'Transaction Key', #amount, :hosted_payment_form => true)
#sim_transaction.set_hosted_payment_receipt(AuthorizeNet::SIM::HostedReceiptPage.new(:link_method => AuthorizeNet::SIM::HostedReceiptPage::LinkMethod::GET, :link_text => 'Continue', :link_url => payments_thank_you_url(:only_path => false)))
Since you are dealing with credit card transactions through web applications, you need to make sure your Sandbox account is of "Card Not Present" type. If you don't remember which type you set it to, it is a good idea to create a new account and make sure to select "Card Not Present" option. Otherwise, you will get this error message.
I hope this helps.