-
-
Save Neshable/d0cde5bbc2dd9719909e35dd091696c7 to your computer and use it in GitHub Desktop.
/** | |
* Dynamically change Stripe keys upon conditions | |
*/ | |
if ( !class_exists( 'Woo_Conditional_Stripe_Keys' ) ) { | |
class Woo_Conditional_Stripe_Keys { | |
/** | |
* Stripe Live publishable key | |
* | |
* @var string | |
*/ | |
private $publishable_key; | |
/** | |
* Stripe secret key | |
* | |
* @var string | |
*/ | |
private $secret_key; | |
public function __construct( $publishable_key, $secret_key ) { | |
// set the keys | |
$this->publishable_key = $publishable_key; | |
$this->secret_key = base64_encode( $secret_key ); | |
// $params[‘stripe’][‘key’] contains the publishable key. This is run when the checkout page is loaded. | |
add_filter( 'wc_stripe_payment_request_params', [ $this, 'wc_stripe_payment_request_params_function' ], 10, 3 ); | |
//$params[‘key’] contains the publishable key. This is run when the page is loaded. | |
add_filter( 'wc_stripe_params', array( $this, 'wc_stripe_params_function' ), 10, 3 ); | |
// he “authorization” field here contains the base-64 encoded secret key. This is run when the payment is made. | |
add_filter( 'woocommerce_stripe_request_headers', [ $this, 'woocommerce_stripe_request_headers_function' ], 10, 3 ); | |
} | |
public function wc_stripe_payment_request_params_function( $params ) { | |
$params[ 'stripe' ][ 'key' ] = $this->publishable_key; | |
return $params; | |
} | |
/** | |
* Localized JS key/value pair. | |
* | |
* @param $params | |
* | |
* @return mixed | |
*/ | |
public function wc_stripe_params_function( $params ) { | |
$params[ 'key' ] = $this->publishable_key; | |
return $params; | |
} | |
/** | |
* Headers parameters for cURL requests. | |
* | |
* @see https://docs.woocommerce.com/document/stripe/ | |
* | |
* @param $headers_args | |
* | |
* @return mixed | |
*/ | |
public function woocommerce_stripe_request_headers_function( $headers_args ) { | |
$headers_args[ 'Authorization' ] = 'Basic ' . $this->secret_key; | |
return $headers_args; | |
} | |
} | |
} |
@admiralalec good point - there is still a lot of room for improvement as this is just a barebone class. I guess the webhook secret can be modified "on the fly" through the $params[ 'stripe' ] array, but I am not sure about the correct key name.
Hi @Neshable, great work done! However, I didn't got it to work, so I am trying to debug (also without success).
When I mean: "I didnt got it to work", I mean that I copied your code in the functions.php file and below I added the following:
function my_filter_gateways($gateways){
$Woo_Conditional_Stripe_Keys = new Woo_Conditional_Stripe_Keys( 'pk_test_xxxxxxxxx', 'sk_test_yyyyyyyyyyyyyyyyy' );
return $gateways;
}
I tried to debug by placing var_dump($params); die();
in the three public functions... But it doesn't do that.. However, when I place it in the main __construct function I see some params (although the secret and public key are protected / invisible).
Did you authorize the second Stripe account to 'link it with your wordpress site' or something like that? When you Login to Stripe (with the second account) and go to: Settings -> Authorized Applications, what do you see?
i am new to coding, and we have a client who is looking for something similar but not sure how to integrate multiple stripe payment gateways into woo commerce.. i was relieved when i have seen this project, but i couldnt understand nor my entry level developer on how to connect this into the stripe plugin by woocommerce. Could you please help me out.
Hi everyone.
I have had the same idea that you have had in this post.
Thanks for providing the hooks. That will allow you to develop without wasting so much time.
I have not yet tried to carry it out. First, I would like to rephrase a question about security.
If we wanted to make a payment in Stripe from scratch, I see in its documentation:
https://stripe.com/docs/checkout/integration-builder
It seems that it does not ask us at any MOMENT to enter the secret key in our code.
However, with your method we should write in plain text in our code, which is on the server, both the public key and the secret key.
This worries me because a hacker if he got access to the server or through reverse engineering could get the secret key from us.
I do not understand how it is possible that in the Stripe documentation they do not force to insert the secret key and by this method they do. Am I forgetting something?
I'm inexperienced with Stripe.
Greetings to all.
@Neshable - what about the stripe webhook signing secret?