Created
July 8, 2019 10:20
-
-
Save Neshable/d0cde5bbc2dd9719909e35dd091696c7 to your computer and use it in GitHub Desktop.
Woocommerce Multiple Stripe Accounts Support
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Dynamically change Stripe keys upon conditions | |
| */ | |
| if ( !class_exists( 'Woo_Conditional_Stripe_Keys' ) ) { | |
| class Woo_Conditional_Stripe_Keys { | |
| /** | |
| * Stripe Live publishable key | |
| * | |
| * @var string | |
| */ | |
| private $publishable_key; | |
| /** | |
| * Stripe secret key | |
| * | |
| * @var string | |
| */ | |
| private $secret_key; | |
| public function __construct( $publishable_key, $secret_key ) { | |
| // set the keys | |
| $this->publishable_key = $publishable_key; | |
| $this->secret_key = base64_encode( $secret_key ); | |
| // $params[‘stripe’][‘key’] contains the publishable key. This is run when the checkout page is loaded. | |
| add_filter( 'wc_stripe_payment_request_params', [ $this, 'wc_stripe_payment_request_params_function' ], 10, 3 ); | |
| //$params[‘key’] contains the publishable key. This is run when the page is loaded. | |
| add_filter( 'wc_stripe_params', array( $this, 'wc_stripe_params_function' ), 10, 3 ); | |
| // he “authorization” field here contains the base-64 encoded secret key. This is run when the payment is made. | |
| add_filter( 'woocommerce_stripe_request_headers', [ $this, 'woocommerce_stripe_request_headers_function' ], 10, 3 ); | |
| } | |
| public function wc_stripe_payment_request_params_function( $params ) { | |
| $params[ 'stripe' ][ 'key' ] = $this->publishable_key; | |
| return $params; | |
| } | |
| /** | |
| * Localized JS key/value pair. | |
| * | |
| * @param $params | |
| * | |
| * @return mixed | |
| */ | |
| public function wc_stripe_params_function( $params ) { | |
| $params[ 'key' ] = $this->publishable_key; | |
| return $params; | |
| } | |
| /** | |
| * Headers parameters for cURL requests. | |
| * | |
| * @see https://docs.woocommerce.com/document/stripe/ | |
| * | |
| * @param $headers_args | |
| * | |
| * @return mixed | |
| */ | |
| public function woocommerce_stripe_request_headers_function( $headers_args ) { | |
| $headers_args[ 'Authorization' ] = 'Basic ' . $this->secret_key; | |
| return $headers_args; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi everyone.
I have had the same idea that you have had in this post.
Thanks for providing the hooks. That will allow you to develop without wasting so much time.
I have not yet tried to carry it out. First, I would like to rephrase a question about security.
If we wanted to make a payment in Stripe from scratch, I see in its documentation:
https://stripe.com/docs/checkout/integration-builder
It seems that it does not ask us at any MOMENT to enter the secret key in our code.
However, with your method we should write in plain text in our code, which is on the server, both the public key and the secret key.
This worries me because a hacker if he got access to the server or through reverse engineering could get the secret key from us.
I do not understand how it is possible that in the Stripe documentation they do not force to insert the secret key and by this method they do. Am I forgetting something?
I'm inexperienced with Stripe.
Greetings to all.