Skip to content

Instantly share code, notes, and snippets.

@amfeng
Last active October 16, 2024 21:27
Show Gist options
  • Save amfeng/3507366 to your computer and use it in GitHub Desktop.
Save amfeng/3507366 to your computer and use it in GitHub Desktop.
Stripe OAuth Example -- PHP
<?php
define('CLIENT_ID', 'YOUR_CLIENT_ID');
define('API_KEY', 'YOUR_API_KEY');
define('TOKEN_URI', 'https://connect.stripe.com/oauth/token');
define('AUTHORIZE_URI', 'https://connect.stripe.com/oauth/authorize');
if (isset($_GET['code'])) { // Redirect w/ code
$code = $_GET['code'];
$token_request_body = array(
'client_secret' => API_KEY,
'grant_type' => 'authorization_code',
'client_id' => CLIENT_ID,
'code' => $code,
);
$req = curl_init(TOKEN_URI);
curl_setopt($req, CURLOPT_RETURNTRANSFER, true);
curl_setopt($req, CURLOPT_POST, true );
curl_setopt($req, CURLOPT_POSTFIELDS, http_build_query($token_request_body));
// TODO: Additional error handling
$respCode = curl_getinfo($req, CURLINFO_HTTP_CODE);
$resp = json_decode(curl_exec($req), true);
curl_close($req);
echo $resp['access_token'];
} else if (isset($_GET['error'])) { // Error
echo $_GET['error_description'];
} else { // Show OAuth link
$authorize_request_body = array(
'response_type' => 'code',
'scope' => 'read_write',
'client_id' => CLIENT_ID
);
$url = AUTHORIZE_URI . '?' . http_build_query($authorize_request_body);
echo "<a href='$url'>Connect with Stripe</a>";
}
?>
@ferozpuri
Copy link

hello there, i am using this code and change client id and api key with my account, but i am receiving null response.

here is my code..

define('CLIENT_ID', 'ca_4auFMvHC6upU1wymeMUXsMHIpuKREeP3');
define('API_KEY', 'sk_test_fGPhznwVgzGmiPqrIPoG1WwP');

define('TOKEN_URI', 'https://connect.stripe.com/oauth/token');
define('AUTHORIZE_URI', 'https://connect.stripe.com/oauth/authorize');

if (isset($_GET['code'])) { // Redirect w/ code
$code = $_GET['code'];

$token_request_body = array(
  'client_secret' => API_KEY,
  'grant_type' => $_GET['scope'],
  'client_id' => CLIENT_ID,
  'code' => $code,
);
var_dump($token_request_body);
$req = curl_init(TOKEN_URI);
curl_setopt($req, CURLOPT_RETURNTRANSFER, true);
curl_setopt($req, CURLOPT_POST, true );
curl_setopt($req, CURLOPT_POSTFIELDS, http_build_query($token_request_body));

// TODO: Additional error handling
$respCode = curl_getinfo($req, CURLINFO_HTTP_CODE);

$resp = json_decode(curl_exec($req), true);
curl_close($req);

echo $resp['access_token'];
var_dump($resp);

} else if (isset($_GET['error'])) { // Error
echo $_GET['error_description'];
} else { // Show OAuth link
$authorize_request_body = array(
'response_type' => 'code',
'scope' => 'read_write',
'client_id' => CLIENT_ID
);

$url = AUTHORIZE_URI . '?' . http_build_query($authorize_request_body);
echo "<a href='$url'>Connect with Stripe</a>";

}

@orliXdx
Copy link

orliXdx commented Nov 28, 2014

same problem as ferozpuri

@amfeng
Copy link
Author

amfeng commented Dec 11, 2014

Hi all, for those of you who are trying to use this code locally and getting blank responses, this might help:

http://stackoverflow.com/questions/18971983/curl-requires-curlopt-ssl-verifypeer-false

@Jeff-P
Copy link

Jeff-P commented Feb 14, 2015

Thank you

@habib9861
Copy link

@amfeng I still get the blank response

@bybelani
Copy link

@amfeng I also get the black response.....i have included the certificate as well. i got the access_code but how to get the users credentials?
this is my code. please help me ASAP...

        $code = $_GET['code'];

        $token_request_body = array(
            'grant_type' => 'authorization_code',
            'client_id' => '*****************************',
            'code' => $code,
            'client_secret' => '*********************************'
        );


        $path = asset_url()."cacert.pem"; //path of my certificate file

        $req = curl_init(TOKEN_URI);
        curl_setopt($req, CURLOPT_SSL_VERIFYPEER, TRUE);
        curl_setopt($req, CURLOPT_CAINFO, $path);
        curl_setopt($req, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($req, CURLOPT_POST, true );
        curl_setopt($req, CURLOPT_POSTFIELDS, http_build_query($token_request_body));



        // TODO: Additional error handling
        $respCode = curl_getinfo($req, CURLINFO_HTTP_CODE);
        $resp = json_decode(curl_exec($req), true);
        curl_close($req);

        echo $resp['access_token'];

@bybelani
Copy link

okey...problem solved. Have to put certificate file. and though i was running it on offline, i have to give value as "false" in "CURLOPT_SSL_VERIFYPEER".

@nikitabanthiya91
Copy link

getting blank response !!!!!!!!!!!!!!!!!!!!

@nikitabanthiya91
Copy link

helpp me !!!!!

@punit-gajjar
Copy link

getting blank response !!!!!!!!!!!!!!!!!!!!

@phirschybar
Copy link

is this available in Stripe's native API library? Seems silly to do raw CURL if not necessary.

@plhoangan
Copy link

Getting blank response!

@mnpenner
Copy link

You have to call curl_exec before you can call curl_getinfo($req, CURLINFO_HTTP_CODE), otherwise it will return 0.

Other than that, this code worked fine for me.

@AntonShapoval
Copy link

Thank you very much!!!

@MuhammedMahdy
Copy link

still got blank response

@drumpus
Copy link

drumpus commented Oct 9, 2017

@mnpenner wins with the comment about curl_exec before curl_getinfo -- thank you!

@thadallender
Copy link

My integration with Stripe stopped working all of the sudden in Nov. of 2017. Something must've changed in their API. It took many hours of troubleshooting, but here are the steps I took to debug/test/fix my integration:

  1. I had to set user-agent to empty string in my request:
    curl_setopt( $ch, CURLOPT_USERAGENT, '' );
    This is not documented anywhere in their docs.
  2. As others have mentioned, you must have a valid crt file when making local curl requests. Follow these instructions.
  3. As others have suggested, please do not set 'CURLOPT_SSL_VERIFYPEER' to false. You'll open yourself up to man in the middle attacks. If you do #2 correctly, you shouldn't have this problem. Some of the examples above show a relative or web path to the crt file. This is incorrect. It should be a full valid filepath, like /var/crt/cacrt.pem. It's best to set this in php.ini, which ensures all curl requests work.

@dekple
Copy link

dekple commented Nov 19, 2018

I am getting the error "Cannot POST /pages/index.php". Both index.php and my HTML file are in the same folders. The only edit I did was add my Client ID and Secret Key on the first two define lines. I then call it on my HTML code with the following:

In head
<script type="text/javascript"> function proceed() { var form = document.createElement('form'); form.setAttribute('method', 'post'); form.setAttribute('action', 'index.php'); form.style.display = 'hidden'; document.body.appendChild(form) form.submit(); } </script>

In body via my button

<script>proceed();</script>

@z-zhang123
Copy link

I found 3 files in the /ssl/certs/ folder
and 2 files in the /ssl/keys/ folders
but cannot find a cacert.pem file.

where is the cacert.pem file located in a standard install of cPanel?

@ryderx
Copy link

ryderx commented May 20, 2020

Hi i am getting the following error
array(4) { ["client_secret"]=> string(42) "sk_test_xZZKjDRsPZb0z3KWvOCK0uXf00amK9apPF" ["grant_type"]=> NULL ["client_id"]=> string(35) "ca_HFVybE89S1Jse3hapX45PqAMaCFfI3Mr" ["code"]=> string(35) "ac_HJKaA5JoCzOwofYAxd0OYkYA4qodf78y" } array(2) { ["error"]=> string(15) "invalid_request" ["error_description"]=> string(23) "No grant type specified" }

this is my code:

API_KEY, 'grant_type' => $_GET['authorization_code'], 'client_id' => CLIENT_ID, 'code' => $code, ); var_dump($token_request_body); $req = curl_init(TOKEN_URI); curl_setopt($req, CURLOPT_RETURNTRANSFER, true); curl_setopt($req, CURLOPT_POST, true ); curl_setopt($req, CURLOPT_POSTFIELDS, http_build_query($token_request_body)); // TODO: Additional error handling $resp = json_decode(curl_exec($req), true); $respCode = curl_getinfo($req, CURLINFO_HTTP_CODE); curl_close($req); echo $resp['access_token']; var_dump($resp); } else if (isset($_GET['error'])) { // Error echo $_GET['error_description']; } else { // Show OAuth link $authorize_request_body = array( 'response_type' => 'code', 'scope' => 'read_write', 'client_id' => CLIENT_ID ); $url = AUTHORIZE_URI . '?' . http_build_query($authorize_request_body); echo "Connect with Stripe"; } any help is welcome thank you in advance

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment