Skip to content

Instantly share code, notes, and snippets.

@amfeng

amfeng/index.php

Last active May 20, 2020
Embed
What would you like to do?
Stripe OAuth Example -- PHP
<?php
define('CLIENT_ID', 'YOUR_CLIENT_ID');
define('API_KEY', 'YOUR_API_KEY');
define('TOKEN_URI', 'https://connect.stripe.com/oauth/token');
define('AUTHORIZE_URI', 'https://connect.stripe.com/oauth/authorize');
if (isset($_GET['code'])) { // Redirect w/ code
$code = $_GET['code'];
$token_request_body = array(
'client_secret' => API_KEY,
'grant_type' => 'authorization_code',
'client_id' => CLIENT_ID,
'code' => $code,
);
$req = curl_init(TOKEN_URI);
curl_setopt($req, CURLOPT_RETURNTRANSFER, true);
curl_setopt($req, CURLOPT_POST, true );
curl_setopt($req, CURLOPT_POSTFIELDS, http_build_query($token_request_body));
// TODO: Additional error handling
$respCode = curl_getinfo($req, CURLINFO_HTTP_CODE);
$resp = json_decode(curl_exec($req), true);
curl_close($req);
echo $resp['access_token'];
} else if (isset($_GET['error'])) { // Error
echo $_GET['error_description'];
} else { // Show OAuth link
$authorize_request_body = array(
'response_type' => 'code',
'scope' => 'read_write',
'client_id' => CLIENT_ID
);
$url = AUTHORIZE_URI . '?' . http_build_query($authorize_request_body);
echo "<a href='$url'>Connect with Stripe</a>";
}
?>
@onassar

This comment has been minimized.

Copy link

@onassar onassar commented Oct 16, 2012

Built an OAuth2 library in PHP to help with this flow.
Named PHP-StripeOAuth, the goal was to provide a clean wrapper for the redirects and and data-access.
Let me know if you have any feedback :)

@achraf52

This comment has been minimized.

Copy link

@achraf52 achraf52 commented Jul 26, 2014

Thank you for sharing such an useful piece of code.

@ferozpuri

This comment has been minimized.

Copy link

@ferozpuri ferozpuri commented Aug 19, 2014

hello there, i am using this code and change client id and api key with my account, but i am receiving null response.

here is my code..

define('CLIENT_ID', 'ca_4auFMvHC6upU1wymeMUXsMHIpuKREeP3');
define('API_KEY', 'sk_test_fGPhznwVgzGmiPqrIPoG1WwP');

define('TOKEN_URI', 'https://connect.stripe.com/oauth/token');
define('AUTHORIZE_URI', 'https://connect.stripe.com/oauth/authorize');

if (isset($_GET['code'])) { // Redirect w/ code
$code = $_GET['code'];

$token_request_body = array(
  'client_secret' => API_KEY,
  'grant_type' => $_GET['scope'],
  'client_id' => CLIENT_ID,
  'code' => $code,
);
var_dump($token_request_body);
$req = curl_init(TOKEN_URI);
curl_setopt($req, CURLOPT_RETURNTRANSFER, true);
curl_setopt($req, CURLOPT_POST, true );
curl_setopt($req, CURLOPT_POSTFIELDS, http_build_query($token_request_body));

// TODO: Additional error handling
$respCode = curl_getinfo($req, CURLINFO_HTTP_CODE);

$resp = json_decode(curl_exec($req), true);
curl_close($req);

echo $resp['access_token'];
var_dump($resp);

} else if (isset($_GET['error'])) { // Error
echo $_GET['error_description'];
} else { // Show OAuth link
$authorize_request_body = array(
'response_type' => 'code',
'scope' => 'read_write',
'client_id' => CLIENT_ID
);

$url = AUTHORIZE_URI . '?' . http_build_query($authorize_request_body);
echo "<a href='$url'>Connect with Stripe</a>";

}

@orliXdx

This comment has been minimized.

Copy link

@orliXdx orliXdx commented Nov 28, 2014

same problem as ferozpuri

@amfeng

This comment has been minimized.

Copy link
Owner Author

@amfeng amfeng commented Dec 11, 2014

Hi all, for those of you who are trying to use this code locally and getting blank responses, this might help:

http://stackoverflow.com/questions/18971983/curl-requires-curlopt-ssl-verifypeer-false

@Jeff-P

This comment has been minimized.

Copy link

@Jeff-P Jeff-P commented Feb 14, 2015

Thank you

@habib9861

This comment has been minimized.

Copy link

@habib9861 habib9861 commented Apr 10, 2015

@amfeng I still get the blank response

@bybelani

This comment has been minimized.

Copy link

@bybelani bybelani commented Apr 23, 2015

@amfeng I also get the black response.....i have included the certificate as well. i got the access_code but how to get the users credentials?
this is my code. please help me ASAP...

        $code = $_GET['code'];

        $token_request_body = array(
            'grant_type' => 'authorization_code',
            'client_id' => '*****************************',
            'code' => $code,
            'client_secret' => '*********************************'
        );


        $path = asset_url()."cacert.pem"; //path of my certificate file

        $req = curl_init(TOKEN_URI);
        curl_setopt($req, CURLOPT_SSL_VERIFYPEER, TRUE);
        curl_setopt($req, CURLOPT_CAINFO, $path);
        curl_setopt($req, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($req, CURLOPT_POST, true );
        curl_setopt($req, CURLOPT_POSTFIELDS, http_build_query($token_request_body));



        // TODO: Additional error handling
        $respCode = curl_getinfo($req, CURLINFO_HTTP_CODE);
        $resp = json_decode(curl_exec($req), true);
        curl_close($req);

        echo $resp['access_token'];
@bybelani

This comment has been minimized.

Copy link

@bybelani bybelani commented Apr 24, 2015

okey...problem solved. Have to put certificate file. and though i was running it on offline, i have to give value as "false" in "CURLOPT_SSL_VERIFYPEER".

@nikitabanthiya91

This comment has been minimized.

Copy link

@nikitabanthiya91 nikitabanthiya91 commented Jun 29, 2015

getting blank response !!!!!!!!!!!!!!!!!!!!

@nikitabanthiya91

This comment has been minimized.

Copy link

@nikitabanthiya91 nikitabanthiya91 commented Jun 29, 2015

helpp me !!!!!

@punit-gajjar

This comment has been minimized.

Copy link

@punit-gajjar punit-gajjar commented Aug 25, 2015

getting blank response !!!!!!!!!!!!!!!!!!!!

@phirschybar

This comment has been minimized.

Copy link

@phirschybar phirschybar commented Nov 4, 2015

is this available in Stripe's native API library? Seems silly to do raw CURL if not necessary.

@plhoangan

This comment has been minimized.

Copy link

@plhoangan plhoangan commented Sep 21, 2016

Getting blank response!

@mnpenner

This comment has been minimized.

Copy link

@mnpenner mnpenner commented Jan 29, 2017

You have to call curl_exec before you can call curl_getinfo($req, CURLINFO_HTTP_CODE), otherwise it will return 0.

Other than that, this code worked fine for me.

@AntonShapoval

This comment has been minimized.

Copy link

@AntonShapoval AntonShapoval commented Feb 1, 2017

Thank you very much!!!

@MuhammedMahdy

This comment has been minimized.

Copy link

@MuhammedMahdy MuhammedMahdy commented Apr 16, 2017

still got blank response

@drumpus

This comment has been minimized.

Copy link

@drumpus drumpus commented Oct 9, 2017

@mnpenner wins with the comment about curl_exec before curl_getinfo -- thank you!

@thadallender

This comment has been minimized.

Copy link

@thadallender thadallender commented Dec 2, 2017

My integration with Stripe stopped working all of the sudden in Nov. of 2017. Something must've changed in their API. It took many hours of troubleshooting, but here are the steps I took to debug/test/fix my integration:

  1. I had to set user-agent to empty string in my request:
    curl_setopt( $ch, CURLOPT_USERAGENT, '' );
    This is not documented anywhere in their docs.
  2. As others have mentioned, you must have a valid crt file when making local curl requests. Follow these instructions.
  3. As others have suggested, please do not set 'CURLOPT_SSL_VERIFYPEER' to false. You'll open yourself up to man in the middle attacks. If you do #2 correctly, you shouldn't have this problem. Some of the examples above show a relative or web path to the crt file. This is incorrect. It should be a full valid filepath, like /var/crt/cacrt.pem. It's best to set this in php.ini, which ensures all curl requests work.
@dekple

This comment has been minimized.

Copy link

@dekple dekple commented Nov 19, 2018

I am getting the error "Cannot POST /pages/index.php". Both index.php and my HTML file are in the same folders. The only edit I did was add my Client ID and Secret Key on the first two define lines. I then call it on my HTML code with the following:

In head
<script type="text/javascript"> function proceed() { var form = document.createElement('form'); form.setAttribute('method', 'post'); form.setAttribute('action', 'index.php'); form.style.display = 'hidden'; document.body.appendChild(form) form.submit(); } </script>

In body via my button

<script>proceed();</script>
@z-zhang123

This comment has been minimized.

Copy link

@z-zhang123 z-zhang123 commented Apr 14, 2019

I found 3 files in the /ssl/certs/ folder
and 2 files in the /ssl/keys/ folders
but cannot find a cacert.pem file.

where is the cacert.pem file located in a standard install of cPanel?

@ryderx

This comment has been minimized.

Copy link

@ryderx ryderx commented May 20, 2020

Hi i am getting the following error
array(4) { ["client_secret"]=> string(42) "sk_test_xZZKjDRsPZb0z3KWvOCK0uXf00amK9apPF" ["grant_type"]=> NULL ["client_id"]=> string(35) "ca_HFVybE89S1Jse3hapX45PqAMaCFfI3Mr" ["code"]=> string(35) "ac_HJKaA5JoCzOwofYAxd0OYkYA4qodf78y" } array(2) { ["error"]=> string(15) "invalid_request" ["error_description"]=> string(23) "No grant type specified" }

this is my code:

API_KEY, 'grant_type' => $_GET['authorization_code'], 'client_id' => CLIENT_ID, 'code' => $code, ); var_dump($token_request_body); $req = curl_init(TOKEN_URI); curl_setopt($req, CURLOPT_RETURNTRANSFER, true); curl_setopt($req, CURLOPT_POST, true ); curl_setopt($req, CURLOPT_POSTFIELDS, http_build_query($token_request_body)); // TODO: Additional error handling $resp = json_decode(curl_exec($req), true); $respCode = curl_getinfo($req, CURLINFO_HTTP_CODE); curl_close($req); echo $resp['access_token']; var_dump($resp); } else if (isset($_GET['error'])) { // Error echo $_GET['error_description']; } else { // Show OAuth link $authorize_request_body = array( 'response_type' => 'code', 'scope' => 'read_write', 'client_id' => CLIENT_ID ); $url = AUTHORIZE_URI . '?' . http_build_query($authorize_request_body); echo "Connect with Stripe"; } any help is welcome thank you in advance
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.