Sample OAuth Applications

    Use our sample code to fast-track your OAuth application when working with Standard or Express Connect accounts.

    The sample code below can be used for your OAuth flow, although you may want to consider a client library instead of handling the implementation yourself.

    # See full code example here: https://gist.github.com/2314782
    
    # Using OAuth2 gem by Intridea (https://github.com/intridea/oauth2).
    
    # Additionally, check out this OmniAuth Stripe Connect gem:
    # https://github.com/isaacsanders/omniauth-stripe-connect
    
    configure do
      config = YAML::load(File.open('config.yml'))
    
      set :api_key, config['api_key']
      set :client_id, config['client_id']
    
      options = {
        :site => 'https://connect.stripe.com',
        :authorize_url => '/oauth/authorize',
        :token_url => '/oauth/token'
      }
    
      set :client, OAuth2::Client.new(settings.client_id, settings.api_key, options)
    end
    
    get '/authorize' do
      params = {
        :scope => 'read_write'
      }
    
      # Redirect the user to the authorize_uri endpoint
      url = settings.client.auth_code.authorize_url(params)
      redirect url
    end
    
    get '/oauth/callback' do
      # Pull the authorization_code out of the response
      code = params[:code]
    
      # Make a request to the access_token_uri endpoint to get an access_token
      @resp = settings.client.auth_code.get_token(code, :params => {:scope => 'read_write'})
      @access_token = @resp.token
    
      # Use the access_token as you would a regular live-mode API key
      # TODO: Stripe logic
    
      erb :callback
    end
    
    # See full code example here: https://gist.github.com/3517668
    
    @app.route('/authorize')
    def authorize:
      site = app.config['SITE'] + app.config['AUTHORIZE_URI']
      params = {
        "response_type": "code",
        "scope": "read_write",
        "client_id": app.config['CLIENT_ID']
      }
    
      # Redirect to Stripe /oauth/authorize endpoint
      url = site + '?' + urllib.urlencode(params)
      return redirect(url)
    
    @app.route('/oauth/callback')
    def callback:
      code = request.args.get('code')
      data = {
        "grant_type": "authorization_code",
        "client_id": app.config['CLIENT_ID'],
        "client_secret": app.config['API_KEY']
        "code": code
      }
    
      # Make /oauth/token endpoint POST request
      url = app.config['SITE'] + app.config['TOKEN_URI']
      resp = requests.post(url, params=data)
    
      # Grab access_token (use this as your user's API key)
      token = resp.json().get('access_token')
      return render_template('callback.html', token=token)
    
    // See full code example here: https://gist.github.com/3507366
    
    if (isset($_GET['code'])) { // Redirect w/ code
      $code = $_GET['code'];
    
      $token_request_body = array(
        'grant_type' => 'authorization_code',
        'client_id' => '',
        'code' => $code,
        'client_secret' => 'sk_test_BQokikJOvBiI2HlWgH4olfQ2'
      );
    
      $req = curl_init(TOKEN_URI);
      curl_setopt($req, CURLOPT_RETURNTRANSFER, true);
      curl_setopt($req, CURLOPT_POST, true );
      curl_setopt($req, CURLOPT_POSTFIELDS, http_build_query($token_request_body));
    
      // TODO: Additional error handling
      $respCode = curl_getinfo($req, CURLINFO_HTTP_CODE);
      $resp = json_decode(curl_exec($req), true);
      curl_close($req);
    
      echo $resp['access_token'];
    } else if (isset($_GET['error'])) { // Error
      echo $_GET['error_description'];
    } else { // Show OAuth link
      $authorize_request_body = array(
        'response_type' => 'code',
        'scope' => 'read_write',
        'client_id' => ''
      );
    
      $url = AUTHORIZE_URI . '?' . http_build_query($authorize_request_body);
      echo "<a href='$url'>Connect with Stripe</a>";
    }
    
    // See full code example here: https://gist.github.com/4e5cf13ccc98124b1551
    
    // Using Spark framework (http://sparkjava.com)
    
    get(new Route("/authorize") {
        @Override
        public Object handle(Request request, Response response) {
            URI uri = new URIBuilder(AUTHORIZE_URI)
                    .setParameter("response_type", "code")
                    .setParameter("scope", "read_write")
                    .setParameter("client_id", CLIENT_ID)
                    .build();
    
            // Redirect to Stripe /oauth/authorize endpoint
            response.status(201);
            response.redirect(uri.toString());
            return "";
        }
    });
    
    get(new FreeMarkerRoute("/oauth/callback") {
        @Override
        public ModelAndView handle(Request request, Response response) {
            Map<String, Object> viewObjects = new HashMap<String, Object>();
    
            CloseableHttpClient httpClient = HttpClients.createDefault();
            String code = request.queryParams("code");
            URI uri = new URIBuilder(TOKEN_URI)
                    .setParameter("client_secret", API_KEY)
                    .setParameter("grant_type", "authorization_code")
                    .setParameter("client_id", CLIENT_ID)
                    .setParameter("code", code)
                    .build();
    
            // Make /oauth/token endpoint POST request
            HttpPost httpPost = new HttpPost(uri);
            CloseableHttpResponse resp = httpClient.execute(httpPost);
    
            // Grab access_token (use this as your user's API key)
            String bodyAsString = EntityUtils.toString(resp.getEntity());
            Type t = new TypeToken<Map<String, String>>() { }.getType();
            Map<String, String> map = new GsonBuilder().create().fromJson(bodyAsString, t);
            String token = map.get("access_token");
    
            viewObjects.put("token", token);
            return modelAndView(viewObjects, "callback.ftl");
        }
    });
    
    // See full code example here: https://gist.github.com/7109113
    
    app.get("/authorize", function(req, res) {
      // Redirect to Stripe /oauth/authorize endpoint
      res.redirect(AUTHORIZE_URI + "?" + qs.stringify({
        response_type: "code",
        scope: "read_write",
        client_id: CLIENT_ID
      }));
    });
    
    app.get("/oauth/callback", function(req, res) {
    
      var code = req.query.code;
    
      // Make /oauth/token endpoint POST request
      request.post({
        url: TOKEN_URI,
        form: {
          grant_type: "authorization_code",
          client_id: CLIENT_ID,
          code: code,
          client_secret: API_KEY
        }
      }, function(err, r, body) {
    
        var accessToken = JSON.parse(body).access_token;
    
        // Do something with your accessToken
    
        // For demo"s sake, output in response:
        res.send({ "Your Token": accessToken });
    
      });
    });