Sample OAuth Applications
Use our sample code to fast-track your OAuth application when working with Standard or Express Connect accounts.
The sample code below can be used for your OAuth flow, although you may want to consider a client library instead of handling the implementation yourself.
# See full code example here: https://gist.github.com/2314782
# Using OAuth2 gem by Intridea (https://github.com/intridea/oauth2).
# Additionally, check out this OmniAuth Stripe Connect gem:
# https://github.com/isaacsanders/omniauth-stripe-connect
configure do
config = YAML::load(File.open('config.yml'))
set :api_key, config['api_key']
set :client_id, config['client_id']
options = {
:site => 'https://connect.stripe.com',
:authorize_url => '/oauth/authorize',
:token_url => '/oauth/token'
}
set :client, OAuth2::Client.new(settings.client_id, settings.api_key, options)
end
get '/authorize' do
params = {
:scope => 'read_write'
}
# Redirect the user to the authorize_uri endpoint
url = settings.client.auth_code.authorize_url(params)
redirect url
end
get '/oauth/callback' do
# Pull the authorization_code out of the response
code = params[:code]
# Make a request to the access_token_uri endpoint to get an access_token
@resp = settings.client.auth_code.get_token(code, :params => {:scope => 'read_write'})
@access_token = @resp.token
# Use the access_token as you would a regular live-mode API key
# TODO: Stripe logic
erb :callback
end
# See full code example here: https://gist.github.com/3517668
@app.route('/authorize')
def authorize:
site = app.config['SITE'] + app.config['AUTHORIZE_URI']
params = {
"response_type": "code",
"scope": "read_write",
"client_id": app.config['CLIENT_ID']
}
# Redirect to Stripe /oauth/authorize endpoint
url = site + '?' + urllib.urlencode(params)
return redirect(url)
@app.route('/oauth/callback')
def callback:
code = request.args.get('code')
data = {
"grant_type": "authorization_code",
"client_id": app.config['CLIENT_ID'],
"client_secret": app.config['API_KEY']
"code": code
}
# Make /oauth/token endpoint POST request
url = app.config['SITE'] + app.config['TOKEN_URI']
resp = requests.post(url, params=data)
# Grab access_token (use this as your user's API key)
token = resp.json().get('access_token')
return render_template('callback.html', token=token)
// See full code example here: https://gist.github.com/3507366
if (isset($_GET['code'])) { // Redirect w/ code
$code = $_GET['code'];
$token_request_body = array(
'grant_type' => 'authorization_code',
'client_id' => '',
'code' => $code,
'client_secret' => 'sk_test_fnpyPSZPjovqm60li7vRs6aB'
);
$req = curl_init(TOKEN_URI);
curl_setopt($req, CURLOPT_RETURNTRANSFER, true);
curl_setopt($req, CURLOPT_POST, true );
curl_setopt($req, CURLOPT_POSTFIELDS, http_build_query($token_request_body));
// TODO: Additional error handling
$respCode = curl_getinfo($req, CURLINFO_HTTP_CODE);
$resp = json_decode(curl_exec($req), true);
curl_close($req);
echo $resp['access_token'];
} else if (isset($_GET['error'])) { // Error
echo $_GET['error_description'];
} else { // Show OAuth link
$authorize_request_body = array(
'response_type' => 'code',
'scope' => 'read_write',
'client_id' => ''
);
$url = AUTHORIZE_URI . '?' . http_build_query($authorize_request_body);
echo "<a href='$url'>Connect with Stripe</a>";
}
// See full code example here: https://gist.github.com/4e5cf13ccc98124b1551
// Using Spark framework (http://sparkjava.com)
get(new Route("/authorize") {
@Override
public Object handle(Request request, Response response) {
URI uri = new URIBuilder(AUTHORIZE_URI)
.setParameter("response_type", "code")
.setParameter("scope", "read_write")
.setParameter("client_id", CLIENT_ID)
.build();
// Redirect to Stripe /oauth/authorize endpoint
response.status(201);
response.redirect(uri.toString());
return "";
}
});
get(new FreeMarkerRoute("/oauth/callback") {
@Override
public ModelAndView handle(Request request, Response response) {
Map<String, Object> viewObjects = new HashMap<String, Object>();
CloseableHttpClient httpClient = HttpClients.createDefault();
String code = request.queryParams("code");
URI uri = new URIBuilder(TOKEN_URI)
.setParameter("client_secret", API_KEY)
.setParameter("grant_type", "authorization_code")
.setParameter("client_id", CLIENT_ID)
.setParameter("code", code)
.build();
// Make /oauth/token endpoint POST request
HttpPost httpPost = new HttpPost(uri);
CloseableHttpResponse resp = httpClient.execute(httpPost);
// Grab access_token (use this as your user's API key)
String bodyAsString = EntityUtils.toString(resp.getEntity());
Type t = new TypeToken<Map<String, String>>() { }.getType();
Map<String, String> map = new GsonBuilder().create().fromJson(bodyAsString, t);
String token = map.get("access_token");
viewObjects.put("token", token);
return modelAndView(viewObjects, "callback.ftl");
}
});
// See full code example here: https://gist.github.com/7109113
app.get("/authorize", function(req, res) {
// Redirect to Stripe /oauth/authorize endpoint
res.redirect(AUTHORIZE_URI + "?" + qs.stringify({
response_type: "code",
scope: "read_write",
client_id: CLIENT_ID
}));
});
app.get("/oauth/callback", function(req, res) {
var code = req.query.code;
// Make /oauth/token endpoint POST request
request.post({
url: TOKEN_URI,
form: {
grant_type: "authorization_code",
client_id: CLIENT_ID,
code: code,
client_secret: API_KEY
}
}, function(err, r, body) {
var accessToken = JSON.parse(body).access_token;
// Do something with your accessToken
// For demo"s sake, output in response:
res.send({ "Your Token": accessToken });
});
});