I'm seriously struggling to create a Stripe Connect account from my IOS Application using swift and firebase. I can't seem to find any documentation on how this would be possible. I creating an app which allows users to do jobs for each other which of course means pay each other. How can I implement this in my app?
I think onboarding users is the biggest difficulty in iOS because(as far as I know) their are only two ways to do this. One, is to use Stripe Onboarding which requires you to take your user to a link where stripe onboards for you. The other, option is building out your own UI flow to manually collect all the information yourself and update their account through the Stripe API.
However, creating an account is simple. Here is an example of it implemented in Node.js!
stripe.accounts.create(
{
type: 'standard',
country: 'US',
email: email,
requested_capabilities: [
'card_payments',
'transfers',
],
},
function(err, account) {
if (err) {
console.log("Couldn't create stripe account: " + err)
reject(err)
}
console.log("ACCOUNT: " + account.id)
response.body = {success: account.id}
return res.send(response)
}
);
stripe.dev/stripe-ios/docs
Related
I am developing an app in which payment automation is an functionality.
What is required is that Account details need to be filled by my app, so that no need of manual typing.
I know I can open app using url_launcher package, but I don't know how to pass data?
and how to map data with the different textfield of the selected app .
I am going to consider any UPI enabled payment application here and you want to pass data like reciever name, upi ID, total amount and a transactional note.
Future<UpiResponse> initiateTransaction(UpiApp app) async {
return _upiIndia.startTransaction(
app: app,
receiverUpiId: "9078600498#ybl",
receiverName: 'Md Azharuddin',
transactionRefId: 'TestingUpiIndiaPlugin',
transactionNote: 'Not actual. Just an example.',
amount: 1.00,
);
}
You can use upi_india but this is not limited to just upi_india.
You have other packages like stripe and flutter pay which also has similar functionality
Noobish Dev here. I'm developing an app that involves processing payments between customers and a particular service, the app would take a fee and pay the service provider directly to their bank accounts. Looking for advice really or perhaps a better implementation.
Anyway, after watching some tutorials online I developed the app to use my own form to handle a customers card data and send directly to Stripes API with curl request. In this instance to attach the card to a customer account. I find that stripe requires the apps/websites be PCI compliant when handling data and to not use custom form handling for fear of retaining card data, that leaves me stuck as this particular method we use by directly interacting with the API (I'm using Dio) is not recommended by Stripe as advised below.
App screenshot :
The snippet of code (works fine by the way):
Future<void> addCard(
{int cardNumber,
int month,
int year,
int cvc,
String stripeId,
String userId,
String cardHolderName,
String email}) async {
Map body = {
"type": "card",
"card[number]": cardNumber,
"card[exp_month]": month,
"card[exp_year]": year,
"card[cvc]": cvc,
"billing_details[name]": cardHolderName,
"billing_details[email]": email
};
dynamic stripeResponse;
try {
print('Successfully added payment method id $paymentMethodUrl');
Dio dio = Dio();
await dio
.post(paymentMethodUrl,
data: body,
options: Options(
contentType: Headers.formUrlEncodedContentType,
headers: headers))
.then((response) {
print(response.data);
stripeResponse = response;
String paymentId = response.data['id'];
Map stripeCustomer = {"customer": UserData.stripeID};
try {
dio
.post('$paymentMethodUrl/$paymentId/attach',
data: stripeCustomer,
options: Options(
contentType: Headers.formUrlEncodedContentType,
headers: headers))
.then((response) {
print(response.data);
print('Attached successfully');
});
} on DioError catch (e) {
print('Error attaching card to customer: ${e.response.data['error']['message']}');
}
});
} on DioError catch (e) {
print(stripeResponse);
print('Error adding card: ${e.response.data['error']['message']}');
}
}
https://stripe.com/docs/security#pci-dss-guidelines
The easiest way to be PCI compliant is as advised by Stripe:
Use one of our recommended payments integrations to collect payment information, which is securely transmitted directly to Stripe without it passing through your servers
Serve your payment pages securely using Transport Layer Security (TLS) so that they make use of HTTPS
Anyway I would appreciate it if anyone could give me some advice on this or maybe I'm misunderstanding something when it comes to compliance. I might just instead use Apple pay and Google pay if this option is not viable as I don't want to get into trouble if I'm not PCI compliant due to handing card data.
Thanks in advance.
As stated in thisSO post:
The sensitive information governed by PCI (i.e. raw card data) is sent
directly from the client to Stripe. Stripe creates a Payment Method to
represent that data (pm_) and returns that to the client so it can be
referenced from there.
However, Payment Intents must be created server-side in a secure
context with a secret or restricted API key, then the Payment Intent's
client secret should be sent to the client to allow for client-side
confirmation.
The section about validating your PCI compliance in Stripe's integration security guide has more information.
And as mentioned in the comment, you can explore using the plugins to provide all the functions you need for your app. I suggest to look into this flutter_stripe which was published by flutterstripe.io. You can also check out this blog(https://flutterstripe.medium.com/announcing-the-flutter-sdk-for-stripe-1ba2b3ee667c) where it was mentioned about the security feature that the package could offer:
Secure by default
SCA-Ready: The SDK automatically performs native 3D Secure authentication if needed
to comply with Strong Customer
Authentication
regulation in Europe.
PCI compliant: as the plugin does not handle sensitive information (such as credit card credentials) the plugin is PCI
compliant by default. You can find out more about PCI compliance and
why it’s important here.
I am using the orders version 2 APIs of Physical transaction using Google Pay and using Stripe as the payment gateway.
While testing the app using Stripe test publishable I am able to make transactions successfully but when I use the Stripe Live publishable key to generate the chargeable token from Google, the assistant replies with "Something went wrong. Please try again later.". This is happening when I make the conv.ask(new TransactionDecision({})) call.
I get the same response using either of the keys when I disable the Sandbox in the action console simulator.
This response has no error attached with it so I am unable to figure out the cause.
Here is the code-
conv.ask(new TransactionDecision({
orderOptions: {
requestDeliveryAddress: false,
},
paymentOptions: {
googleProvidedOptions: {
prepaidCardDisallowed: false,
supportedCardNetworks: ['VISA', 'AMEX', 'MASTERCARD'],
tokenizationParameters: {
// Tokenization parameter data will be provided by
// a payment processor, like Stripe, Braintree, Vantiv, etc.
parameters: {
'gateway': 'stripe',
'stripe:version': '2019-05-16',
'stripe:publishableKey': process.env.CS_ENV === 'prod' ? process.env.STRIPE_LIVE_PUBLISHABLE_KEY : process.env.STRIPE_TEST_PUBLISHABLE_KEY
},
tokenizationType: 'PAYMENT_GATEWAY',
},
},
},
proposedOrder: order,
}));
is it possible to use only the firebase auth and then create an own api with own database?
So I write an REST API which uses the firebase token to authentificate.
Thanks!
It depends on the technology that you will be using for the backend API. There is a Firebase Admin SDK, that is aimed at Java, Python and Node developers, but I think the functionality that you are looking for is only available in the Node SDK (although I believe that there are workarounds for this).
The way this works is that after your user signs in on the client side, they can request a token using firebase.auth().currentUser.getIdToken() which can then be passed to your backend which can then be verified, see the below example for how it could be done using Node and Restify.
const server = restify.createServer({});
server.use(validateJwt);
function validateJwt(req, res, next) {
if(!req.headers.token){
//reject
}
admin.auth().verifyIdToken(req.headers.token).then(decodedToken=>{
console.log(`token for user ${decodedToken.sub} valid`);
admin.auth().getUser(decodedToken.sub).then(user=>{
console.log(`fetched user ${user.email}`);
next();
}).catch(err=>{
res.send(500, 'the user with the ID does not exist in firebase');
})
}).catch(err=>{
console.log(`token validation failed: ${err}`);
res.send(401, 'authentication failed')});
}
I believe you should be able to do this, by using Firebase to authorise the user and then allow read access to a link securely stored for authenticated users only. This could then link to the database, if this is what you mean. I'd assume you may have already started here, but this is where to start Understand Firebase Realtime Database Rules
I need to add Google login in my Ionic v2 app.
Currently I cannot use the Ionic Authentication service because it's not ready for v2 yet.
I've also tried the ng2-cordova-oauth plugin but I cannot use ionic serve or Ionic View to test the authentication which is a huge inconvenience for me because I no longer have an easy way to show the app to the client.
So... any alternative?
Firebase user authentication is an alternative , you can implement google authentification with few lines of code
var ref = new Firebase("https://<YOUR-FIREBASE-APP>.firebaseio.com");
ref.authWithOAuthPopup("google", function(error, authData) {
if (error) {
console.log("Login Failed!", error);
} else {
console.log("Authenticated successfully with payload:", authData);
}
});
please see the documentation here firebase documentation