Laravel Socialite with Stripe Connect

Just bumping this since I posted it over the weekend.

Did you find a solution? :)

I'd be interested to hear too how you managed it :o)

I'm trying to work with SocialiteProviders/Stripe https://github.com/SocialiteProviders/Stripe as per Swaz on their original post.

I think my monitor might be going out the window very soon.

The user gets re-directed to the Stripe Connect site fine (I'm using my test API key)

    public function onboard()
{
    return Socialite::driver('stripe')->redirect();
}


    public function onboardResponse()
    {
        dd(Socialite::driver('stripe')->user());
    }

The response from DD is below. I think this does include the secret key for the now connected user.

But, where is the publishable key for the connected user? Stripe has given me everything back, bar the publishable key!

User {#330 ▼
  +token: "sk_test_zXXXXXXXXXXXXXX"
  +id: "acct_17QLSmCXXXXXXXXXXXXX"
  +nickname: null
  +name: null
  +email: null
  +avatar: null
  +"user": array:18 [▼
    "id" => "acct_17QLSXXXXXXXX"
    "object" => "account"
    "business_logo" => null
    "business_name" => null
    "business_url" => null
    "charges_enabled" => false
    "country" => "GB"
    "currencies_supported" => array:136 [▶]
    "default_currency" => "gbp"
    "details_submitted" => false
    "display_name" => null
    "email" => null
    "managed" => false
    "metadata" => []
    "statement_descriptor" => null
    "support_phone" => null
    "timezone" => "Europe/London"
    "transfers_enabled" => false
  ]
}

Looking back into the AbstractProvider.php from the core Socialite package (and referring to the Provider.php from Stripe SocialiteProviders package) , I can see that we are passing over as a POST to (https://connect.stripe.com/oauth/token) with the authorization code we received

That all looks correct to me, and we receive back the response.

    public function getAccessToken($code)
    {
        $postKey = (version_compare(ClientInterface::VERSION, '6') === 1) ? 'form_params' : 'body';

        $response = $this->getHttpClient()->post($this->getTokenUrl(), [
            'headers' => ['Accept' => 'application/json'],
            $postKey => $this->getTokenFields($code),
        ]);


        return $this->parseAccessToken($response->getBody());
    }

In fact, if I insert this DD into the getAccessToken method above

    dd(json_decode($response->getBody(), true));

Look what gets returned, only all the missing info !!! Why is Stripe Providers thinking we are only interested in the access_token. We need to save the other fields to our database as well.

  "access_token" => "sk_test_8jYXXXXXXXXXXX"
  "livemode" => false
  "refresh_token" => "rt_7fkLQ5hXkuXXXXXXXXXXXXXXXXXXXXX"
  "token_type" => "bearer"
  "stripe_publishable_key" => "pk_test_MFMIXXXXXXXXXXXX"
  "stripe_user_id" => "acct_15NqXXXXXXXXXXXXXXXX"
  "scope" => "read_write"

Does this mean there is a fault in SocialiteProviders/Stripe https://github.com/SocialiteProviders/Stripe

or am I just using it incorrectly (more likely)

In the end, I made my own version of SocialiteProviders/Stripe https://github.com/SocialiteProviders/Stripe

I added a couple of new methods, so now there is a new method called FullResponse(). This obtains the credentials we require - as opposed to just the user object.

    /**
     * {@inheritdoc}
     * added by aws
     */
    public function FullResponse()
    {
        if ($this->hasInvalidState()) {
            throw new InvalidStateException;
        }
        
            $token = $this->getAccessToken($this->getCode());

        return $token;


    /**
     * Get the access token for the given code.
     * added by aws
     * @param  string  $code
     * @return string
     */
    public function getAccessToken($code)
    {
        $postKey = (version_compare(ClientInterface::VERSION, '6') === 1) ? 'form_params' : 'body';

        $response = $this->getHttpClient()->post($this->getTokenUrl(), [
            'headers' => ['Accept' => 'application/json'],
            $postKey => $this->getTokenFields($code),
        ]);

        return json_decode($response->getBody(), true);

      //  return $this->parseAccessToken($response->getBody());
    }

    }

My controller has a the following methods

    public function onboard()
{
    return Socialite::driver('stripe')->redirect();
}
    
    public function onboardResponse(Request $request)
    {
        Auth::user()->Employer
                ->findorsave(Socialite::driver('stripe')
                ->FullResponse());
    }

Now an authenticated user can link a stripe account and the data is stored in my DB. (I need to add a try/catch to the above)

@upnorthal,

(I need to add a try/catch to the above)

Too catch stripe errors before anything gets saved to the DB in the onboardResponse controller method?

@upnorthal,

Thanks for posting your solution.

I just started using Laravel a month ago and creating a marketplace using the Laravel-Socialite-Stripe integration

Getting a frustrating error:

{"error":{"message":"No application matches the supplied client identifier"}}

Checked my clienID and secretKey to no avail.

Any help appreciated

Thank you

@Podger Did you figure out a solution to your problem?

@upnorthal any chance you could lend a hand? I'm trying to make my own StripeConnect provider and we're storing all Company integrations in a different table. The fields on the integrations table are name, company_id and data. The data column holds whatever response was returned from hitting the access_token_url with the authorization code returned in the URL after redirect.

For whatever reason, I can't seem to figure this out. Ideally a user would go to their integrations page, click a button which would take them to the StirpeConnect login / signup page (that part I've figured out), and then redirect to our app which would make a post to our API and then Socialite would be invoked, read the name of the service they want to integrate, make the call, get the response and save it.

Am I thinking about this wrong?