You did not provide an API key.

Phillip Senn

unread,

May 19, 2015, 11:38:57 AM5/19/15

to cfpa...@googlegroups.com

cfpayment works! Yay!

I got it to work! Yay!

The reason I'm doing a proof-of-concept with cfpayment is because I tried Ben Nadel's stripe example at

http://www.bennadel.com/blog/2286-Accepting-PCI-Compliant-Payments-Without-A-Merchant-Account-Using-Stripe-And-ColdFusion.htm

and I got it to working, but when I tried it on a different server, it stopped working.

I'd kinda like to get my SimpleStripe program working again just because I understand it and it doesn't post the user's credit card info over http.

Although I see the benefits of having other payment gateways like Paypal and Braintree.

Everything works as advertised until I get to the action page and I do

<cfhttp

method="post"

url="https://api.stripe.com/v2/charges"

username="#Stripe.SecretKey#">

</cfhttp>

and then it returns with:

You did not provide an API key. You need to provide your API key in the Authorization header, using Bearer auth (e.g. 'Authorization: Bearer YOUR_SECRET_KEY'). See https://stripe.com/docs/api#authentication for details, or we can help at https://support.stripe.com/.

Now, here's the interesting part:

It works on my hostek.com server, but it doesn't work on my hostmysite.com server!

I know! Weird isn't it?

Here's the opening page:

<h1> Accepting Online Payments With Stripe </h1>

<label for="Email">Email:</label>

<label for="amount">amount:</label>

</select>

<label>Credit Card:

</label>

<label>Expiration:

</label>

<label>Security Code:

</label>

<p>

<button type="button" name="Save">Purchase!</button>

</p>

</form>

<p hidden id="PublishableKey">#Stripe.PublishableKey#</p>

</cfoutput>

And here's my JavaScript:

Stripe.setPublishableKey($('#PublishableKey').text())

dom.form = $('form')

dom.Save = $('[name=Save]')

;(function() {

$(document).on('click','[name=Save]',clicked)

function clicked() {

$(this).prop('disabled',true)

Stripe.card.createToken(dom.form,done) // Ask Stripe to create a one time token before truly submitting the form.

}

function done(status, response) {

if (response.error) {

dom.form.find('[name=Save]').removeAttr('disabled') // Enabled

dom.msg.text(response.error.message).addClass('label-danger') // You must supply either a card, customer, or bank account to create a token.

return

}

dom.form.append($('<input type="hidden" name="card">').val(response.id))

dom.form.submit()

}

})();

;(function() {

$(document).on('change','[name=PersonName]',changed)

function changed() {

dom.msg.removeClass('label-info').empty()

if ($(this).val().length === 0) {

dom.msg.text('Please enter a name').addClass('label-info')

dom.Save.prop('disabled',true)

} else {

dom.Save.prop('disabled',false)

}

})();

And here's SimpleStripeAction.cfm:

if (!Len(form.PersonName)) {

request.msg = 'Custom msg: Please enter your name.';

}

if (!isValid('email', form.email)) {

request.msg = 'Custom msg: Please enter a valid Email.';

}

if (form.amount < 1) {

request.msg = 'Custom msg: Please select an amount.';

}

if (isDefined('form.card')) {

if (NOT Len(form.card)) {

request.msg = 'Custom msg: Something went wrong with your credit card information. Please double-check it.';

}

} else {

request.msg = 'Custom msg: Missing form.card.';

}

include '/Passwords/Stripe.cfm';

</cfscript>

<cfhttp

method="post"

url="https://api.stripe.com/v1/charges"

username="#Stripe.SecretKey#">

<!---

A description of the transaction to show up in OUR records for tracking purposes.

It is considered a good practice to add the Email address here in order to follow up if necessary.

--->

</cfhttp>

</cfif>

if (isDefined('response.error')) {

request.msg = response.error.message;

}

if (request.msg != '') {

request.mod = 'label-danger';

}

</cfscript>

<table>

<tr>

<td>response.id</td>

<td>#response.id#</td>

</tr>

<tr>

<td>response.object</td>

<td>#response.object#</td>

</tr>

<tr>

<td>response.created</td>

<td>#response.created#</td>

</tr>

<tr>

<td>response.livemode</td>

<td>#response.livemode#</td>

</tr>

<tr>

<td>response.paid</td>

<td>#response.paid#</td>

</tr>

<tr>

<td>response.amount</td>

<td>#response.amount#</td>

</tr>

<tr>

<td>response.currency</td>

<td>#response.currency#</td>

</tr>

<tr>

<td>response.refunded</td>

<td>#response.refunded#</td>

</tr>

<tr>

<td>response.captured</td>

<td>#response.captured#</td>

</tr>

<tr>

<td>response.balance_transaction</td>

<td>#response.balance_transaction#</td>

</tr>

<tr>

<td>response.failure_code</td>

<td>#response.failure_code#</td>

</tr>

<tr>

<td>response.description</td>

<td>#response.description#</td>

</tr>

<tr>

<td>response.dispute</td>

<td>#response.dispute#</td>

</tr>

<tr>

<td colspan="2">response.metadata</td>

</tr>

<tr>

<td>response.receipt_email</td>

<td>#response.receipt_email#</td>

</tr>

<tr>

<td>response.receipt_number</td>

<td>#response.receipt_number#</td>

</tr>

</table>

<!---

<table>

<tr>

<td>response.fee_details[#i#].amount</td>

<td>#response.fee_details[i].amount#</td>

</tr>

<tr>

<td>response.fee_details[#i#].currency</td>

<td>#response.fee_details[i].currency#</td>

</tr>

<tr>

<td>response.fee_details[#i#].type</td>

<td>#response.fee_details[i].type#</td>

</tr>

<tr>

<td>response.fee_details[#i#].description</td>

<td>#response.fee_details[i].description#</td>

</tr>

<tr>

<td>response.fee_details[#i#].application</td>

<td>#response.fee_details[i].application#</td>

</tr>

<tr>

<td>response.fee_details[#i#].amount_refunded</td>

<td>#response.fee_details[i].amount_refunded#</td>

</tr>

</cfloop>

</table>

--->

<table>

<tr>

<td>response.card.id</td>

<td>#response.card.id#</td>

</tr>

<tr>

<td>response.card.object</td>

<td>#response.card.object#</td>

</tr>

<tr>

<td>response.card.last4</td>

<td>#response.card.last4#</td>

</tr>

<tr>

<td>response.card.brand</td>

<td>#response.card.brand#</td>

</tr>

<tr>

<td>response.card.funding</td>

<td>#response.card.funding#</td>

</tr>

<tr>

<td>response.card.exp_month</td>

<td>#response.card.exp_month#</td>

</tr>

<tr>

<td>response.card.exp_year</td>

<td>#response.card.exp_year#</td>

</tr>

<tr>

<td>response.card.fingerprint</td>

<td>#response.card.fingerprint#</td>

</tr>

<tr>

<td>response.card.country</td>

<td>#response.card.country#</td>

</tr>

<tr>

<td>response.card.address_city</td>

<td>#response.card.address_city#</td>

</tr>

<tr>

<td>response.card.cvc_check</td>

<td>#response.card.cvc_check#</td>

</tr>

<tr>

<td>response.card.customer</td>

<td>#response.card.customer#</td>

</tr>

</table>

</cfif>

</cfoutput>

Gee, after posting all that I hope it's not a dumb dumb solution like "You forget x", but what the heck.

Phillip Senn

unread,

May 19, 2015, 2:56:44 PM5/19/15

to cfpa...@googlegroups.com

Brian G

unread,

May 19, 2015, 7:27:34 PM5/19/15

to cfpa...@googlegroups.com, phill...@gmail.com

You might consider popping open the stripe gateway and looking at how it makes the calls to see if there is something different? A quick review of the process() method suggests you need to pass your secret key as a custom Authorization header in the format "Bearer #SecretKey#".

HTH,

Brian

Phillip Senn

unread,

May 20, 2015, 2:55:52 PM5/20/15

to cfpa...@googlegroups.com, phill...@gmail.com

Yay! It works!

OK, #1: I have now changed my Google groups setting to "Email me immediately" so that when people reply I'm not wondering "How come nobody's replying?"

#2: Brian, you are absolutely right.

I did this:

svc = new http();

svc.setMethod('post');

svc.setCharset('utf-8');

svc.setUrl('https://api.stripe.com/v1/charges');

svc.addParam(type='header', name='Authorization', value='Bearer #Stripe.mySecretKey#');

svc.addParam(type='formfield', name='amount', value=form.amount);

svc.addParam(type='formfield', name='currency', value='usd');

svc.addParam(type='formfield', name='card', value='#form.card#');

svc.addParam(type='formfield', name='description', value='#form.email#');

response = svc.send().getPrefix();

writedump(response);

and it worked.

#3 The people in the #stripe channel on IRC are great.

I used https://webchat.freenode.net/ in Google Chrome and I didn't need an IRC client.

James Schiller

unread,

Jul 5, 2020, 2:26:49 AM7/5/20

to cfpayment

A similar problem was happening for me. One day it was working and the next not. The problem turned out to be the placement of the dotenv library require. I had it on line 3, when it should go on line 1 before stripe require. I was debugging with a breakpoint set later down in the code on line > 3 and the environment variable seemed to be getting set, tricky. It needed to get set right away during stripe require. However, when I moved the breakpoing up to line 2, I could see the environment variable was not being set. I must have accidentally moved the dotenv require below it on line 3 after the first time it worked! Hopefully this can help someone else led to this thread.

1. require("dotenv").config();

2. const stripe = require("stripe")(process.env.STRIPE_SECRET_KEY);

3.

Reply all

Reply to author

Forward