You did not provide an API key.

1498 views
Skip to first unread message

Phillip Senn

unread,
May 19, 2015, 11:38:57 AM5/19/15
to cfpa...@googlegroups.com
cfpayment works! Yay!
I got it to work! Yay!


The reason I'm doing a proof-of-concept with cfpayment is because I tried Ben Nadel's stripe example at
and I got it to working, but when I tried it on a different server, it stopped working.

I'd kinda like to get my SimpleStripe program working again just because I understand it and it doesn't post the user's credit card info over http.

Although I see the benefits of having other payment gateways like Paypal and Braintree.


Everything works as advertised until I get to the action page and I do
<cfhttp 
method="post"
username="#Stripe.SecretKey#">
<cfhttpparam type="formfield" name="amount" value="#form.amount#">
<cfhttpparam type="formfield" name="currency" value="usd">
<cfhttpparam type="formfield" name="card" value="#form.card#">
<cfhttpparam type="formfield" name="description" value="Example: #form.email#">
</cfhttp>

and then it returns with:

You did not provide an API key. You need to provide your API key in the Authorization header, using Bearer auth (e.g. 'Authorization: Bearer YOUR_SECRET_KEY'). See https://stripe.com/docs/api#authentication for details, or we can help at https://support.stripe.com/.


Now, here's the interesting part:
It works on my hostek.com server, but it doesn't work on my hostmysite.com server!
I know! Weird isn't it?



Here's the opening page:
<cfoutput>
<cfinclude template="/Inc/header.cfm">
<h1> Accepting Online Payments With Stripe </h1>
<form method="post" action="SimpleStripeAction.cfm">
<label for="PersonName">Name:</label>
<input id="PersonName" name="PersonName" value="Phillip Senn">
<label for="Email">Email:</label>
<input type="email" id="Email" name="Email" value="Phill...@gmail.com">
<label for="amount">amount:</label>
<select id="amount" name="amount">
<option value="100">$1.00</option>
<option value="200">$2.00</option>
<option value="300">$3.00</option>
<option value="400">$4.00</option>
<option value="500">$5.00</option>
</select>

<label>Credit Card:
<input data-stripe="number" value="4242424242424242">
</label>

<label>Expiration:
<input data-stripe="exp-month" size="2" value="12">
<input data-stripe="exp-year" size="4" value="2015"> <em>(MM/YYYY)</em>
</label>
<label>Security Code:
<input data-stripe="cvc" value="1234">
</label>
<p>
<button type="button" name="Save">Purchase!</button>
</p>
</form>
<script src="https://js.stripe.com/v2/"></script>
<cfinclude template="/Passwords/Stripe.cfm">
<p hidden id="PublishableKey">#Stripe.PublishableKey#</p>
<cfinclude template="/Inc/footer.cfm">
</cfoutput>

And here's my JavaScript:

Stripe.setPublishableKey($('#PublishableKey').text())
dom.form = $('form')
dom.Save = $('[name=Save]')

;(function() {
$(document).on('click','[name=Save]',clicked)
function clicked() {
$(this).prop('disabled',true)
Stripe.card.createToken(dom.form,done) // Ask Stripe to create a one time token before truly submitting the form.
}
function done(status, response) {
if (response.error) {
dom.form.find('[name=Save]').removeAttr('disabled') // Enabled
dom.msg.text(response.error.message).addClass('label-danger') // You must supply either a card, customer, or bank account to create a token.
return
}
dom.form.append($('<input type="hidden" name="card">').val(response.id))
dom.form.submit()
}
})();


;(function() {
$(document).on('change','[name=PersonName]',changed)
function changed() {
dom.msg.removeClass('label-info').empty()
if ($(this).val().length === 0) {
dom.msg.text('Please enter a name').addClass('label-info')
dom.Save.prop('disabled',true)
} else {
dom.Save.prop('disabled',false)
}
}
})();


And here's SimpleStripeAction.cfm:

<cfscript>
if (!Len(form.PersonName)) {
request.msg = 'Custom msg: Please enter your name.';
}
if (!isValid('email', form.email)) {
request.msg = 'Custom msg: Please enter a valid Email.';
}
if (form.amount < 1) {
request.msg = 'Custom msg: Please select an amount.';
}
if (isDefined('form.card')) {
if (NOT Len(form.card)) {
request.msg = 'Custom msg: Something went wrong with your credit card information. Please double-check it.';
}
} else {
request.msg = 'Custom msg: Missing form.card.';
}
include '/Passwords/Stripe.cfm';
</cfscript>

<cfif (request.msg == '')>
<cfhttp 
method="post"
username="#Stripe.SecretKey#">
<cfhttpparam type="formfield" name="amount" value="#form.amount#"> <!--- in cents --->
<cfhttpparam type="formfield" name="currency" value="usd">
<cfhttpparam type="formfield" name="card" value="#form.card#"> <!--- This was populated by JavaScript --->
<!---
A description of the transaction to show up in OUR records for tracking purposes. 
It is considered a good practice to add the Email address here in order to follow up if necessary. 
--->
<cfhttpparam type="formfield" name="description" value="Whatever you want goes here. (Example: #form.email#)">
</cfhttp>
<cfset response = deserializeJSON(cfhttp.fileContent)>
</cfif>

<cfscript>
if (isDefined('response.error')) {
request.msg = response.error.message;
}
if (request.msg != '') {
request.mod = 'label-danger';
}
</cfscript>

<cfoutput>
<cfinclude template="/Inc/header.cfm">
<cfif isDefined('response.id')>
<table>
<tr>
<td>response.id</td>
<td>#response.id#</td>
</tr>
<tr>
<td>response.object</td>
<td>#response.object#</td>
</tr>
<tr>
<td>response.created</td>
<td>#response.created#</td>
</tr>
<tr>
<td>response.livemode</td>
<td>#response.livemode#</td>
</tr>
<tr>
<td>response.paid</td>
<td>#response.paid#</td>
</tr>
<tr>
<td>response.amount</td>
<td>#response.amount#</td>
</tr>
<tr>
<td>response.currency</td>
<td>#response.currency#</td>
</tr>
<tr>
<td>response.refunded</td>
<td>#response.refunded#</td>
</tr>



<tr>
<td>response.captured</td>
<td>#response.captured#</td>
</tr>

<tr>
<td>response.balance_transaction</td>
<td>#response.balance_transaction#</td>
</tr>

<tr>
<td>response.failure_code</td>
<td>#response.failure_code#</td>
</tr>

<tr>
<td>response.description</td>
<td>#response.description#</td>
</tr>

<tr>
<td>response.dispute</td>
<td>#response.dispute#</td>
</tr>


<tr>
<td colspan="2">response.metadata</td>
</tr>


<tr>
<td>response.receipt_email</td>
<td>#response.receipt_email#</td>
</tr>

<tr>
<td>response.receipt_number</td>
<td>#response.receipt_number#</td>
</tr>

</table>
<!---
<table>
<cfloop from="1" to="#ArrayLen(response.fee_details)#" index="i">
<tr>
<td>response.fee_details[#i#].amount</td>
<td>#response.fee_details[i].amount#</td>
</tr>

<tr>
<td>response.fee_details[#i#].currency</td>
<td>#response.fee_details[i].currency#</td>
</tr>

<tr>
<td>response.fee_details[#i#].type</td>
<td>#response.fee_details[i].type#</td>
</tr>

<tr>
<td>response.fee_details[#i#].description</td>
<td>#response.fee_details[i].description#</td>
</tr>

<tr>
<td>response.fee_details[#i#].application</td>
<td>#response.fee_details[i].application#</td>
</tr>

<tr>
<td>response.fee_details[#i#].amount_refunded</td>
<td>#response.fee_details[i].amount_refunded#</td>
</tr>
</cfloop>
</table>
--->
<table>
<tr>
</tr>
<tr>
<td>response.card.object</td>
<td>#response.card.object#</td>
</tr>
<tr>
<td>response.card.last4</td>
<td>#response.card.last4#</td>
</tr>
<tr>
<td>response.card.brand</td>
<td>#response.card.brand#</td>
</tr>
<tr>
<td>response.card.funding</td>
<td>#response.card.funding#</td>
</tr>
<tr>
<td>response.card.exp_month</td>
<td>#response.card.exp_month#</td>
</tr>
<tr>
<td>response.card.exp_year</td>
<td>#response.card.exp_year#</td>
</tr>
<tr>
<td>response.card.fingerprint</td>
<td>#response.card.fingerprint#</td>
</tr>
<tr>
<td>response.card.country</td>
<td>#response.card.country#</td>
</tr>
<tr>
<td>response.card.address_city</td>
<td>#response.card.address_city#</td>
</tr>
<tr>
<td>response.card.cvc_check</td>
<td>#response.card.cvc_check#</td>
</tr>
<tr>
<td>response.card.customer</td>
<td>#response.card.customer#</td>
</tr>
</table>
</cfif>
<cfinclude template="/Inc/footer.cfm">
</cfoutput>



Gee, after posting all that I hope it's not a dumb dumb solution like "You forget x", but what the heck.

Phillip Senn

unread,
May 19, 2015, 2:56:44 PM5/19/15
to cfpa...@googlegroups.com
<cfif (request.msg EQ '')>

Brian G

unread,
May 19, 2015, 7:27:34 PM5/19/15
to cfpa...@googlegroups.com, phill...@gmail.com

You might consider popping open the stripe gateway and looking at how it makes the calls to see if there is something different? A quick review of the process() method suggests you need to pass your secret key as a custom Authorization header in the format "Bearer #SecretKey#".

HTH,

Brian

Phillip Senn

unread,
May 20, 2015, 2:55:52 PM5/20/15
to cfpa...@googlegroups.com, phill...@gmail.com
Yay! It works!


OK, #1: I have now changed my Google groups setting to "Email me immediately" so that when people reply I'm not wondering "How come nobody's replying?"


#2: Brian, you are absolutely right.
I did this:
svc = new http();
svc.setMethod('post');
svc.setCharset('utf-8');
svc.addParam(type='header', name='Authorization', value='Bearer #Stripe.mySecretKey#');
svc.addParam(type='formfield', name='amount', value=form.amount);
svc.addParam(type='formfield', name='currency', value='usd');
svc.addParam(type='formfield', name='card', value='#form.card#');
svc.addParam(type='formfield', name='description', value='#form.email#');
response = svc.send().getPrefix();
writedump(response);

and it worked.

#3 The people in the #stripe channel on IRC are great.
I used https://webchat.freenode.net/ in Google Chrome and I didn't need an IRC client.

James Schiller

unread,
Jul 5, 2020, 2:26:49 AM7/5/20
to cfpayment
A similar problem was happening for me. One day it was working and the next not. The problem turned out to be the placement of the dotenv library require. I had it on line 3, when it should go on line 1 before stripe require. I was debugging with a breakpoint set later down in the code on line > 3 and the environment variable seemed to be getting set, tricky. It needed to get set right away during stripe require. However, when I moved the breakpoing up to line 2, I could see the environment variable was not being set. I must have accidentally moved the dotenv require below it on line 3 after the first time it worked! Hopefully this can help someone else led to this thread.

1. require("dotenv").config();
2. const stripe = require("stripe")(process.env.STRIPE_SECRET_KEY);
3.   
Reply all
Reply to author
Forward
0 new messages