如何在iOS应用中使用Stripe Connect [英] How to use Stripe Connect in an iOS app

问题描述

使用Stripe连接iOS应用程序是否有人成功。我有几个问题：

Has anyone had success using Stripe connect with an iOS app. I have a few questions:

我遵循这里的指导原则： https://stripe.com/docs/connect/getting-started

I'm following the guidelines here: https://stripe.com/docs/connect/getting-started

注册应用程序：这里很简单，没问题

Registering an Application: easy, no problem here

然后再往下走一点：

将您的用户发送到Stripe：再次，这里没问题，我只需打开一个按钮UIWebView中的链接。我假设URL中的client_id很好吗？很多我的不确定性是我应该在应用程序中硬编码的ID /密钥

Send your users to Stripe: again, easy no problem here, I just have a button that opens up the link in a UIWebView. I assume having the client_id in the URL is fine? A lot of my uncertainty is what IDs/keys I should hard-code into the app

然后再往下一点：

用户连接或创建Stripe帐户后，我们会将它们重定向回您在应用程序设置中使用代码参数或错误设置的redirect_uri。

After the user connects or creates a Stripe account, we'll redirect them back to the redirect_uri you set in yourapplication settings with a code parameter or an error.

我在这里做的是使用UIWebview的webView：shouldStartLoadWithReqest：navigationType委托方法来检查URL中的字符串code =。如果它找到了，那么我就能抓住代码参数。所以实际上，redirect_uri对我来说完全没必要。这是处理这个问题的正确方法吗？我应该在我的应用程序内还是在我的服务器上执行此操作？

What I'm doing here is using the UIWebview's webView:shouldStartLoadWithReqest:navigationType delegate method to check for the string "code=" in the URL. If it finds that, then I'm able to grab the "code" parameter. So in reality, the redirect_uri is completely unnecessary for me. Is this the right way to handle this? Should I be doing this within my app or on my server?

收到代码后，我们应该进行POST调用以接收access_token。再次，这应该在应用程序内还是在服务器上完成？它需要使用secret_key，所以我猜服务器？如果需要将令牌发送到服务器，如何发送信用卡信息以及此令牌？我知道如何获得卡号，exp日期和CVV。但是将它传递给服务器（有或没有令牌）是我不确定的。

After receiving the code, we are supposed to make a POST call to receive an access_token. Again, should this be done within the app or on the Server? It requires the use of a secret_key, so I'm guessing server? And how do I send credit card information along with this token if the token needs to be sent to the server? I know how to obtain the card number, exp date, and CVV. But in terms of passing it to the server (with or without the token) is something I'm not sure of.

那么当涉及到实际编写PHP时，Ruby或者服务器上的Python代码，我完全失去了。

Then when it comes to actually writing PHP, Ruby, or Python code on the server, I'm at a total loss.

任何帮助都将不胜感激。

Any help would be greatly appreciated.

推荐答案

您应该设置一个小型Web应用程序来创建条带费用并为您存储客户授权码。在您的网络应用中为 redirect_uri 和 webhook_uri 配置两条路线，并在条纹应用设置。收费应该从服务器端应用程序创建，因为它需要secret_key / authorization_code，不应该存储在iPad应用程序中。否则他们可能会导致安全漏洞。我试图描述以下概念：

You should setup a small web app to create stripe charges and storing you customers Authorization Code. Configure two routes in your web app for redirect_uri and webhook_uri and add the url in your Stripe Apps settings. The charges should be created from a server side app because it requires the secret_key / authorization_code which should not be stored in an iPad app. Otherwise they may lead to a security leak. I'm trying to describe the concept below:

1. 提供条带连接按钮在您的应用中，并将链接设置为在Safari中打开（不在Web视图中）。您应该使用 id 将州参数添加到网址中，这对用户来说是唯一的。

1. Provide the stripe connect button in your app and set the link to open in Safari (not in an web view). You should add a state parameter to the url with an id which is unique to your users.

点击按钮后，您的用户将被重定向到Stripe，在那里他/她将被要求授权您的应用程序。授权后，条带将使用 authorization_code 和状态 redirect_uri c>您之前提供的。根据Stripe Documentation使用 authorization_code 进行一次后期调用，以获得 access_token 。将 access_token 与州映射到数据库中。

On tapping the button your user will be redirected to Stripe where s/he will be asked to authorize your application. Upon authorization stripe will hit your redirect_uri with a authorization_code and the state you previously provided. Do a post call according to Stripe Documentation with the authorization_code to get an access_token. Store the access_token mapped with the state in a database.

在您的应用中定义自定义网址方案。从您的网络应用调用自定义网址。用户应该在移动野生动物园中打开网址。因此，调用自定义URL将重新打开您的应用程序。您可以传递其他参数以指示失败/成功。在您的应用中，根据此参数更新视图。

Define a custom url scheme in your app. Invoke the custom url from your web app. The user supposed to open the url in mobile safari. So invoking the custom url will reopen your application. You can pass an additional parameter to indicate failure / success. In your app update the view based on this parameter.

现在，您已准备好代表iPad用户在服务器上创建费用。使用条带iOS sdk从卡信息生成 card_token 。它需要你的条带 publishable_key 。然后在您的网络应用中定义一个api，它带有3个参数： card_token ， user_id 和金额。无论何时想要收费，都可以从iPad应用程序中调用此api。如果您担心使用任何标准加密方法的安全性，也可以使用密钥加密此信息。您可以在知道密钥的情况下轻松解密网络应用中的信息。

Now you are all set to create a charge on your server on behalf of the iPad user. Use stripe iOS sdk to generate a card_token from the card information. It'll require your stripe publishable_key. Then define an api in your web app which takes 3 parameters: card_token, user_id and amount. Call this api from your iPad app whenever you want to create a charge. You can also encrypt this information with a key if you're worried about security using any standard encryption method. You can easily decrypt the info in your web app as you know the key.

当从iPad应用程序调用此API时，您将收到 user_id （您之前保存为州）， card_token 和量。检索映射到 user_id （或状态）的 access_token 。然后，您可以使用 access_token ， card_token 和金额代表用户付费。

When this api is called from the iPad app you'll receive the user_id (which you saved as state previously), card_token and amount. Retrieve the access_token mapped to the user_id (or state). You can then made a charge on behalf of the user using the access_token, card_token and amount.

您可以在服务器中使用ruby / php / python / node作为Stripe为他们提供sdk。我假设可以使用其他语言以及REST接口。

You can use ruby / php / python / node in the server as Stripe provides sdk for them. I assume other languages can be used as well as there is a REST interface.

请注意，这只是一个概念。它应该像它一样工作，但我还没有实现它。我完成后，我会用示例代码更新这个答案。

Please note that this is just a concept. It should work like it but I haven't implemented it yet. I'll update this answer with sample code when I'm done.

这篇关于如何在iOS应用中使用Stripe Connect的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！