mirror of
https://github.com/pretix/pretix.git
synced 2026-05-07 15:34:02 +00:00
* ... * Upgrade Stripe API client * Implement account choice * Add disconnect and fix tests
This commit is contained in:
Raphael Michel
@@ -10,8 +10,12 @@ from django.conf import settings
|
||||
from django.contrib import messages
|
||||
from django.core import signing
|
||||
from django.template.loader import get_template
|
||||
from django.utils.translation import ugettext, ugettext_lazy as _
|
||||
from django.urls import reverse
|
||||
from django.utils.crypto import get_random_string
|
||||
from django.utils.http import urlquote
|
||||
from django.utils.translation import pgettext, ugettext, ugettext_lazy as _
|
||||
|
||||
from pretix import __version__
|
||||
from pretix.base.models import Event, Quota, RequiredAction
|
||||
from pretix.base.payment import BasePaymentProvider, PaymentException
|
||||
from pretix.base.services.mail import SendMailException
|
||||
@@ -19,6 +23,7 @@ from pretix.base.services.orders import mark_order_paid, mark_order_refunded
|
||||
from pretix.base.settings import SettingsSandbox
|
||||
from pretix.helpers.urls import build_absolute_uri as build_global_uri
|
||||
from pretix.multidomain.urlreverse import build_absolute_uri
|
||||
from pretix.plugins.stripe.forms import StripeKeyValidator
|
||||
from pretix.plugins.stripe.models import ReferencedStripeObject
|
||||
|
||||
logger = logging.getLogger('pretix.plugins.stripe')
|
||||
@@ -36,24 +41,6 @@ class RefundForm(forms.Form):
|
||||
)
|
||||
|
||||
|
||||
class StripeKeyValidator():
|
||||
def __init__(self, prefix):
|
||||
assert isinstance(prefix, str)
|
||||
assert len(prefix) > 0
|
||||
self._prefix = prefix
|
||||
|
||||
def __call__(self, value):
|
||||
if not value.startswith(self._prefix):
|
||||
raise forms.ValidationError(
|
||||
_('The provided key "%(value)s" does not look valid. It should start with "%(prefix)s".'),
|
||||
code='invalid-stripe-secret-key',
|
||||
params={
|
||||
'value': value,
|
||||
'prefix': self._prefix,
|
||||
},
|
||||
)
|
||||
|
||||
|
||||
class StripeSettingsHolder(BasePaymentProvider):
|
||||
identifier = 'stripe_settings'
|
||||
verbose_name = _('Stripe')
|
||||
@@ -65,17 +52,69 @@ class StripeSettingsHolder(BasePaymentProvider):
|
||||
self.settings = SettingsSandbox('payment', 'stripe', event)
|
||||
|
||||
def settings_content_render(self, request):
|
||||
return "<div class='alert alert-info'>%s<br /><code>%s</code></div>" % (
|
||||
_('Please configure a <a href="https://dashboard.stripe.com/account/webhooks">Stripe Webhook</a> to '
|
||||
'the following endpoint in order to automatically cancel orders when charges are refunded externally '
|
||||
'and to process asynchronous payment methods like SOFORT.'),
|
||||
build_global_uri('plugins:stripe:webhook')
|
||||
)
|
||||
if self.settings.connect_client_id and not self.settings.secret_key:
|
||||
# Use Stripe connect
|
||||
if not self.settings.connect_user_id:
|
||||
request.session['payment_stripe_oauth_event'] = request.event.pk
|
||||
if 'payment_stripe_oauth_token' not in request.session:
|
||||
request.session['payment_stripe_oauth_token'] = get_random_string(32)
|
||||
|
||||
return (
|
||||
"<p>{}</p>"
|
||||
"<a href='https://connect.stripe.com/oauth/authorize?response_type=code&client_id={}&state={}"
|
||||
"&scope=read_write&redirect_uri={}' class='btn btn-primary btn-lg'>{}</a>"
|
||||
).format(
|
||||
_('To accept payments via Stripe, you will need an account at Stripe. By clicking on the '
|
||||
'following button, you can either create a new Stripe account connect pretix to an existing '
|
||||
'one.'),
|
||||
self.settings.connect_client_id,
|
||||
request.session['payment_stripe_oauth_token'],
|
||||
urlquote(build_global_uri('plugins:stripe:oauth.return')),
|
||||
_('Connect with Stripe')
|
||||
)
|
||||
else:
|
||||
return (
|
||||
"<button formaction='{}' class='btn btn-danger'>{}</button>"
|
||||
).format(
|
||||
reverse('plugins:stripe:oauth.disconnect', kwargs={
|
||||
'organizer': self.event.organizer.slug,
|
||||
'event': self.event.slug,
|
||||
}),
|
||||
_('Disconnect from Stripe')
|
||||
)
|
||||
else:
|
||||
return "<div class='alert alert-info'>%s<br /><code>%s</code></div>" % (
|
||||
_('Please configure a <a href="https://dashboard.stripe.com/account/webhooks">Stripe Webhook</a> to '
|
||||
'the following endpoint in order to automatically cancel orders when charges are refunded externally '
|
||||
'and to process asynchronous payment methods like SOFORT.'),
|
||||
build_global_uri('plugins:stripe:webhook')
|
||||
)
|
||||
|
||||
@property
|
||||
def settings_form_fields(self):
|
||||
d = OrderedDict(
|
||||
[
|
||||
if self.settings.connect_client_id and not self.settings.secret_key:
|
||||
# Stripe connect
|
||||
if self.settings.connect_user_id:
|
||||
fields = [
|
||||
('connect_user_name',
|
||||
forms.CharField(
|
||||
label=_('Stripe account'),
|
||||
disabled=True
|
||||
)),
|
||||
('endpoint',
|
||||
forms.ChoiceField(
|
||||
label=_('Endpoint'),
|
||||
initial='live',
|
||||
choices=(
|
||||
('live', pgettext('stripe', 'Live')),
|
||||
('test', pgettext('stripe', 'Testing')),
|
||||
),
|
||||
)),
|
||||
]
|
||||
else:
|
||||
return {}
|
||||
else:
|
||||
fields = [
|
||||
('publishable_key',
|
||||
forms.CharField(
|
||||
label=_('Publishable key'),
|
||||
@@ -94,6 +133,9 @@ class StripeSettingsHolder(BasePaymentProvider):
|
||||
StripeKeyValidator('sk_'),
|
||||
),
|
||||
)),
|
||||
]
|
||||
d = OrderedDict(
|
||||
fields + [
|
||||
('ui',
|
||||
forms.ChoiceField(
|
||||
label=_('User interface'),
|
||||
@@ -146,7 +188,6 @@ class StripeSettingsHolder(BasePaymentProvider):
|
||||
)),
|
||||
] + list(super().settings_form_fields.items())
|
||||
)
|
||||
|
||||
d.move_to_end('_enabled', last=False)
|
||||
return d
|
||||
|
||||
@@ -175,9 +216,28 @@ class StripeMethod(BasePaymentProvider):
|
||||
places = settings.CURRENCY_PLACES.get(self.event.currency, 2)
|
||||
return int(order.total * 10 ** places)
|
||||
|
||||
@property
|
||||
def api_kwargs(self):
|
||||
if self.settings.connect_client_id and self.settings.connect_user_id:
|
||||
if self.settings.get('endpoint', 'live') == 'live':
|
||||
kwargs = {
|
||||
'api_key': self.settings.connect_secret_key,
|
||||
'stripe_account': self.settings.connect_user_id
|
||||
}
|
||||
else:
|
||||
kwargs = {
|
||||
'api_key': self.settings.connect_test_secret_key,
|
||||
'stripe_account': self.settings.connect_user_id
|
||||
}
|
||||
else:
|
||||
kwargs = {
|
||||
'api_key': self.settings.secret_key,
|
||||
}
|
||||
return kwargs
|
||||
|
||||
def _init_api(self):
|
||||
stripe.api_version = '2017-06-05'
|
||||
stripe.api_key = self.settings.get('secret_key')
|
||||
stripe.api_version = '2018-02-28'
|
||||
stripe.set_app_info("pretix", version=__version__, url="https://pretix.eu")
|
||||
|
||||
def checkout_confirm_render(self, request) -> str:
|
||||
template = get_template('pretixplugins/stripe/checkout_payment_confirm.html')
|
||||
@@ -199,7 +259,8 @@ class StripeMethod(BasePaymentProvider):
|
||||
'code': order.code
|
||||
},
|
||||
# TODO: Is this sufficient?
|
||||
idempotency_key=str(self.event.id) + order.code + source
|
||||
idempotency_key=str(self.event.id) + order.code + source,
|
||||
**self.api_kwargs
|
||||
)
|
||||
except stripe.error.CardError as e:
|
||||
if e.json_body:
|
||||
@@ -330,7 +391,7 @@ class StripeMethod(BasePaymentProvider):
|
||||
return
|
||||
|
||||
try:
|
||||
ch = stripe.Charge.retrieve(payment_info['id'])
|
||||
ch = stripe.Charge.retrieve(payment_info['id'], **self.api_kwargs)
|
||||
ch.refunds.create()
|
||||
ch.refresh()
|
||||
except (stripe.error.InvalidRequestError, stripe.error.AuthenticationError, stripe.error.APIConnectionError) \
|
||||
@@ -426,7 +487,7 @@ class StripeCC(StripeMethod):
|
||||
|
||||
if request.session['payment_stripe_token'].startswith('src_'):
|
||||
try:
|
||||
src = stripe.Source.retrieve(request.session['payment_stripe_token'])
|
||||
src = stripe.Source.retrieve(request.session['payment_stripe_token'], **self.api_kwargs)
|
||||
if src.type == 'card' and src.card and src.card.three_d_secure == 'required':
|
||||
request.session['payment_stripe_order_secret'] = order.secret
|
||||
source = stripe.Source.create(
|
||||
@@ -521,6 +582,7 @@ class StripeGiropay(StripeMethod):
|
||||
'hash': hashlib.sha1(order.secret.lower().encode()).hexdigest(),
|
||||
})
|
||||
},
|
||||
**self.api_kwargs
|
||||
)
|
||||
return source
|
||||
finally:
|
||||
@@ -577,6 +639,7 @@ class StripeIdeal(StripeMethod):
|
||||
'hash': hashlib.sha1(order.secret.lower().encode()).hexdigest(),
|
||||
})
|
||||
},
|
||||
**self.api_kwargs
|
||||
)
|
||||
return source
|
||||
|
||||
@@ -618,6 +681,7 @@ class StripeAlipay(StripeMethod):
|
||||
'hash': hashlib.sha1(order.secret.lower().encode()).hexdigest(),
|
||||
})
|
||||
},
|
||||
**self.api_kwargs
|
||||
)
|
||||
return source
|
||||
|
||||
@@ -676,6 +740,7 @@ class StripeBancontact(StripeMethod):
|
||||
'hash': hashlib.sha1(order.secret.lower().encode()).hexdigest(),
|
||||
})
|
||||
},
|
||||
**self.api_kwargs
|
||||
)
|
||||
return source
|
||||
finally:
|
||||
@@ -746,6 +811,7 @@ class StripeSofort(StripeMethod):
|
||||
'hash': hashlib.sha1(order.secret.lower().encode()).hexdigest(),
|
||||
})
|
||||
},
|
||||
**self.api_kwargs
|
||||
)
|
||||
return source
|
||||
|
||||
|
||||
Reference in New Issue
Block a user