#oranges13-php
hasty marsh
Hi!
This has been.. a battle. I've talked to many of you over the course of days. I do not know what to do.
zenith eagle
If I remember where we last left off - it seemed like the switch over to guzzle was related right?
hasty marsh
That's what started all of this yes. But your stripe-php library does not use Guzzle.
Here's an example I just tried:
$stripe = new \Stripe\StripeClient(config('services.stripe.secret'));
$customerSource = $stripe->customers->retrieve('cus...', ['expand' => ['default_source'], 'api_key' => config('services.stripe.secret')])->default_source;
This resulted in the "OPtions found in params" error. So I changed it to:
$stripe = new \Stripe\StripeClient(config('services.stripe.secret'));
$customerSource = $stripe->customers->retrieve('cus...', ['expand' => ['default_source']], ['api_key' => config('services.stripe.secret')])->default_source;
Note that api_key is now in it's own array as the 3rd param. This resulted in the "You did not provide an API Key" error
Initially, I only had the api key in the stripeclient initialization but that also resulted in the api key error
Which.. this is interesting. If I try to provoke the options error manually, it only gives me that issue if the API key is set up properly. If I pass the api key in the options array without having set up the stripeclient the right way (with a blank api key for example), it gives a different error.
zenith eagle
what happens when you do
$stripe = new \Stripe\StripeClient();
$customerSource = $stripe->customers->retrieve('cus...', ['expand' => ['default_source']], ['api_key' => <HARDCODE YOUR API KEY ])->default_source;
locally that works with config or otherwise I am.. not anxious to unset the api key on my live site
zenith eagle
What do you mean by "locally that works with config"? Are you saying that this does work locally, just not in your live site?
hasty marsh
I hard coded it into the second line and still received the API key error
local development, we can't provoke this error
it's only happening on production, only in certain places, even when we hard code the api key into these calls they fail
it doesn't make any sense
zenith eagle
Let's try something else - what do you get when you do this:
$stripe = new \Stripe\StripeClient(config('services.stripe.secret'));
echo $stripe->getApiKey();
is there a way to obfuscate that? I'd prefer not to do that in my logs
I guess I could just truncate it manually
zenith eagle
Yeah maybe just limit it to the last 4 digits or something along those lines
hasty marsh
I logged the last 5 digits and it appears correct
zenith eagle
and that's still resulting in the "You did not provide an API Key" error, right?
hasty marsh
Yes.
I just tried
$customerSource = (new \Stripe\StripeClient)->customers->retrieve($subscription->getCustomerId(), ['expand' => ['default_source']], ['api_key' => config('services.stripe.secret')]);
same thing ๐
drifting rain
Hi ๐
I'm jumping in as @zenith eagle needs to step away
So let me get this straight.
- Everything works locally
- Production is where the issues ares
Where in the process is the error thrown
hasty marsh
Hi Snufkin
We are responding to a stripe webhook. Our system receives it and processes it and then we are responding by doing some stuff, part of that requires we pull the customer object so we can update their data in our system
So I'm trying to retrieve the customer object
drifting rain
Okay. And the error that is getting thrown has to do with the API key?
hasty marsh
Yes. Regardless of how I attempt to provide it, the system responds with You did not provide an API key. You need to provide your API key in the Authorization header, using Bearer auth (e.g. 'Authorization: Bearer YOUR_SECRET_KEY '). See https://stripe.com/docs/api#authentication for details, or we can help at https://support.stripe.com/.
drifting rain
Okay well my first thought is that there is a lot of things happening in the same line of code. It might help us track down the issue if we separated them out a bit
hasty marsh
I ahve tried that too.
drifting rain
Like, instantiating the Stripe client separately, getting the Customer ID in it's own variable, etc.
Is there a reason you don't instantiate the Stripe client with the API key?
hasty marsh
we do, this is the evolution of trying everything
I got a different error if I didn't instantiate it with the api key but I'm afraid of doing that on production so I'm trying it inline like that
drifting rain
And I'm guessing, since it isn't authenticated, the failing API request isn't showing up in your account logs?
hasty marsh
correct
ok, trying this:
$stripe = new \Stripe\StripeClient(config('services.stripe.secret'));
$customerId = $subscription->getCustomerId();
$customer = $stripe->customers->retrieve($customerId);
``` (even though we need the default source)ok that just failed, same error
You did not provide an API key. You need to provide your API key in the Authorization header, using Bearer auth (e.g. 'Authorization: Bearer YOUR_SECRET_KEY '). See https://stripe.com/docs/api#authentication for details, or we can help at https://support.stripe.com/.
drifting rain
And assigning the key to it's own variable and logging it prior to instantiating the Stripe client?
hasty marsh
And yeah, I can try hard coding the api key too but we have tried that, repeatedly, and it changes nothing
drifting rain
$key = config('services.stripe.secret');
echo $key
I just went ahead and put it right in there
$stripe = new \Stripe\StripeClient('sk_live......');
drifting rain
And that gives the same error?
hasty marsh
Yup, that just failed too
same exact error
I also tried $stripe = new \Stripe\StripeClient(['api_key' => 'sk_live...']); same problem
drifting rain
Hmmm ....
hasty marsh
That's pretty much as direct as we can get it. You can see why we are frusstrated ๐ฆ
drifting rain
Yeah, I get that
Here's my default PHP snippet I use to test if my environment is configured to make Stripe requests:
require './vendor/autoload.php';
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__);
$dotenv->load();
$key = $_ENV['STRIPE_SECRET_KEY'];
$stripe = new Stripe\StripeClient($key);
$balance = $stripe->balance->retrieve();
echo $balance;
Well we are using stripe across our application. Everything else is working ๐ข
We have had this error crop up in a few different instances, usually explicitly adding the api key to the options in the call works, it's just refusing to work here.
Which.. the key is hard coded itno the file.
I don't get it.
drifting rain
Me neither. Have you tried clearing and reinstalling your dependencies?
drifting rain
So much going right, except the call you need to work. Right?
hasty marsh
correct.
So, here's what we are trying to do. One of our vendors requires our customers to have a shipping address. We are retrieving the customer to attempt to check 1) their default source billing address and 2) if their shipping address is the same. That's why we have to retrieve the customer. Is there a different method I could use to check that besides retrieve which apears to be problematic here?
drifting rain
Well, question. Where are you getting the Subscription object from?
hasty marsh
That's coming from a webhook. We are responding to customer.subscription.updated or customer.subscription.created
so subscription is the event payload
which provides us the customer id
drifting rain
Okay, could you try retrieving the Subscription while passing in customer.default_source in the expand parameter?
hasty marsh
sure!
waiting for a webhook
๐ฆ
same
what the actual hell
our logs show GET https://api.stripe.com/v1/subscriptions/sub_IQ9nD3aR6uckai
here's the response:
"response": {
"error": {
"message": "You did not provide an API key. You need to provide your API key in the Authorization header, using Bearer auth (e.g. 'Authorization: Bearer YOUR_SECRET_KEY'). See https://stripe.com/docs/api#authentication for details, or we can help at https://support.stripe.com/.",
"type": "invalid_request_error"
}
},
"responseCode": 401
solar summit
Hi there ๐ taking over for @drifting rain.
What's the exact code that you're running @hasty marsh?