Error sharing customer stripe and create charges with php

2.4k views Asked by At

I'm sorry for my english.

I'm try to create a charge with a connected account in stripe using standalone account. I'm connecting my accounts using this article in stripe: Sample OAuth Applications. I have 3 accounts: A) Main account. In this account are the clients of our app. Account B and account C are other accounts connected to account A (I see this two accounts connect in the settings of account A. That tells me that two account is already connected, right?). All user's app is in account A and we want share to account B and C, that's our target.

When the accounts has been connected we save in our DB the acces_token and refresh token. The docs of shared customers says that we need create a token with the customer_id and the account_id in order to create a token with the credit card info of customer but when we execute the code it returns an error:

The provided key 'sk_test_********************uJ3l' does not have access to account 'acct_--------------' (or that account does not exist). Application access may have been revoked.

We have test a several combinations of variables pass to api and the result always returns an error.

What are doing wrong in this case. Can you help us???

This is the code that we using: All the comments has been the another test that we try:

public function createtransaction($customer_id, $paymentDesc, $destinationAccount) {

        $errors = array();
        try {
            $secret_key = $this->get_secret_key();

            \Stripe\Stripe::setApiKey($secret_key);

            // THIS ONLY FOR TESTING PURPOSE. WE WANT SEE IF CAN ACCESS TO CONNECTED ACCOUNT
            // Fetching an account just needs the ID as a parameter
            // WHIT ACCESS_TOKEN WORKS THE RETRIEVE METHOD
            // $account = \Stripe\Account::retrieve('access_token_from_db');
            // WHIT ACCOUNT_ID DOES NOT. RETURNS AN ERROR
            // $account = \Stripe\Account::retrieve('acct_***********');
            // echo "<pre>------";
            // print_r($account);
            // echo "-----</pre>";


            // HERE ONLY WE CAN TEST IF WE CAN CREATE A CUSTOMER. THIS IS ONLY TO CHECK IF THE ACCOUNT IS CONNECTED. THE CUSTOMER ALREADY EXISTS IN MAIN ACCOUNT 
            // Recommended: sending API key with every request
            // \Stripe\Customer::create(
            //   array("description" => "[email protected]"),
            //   array("api_key" => 'sk_test_***************') // account's access token from the Connect flow
            // SAME. WITH stripe_account DOES NOT WORK. WHIT api_key PARAM WORKS WELL
            // );

            // THE DOCS SAYS WE NEED CREATE A TOEKN WITH customer AND stripe_account, BUT IT RETURNS AN ERROR OF PERMISSION
            // Create a Token from the existing customer on the platform's account
            // $token = \Stripe\Token::create(
            //  array("customer" => $customer_id),
            //  array("stripe_account" => 'acct_********************') // id of the connected account
            // );

            // echo "<pre>------";
            // print_r($token);
            // echo "-----</pre>";

            // ONE COMBINATION. DOES NOT WORK
            // var_dump($customer_id, $paymentDesc, $destinationAccount);
            // $charge = \Stripe\Charge::create(array(
            //  "amount" => $paymentDesc['total'] * 100,
            //  "currency" => "usd",
            //  "source" => $token,
            //  "description" => $paymentDesc['description'],
            //  'destination' => $destinationAccount
            // ));
            //
            //

            // IT WORKS IN THE MAIN ACCOUNT BUT IT IS NOT OUR GOAL, BUT WE CAN TRANSFER THE MONEY TO ANOTHER CONNECTED ACCOUNT
            // $charge = \Stripe\Charge::create(array(
            //  'amount' => $paymentDesc['total'] * 100,
            //  'currency' => 'usd',
            //  'customer' => $customer_id,
            //  "description" => $paymentDesc['description']
            // ));

            // ANOTHER COMBINATION. DOES NOT WORK
            /*$charge = \Stripe\Charge::create(array(
                'amount' => $paymentDesc['total'] * 100,
                'currency' => 'usd',
                "description" => $paymentDesc['description'],
                'customer' => $customer_id
            ), array('stripe_account' => 'acct_************'));*/

            // ANOTHER COMBINATION. DOES NOT WORK
            /*$charge = \Stripe\Charge::create(array(
                'amount' => $paymentDesc['total'] * 100,
                'currency' => 'usd',
                "description" => $paymentDesc['description'],
                'customer' => $customer_id
            ), array('api_key' => 'ACCESS_TOKEN_IN_DB'));

            echo "<pre>------";
            print_r($charge);
            echo "-----</pre>";

            return array('charge' => $charge);*/

        } catch(Stripe_CardError $e) {
            $errors = array('error' => false, 'message' => 'Card was declined.', 'e' => $e);
        } catch (Stripe_InvalidRequestError $e) {
            $errors = array('error' => false, 'message' => 'Invalid parameters were supplied to Stripe\'s API', 'e' => $e);
        } catch (Stripe_AuthenticationError $e) {
            $errors = array('error' => false, 'message' => 'Authentication with Stripe\'s API failed!', 'e' => $e);
        } catch (Stripe_ApiConnectionError $e) {
            $errors = array('error' => false, 'message' => 'Network communication with Stripe failed', 'e' => $e);
        } catch (Stripe_Error $e) {
            $errors = array('error' => false, 'message' => 'Stripe error. Something wrong just happened!', 'e' => $e);
        } catch (Exception $e) {
            $errors = array('error' => false, 'message' => 'An error has ocurred getting info customer.', 'e' => $e);
        }

        return $errors;
    }
1

There are 1 answers

2
Spiff On BEST ANSWER

You don't need to save the access_token and refresh_token, only the stripe_user_id containing the connected account id is required to work with Connect.

You can use your platform's secret API key for all the requests and just pass the connected account id to the Stripe-account header as shown in the shared customers documentation. More generally this header can be added to almost every API request to have it directed at a connected account:

https://stripe.com/docs/connect/authentication#authentication-via-the-stripe-account-header

In your case you'd do:

// Create a Token from the existing customer on the platform's account
$sharedToken = \Stripe\Token::create(
  array("customer" => CUSTOMER_ID, "card" => CARD_ID),
  array("stripe_account" => CONNECTED_STRIPE_ACCOUNT_ID) // id of the connected account
);

$sharedCustomer = \Stripe\Customer::create(array(
  "description" => "Customer for [email protected]",
  "source" => $sharedToken),
  array("stripe_account" => CONNECTED_STRIPE_ACCOUNT_ID) 
);

You can then create a charge from this shared customer in the same way:

\Stripe\Charge::create(array(
  "amount" => 2000,
  "currency" => "usd",
  "customer" => $sharedCustomer),
  array("stripe_account" => CONNECTED_STRIPE_ACCOUNT_ID) 
);