Ionic 4 Cordova Payment with Stripe and SCA - javascript

With the SCA (https://stripe.com/docs/strong-customer-authentication),
I have to update my payment routine that was using the Charge API : https://stripe.com/docs/payments/charges-api
From the documentation, i understood that my options are Payment intent : https://stripe.com/docs/payments/payment-intents
and Setup Intent : https://stripe.com/docs/payments/save-and-reuse
In order to communicate between my front End and my Backend, I use stripe.js Element.
The problem is that, in order to reach the PaymentIntent API, i need https, and Cordova is not https but only http from what i understood as specified in the Stripe documentation :
A Stripe Element contains an iframe that securely sends the payment information to Stripe over an HTTPS connection. The checkout page address must also start with https:// rather than http:// for your integration to work.
You can test your integration without using HTTPS. Enable it when you’re ready to accept live payments.
I would like to know how i could handle the Stripe PaymentIntent API with stripe.js Element on my Ionic Cordova application.
If anyone got an idea it would be an amazing help !

You need to switch to using Payment Intents here. Those API calls have to be made server-side, and your client-side Elements/Javascript calls can remain nearly same.

Related

How do I detect payments using PayPal v2 and JavaScript?

I'm developing a server that will detect PayPal payments to a specific PayPal account.
I've started looking into the PayPal SDK and got lost... I saw that V1 is deprecated, so I probably should use V2.
The only thing that I need is that PayPal will call my server webhook once the account receives money.
How should I do this?
The only thing that I need is that PayPal will call my server webhook
Don't do that. Use a proper server integration.
You need two routes on your server, one for 'Set Up Transaction' and one for 'Capture Transaction', documented here: https://developer.paypal.com/docs/checkout/reference/server-integration/
The best approval flow for the customer to go through is: https://developer.paypal.com/demo/checkout/#/pattern/server , as your site stays loaded in the background, and it does not redirect away from your page.
When your capture transaction API call runs successfully and completes the order, you will have an immediate response with a payment object and transaction details. Thus, there is no need for the extra asynchronous step of waiting for a separate webhook call (which is prone to errors or exceptions), and your integration will be more robust.

How to change req.body during the request in express

I am trying to use a Node.js payment SDK on my API (running on Express). The problem is, after validating the card details and beginning the transaction, an OTP is sent to the user from his/her bank. The payment process depends on this otp to complete the payment. How do I allow the user to pass this in while the request is ongoing (using req.body), or is there a better way to do this?
For reference purposes, please check this link.
You could use body-parser, a middle ware package meant for these kind of problems.
https://expressjs.com/en/resources/middleware/body-parser.html
https://www.npmjs.com/package/body-parser
Here are the links on express' docs and npm.

Stop redirection in browser. I will stay in app

I have created a website. and make a web view of this website in app. so android application shows a mobile website in app. but while having use app.. there are some functionalities to make payment and i will use a third party payment gateway.
When it will hit for the payment, third party gateway links open in mobile's browser not in app. So after the payment it shows an error bcz there is no session in browser. It's all in app.
coding is done in codeigniter.
So how i will redirect payment gateway in app not in browser. So i could not get error.
I don't know what your code looks like but you can use Intent to set which link to inside or outside the app.
You can simply tap into whatever the payment gateway returns and find out if the payment has been completed
Since yopu ve not specified on the payment gateway lets assume an example of paypall.
Paypall has an instant payment notification that you listenm o when payment is completed
his will basically send a confirmation to your server that tells you it has gone through.
Listen for this in the server(php codeignter) and send a notification to your android app that payment is completed.
So probably in your case check on the payment api's they can provide more details

Youtube Analytics Offline Access Request when Authenticated as Brand instead of User

Apps Script keeps asking for offline permission with Youtube's API
In Google Apps Script, access to YouTube Reporting API is Forbidden
These are very similar questions however, I am logged in as the owner. The script is in the owner's drive.
My problem
I have been trying to access YouTube Analytics Reports from the Content Owner using GAS(Google Apps Script). There are two accounts a Brand account (holds the data i.e. the video content) and a User account. They both use the same credentials(email & pwd). When authorizing as the user, I get a 403(forbidden). When authorizing as the brand, I am asked to authorize offline access again and again, stopping me from ever being able to make a request.
What I've tried...
Running from Node, using OAUTH Playground tokens, and it works. But I need to stick with GAS.
Using google-script-oauth2: to hard code credentials (similarly to the Node solution) but I couldn't set the refresh token. I got a 401(invalid credentials) - I believe the bearer token was expired
Setting up credentials for and enabling both youtube and youtube analytics APIs
scrapping old credentials and attaching a new project to GAS
removing auth in privacy settings and re-authenticating
toggling a use unsafe scripts option and repeating step 3
switching between contentOwner and channel parameters for the ids param
NOTE: I have two OAUTH2 credentials app script and the web client both are set as Web Applications.
GAS Code
function test(){
YouTubeAnalytics.Reports.query("contentOwner==id", "2017-03-01", "2017-03-31", "likes");
}
Final Thoughts
I believe there is a disconnect between the Brand and the user such that the brand is not given the same access to the OAUTH 2 token. Therefore, it never generates a refresh token. So, the request sees that I am the authorized channel owner but it can't finish the OAUTH flow.
If this is true, why, and how do I fix it? If not, what do you think could be the error?
I just realized the script is in the user account and not the brand account. Would that affect the validation?
Also on the actual channel, the user is listed as the Primary Owner.
I think the problem has to do with Apps Script's limited OAuth scopes. Open the Script Editor and navigate to Resources->Advanced Google Services and you'll see that YouTube's Reporting API is not supported. However, you can get around this by using Service Accounts. They are a pain to set up but once you get them up and running you can explicitly request the scopes required to make authorized calls on the API from GAS.
Here are a few links to get you started:
Using OAuth 2.0 for Server to Server Applications
OAuth 2.0 Scopes for Google APIs
For Using OAuth 2.0 for Server to Server Applications you'll want to scroll down to the section titled Preparing to make an authorized API call. Select the HTTP/REST tab and it should walk you thru the steps you'll need to setup a service account (you'll need to create a JWT - JSON Web Token from your Google console for use in your API calls). You'll also need to retrieve the needed OAuth scope urls for YouTube's Reporting API from the second link provided. Once you're all set up you'll be able to make requests to the API directly from Apps Script using URLFetchApp. Best of luck with your project.
One more thing. Check out Google's API Explorer listing for the YouTube Reporting API. You can get the URL endpoints (and request methods) you'll need to use in your UrlFetchApp calls by playing with the Explorer.
UPDATE 4/28/2017
Also be sure to enable the YouTube Reporting API from your Google API Console.

How to authenticate SharePoint Online(Office 365) from desktop

I am creating a JavaScript app which runs in browser of the desktop user, I need to display some data from SharePoint Online site, how do I authenticate and get display data in the App?
What kind of data did you want to display? As far as I know, we can query the data from SharePoint online using Microsoft Graph API. To use this API, we need to register the app first and in this scenario, we can register a client app(refer to here).
Then we can use the ADAL.JS to authenticate the application. For a sample demonstrating basic usage of ADAL JS please refer to this repo.
And if you were developing an SPA app, we can use the OAuth 2.0 Implicit Grant protocol to obtain an ID token (id_token) from Azure AD. The token is cached and the client attaches it to the request as the bearer token when making calls to its web API back end.
No you can't do this using JavaScript. You should use the Client Object Model (CSOM) to achieve the same.
If you want to achieve the same please refer the url
https://github.com/nickvdheuvel/O365-ADALJS-examples/blob/master/Authenticate-an-Office-365-user-with-ADAL-JS/Authenticate-an-Office-365-user-with-ADAL-JS.html
Hope this information helps you.

Categories

Resources