Awesome
Omnipay: Stripe
Stripe driver for the Omnipay PHP payment processing library
Omnipay is a framework agnostic, multi-gateway payment processing library for PHP. This package implements Stripe support for Omnipay.
Installation
Omnipay is installed via Composer. To install, simply require league/omnipay
and omnipay/stripe
with Composer:
composer require league/omnipay omnipay/stripe
Basic Usage
The following gateways are provided by this package:
For general usage instructions, please see the main Omnipay repository.
Stripe.js
The Stripe integration is fairly straight forward. Essentially you just pass
a token
field through to Stripe instead of the regular credit card data.
Start by following the standard Stripe JS guide here: https://stripe.com/docs/tutorials/forms
After that you will have a stripeToken
field which will be submitted to your server.
Simply pass this through to the gateway as token
, instead of the usual card
array:
$token = $_POST['stripeToken'];
$response = $gateway->purchase([
'amount' => '10.00',
'currency' => 'USD',
'token' => $token,
])->send();
Stripe Payment Intents
Stripe Payment Intents is the Stripe's new foundational payment API. As opposed to Charges API, Payment Intents supports Strong Customer Authentication. It means that during the payment process, the user might be redirected to an off-site page hosted by the customer's bank for authentication purposes.
This plugin's implementation uses the manual Payment Intent confirmation flow, which is pretty similar to the one the Charges API uses. It shouldn't be too hard to modify your current payment flow.
-
Start by collecting the payment method details from the customer. Alternatively, if the customer has provided this earlier and has saved a payment method in your system, you can re-use that.
-
Proceed to authorize or purchase as when using the Charges API.
$paymentMethod = $_POST['paymentMethodId'];
$response = $gateway->authorize([
'amount' => '10.00',
'currency' => 'USD',
'description' => 'This is a test purchase transaction.',
'paymentMethod' => $paymentMethod,
'returnUrl' => $completePaymentUrl,
'confirm' => true,
])->send();
- If you have a token, instead of a payment method, you can use that by setting the
token
parameter, instead of setting thepaymentMethod
parameter. - The
returnUrl
must point to where you would redirect every off-site gateway. This parameter is mandatory, ifconfirm
is set to true. - If you don't set the
confirm
parameter totrue
, you will have to manually confirm the payment intent as shown below.
$paymentIntentReference = $response->getPaymentIntentReference();
$response = $gateway->confirm([
'paymentIntentReference' => $paymentIntentReference,
'returnUrl' => $completePaymentUrl,
])->send();
At this point, you'll need to save a reference to the payment intent. $_SESSION
can be used for this purpose, but a more common pattern is to have a reference to the current order encoded in the $completePaymentUrl
URL. In this case, now would be an excellent time to save the relationship between the order and the payment intent somewhere so that you can retrieve the payment intent reference at a later point.
- Check if the payment is successful. If it is, that means the 3DS authentication was not required. This decision is up to Stripe (taking into account any custom Radar rules you have set) and the issuing bank.
if ($response->isSuccessful()) {
// Pop open that champagne bottle, because the payment is complete.
} else if($response->isRedirect()) {
$response->redirect();
} else {
// The payment has failed. Use $response->getMessage() to figure out why and return to step (1).
}
-
The customer is redirected to the 3DS authentication page. Once they authenticate (or fail to do so), the customer is redirected to the URL specified earlier with
completePaymentUrl
. -
Retrieve the
$paymentIntentReference
mentioned at the end of step (2). -
Now we have to confirm the payment intent, to signal Stripe that everything is under control.
$response = $gateway->confirm([
'paymentIntentReference' => $paymentIntentReference,
'returnUrl' => $completePaymentUrl,
])->send();
if ($response->isSuccessful()) {
// All done!! Big bucks!
} else {
// The response will not be successful if the 3DS authentication process failed or the card has been declined. Either way, it's back to step (1)!
}
Stripe Connect
Stripe connect applications can charge an additional fee on top of Stripe's fees for charges they make on behalf of
their users. To do this you need to specify an additional transactionFee
parameter as part of an authorize or purchase
request.
When a charge is refunded the transaction fee is refunded with an amount proportional to the amount of the charge
refunded and by default this will come from your connected user's Stripe account effectively leaving them out of pocket.
To refund from your (the applications) Stripe account instead you can pass a refundApplicationFee
parameter with a
boolean value of true as part of a refund request.
Note: making requests with Stripe Connect specific parameters can only be made using the OAuth access token you received as part of the authorization process. Read more on Stripe Connect here.
Test Mode
Stripe accounts have test-mode API keys as well as live-mode API keys. These keys can be active at the same time. Data created with test-mode credentials will never hit the credit card networks and will never cost anyone money.
Unlike some gateways, there is no test mode endpoint separate to the live mode endpoint, the Stripe API endpoint is the same for test and for live.
Support
If you are having general issues with Omnipay, we suggest posting on Stack Overflow. Be sure to add the omnipay tag so it can be easily found.
If you want to keep up to date with release announcements, discuss ideas for the project, or ask more detailed questions, there is also a mailing list which you can subscribe to.
If you believe you have found a bug, please report it using the GitHub issue tracker, or better yet, fork the library and submit a pull request.