158 - Exchanging Tokens

2026-01-26 11:14:06 +00:00 · 2018-01-19 11:35:30 -05:00
parent fe6a03cb64
commit 9fceea25bf
6 changed files with 81 additions and 20 deletions
--- a/app/Http/Controllers/Backstage/StripeConnectController.php
+++ b/app/Http/Controllers/Backstage/StripeConnectController.php
@@ -2,8 +2,10 @@

 namespace App\Http\Controllers\Backstage;

+use Zttp\Zttp;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
+use Illuminate\Support\Facades\Auth;

 class StripeConnectController extends Controller
 {
@@ -20,4 +22,20 @@ class StripeConnectController extends Controller

        return redirect($url);
    }
+
+    public function redirect()
+    {
+        $accessTokenResponse = Zttp::asFormParams()->post('https://connect.stripe.com/oauth/token', [
+            'grant_type' => 'authorization_code',
+            'code' => request('code'),
+            'client_secret' => config('services.stripe.secret'),
+        ])->json();
+
+        Auth::user()->update([
+            'stripe_account_id' => $accessTokenResponse['stripe_user_id'],
+            'stripe_access_token' => $accessTokenResponse['access_token'],
+        ]);
+
+        return redirect()->route('backstage.concerts.index');
+    }
 }
--- a/app/User.php
+++ b/app/User.php
@@ -9,23 +9,7 @@ class User extends Authenticatable
 {
    use Notifiable;

-    /**
-     * The attributes that are mass assignable.
-     *
-     * @var array
-     */
-    protected $fillable = [
-        'name', 'email', 'password',
-    ];
-
-    /**
-     * The attributes that should be hidden for arrays.
-     *
-     * @var array
-     */
-    protected $hidden = [
-        'password', 'remember_token',
-    ];
+    protected $guarded = [];

    public function concerts()
    {
--- a/composer.json
+++ b/composer.json
@@ -12,7 +12,8 @@
        "guzzlehttp/guzzle": "^6.2",
        "hashids/hashids": "^2.0",
        "laravel/dusk": "^2.0.10",
-        "intervention/image": "^2.4"
+        "intervention/image": "^2.4",
+        "kitetail/zttp": "^0.3.0"
    },
    "require-dev": {
        "fzaninotto/faker": "~1.4",
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
        "This file is @generated automatically"
    ],
-    "content-hash": "5e2d52a5a913597b112859f1ba6a9361",
+    "content-hash": "c86e9d02c3ff6937ee4ff09941438a7a",
    "packages": [
        {
            "name": "doctrine/inflector",
@@ -601,6 +601,52 @@
            ],
            "time": "2017-09-21T16:29:17+00:00"
        },
+        {
+            "name": "kitetail/zttp",
+            "version": "v0.3.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/kitetail/zttp.git",
+                "reference": "e788ab8fc5c0259f691e2960d17e0ddbab761c6a"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/kitetail/zttp/zipball/e788ab8fc5c0259f691e2960d17e0ddbab761c6a",
+                "reference": "e788ab8fc5c0259f691e2960d17e0ddbab761c6a",
+                "shasum": ""
+            },
+            "require": {
+                "guzzlehttp/guzzle": "^6.0",
+                "php": ">=7.0",
+                "tightenco/collect": "^5.4"
+            },
+            "require-dev": {
+                "laravel/lumen-framework": "^5.4",
+                "phpunit/phpunit": "^6.0"
+            },
+            "type": "library",
+            "autoload": {
+                "files": [
+                    "src/Zttp.php"
+                ]
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Adam Wathan",
+                    "email": "adam.wathan@gmail.com"
+                }
+            ],
+            "description": "A developer-experience focused HTTP client, optimized for most common use cases.",
+            "keywords": [
+                "Guzzle",
+                "http"
+            ],
+            "time": "2017-08-09T15:31:26+00:00"
+        },
        {
            "name": "laravel/dusk",
            "version": "v2.0.10",
--- a/routes/web.php
+++ b/routes/web.php
@@ -37,5 +37,6 @@ Route::group(['middleware' => 'auth', 'prefix' => 'backstage', 'namespace' => 'B
    Route::post('/concerts/{id}/messages', 'ConcertMessagesController@store')->name('backstage.concert-messages.store');

    Route::get('/stripe-connect/authorize', 'StripeConnectController@authorizeRedirect');
+    Route::get('/stripe-connect/redirect', 'StripeConnectController@redirect');
 });

--- a/tests/Browser/ConnectWithStripeTest.php
+++ b/tests/Browser/ConnectWithStripeTest.php
@@ -26,7 +26,18 @@ class ConnectWithStripeTest extends DuskTestCase
                    ->assertQueryStringHas('response_type', 'code')
                    ->assertQueryStringHas('scope', 'read_write')
                    ->assertQueryStringHas('client_id', config('services.stripe.client_id'))
-                    ;
+                    ->clickLink("Skip this account form")
+                    ->assertRouteIs('backstage.concerts.index');
+
+            tap($user->fresh(), function ($user) {
+                $this->assertNotNull($user->stripe_account_id);
+                $this->assertNotNull($user->stripe_access_token);
+
+                $connectedAccount = \Stripe\Account::retrieve(null, [
+                    'api_key' => $user->stripe_access_token
+                ]);
+                $this->assertEquals($connectedAccount->id, $user->stripe_account_id);
+            });
        });
    }
 }