isaacsanders / omniauth-stripe-connect Goto Github PK

Stripe Connect OAuth2 Strategy for OmniAuth 1.0

License: MIT License

Ruby 100.00%

omniauth-stripe-connect's Introduction

OmniAuth::StripeConnect

Stripe Connect OAuth2 Strategy for OmniAuth 1.0.

Supports the OAuth 2.0 server-side and client-side flows. Read the Stripe Connect docs for more details: https://stripe.com/connect

Installation

Add this line to your application's Gemfile:

gem 'omniauth-stripe-connect'

And then execute:

$ bundle

Or install it yourself as:

$ gem install omniauth-stripe-connect

Usage

OmniAuth::Strategies::StripeConnect is simply a Rack middleware. Read the OmniAuth 1.0 docs for detailed instructions: https://github.com/intridea/omniauth.

Non-Devise

Here's a quick example, adding the middleware to a Rails app in config/initializers/omniauth.rb:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :stripe_connect, ENV['STRIPE_CONNECT_CLIENT_ID'], ENV['STRIPE_SECRET']
end

Devise

You need to declare the provider in your config/initializers/devise.rb:

config.omniauth :stripe_connect, "STRIPE_CONNECT_CLIENT_ID", "STRIPE_SECRET"

You'll also need to add some configuration to your devise model (e.g. User in app/models/user.rb) along with any other OmniAuth providers you might have:

:omniauthable, :omniauth_providers => [:stripe_connect]

General Usage

Your STRIPE_CONNECT_CLIENT_ID is application-specific and your STRIPE_SECRET is account-specific and may also be known as your Stripe API key or Stripe Private key.

Edit your routes.rb file to have: devise_for :users, :controllers => { :omniauth_callbacks => "omniauth_callbacks" }

And create a file called omniauth_callbacks_controller.rb which should have this inside:

class OmniauthCallbacksController < Devise::OmniauthCallbacksController

  def stripe_connect
    # Delete the code inside of this method and write your own.
    # The code below is to show you where to access the data.
    raise request.env["omniauth.auth"].to_yaml
  end
end

Make sure to go to Stripe's Account Settings > Applications and set your Redirect URL to: http://localhost:3003/users/auth/stripe_connect/callback

The Webhook URL will be something similar: http://www.yourdomain.com/users/auth/stripe_connect/callback

Then you can hit /auth/stripe_connect

If you hit /auth/stripe_connect with any query params, they will be passed along to Stripe. You can access these params from request.env['omniauth.params']. Read Stripe's OAuth Reference for more information.

Auth Hash

Here is an example of the Auth Hash you get back from calling request.env['omniauth.auth']:

{
  "provider"=>"stripe_connect",
  "uid"=>"<STRIPE_USER_ID>",
  "info"=> {
    "email"=>"[email protected]",
    "name"=>"Name",
    "nickname"=>"Nickname",
    "scope"=>"read_write", # or "read_only"
    "livemode"=>false,
    "stripe_publishable_key"=>"<STRIPE_PUBLISHABLE_KEY>",
  },
  "credentials"=> {
    "token"=>"<STRIPE_ACCESS_TOKEN>",
    "refresh_token"=>"<STRIPE_REFRESH_TOKEN>",
    "expires"=>false
  },
  "extra"=> {
    "raw_info"=> {
      "token_type"=>"bearer",
      "stripe_user_id"=>"<STRIPE_USER_ID>",
      "scope"=>"read_only",
      "stripe_publishable_key"=>"<STRIPE_PUBLISHABLE_KEY>",
      "livemode"=>false
    },
    "extra_info"=> {
      "business_logo"=>"https://stripe.com/business_logo.png",
      "business_name"=>"Business Name",
      "business_url"=>"example.com",
      "charges_enabled"=>true,
      "country"=>"US",
      "default_currency"=>"eur",
      "details_submitted"=>true,
      "display_name"=>"Business Name",
      "email"=>"[email protected]",
      "id"=>"<STRIPE_USER_ID>",
      "managed"=>false,
      "object"=>"account",
      "statement_descriptor"=>"EXAMPLE.COM",
      "support_email"=>"[email protected]",
      "support_phone"=>"123456789",
      "timezone"=>"Europe/Berlin",
      "transfers_enabled"=>true
    }
  }
}

Additional Tutorials

Stripe Connect in Rails Tutorial

Contributing

Fork it
Create your feature branch (git checkout -b my-new-feature)
Commit your changes (git commit -am 'Added some feature')
Push to the branch (git push origin my-new-feature)
Create new Pull Request

omniauth-stripe-connect's People

Contributors

Stargazers

Watchers

Forkers

gooley amfeng excid3 jordan52 bcackerman seocahill andrewjanssen chrischattin metcalf mattgoldman treble37 todddickerson richrines chondm hfwang sgrshah devilpersonnel unmanbearpig dbadawi tloszko hoenth maxio-com alonhartal ryanb23 lukeivers chrt00 backerkit kvnwang mangantj 19coders sunsheeppoplar nicolasleger jho406 anthonyolow dashkb revvco bandzoogle tirdadc rsr312-206 first65 tevio mikeover mastermind-com crmified averydev kerryfalk nextrequest toddp nusii binhly joelmoss rewardful dineshpanda bigbinary shunichi ordaloca evesele lillccian austra egeek mintotsai jftobias gumroad armstrongnate schoolkeep maburkle teamtito sebastianszturo

omniauth-stripe-connect's Issues

user session not storing after callback

My controller looks like so:

class OmniauthCallbacksController < Devise::OmniauthCallbacksController 
    def stripe_connect
        @user = current_user
            if @user.update_attributes({
               provider: request.env["omniauth.auth"].provider,
               uid: request.env["omniauth.auth"].uid,
               access_code: request.env["omniauth.auth"].credentials.token,
               publishable_key: request.env["omniauth.auth"].info.stripe_publishable_key
               })
              redirect_to teacher_path(current_user.teacher.id), :event => :authentication
              set_flash_message(:notice, :success, :kind => "Stripe") if is_navigational_format?
           else
              session["devise.stripe_connect_data"] = request.env["omniauth.auth"]
              redirect_to new_user_registration_url
          end
    end  
end

This works in development but not in production. In production is says @user is nil. How could one pull the user session from the callback in production?

Support Omniauth v2

https://github.com/isaacsanders/omniauth-stripe-connect/blob/master/omniauth-stripe-connect.gemspec#L22

Handling of user deauthroize

Is there a best practice for handling when users deauthorize their stripe accounts? Or if a user uses their stripe account multiple times in the app?

How to get data from the callback

I've got it so that Stripe is now sending data back to the callback, and a code is being generated.

But where in the world do I get access to this code to save it? How do I point this to a controller?

Documentation is nearly useless unless you intend to use Devise

The documentation for this gem so heavily relies on the use of Devise that you might as well add devise as a requirement for it's use. Which is unfortunate, as Devise is an over-used gem that doesn't work well in many use cases. For example, in my use case I'm not interested in using oauth for user registration / login purposes, I simply need to connect the users Stripe account to my application. Devise -- which is being used for those purposes -- not only doesn't need to be involved in this work flow, it needs to be kept as far as possible from it!

Callback Route Not Matching

Not sure why this happens. But here is the scenario:

I have omniauth-stripe-connect as well as devise in my gemfile.

I have following in initializers/devise.rb:
config.omniauth :stripe_connect, ENV['STRIPE_CONNECT_CLIENT_ID'], ENV['STRIPE_SECRET']

My routes.rb:

Rails.application.routes.draw do
 devise_for :users, :controllers => {:omniauth_callbacks => "omniauth_callbacks", :sessions => 'sessions', :registrations => 'registrations' }
 devise_for :admin_users, ActiveAdmin::Devise.config
 ActiveAdmin.routes(self)    
 #other routes
end

My OmniauthCallbacksController:
class OmniauthCallbacksController < Devise::OmniauthCallbacksController

def facebook
 @user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)
  if @user.persisted?
   sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
   set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
  else
   set_flash_message(:notice, :failure, :kind => "Facebook") if is_navigational_format?
   redirect_to new_user_session_path and return
  end
end

def twitter
 @user = User.find_for_twitter_oauth(request.env["omniauth.auth"], current_user)
  if @user.persisted?
   set_flash_message(:notice, :success, :kind => "Twitter") if is_navigational_format?
   sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
  else
   set_flash_message(:error,  @user.errors.empty? ? "Error" : @user.errors.full_messages.to_sentence, :kind => "Twitter") if is_navigational_format?
   redirect_to new_user_session_path and return
 end
end

def stripe_connect
 @user = current_user
 @user.update_attributes({
                            stripe_uid: request.env["omniauth.auth"].uid,
                            stripe_access_code: request.env["omniauth.auth"].credentials.token,
                            stripe_publishable_key: request.env["omniauth.auth"].info.stripe_publishable_key
                        })
 # head :ok  and return
 redirect_to new_user_session_path and return
end

def after_sign_in_path_for(resource)
 #this is called by OmniauthCallbacksController in sign_in_and_redirect
 #since twitter does not provide an email address, for new twitter users we want to redirect to users#show_finish_signup
 #resource will be user
  if resource.email_verified?
    super resource
  else
    show_finish_signup_path(resource)
  end
 end
end

When I do rake routes, I see the authorize and callback paths:

user_omniauth_authorize GET|POST   /users/auth/:provider(.:format)                     omniauth_callbacks#passthru {:provider=>/facebook|twitter/}
user_omniauth_callback GET|POST   /users/auth/:action/callback(.:format)              omniauth_callbacks#:action

I have set the callback url in my Stripe account to:

http://localhost:3000/users/auth/stripe_connect/callback

When I go to /users/auth/stripe_connect in the browser, it redirects me to connect.stripe.com as expected and after I click on the blue button 'Connect My Stripe Account', the page then redirects to http://localhost:3000/users/auth/stripe_connect/callback. At this point I get a 404.

I dont understand why http://localhost:3000/users/auth/stripe_connect/callback does not match the user_omniauth_callback route.

This is what I see in the console:

Started GET "/users/auth/stripe_connect" for 127.0.0.1 at 2015-03-07 17:28:50 -0600
 I, [2015-03-07T17:28:50.074541 #6297]  INFO -- omniauth: (stripe_connect) Request phase initiated.
 Started GET "/users/auth/stripe_connect/callback?state=a45b3c5dc922db0494f5e2ef5b3d40fb93c3e94260074fd3&scope=read_only&code=ac_5xyzX" for 127.0.0.1 at 2015-03-07 17:28:53 -0600
I, [2015-03-07T17:28:53.335441 #6297]  INFO -- omniauth: (stripe_connect) Callback phase initiated.
ActionController::RoutingError (No route matches [GET] "/users/auth/stripe_connect/callback"):
   actionpack (4.1.5) lib/action_dispatch/middleware/debug_exceptions.rb:21:in `call'
   actionpack (4.1.5) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
   railties (4.1.5) lib/rails/rack/logger.rb:38:in `call_app'
   railties (4.1.5) lib/rails/rack/logger.rb:20:in `block in call'
   activesupport (4.1.5) lib/active_support/tagged_logging.rb:68:in `block in tagged'
   activesupport (4.1.5) lib/active_support/tagged_logging.rb:26:in `tagged'
   activesupport (4.1.5) lib/active_support/tagged_logging.rb:68:in `tagged'
   railties (4.1.5) lib/rails/rack/logger.rb:20:in `call'
   actionpack (4.1.5) lib/action_dispatch/middleware/request_id.rb:21:in `call'
   rack (1.5.2) lib/rack/methodoverride.rb:21:in `call'
   rack (1.5.2) lib/rack/runtime.rb:17:in `call'
   activesupport (4.1.5) lib/active_support/cache/strategy/local_cache_middleware.rb:26:in `call'
   rack (1.5.2) lib/rack/lock.rb:17:in `call'
   actionpack (4.1.5) lib/action_dispatch/middleware/static.rb:64:in `call'
   rack (1.5.2) lib/rack/sendfile.rb:112:in `call'
   rack-cors (0.3.0) lib/rack/cors.rb:72:in `call'
   railties (4.1.5) lib/rails/engine.rb:514:in `call'
   railties (4.1.5) lib/rails/application.rb:144:in `call'
   rack (1.5.2) lib/rack/lock.rb:17:in `call'
   rack (1.5.2) lib/rack/content_length.rb:14:in `call'
   rack (1.5.2) lib/rack/handler/webrick.rb:60:in `service'
   /Users/sony/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/webrick/httpserver.rb:138:in `service'
   /Users/sony/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/webrick/httpserver.rb:94:in `run'
   /Users/sony/.rvm/rubies/ruby-2.1.2/lib/ruby/2.1.0/webrick/server.rb:295:in `block in start_thread'

I was able to get past the issue by manually adding the routes to route.rb:

Rails.application.routes.draw do
  devise_for :users, :controllers => {:omniauth_callbacks => "omniauth_callbacks", :sessions => 'sessions', :registrations => 'registrations' }
  devise_for :admin_users, ActiveAdmin::Devise.config
  ActiveAdmin.routes(self)
 devise_scope :user do
    get '/users/auth/stripe_connect/callback' => 'omniauth_callbacks#stripe_connect'
    post '/users/auth/stripe_connect/callback' => 'omniauth_callbacks#stripe_connect'
  end
end

Why did the callback route did not match until I added those routes manually?

making a POST request for access token through the gem

resolved

No route matches problem

When I am trying to hit this URL "/auth/stripe_connect" No route matches [GET] "/auth/stripe_connect" error is showing.

I have followed all instructions while install this gem.

Please help. Thanks in advance.

Received wrong number of arguments. (ArgumentError)

How do you config this gem? I've tried with

Rails.application.config.middleware.use OmniAuth::Builder do
provider :stripe_platform, 'my-stripe-platform-client-id', 'my-stripe-test-secret-key'
end

And when I start the server I receive /home/user/.rvm/gems/ruby-1.9.3-p125/gems/omniauth-1.1.0/lib/omniauth/strategy.rb:136:in `initialize': Received wrong number of arguments. "my-stripe-test-secret-key"

Trying with:
provider :stripe_platform, 'my-stripe-platform-client-id'

the error is: Not found. Authentication passthru.

I also see from the Stripe docs that it's required a custom params header to authenticate and to use the oauth lib from github instead the gem. How did you make this works?

Invalid Credentials on Production

I am using the gem it is working perfectly on my local machine, but when i try it on production it always returns

2012-10-15T15:05:23+00:00 app[web.1]: (stripe_platform) Callback phase initiated.
2012-10-15T15:05:27+00:00 app[web.1]: (stripe_platform) Authentication failure! invalid_credentials: OmniAuth::Strategies::OAuth2::CallbackError, OmniAuth::Strategies::OAuth2::CallbackError

I tried using test and production keys and results are the same

I am using omniauth 1.1.1 and omniauth-stripe-platform 1.0.2 and also tried with omniauth-stripe-connect 2.0.0

Usage documentation no-go for /auth/stripe_connect

The usage documentation says you'll be able to visit /auth/stripe_connect after putting the code snippet in config/initializers/omniauth.rb. But there's nothing there touching the routes and it 404's as-is.

Support Stripe Express Connect

Oauth URL for Express is different then Standard

https://stripe.com/docs/connect/oauth-reference#get-authorize

-

Stripe Connect Redirect URI to be specified when connecting

Hi guys,

Think it's important to take note in the README about the redirect_uri param when trying to connect to stripe connect.

The redirect_uri param needs to be specified in the Stripe Application Redirect URI field where you can add as many as you want with comma separation.

link_to "<span>Connect with Stripe</span>".html_safe, user_omniauth_authorize_path(:stripe_connect, state: community.subdomain, redirect_uri: STRIPE_CONNECT_REDIRECT_URI)

Where STRIPE_CONNECT_REDIRECT_URI is a URI that I set in the environment depending on whether I'm in development, staging or production environment.

Error after putting in the credentials

Hi there,
I am getting an error message after putting in the credentials in omniauth.rb file,

Rails.application.config.middleware.use OmniAuth::Builder do
provider :stripe_connect, 'pk_test_xxxxxxxx, 'sk_test_xxxxxxxxx'
end
and i am also using devise for authentication, so i have pasted the following code in the devise.rb file,
config.omniauth :stripe_connect,
ENV['sk_test_xxxxxxx'],
ENV['pk_test_xxxxxxx'],
:scope => 'read_write', # or :scope => 'read_only'
:stripe_landing => 'login' # or :stripe_landing => 'register'

Will you please help me crack this problem, this is my first time working with strip connect.
Your help will be very much appreciated.

Thank you.

Invalid Redirect Url...when using production client id

hi there,
i just ran into bug when deploying my app to heroku. I used the production client_id and keys but still getting this error.

{
"error": "invalid_redirect_uri",
"error_description": "Invalid redirect URI 'http://localhost:3000/users/auth/stripe_connect/callback'. Ensure this uri exactly matches one of the uris specified in your application settings",
"state": "fdadb291ff0e520fed7606630e7e7af64ade41ceaa95579f"
}

What i have under my applications production settings redirect_url is "https://www.mydomain.com/usermodels/auth/stripe_connect/callback"

Will you please help me out.
Thank you

?force_login=true not being passed to Stripe

Hi, it appears that when I pass force_login=true in the query string, it isn't being passed along to Stripe.

I've checked with their support team and they've confirmed that they do support this param.

Do you know what could be causing this?

After connecting a certain Stripe account, if I click Connect to Stripe again: the oauth window opens, and subsequently closes, not giving me an option to login to another account.

Support suggested_capabilities param

https://stripe.com/docs/connect/required-updates/updating-express#transfers-new-accounts-pp

A new oauth param suggested_capabilities will add things like transfers and tax_reporting_us_1099_k to the customer's signup flow.

Getting Permission to isaacsanders/omniauth-stripe-connect.git denied to jongaegler.

provider_ignores_state: true possible

Hi!
I noticed that if the user is edit several times the stripe page we can get

Authentication failure! csrf_detected: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected

How should we handle this case ?

Kind regards,
Antoine

Redirect_url not working ... Please help

I tried the redirect link just like this :
<%= link_to "stripe", user_omniauth_authorize_path(:stripe_connect) %>
but it breaks with this error.

Error:

No route matches {:controller=>"omniauth_callbacks", :action=>"passthru", :provider=>:stripe_connect}

It works if i manually redirect by putting this in the url: localhost:3000/users/auth/stripe_connect

Routes:

controllers: {:omniauth_callbacks => "omniauth_callbacks", :registrations => 'registrations'}

Trace

Processing by RegistrationsController#new as HTML
  Rendered devise/shared/_links.erb (1.6ms)
  Rendered devise/registrations/new.html.erb within layouts/application (92.5ms)
Completed 500 Internal Server Error in 183ms

ActionController::RoutingError - No route matches {:controller=>"omniauth_callbacks", :action=>"passthru", :provider=>:stripe_connect}:
  actionpack (3.2.14) lib/action_dispatch/routing/route_set.rb:540:in `raise_routing_error'
  actionpack (3.2.14) lib/action_dispatch/routing/route_set.rb:536:in `rescue in generate'
  actionpack (3.2.14) lib/action_dispatch/routing/route_set.rb:528:in `generate'
  actionpack (3.2.14) lib/action_dispatch/routing/route_set.rb:569:in `generate'
  actionpack (3.2.14) lib/action_dispatch/routing/route_set.rb:594:in `url_for'
  actionpack (3.2.14) lib/action_dispatch/routing/url_for.rb:148:in `url_for'
  actionpack (3.2.14) lib/action_view/helpers/url_helper.rb:107:in `url_for'
  actionpack (3.2.14) lib/action_dispatch/routing/route_set.rb:216:in `user_omniauth_authorize_path'
  app/views/devise/registrations/new.html.erb:37:in `_app_views_devise_registrations_new_html_erb___4046438269320079111_70327266385080'
  actionpack (3.2.14) lib/action_view/template.rb:145:in `block in render'
  activesupport (3.2.14) lib/active_support/notifications.rb:125:in `instrument'
  actionpack (3.2.14) lib/action_view/template.rb:143:in `render'
  actionpack (3.2.14) lib/action_view/renderer/template_renderer.rb:48:in `block (2 levels) in render_template'
  actionpack (3.2.14) lib/action_view/renderer/abstract_renderer.rb:38:in `block in instrument'
  activesupport (3.2.14) lib/active_support/notifications.rb:123:in `block in instrument'
  activesupport (3.2.14) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
  activesupport (3.2.14) lib/active_support/notifications.rb:123:in `instrument'
  actionpack (3.2.14) lib/action_view/renderer/abstract_renderer.rb:38:in `instrument'
  actionpack (3.2.14) lib/action_view/renderer/template_renderer.rb:47:in `block in render_template'
  actionpack (3.2.14) lib/action_view/renderer/template_renderer.rb:55:in `render_with_layout'
  actionpack (3.2.14) lib/action_view/renderer/template_renderer.rb:46:in `render_template'
  actionpack (3.2.14) lib/action_view/renderer/template_renderer.rb:19:in `render'
  newrelic_rpm (3.6.7.159) lib/new_relic/agent/instrumentation/rails3/action_controller.rb:160:in `block in render_with_newrelic'
  newrelic_rpm (3.6.7.159) lib/new_relic/agent/method_tracer.rb:259:in `trace_execution_scoped'
  newrelic_rpm (3.6.7.159) lib/new_relic/agent/instrumentation/rails3/action_controller.rb:159:in `render_with_newrelic'
  actionpack (3.2.14) lib/action_view/renderer/renderer.rb:36:in `render_template'
  actionpack (3.2.14) lib/action_view/renderer/renderer.rb:17:in `render'
  actionpack (3.2.14) lib/abstract_controller/rendering.rb:110:in `_render_template'
  actionpack (3.2.14) lib/action_controller/metal/streaming.rb:225:in `_render_template'
  actionpack (3.2.14) lib/abstract_controller/rendering.rb:103:in `render_to_body'
  actionpack (3.2.14) lib/action_controller/metal/renderers.rb:28:in `render_to_body'
  actionpack (3.2.14) lib/action_controller/metal/compatibility.rb:50:in `render_to_body'
  actionpack (3.2.14) lib/abstract_controller/rendering.rb:88:in `render'
  actionpack (3.2.14) lib/action_controller/metal/rendering.rb:16:in `render'
  actionpack (3.2.14) lib/action_controller/metal/instrumentation.rb:40:in `block (2 levels) in render'
  activesupport (3.2.14) lib/active_support/core_ext/benchmark.rb:5:in `block in ms'
  /usr/local/rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/benchmark.rb:296:in `realtime'
  activesupport (3.2.14) lib/active_support/core_ext/benchmark.rb:5:in `ms'
  actionpack (3.2.14) lib/action_controller/metal/instrumentation.rb:40:in `block in render'
  actionpack (3.2.14) lib/action_controller/metal/instrumentation.rb:83:in `cleanup_view_runtime'
  activerecord (3.2.14) lib/active_record/railties/controller_runtime.rb:24:in `cleanup_view_runtime'
  sunspot_rails (2.0.0) lib/sunspot/rails/railties/controller_runtime.rb:15:in `cleanup_view_runtime'
  actionpack (3.2.14) lib/action_controller/metal/instrumentation.rb:39:in `render'
  actionpack (3.2.14) lib/action_controller/metal/implicit_render.rb:10:in `default_render'
  actionpack (3.2.14) lib/action_controller/metal/responder.rb:232:in `default_render'
  actionpack (3.2.14) lib/action_controller/metal/responder.rb:160:in `to_html'
  actionpack (3.2.14) lib/action_controller/metal/responder.rb:153:in `respond'
  actionpack (3.2.14) lib/action_controller/metal/responder.rb:146:in `call'
  actionpack (3.2.14) lib/action_controller/metal/mime_responds.rb:239:in `respond_with'
  devise (2.2.4) app/controllers/devise/registrations_controller.rb:8:in `new'
  actionpack (3.2.14) lib/action_controller/metal/implicit_render.rb:4:in `send_action'
  actionpack (3.2.14) lib/abstract_controller/base.rb:167:in `process_action'
  actionpack (3.2.14) lib/action_controller/metal/rendering.rb:10:in `process_action'
  actionpack (3.2.14) lib/abstract_controller/callbacks.rb:18:in `block in process_action'
  activesupport (3.2.14) lib/active_support/callbacks.rb:458:in `_run__4260784046091546156__process_action__2728319539667779699__callbacks'
  activesupport (3.2.14) lib/active_support/callbacks.rb:405:in `__run_callback'
  activesupport (3.2.14) lib/active_support/callbacks.rb:385:in `_run_process_action_callbacks'
  activesupport (3.2.14) lib/active_support/callbacks.rb:81:in `run_callbacks'
  actionpack (3.2.14) lib/abstract_controller/callbacks.rb:17:in `process_action'
  actionpack (3.2.14) lib/action_controller/metal/rescue.rb:29:in `process_action'
  actionpack (3.2.14) lib/action_controller/metal/instrumentation.rb:30:in `block in process_action'
  activesupport (3.2.14) lib/active_support/notifications.rb:123:in `block in instrument'
  activesupport (3.2.14) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
  activesupport (3.2.14) lib/active_support/notifications.rb:123:in `instrument'
  actionpack (3.2.14) lib/action_controller/metal/instrumentation.rb:29:in `process_action'
  actionpack (3.2.14) lib/action_controller/metal/params_wrapper.rb:207:in `process_action'
  activerecord (3.2.14) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
  newrelic_rpm (3.6.7.159) lib/new_relic/agent/instrumentation/rails3/action_controller.rb:38:in `block in process_action'
  newrelic_rpm (3.6.7.159) lib/new_relic/agent/instrumentation/controller_instrumentation.rb:324:in `perform_action_with_newrelic_trace'
  newrelic_rpm (3.6.7.159) lib/new_relic/agent/instrumentation/rails3/action_controller.rb:37:in `process_action'
  actionpack (3.2.14) lib/abstract_controller/base.rb:121:in `process'
  actionpack (3.2.14) lib/abstract_controller/rendering.rb:45:in `process'
  actionpack (3.2.14) lib/action_controller/metal.rb:203:in `dispatch'
  actionpack (3.2.14) lib/action_controller/metal/rack_delegation.rb:14:in `dispatch'
  actionpack (3.2.14) lib/action_controller/metal.rb:246:in `block in action'
  actionpack (3.2.14) lib/action_dispatch/routing/route_set.rb:73:in `dispatch'
  actionpack (3.2.14) lib/action_dispatch/routing/route_set.rb:36:in `call'
  actionpack (3.2.14) lib/action_dispatch/routing/mapper.rb:43:in `call'
  journey (1.0.4) lib/journey/router.rb:68:in `block in call'
  journey (1.0.4) lib/journey/router.rb:56:in `call'
  actionpack (3.2.14) lib/action_dispatch/routing/route_set.rb:608:in `call'
  omniauth (1.1.4) lib/omniauth/strategy.rb:184:in `call!'
  omniauth (1.1.4) lib/omniauth/strategy.rb:164:in `call'
  omniauth (1.1.4) lib/omniauth/strategy.rb:184:in `call!'
  omniauth (1.1.4) lib/omniauth/strategy.rb:164:in `call'
  omniauth (1.1.4) lib/omniauth/strategy.rb:184:in `call!'
  omniauth (1.1.4) lib/omniauth/strategy.rb:164:in `call'
  newrelic_rpm (3.6.7.159) lib/new_relic/rack/error_collector.rb:43:in `call'
  newrelic_rpm (3.6.7.159) lib/new_relic/rack/agent_hooks.rb:22:in `call'
  newrelic_rpm (3.6.7.159) lib/new_relic/rack/browser_monitoring.rb:16:in `call'
  newrelic_rpm (3.6.7.159) lib/new_relic/rack/developer_mode.rb:28:in `call'
  warden (1.2.3) lib/warden/manager.rb:35:in `block in call'
  warden (1.2.3) lib/warden/manager.rb:34:in `call'
  actionpack (3.2.14) lib/action_dispatch/middleware/best_standards_support.rb:17:in `call'
  rack (1.4.5) lib/rack/etag.rb:23:in `call'
  rack (1.4.5) lib/rack/conditionalget.rb:25:in `call'
  actionpack (3.2.14) lib/action_dispatch/middleware/head.rb:14:in `call'
  actionpack (3.2.14) lib/action_dispatch/middleware/params_parser.rb:21:in `call'
  actionpack (3.2.14) lib/action_dispatch/middleware/flash.rb:242:in `call'
  rack (1.4.5) lib/rack/session/abstract/id.rb:210:in `context'
  rack (1.4.5) lib/rack/session/abstract/id.rb:205:in `call'
  actionpack (3.2.14) lib/action_dispatch/middleware/cookies.rb:341:in `call'
  activerecord (3.2.14) lib/active_record/query_cache.rb:64:in `call'
  activerecord (3.2.14) lib/active_record/connection_adapters/abstract/connection_pool.rb:479:in `call'
  actionpack (3.2.14) lib/action_dispatch/middleware/callbacks.rb:28:in `block in call'
  activesupport (3.2.14) lib/active_support/callbacks.rb:405:in `_run__240951390623089305__call__1109229001885598089__callbacks'
  activesupport (3.2.14) lib/active_support/callbacks.rb:405:in `__run_callback'
  activesupport (3.2.14) lib/active_support/callbacks.rb:385:in `_run_call_callbacks'
  activesupport (3.2.14) lib/active_support/callbacks.rb:81:in `run_callbacks'
  actionpack (3.2.14) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
  actionpack (3.2.14) lib/action_dispatch/middleware/reloader.rb:65:in `call'
  actionpack (3.2.14) lib/action_dispatch/middleware/remote_ip.rb:31:in `call'
  better_errors (0.9.0) lib/better_errors/middleware.rb:84:in `protected_app_call'
  better_errors (0.9.0) lib/better_errors/middleware.rb:79:in `better_errors_call'
  better_errors (0.9.0) lib/better_errors/middleware.rb:56:in `call'
  actionpack (3.2.14) lib/action_dispatch/middleware/debug_exceptions.rb:16:in `call'
  actionpack (3.2.14) lib/action_dispatch/middleware/show_exceptions.rb:56:in `call'
  railties (3.2.14) lib/rails/rack/logger.rb:32:in `call_app'
  railties (3.2.14) lib/rails/rack/logger.rb:16:in `block in call'
  activesupport (3.2.14) lib/active_support/tagged_logging.rb:22:in `tagged'
  railties (3.2.14) lib/rails/rack/logger.rb:16:in `call'
  actionpack (3.2.14) lib/action_dispatch/middleware/request_id.rb:22:in `call'
  rack (1.4.5) lib/rack/methodoverride.rb:21:in `call'
  rack (1.4.5) lib/rack/runtime.rb:17:in `call'
  activesupport (3.2.14) lib/active_support/cache/strategy/local_cache.rb:72:in `call'
  rack (1.4.5) lib/rack/lock.rb:15:in `call'
  actionpack (3.2.14) lib/action_dispatch/middleware/static.rb:63:in `call'
  railties (3.2.14) lib/rails/engine.rb:484:in `call'
  railties (3.2.14) lib/rails/application.rb:231:in `call'
  rack (1.4.5) lib/rack/content_length.rb:14:in `call'
  railties (3.2.14) lib/rails/rack/log_tailer.rb:17:in `call'
  rack (1.4.5) lib/rack/handler/webrick.rb:59:in `service'
  /usr/local/rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/webrick/httpserver.rb:138:in `service'
  /usr/local/rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/webrick/httpserver.rb:94:in `run'
  /usr/local/rvm/rubies/ruby-2.0.0-p0/lib/ruby/2.0.0/webrick/server.rb:295:in `block in start_thread'

Please help me out here.. I have a project due today..
Really need some help.
Thank you.

cannot upgrade Faraday due to omniauth-stripe-connect dependancies

I need to upgrade Faraday from 0.12.2 to the most recent stable version: 0.17.1

When I try to update my Gemfile, I'm getting blocked because omiauth-stripe-connect has a version limit from a couple downstream dependencies:

 omniauth-stripe-connect was resolved to 2.10.1, which depends on
      omniauth-oauth2 (~> 1.4) was resolved to 1.5.0, which depends on
        oauth2 (~> 1.1) was resolved to 1.4.0, which depends on
          faraday (>= 0.8, < 0.13)

omniauto-oauth2 is on 1.6.0
oauth2 has a new version with a relaxed Faraday dependency.

Can you please update your dependencies so we can move past Faraday version 0.13?

omniauth.auth returns nil

I'm trying to use this without devise:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :stripe_connect, ENV['STRIPE_CONNECT_CLIENT_ID'], ENV['STRIPE_SECRET_KEY']
end

I see omniauth.state and omniauth.params in request.env. but not omniauth.auth

, "omniauth.params"=>{}, "omniauth.state"=>"ae5fc60ff06b7a63e92064568bb29fd05d8951df67b341e1"},

Debugging the strategy, it does not appear this code ever gets called:

      def build_access_token
        verifier = request.params['code']
        client.auth_code.get_token(verifier, token_params)
      end

Any thoughts?

_method param being sent to Stripe Connect

Hi,

I'm not sure if this is a problem caused by omniauth-stripe-connect, but I'm not sure where else to put it.

To fix CVE-2015-9284 I have upgraded my OmniAuth version to v1.9.0 and installed omniauth-rails_csrf_protection. I then update my view to add method: :post:

<%= link_to 'Connect with Stripe', user_stripe_connect_omniauth_authorize_path, class: 'ui secondary button' %>

<%= link_to 'Connect with Stripe', user_stripe_connect_omniauth_authorize_path, class: 'ui secondary button', method: :post %>

When clicking this link, I redirects to the URL https://connect.stripe.com/oauth/authorize?_method=post&authenticity_token=...&client_id=ca_...&response_type=code&scope=read_write&state=...

Notice that the URL contains _method=post. Stripe rejects the authentication request with an "The user denied your request" error. If I remove the _method=post from the URL it works fine.

Rails log:

Started POST "/users/auth/stripe_connect" for 127.0.0.1 at 2019-10-08 11:51:29 +1300
I, [2019-10-08T11:51:29.226410 #90294]  INFO -- omniauth: (stripe_connect) Request phase initiated.
Started GET "/users/auth/stripe_connect/callback?state=740b4e6b0a76265b85ebbdf5999febce6b3ead21e761ae07&error=access_denied&error_description=The+user+denied+your+request" for 127.0.0.1 at 2019-10-08 11:51:30 +1300
I, [2019-10-08T11:51:30.057010 #90294]  INFO -- omniauth: (stripe_connect) Callback phase initiated.
E, [2019-10-08T11:51:30.057657 #90294] ERROR -- omniauth: (stripe_connect) Authentication failure! access_denied: OmniAuth::Strategies::OAuth2::CallbackError, access_denied | The user denied your request
Processing by OmniauthCallbacksController#failure as HTML
  Parameters: {"state"=>"740b4e6b0a76265b85ebbdf5999febce6b3ead21e761ae07", "error"=>"access_denied", "error_description"=>"The user denied your request"}
  User Load (0.4ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = $1 ORDER BY "users"."id" ASC LIMIT $2  [["id", 7], ["LIMIT", 1]]
  ↳ app/controllers/application_controller.rb:170
Redirected to http://localhost:3000/users/sign_in
Completed 302 Found in 2ms (ActiveRecord: 0.4ms)

The _method=post is being passed from the controller through the Stripe as the link_to helper produces this HTML <a class="ui secondary button" rel="nofollow" data-method="post" href="/users/auth/stripe_connect">Connect with Stripe</a>.

I can't use the button_to approach as the link is inside another form, but this does work if I put it outside the form.

Any ideas? I have searched for whitelisting or blacklisting parameters in omniauth and omniauth-stripe-connect but haven't come up with anything

Bundler could not find compatible versions for gem "faraday"

Hello,

I am adding Stripe Connect to my app. I added gem 'omniauth-stripe-connect', '~> 2.10.0' to my Gemfile. When I run bundle install I get this:

Bundler could not find compatible versions for gem "faraday": In snapshot (Gemfile.lock): faraday (= 0.15.3)

In Gemfile: omniauth-stripe-connect (~> 2.10.0) was resolved to 2.10.1, which depends on omniauth-oauth2 (~> 1.4) was resolved to 1.4.0, which depends on oauth2 (~> 1.0) was resolved to 1.2.0, which depends on faraday (< 0.10, >= 0.8)

stripe (~> 3.0.0) was resolved to 3.0.3, which depends on faraday (~> 0.9)

Running bundle update will rebuild your snapshot from scratch, using only the gems in your Gemfile, which may resolve the conflict.

Please see my Stackoverflow question here: https://stackoverflow.com/questions/52681982/faraday-gem-preventing-omniauth-stripe-connect-from-installing

Could you advise on how to resolve this?

multiple stripe account

hi,

on our plateform, we deal with multiple stripe account. we also use devise.

I saw :
config.omniauth :stripe_connect, "STRIPE_CONNECT_CLIENT_ID", "STRIPE_SECRET"

Is it possible to set the "STRIPE_CONNECT_CLIENT_ID" and "STRIPE_SECRET" dynamically for each request ?

thanks

refresh_token is no where to be found

I need the refresh token to generate test keys for users but it's no where to be found in the raw data? https://stripe.com/docs/connect/oauth#test-keys-for-livemode-applications

undefined method `provider' for nil:NilClass

I have followed every step in the recommended tutorial (linked in the documentation of this gem) here. Whenever I click the button I created to send a user to Stripe to get their stripe info and update the database, I get an error. I am clicking the button while logged in as a user, and I have all the fields in my database.

undefined method 'provider' for nil:NilClass
Specifically, this line:

provider: request.env["omniauth.auth"].provider,
initializers/devise.rb

config.omniauth :stripe_connect,
   ENV['STRIPE_CONNECT_CLIENT_ID'],
   ENV['STRIPE_SECRET_KEY'],
   :scope => 'read_write',
   :stripe_landing => 'register'

I have these in my .env file.

routes.rb

devise_for :users, :controllers => { :omniauth_callbacks => "omniauth_callbacks" }
omniauth_callback_controller.rb

class OmniauthCallbacksController < Devise::OmniauthCallbacksController

  def stripe_connect
    @user = current_user
    if @user.update_attributes({
      provider: request.env["omniauth.auth"].provider,
      uid: request.env["omniauth.auth"].uid,
      access_code: request.env["omniauth.auth"].credentials.token,
      publishable_key: request.env["omniauth.auth"].info.stripe_publishable_key
    })
      # anything else you need to do in response..
      sign_in_and_redirect @user, :event => :authentication
      set_flash_message(:notice, :success, :kind => "Stripe") if is_navigational_format?
    else
      session["devise.stripe_connect_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end

  def failure
    # If we do get failures we should probably handle them more explicitly than just rerouting to root. To review in the future with colo
    redirect_to root_path
  end
end

and the button in the view:

<%= link_to image_tag('icons/blue-on-light.png'), user_stripe_connect_omniauth_callback_path(:stripe_connect) %>
schema.rb

create_table "users", force: :cascade do |t|
  ...
  t.string   "uid"
  t.string   "provider"
  t.string   "access_code"
  t.string   "publishable_key"
end

How to use the `state` parameter

Hi there

I am looking for the state parameter when I get a request in my omniauth Rails controller, but cannot such a thing.

Here is a reference to the Stripe Connect documentation in which they mention that this parameter can passed during the authorization process:
https://stripe.com/docs/connect/oauth-reference#get-authorize

How can I find that parameter?

Thanks!

upgrade from 2.9.0 to 2.10.0 leads to `invalid_redirect_uri` error

We recently upgraded from 2.9.0 to 2.10.0. Upon upgrading we experienced the below invalid_redirect_uri error that we did not see before the upgrade.

This version bump seems to only bump transitive dependencies. Is there any updated config needed to make the new version work properly?

{
  "error": "invalid_redirect_uri",
  "error_description": "Invalid redirect URI 'https://mydomain.com/callback'. Ensure this uri exactly matches one of the uris specified in your application settings",
  "state": "state-field-foo"
}

Thanks!

support for deauthorization?

Hi, great gem. I was wondering whether there's built in support for deauthorizing a user. Sort of a stripe_disconnect feature.

Thanks.

Pass params through to callback

I need to pass a param in the initial authorization url that will get passed through to the callback. Right now, I am simply hijacking the status param, as it gets returned by default in the callback url. Any advice on how to achieve this?

Support latest version of omniauth-oauth2

The latest version 1.4.0

"Test OAuth Flow" from Stripe Management Panel doesn't work

Isaac -

I'm trying to integrate Stripe Connect into my Spree-based ecommerce store (pretty standard user auth built on Omniauth/Devise).

I'm trying to test the flow from Stripe's Account (https://dashboard.stripe.com/account/applications/settings) - hitting "Test The OAuth Flow" and I consistently get this error:

{
"error": "invalid_grant",
"error_description": "This authorization code has already been used. All tokens issued with this code have been revoked."
}

Gist of my implementation of the readme: https://gist.github.com/isparling/77c31164eb3c375adb34

Is there a known issue with testing the flow from Stripe's management panel? How would you suggest I test the flow against my dev machine?

Thanks,

Isaac

User is nil after call back

when the user is coming back from stripe, @user is nil. Thus triggering the else in the if statement in my omniauth_callbacks_controller.rb.

class OmniauthCallbacksController < ApplicationController
  def stripe_connect
    p @user
    @user = current_user
    if @user.update_attributes({
      provider: request.env["omniauth.auth"].provider,
      uid: request.env["omniauth.auth"].uid,
      access_code: request.env["omniauth.auth"].credentials.token,
      publishable_key: request.env["omniauth.auth"].info.stripe_publishable_key
    })
      # anything else you need to do in response..
      sign_in_and_redirect @user, :event => :authentication
      set_flash_message(:notice, :success, :kind => "Stripe") if is_navigational_format?
    else
      session["devise.stripe_connect_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end

end

How do I pass @ user to stripe so I can get it returned?

invalid_client: No authentication credentials were provided.

Hi Isaac, now the auth works, but the problem is on the token retrieve part because there isn't the header param for the auth:

Error:

invalid_client: No authentication credentials were provided. Send your secret API key in the Authorization header using the Bearer authentication method
{
"error_description": "No authentication credentials were provided. Send your secret API key in the Authorization header using the Bearer authentication method",
"error": "invalid_client"
}

Email is coming through as nil

When I test the oauth flow, the returned data always contains email: nil even though I have a verified email on my Stripe test account.

Other data in the OmniAuth::AuthHash is as expected e.g. account name, account id, publishable and secret keys are all correct.

Not sure if this is a peculiarity of testing mode or if Stripe stopped sending email as part of the response?

error/solved: This authorization code has already been used

First off - Thank you for the gem - fantastic!

error/solved

When following your exact instructions I receive an error

"Could not authenticate you from StripeConnect because "Invalid credentials"."

With the log files (below), I noticed a two consecutive calls:

omniauth: (stripe_connect) Callback phase initiated.
omniauth: (stripe_connect) Callback phase initiated.

To solve this I removed from the OmniAuth::Builder from initializer omniauth.rb:

Rails.application.config.middleware.use OmniAuth::Builder do
provider :stripe_connect, CONFIG[:stripe_connect_client_id], CONFIG[:stripe_secret_key]
end

Worked - Weird.

Rails 4.2 - Ruby 2.0 - Devise 3.2.4

GEMFILE:

gem 'devise'
gem 'oauth2'
gem 'omniauth-stripe-connect'
gem 'stripe'
gem 'stripe_event'

So maybe the other gems are causing the conflict.

Again removing the omniauth.rb file solved the double callback problem. Weird.

Again, thank you for this gem - really really helped.

To Your Success!

Mark

P.S. as a sidenote - in your readme.md at the top if you could clarify the steps prior adding this gem: devise with :omniauthable set on the User model.

Helpful to me was: Railscasts

Stripe
http://railscasts.com/episodes/288-billing-with-stripe

Devise with Omniauth
http://railscasts.com/episodes/235-devise-and-omniauth-revised

YAML for security
http://railscasts.com/episodes/85-yaml-configuration-revised

LOG FILES:

Started GET "/users/auth/stripe_connect/callback?state=302f09d9d25d25e4a100947957999687521145fa3e6ea696&scope=read_only&code=ac_4xdmF7OS0XP1yk8VkOIal9b46vc1STGg" for 127.0.0.1 at 2014-10-15 06:31:13 +0300
I, [2014-10-15T06:31:13.569651 #1924] INFO -- omniauth: (stripe_connect) Callback phase initiated.
I, [2014-10-15T06:31:14.799390 #1924] INFO -- omniauth: (stripe_connect) Callback phase initiated.
E, [2014-10-15T06:31:15.966771 #1924] ERROR -- omniauth: (stripe_connect) Authentication failure! invalid_credentials: OAuth2::Error, invalid_grant: This authorization code has already been used. All tokens issued with this code have been revoked.
{
"error": "invalid_grant",
"error_description": "This authorization code has already been used. All tokens issued with this code have been revoked."
}

Release new gem version for Omniauth v2 support

It seems like omniauth support has been merged for a while now (see #65 and #64). It would be good to release a new version of the gem so that other gems and projects that depend on this can update to newer versions of omniauth.

This will allow others to mitigate this CVE for the omniauth gem

Authentication failure - invalid_client: No such API key: Bearer

Every time I try to connect to the Stripe Connect API I get this failure in authentication, 'redirecting' me to the failure method of the Omniauth callback controller :

E, [2018-05-28T13:41:50.435158 #58778] ERROR -- omniauth: (stripe_connect) Authentication failure! invalid_credentials: OAuth2::Error, invalid_client: No such API key: Bearer
{
  "error": "invalid_client",
  "error_description": "No such API key: Bearer"
}

I found in the doc that an error of invalid_client meant either one of these :
https://stripe.com/docs/connect/oauth-reference#post-deauthorize-error-codes

client_id does not belong to you
stripe_user_id does not exist or is not connect to your application
API key mode (live or test mode) does not match the client_id mode

But i doubled checked and it's none of these.

Does anyone has an idea ?

redirect_uri - Stripe API changes.

Received this email below from [email protected].

I removed the redirect_uri from the request_phase method on my fork but am unsure if this will break other OAuth stuff.

Feel free to ignore this if it is not applicable.

Hello,

Just a heads up that we're making a change to Stripe Connect that may affect your application.

It looks like your Stripe Connect integration is sending a redirect_uri parameter to the Connect authorize endpoint (https://connect.stripe.com/oauth/authorize). This currently is not a valid parameter.

We'll soon be adding redirect_uri functionality to Stripe Connect. The parameter value you are sending won't pass validation and would break your current integration. We currently just ignore it but are now deprecating this behavior.

The easiest thing to do to make sure that your application won't be affected is to remove redirect_uri from your request to the Stripe Connect authorize endpoint. We will start returning an error on invalid redirect_uri parameters in 30 days (September 30, 2013).

If you have any questions, please feel free to reply back and I'll be happy to help.

Thanks,
Andrew

Uploaded Stripe app to Heroku now i get error omniauth: (stripe_connect) Authentication failure! invalid_credentials: OAuth2::Error, invalid_client: No such API key: Bearer

i tested my app locally and works fine, but then i deployed it to Heroku and no im running into issues.
i get this error after i skip the form for redirection:
ERROR -- omniauth: (stripe_connect) Authentication failure! invalid_credentials: OAuth2::Error, <invalid_client: No such API key: Bearer 2015-08-14T07:37:34.345409+00:00 app[web.1]: { 2015-08-14T07:37:34.345425+00:00 app[web.1]: "error": "invalid_client", 2015-08-14T07:37:34.345427+00:00 app[web.1]: "error_description": "No such API key: Bearer">

This is what my files look like

using gem figaro for handling the keys.

application.yml:
<STRIPE_SECRET: sk_test_*************** STRIPE_CONNECT_CLIENT_ID: ca_**************>

omniauth.rb:

<Rails.application.config.middleware.use OmniAuth::Builder do provider :stripe_connect, ENV['STRIPE_CONNECT_CLIENT_ID'], ENV['STRIPE_SECRET'] end>

secrets.yml:
<STRIPE_SECRET: sk_test_*************** STRIPE_CONNECT_CLIENT_ID: ca_**************>

Incompatible with other omniauth solutions since version 2.10.0

Because this gem now depends on the newest version of the omniauth-oauth2 gem (1.4), it raises an incompatibility issue if used together with other common omniauth authentication solutions like omniauth-facebook.

Source:

Bundler could not find compatible versions for gem "omniauth-oauth2":
In Gemfile:
omniauth-facebook (~> 4.0) was resolved to 4.0.0, which depends on
omniauth-oauth2 (~> 1.2)

omniauth-google-oauth2 (~> 0.4.1) was resolved to 0.4.1, which depends on
omniauth-oauth2 (>= 1.3.1)
   
omniauth-slack (~> 2.3) was resolved to 2.3.0, which depends on
omniauth-oauth2 (~> 1.3.1)
   
omniauth-stripe-connect (~> 2.9) was resolved to 2.10.0, which depends on
omniauth-oauth2 (~> 1.4)

Failed to install gems via Bundler.

OAuth based requests must use card tokens from Stripe.js, but card details were directly provided.

I am getting that error when I enable Stripe Connect and trying to create customer.