* * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ // Put here all includes required by your class file require_once DOL_DOCUMENT_ROOT.'/core/class/commonobject.class.php'; require_once DOL_DOCUMENT_ROOT.'/societe/class/societe.class.php'; require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php'; require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'; require_once DOL_DOCUMENT_ROOT.'/stripe/config.php'; // This set stripe global env /** * Stripe class */ class Stripe extends CommonObject { /** * @var int ID */ public $rowid; /** * @var int Thirdparty ID */ public $fk_soc; /** * @var int ID */ public $fk_key; /** * @var int ID */ public $id; public $mode; /** * @var int Entity */ public $entity; public $statut; public $type; public $code; public $declinecode; /** * @var string Message */ public $message; /** * Constructor * * @param DoliDB $db Database handler */ public function __construct($db) { $this->db = $db; } /** * Return main company OAuth Connect stripe account * * @param string $mode 'StripeTest' or 'StripeLive' * @param int $fk_soc Id of thirdparty * @param int $entity Id of entity (-1 = current environment) * @return string Stripe account 'acc_....' or '' if no OAuth token found */ public function getStripeAccount($mode = 'StripeTest', $fk_soc = 0, $entity = -1) { global $conf; $key = ''; if ($entity < 0) { $entity = $conf->entity; } $sql = "SELECT tokenstring"; $sql .= " FROM ".MAIN_DB_PREFIX."oauth_token"; $sql .= " WHERE service = '".$this->db->escape($mode)."'"; $sql .= " AND entity = ".((int) $entity); if ($fk_soc > 0) { $sql .= " AND fk_soc = ".((int) $fk_soc); } else { $sql .= " AND fk_soc IS NULL"; } $sql .= " AND fk_user IS NULL AND fk_adherent IS NULL"; dol_syslog(get_class($this)."::getStripeAccount", LOG_DEBUG); $result = $this->db->query($sql); if ($result) { if ($this->db->num_rows($result)) { $obj = $this->db->fetch_object($result); $tokenstring = $obj->tokenstring; $tmparray = json_decode($tokenstring); $key = $tmparray->stripe_user_id; } else { $tokenstring = ''; } } else { dol_print_error($this->db); } dol_syslog("No dedicated Stripe Connect account available for entity ".$conf->entity); return $key; } /** * getStripeCustomerAccount * * @param int $id Id of third party * @param int $status Status * @param string $site_account Value to use to identify with account to use on site when site can offer several accounts. For example: 'pk_live_123456' when using Stripe service. * @return string Stripe customer ref 'cu_xxxxxxxxxxxxx' or '' */ public function getStripeCustomerAccount($id, $status = 0, $site_account = '') { include_once DOL_DOCUMENT_ROOT.'/societe/class/societeaccount.class.php'; $societeaccount = new SocieteAccount($this->db); return $societeaccount->getCustomerAccount($id, 'stripe', $status, $site_account); // Get thirdparty cus_... } /** * Get the Stripe customer of a thirdparty (with option to create it in Stripe if not linked yet). * Search on site_account = 0 or = $stripearrayofkeysbyenv[$status]['publishable_key'] * * @param Societe $object Object thirdparty to check, or create on stripe (create on stripe also update the stripe_account table for current entity) * @param string $key ''=Use common API. If not '', it is the Stripe connect account 'acc_....' to use Stripe connect * @param int $status Status (0=test, 1=live) * @param int $createifnotlinkedtostripe 1=Create the stripe customer and the link if the thirdparty is not yet linked to a stripe customer * @return \Stripe\StripeCustomer|null Stripe Customer or null if not found */ public function customerStripe(Societe $object, $key = '', $status = 0, $createifnotlinkedtostripe = 0) { global $conf, $user; if (empty($object->id)) { dol_syslog("customerStripe is called with the parameter object that is not loaded"); return null; } $customer = null; // Force to use the correct API key global $stripearrayofkeysbyenv; \Stripe\Stripe::setApiKey($stripearrayofkeysbyenv[$status]['secret_key']); $sql = "SELECT sa.key_account as key_account, sa.entity"; // key_account is cus_.... $sql .= " FROM ".MAIN_DB_PREFIX."societe_account as sa"; $sql .= " WHERE sa.fk_soc = ".((int) $object->id); $sql .= " AND sa.entity IN (".getEntity('societe').")"; $sql .= " AND sa.site = 'stripe' AND sa.status = ".((int) $status); $sql .= " AND (sa.site_account IS NULL OR sa.site_account = '' OR sa.site_account = '".$this->db->escape($stripearrayofkeysbyenv[$status]['publishable_key'])."')"; $sql .= " AND sa.key_account IS NOT NULL AND sa.key_account <> ''"; dol_syslog(get_class($this)."::customerStripe search stripe customer id for thirdparty id=".$object->id, LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $num = $this->db->num_rows($resql); if ($num) { $obj = $this->db->fetch_object($resql); $tiers = $obj->key_account; dol_syslog(get_class($this)."::customerStripe found stripe customer key_account = ".$tiers.". We will try to read it on Stripe with publishable_key = ".$stripearrayofkeysbyenv[$status]['publishable_key']); try { if (empty($key)) { // If the Stripe connect account not set, we use common API usage //$customer = \Stripe\Customer::retrieve("$tiers"); $customer = \Stripe\Customer::retrieve(array('id'=>"$tiers", 'expand[]'=>'sources')); } else { //$customer = \Stripe\Customer::retrieve("$tiers", array("stripe_account" => $key)); $customer = \Stripe\Customer::retrieve(array('id'=>"$tiers", 'expand[]'=>'sources'), array("stripe_account" => $key)); } } catch (Exception $e) { // For exemple, we may have error: 'No such customer: cus_XXXXX; a similar object exists in live mode, but a test mode key was used to make this request.' $this->error = $e->getMessage(); } } elseif ($createifnotlinkedtostripe) { $ipaddress = getUserRemoteIP(); $dataforcustomer = array( "email" => $object->email, "description" => $object->name, "metadata" => array('dol_id'=>$object->id, 'dol_version'=>DOL_VERSION, 'dol_entity'=>$conf->entity, 'ipaddress'=>$ipaddress) ); $vatcleaned = $object->tva_intra ? $object->tva_intra : null; /* $taxinfo = array('type'=>'vat'); if ($vatcleaned) { $taxinfo["tax_id"] = $vatcleaned; } // We force data to "null" if not defined as expected by Stripe if (empty($vatcleaned)) $taxinfo=null; $dataforcustomer["tax_info"] = $taxinfo; */ //$a = \Stripe\Stripe::getApiKey(); //var_dump($a);var_dump($key);exit; try { // Force to use the correct API key global $stripearrayofkeysbyenv; \Stripe\Stripe::setApiKey($stripearrayofkeysbyenv[$status]['secret_key']); if (empty($key)) { // If the Stripe connect account not set, we use common API usage $customer = \Stripe\Customer::create($dataforcustomer); } else { $customer = \Stripe\Customer::create($dataforcustomer, array("stripe_account" => $key)); } // Create the VAT record in Stripe if (!empty($conf->global->STRIPE_SAVE_TAX_IDS)) { // We setup to save Tax info on Stripe side. Warning: This may result in error when saving customer if (!empty($vatcleaned)) { $isineec = isInEEC($object); if ($object->country_code && $isineec) { //$taxids = $customer->allTaxIds($customer->id); $customer->createTaxId($customer->id, array('type'=>'eu_vat', 'value'=>$vatcleaned)); } } } // Create customer in Dolibarr $sql = "INSERT INTO ".MAIN_DB_PREFIX."societe_account (fk_soc, login, key_account, site, site_account, status, entity, date_creation, fk_user_creat)"; $sql .= " VALUES (".((int) $object->id).", '', '".$this->db->escape($customer->id)."', 'stripe', '".$this->db->escape($stripearrayofkeysbyenv[$status]['publishable_key'])."', ".((int) $status).", ".((int) $conf->entity).", '".$this->db->idate(dol_now())."', ".((int) $user->id).")"; $resql = $this->db->query($sql); if (!$resql) { $this->error = $this->db->lasterror(); } } catch (Exception $e) { $this->error = $e->getMessage(); } } } else { dol_print_error($this->db); } return $customer; } /** * Get the Stripe payment method Object from its ID * * @param string $paymentmethod Payment Method ID * @param string $key ''=Use common API. If not '', it is the Stripe connect account 'acc_....' to use Stripe connect * @param int $status Status (0=test, 1=live) * @return \Stripe\PaymentMethod|null Stripe PaymentMethod or null if not found */ public function getPaymentMethodStripe($paymentmethod, $key = '', $status = 0) { $stripepaymentmethod = null; try { // Force to use the correct API key global $stripearrayofkeysbyenv; \Stripe\Stripe::setApiKey($stripearrayofkeysbyenv[$status]['secret_key']); if (empty($key)) { // If the Stripe connect account not set, we use common API usage $stripepaymentmethod = \Stripe\PaymentMethod::retrieve(''.$paymentmethod->id.''); } else { $stripepaymentmethod = \Stripe\PaymentMethod::retrieve(''.$paymentmethod->id.'', array("stripe_account" => $key)); } } catch (Exception $e) { $this->error = $e->getMessage(); } return $stripepaymentmethod; } /** * Get the Stripe payment intent. Create it with confirmnow=false * Warning. If a payment was tried and failed, a payment intent was created. * But if we change something on object to pay (amount or other), reusing same payment intent is not allowed by Stripe. * Recommended solution is to recreate a new payment intent each time we need one (old one will be automatically closed after a delay), * that's why i comment the part of code to retrieve a payment intent with object id (never mind if we cumulate payment intent with old ones that will not be used) * Note: This is used when option STRIPE_USE_INTENT_WITH_AUTOMATIC_CONFIRMATION is on when making a payment from the public/payment/newpayment.php page * but not when using the STRIPE_USE_NEW_CHECKOUT. * * @param double $amount Amount * @param string $currency_code Currency code * @param string $tag Tag * @param string $description Description * @param mixed $object Object to pay with Stripe * @param string $customer Stripe customer ref 'cus_xxxxxxxxxxxxx' via customerStripe() * @param string $key ''=Use common API. If not '', it is the Stripe connect account 'acc_....' to use Stripe connect * @param int $status Status (0=test, 1=live) * @param int $usethirdpartyemailforreceiptemail 1=use thirdparty email for receipt * @param int $mode automatic=automatic confirmation/payment when conditions are ok, manual=need to call confirm() on intent * @param boolean $confirmnow false=default, true=try to confirm immediatly after create (if conditions are ok) * @param string $payment_method 'pm_....' (if known) * @param string $off_session If we use an already known payment method to pay when customer is not available during the checkout flow. * @param string $noidempotency_key Do not use the idempotency_key when creating the PaymentIntent * @return \Stripe\PaymentIntent|null Stripe PaymentIntent or null if not found and failed to create */ public function getPaymentIntent($amount, $currency_code, $tag, $description = '', $object = null, $customer = null, $key = null, $status = 0, $usethirdpartyemailforreceiptemail = 0, $mode = 'automatic', $confirmnow = false, $payment_method = null, $off_session = 0, $noidempotency_key = 1) { global $conf, $user; dol_syslog(get_class($this)."::getPaymentIntent", LOG_INFO, 1); $error = 0; if (empty($status)) { $service = 'StripeTest'; } else { $service = 'StripeLive'; } $arrayzerounitcurrency = array('BIF', 'CLP', 'DJF', 'GNF', 'JPY', 'KMF', 'KRW', 'MGA', 'PYG', 'RWF', 'VND', 'VUV', 'XAF', 'XOF', 'XPF'); if (!in_array($currency_code, $arrayzerounitcurrency)) { $stripeamount = $amount * 100; } else { $stripeamount = $amount; } $fee = $amount * ($conf->global->STRIPE_APPLICATION_FEE_PERCENT / 100) + $conf->global->STRIPE_APPLICATION_FEE; if ($fee >= $conf->global->STRIPE_APPLICATION_FEE_MAXIMAL && $conf->global->STRIPE_APPLICATION_FEE_MAXIMAL > $conf->global->STRIPE_APPLICATION_FEE_MINIMAL) { $fee = $conf->global->STRIPE_APPLICATION_FEE_MAXIMAL; } elseif ($fee < $conf->global->STRIPE_APPLICATION_FEE_MINIMAL) { $fee = $conf->global->STRIPE_APPLICATION_FEE_MINIMAL; } if (!in_array($currency_code, $arrayzerounitcurrency)) { $stripefee = round($fee * 100); } else { $stripefee = round($fee); } $paymentintent = null; if (is_object($object) && !empty($conf->global->STRIPE_REUSE_EXISTING_INTENT_IF_FOUND)) { // Warning. If a payment was tried and failed, a payment intent was created. // But if we change something on object to pay (amount or other that does not change the idempotency key), reusing same payment intent is not allowed by Stripe. // Recommended solution is to recreate a new payment intent each time we need one (old one will be automatically closed by Stripe after a delay), Stripe will // automatically return the existing payment intent if idempotency is provided when we try to create the new one. // That's why we can comment the part of code to retrieve a payment intent with object id (never mind if we cumulate payment intent with old ones that will not be used) $sql = "SELECT pi.ext_payment_id, pi.entity, pi.fk_facture, pi.sourcetype, pi.ext_payment_site"; $sql .= " FROM ".MAIN_DB_PREFIX."prelevement_facture_demande as pi"; $sql .= " WHERE pi.fk_facture = ".((int) $object->id); $sql .= " AND pi.sourcetype = '".$this->db->escape($object->element)."'"; $sql .= " AND pi.entity IN (".getEntity('societe').")"; $sql .= " AND pi.ext_payment_site = '".$this->db->escape($service)."'"; dol_syslog(get_class($this)."::getPaymentIntent search stripe payment intent for object id = ".$object->id, LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $num = $this->db->num_rows($resql); if ($num) { $obj = $this->db->fetch_object($resql); $intent = $obj->ext_payment_id; dol_syslog(get_class($this)."::getPaymentIntent found existing payment intent record"); // Force to use the correct API key global $stripearrayofkeysbyenv; \Stripe\Stripe::setApiKey($stripearrayofkeysbyenv[$status]['secret_key']); try { if (empty($key)) { // If the Stripe connect account not set, we use common API usage $paymentintent = \Stripe\PaymentIntent::retrieve($intent); } else { $paymentintent = \Stripe\PaymentIntent::retrieve($intent, array("stripe_account" => $key)); } } catch (Exception $e) { $error++; $this->error = $e->getMessage(); } } } } if (empty($paymentintent)) { // Try to create intent. See https://stripe.com/docs/api/payment_intents/create $ipaddress = getUserRemoteIP(); $metadata = array('dol_version'=>DOL_VERSION, 'dol_entity'=>$conf->entity, 'ipaddress'=>$ipaddress); if (is_object($object)) { $metadata['dol_type'] = $object->element; $metadata['dol_id'] = $object->id; if (is_object($object->thirdparty) && $object->thirdparty->id > 0) { $metadata['dol_thirdparty_id'] = $object->thirdparty->id; } } // list of payment method types $paymentmethodtypes = array("card"); if (!empty($conf->global->STRIPE_SEPA_DIRECT_DEBIT)) { $paymentmethodtypes[] = "sepa_debit"; //&& ($object->thirdparty->isInEEC()) } if (!empty($conf->global->STRIPE_KLARNA)) { $paymentmethodtypes[] = "klarna"; } if (!empty($conf->global->STRIPE_BANCONTACT)) { $paymentmethodtypes[] = "bancontact"; } if (!empty($conf->global->STRIPE_IDEAL)) { $paymentmethodtypes[] = "ideal"; } if (!empty($conf->global->STRIPE_GIROPAY)) { $paymentmethodtypes[] = "giropay"; } if (!empty($conf->global->STRIPE_SOFORT)) { $paymentmethodtypes[] = "sofort"; } $dataforintent = array( "confirm" => $confirmnow, // Do not confirm immediatly during creation of intent "confirmation_method" => $mode, "amount" => $stripeamount, "currency" => $currency_code, "payment_method_types" => $paymentmethodtypes, "description" => $description, "statement_descriptor_suffix" => dol_trunc($tag, 10, 'right', 'UTF-8', 1), // 22 chars that appears on bank receipt (company + description) //"save_payment_method" => true, "setup_future_usage" => "on_session", "metadata" => $metadata ); if (!is_null($customer)) { $dataforintent["customer"] = $customer; } // payment_method = // payment_method_types = array('card') //var_dump($dataforintent); if ($off_session) { unset($dataforintent['setup_future_usage']); // We can't use both "setup_future_usage" = "off_session" and "off_session" = true. // Because $off_session parameter is dedicated to create paymentintent off_line (and not future payment), we need to use "off_session" = true. //$dataforintent["setup_future_usage"] = "off_session"; $dataforintent["off_session"] = true; } if (!empty($conf->global->STRIPE_GIROPAY)) { unset($dataforintent['setup_future_usage']); } if (!empty($conf->global->STRIPE_KLARNA)) { unset($dataforintent['setup_future_usage']); } if (!is_null($payment_method)) { $dataforintent["payment_method"] = $payment_method; $description .= ' - '.$payment_method; } if ($conf->entity != $conf->global->STRIPECONNECT_PRINCIPAL && $stripefee > 0) { $dataforintent["application_fee_amount"] = $stripefee; } if ($usethirdpartyemailforreceiptemail && is_object($object) && $object->thirdparty->email) { $dataforintent["receipt_email"] = $object->thirdparty->email; } try { // Force to use the correct API key global $stripearrayofkeysbyenv; \Stripe\Stripe::setApiKey($stripearrayofkeysbyenv[$status]['secret_key']); $arrayofoptions = array(); if (empty($noidempotency_key)) { $arrayofoptions["idempotency_key"] = $description; } // Note: If all data for payment intent are same than a previous on, even if we use 'create', Stripe will return ID of the old existing payment intent. if (!empty($key)) { // If the Stripe connect account not set, we use common API usage $arrayofoptions["stripe_account"] = $key; } dol_syslog("dataforintent to create paymentintent = ".var_export($dataforintent, true)); $paymentintent = \Stripe\PaymentIntent::create($dataforintent, $arrayofoptions); // Store the payment intent if (is_object($object)) { $paymentintentalreadyexists = 0; // Check that payment intent $paymentintent->id is not already recorded. $sql = "SELECT pi.rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."prelevement_facture_demande as pi"; $sql .= " WHERE pi.entity IN (".getEntity('societe').")"; $sql .= " AND pi.ext_payment_site = '".$this->db->escape($service)."'"; $sql .= " AND pi.ext_payment_id = '".$this->db->escape($paymentintent->id)."'"; dol_syslog(get_class($this)."::getPaymentIntent search if payment intent already in prelevement_facture_demande", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $num = $this->db->num_rows($resql); if ($num) { $obj = $this->db->fetch_object($resql); if ($obj) { $paymentintentalreadyexists++; } } } else { dol_print_error($this->db); } // If not, we create it. if (!$paymentintentalreadyexists) { $now = dol_now(); $sql = "INSERT INTO ".MAIN_DB_PREFIX."prelevement_facture_demande (date_demande, fk_user_demande, ext_payment_id, fk_facture, sourcetype, entity, ext_payment_site, amount)"; $sql .= " VALUES ('".$this->db->idate($now)."', ".((int) $user->id).", '".$this->db->escape($paymentintent->id)."', ".((int) $object->id).", '".$this->db->escape($object->element)."', ".((int) $conf->entity).", '".$this->db->escape($service)."', ".((float) $amount).")"; $resql = $this->db->query($sql); if (!$resql) { $error++; $this->error = $this->db->lasterror(); dol_syslog(get_class($this)."::PaymentIntent failed to insert paymentintent with id=".$paymentintent->id." into database.", LOG_ERR); } } } else { $_SESSION["stripe_payment_intent"] = $paymentintent; } } catch (Stripe\Error\Card $e) { $error++; $this->error = $e->getMessage(); $this->code = $e->getStripeCode(); $this->declinecode = $e->getDeclineCode(); } catch (Exception $e) { //var_dump($dataforintent); //var_dump($description); //var_dump($key); //var_dump($paymentintent); //var_dump($e->getMessage()); //var_dump($e); $error++; $this->error = $e->getMessage(); $this->code = ''; $this->declinecode = ''; } } dol_syslog(get_class($this)."::getPaymentIntent return error=".$error." this->error=".$this->error, LOG_INFO, -1); if (!$error) { return $paymentintent; } else { return null; } } /** * Get the Stripe payment intent. Create it with confirmnow=false * Warning. If a payment was tried and failed, a payment intent was created. * But if we change something on object to pay (amount or other), reusing same payment intent is not allowed. * Recommanded solution is to recreate a new payment intent each time we need one (old one will be automatically closed after a delay), * that's why i comment the part of code to retrieve a payment intent with object id (never mind if we cumulate payment intent with old ones that will not be used) * Note: This is used when option STRIPE_USE_INTENT_WITH_AUTOMATIC_CONFIRMATION is on when making a payment from the public/payment/newpayment.php page * but not when using the STRIPE_USE_NEW_CHECKOUT. * * @param string $description Description * @param Societe $object Object to pay with Stripe * @param string $customer Stripe customer ref 'cus_xxxxxxxxxxxxx' via customerStripe() * @param string $key ''=Use common API. If not '', it is the Stripe connect account 'acc_....' to use Stripe connect * @param int $status Status (0=test, 1=live) * @param int $usethirdpartyemailforreceiptemail 1=use thirdparty email for receipt * @param boolean $confirmnow false=default, true=try to confirm immediatly after create (if conditions are ok) * @return \Stripe\SetupIntent|null Stripe SetupIntent or null if not found and failed to create */ public function getSetupIntent($description, $object, $customer, $key, $status, $usethirdpartyemailforreceiptemail = 0, $confirmnow = false) { global $conf; dol_syslog("getSetupIntent description=".$description.' confirmnow='.$confirmnow, LOG_INFO, 1); $error = 0; if (empty($status)) { $service = 'StripeTest'; } else { $service = 'StripeLive'; } $setupintent = null; if (empty($setupintent)) { $ipaddress = getUserRemoteIP(); $metadata = array('dol_version'=>DOL_VERSION, 'dol_entity'=>$conf->entity, 'ipaddress'=>$ipaddress); if (is_object($object)) { $metadata['dol_type'] = $object->element; $metadata['dol_id'] = $object->id; if (is_object($object->thirdparty) && $object->thirdparty->id > 0) { $metadata['dol_thirdparty_id'] = $object->thirdparty->id; } } // list of payment method types $paymentmethodtypes = array("card"); if (!empty($conf->global->STRIPE_SEPA_DIRECT_DEBIT)) { $paymentmethodtypes[] = "sepa_debit"; //&& ($object->thirdparty->isInEEC()) } if (!empty($conf->global->STRIPE_BANCONTACT)) { $paymentmethodtypes[] = "bancontact"; } if (!empty($conf->global->STRIPE_IDEAL)) { $paymentmethodtypes[] = "ideal"; } // Giropay not possible for setup intent if (!empty($conf->global->STRIPE_SOFORT)) { $paymentmethodtypes[] = "sofort"; } $dataforintent = array( "confirm" => $confirmnow, // Do not confirm immediatly during creation of intent "payment_method_types" => $paymentmethodtypes, "usage" => "off_session", "metadata" => $metadata ); if (!is_null($customer)) { $dataforintent["customer"] = $customer; } if (!is_null($description)) { $dataforintent["description"] = $description; } // payment_method = // payment_method_types = array('card') //var_dump($dataforintent); if ($usethirdpartyemailforreceiptemail && is_object($object) && $object->thirdparty->email) { $dataforintent["receipt_email"] = $object->thirdparty->email; } try { // Force to use the correct API key global $stripearrayofkeysbyenv; \Stripe\Stripe::setApiKey($stripearrayofkeysbyenv[$status]['secret_key']); dol_syslog("getSetupIntent ".$stripearrayofkeysbyenv[$status]['publishable_key'], LOG_DEBUG); // Note: If all data for payment intent are same than a previous on, even if we use 'create', Stripe will return ID of the old existing payment intent. if (empty($key)) { // If the Stripe connect account not set, we use common API usage //$setupintent = \Stripe\SetupIntent::create($dataforintent, array("idempotency_key" => "$description")); $setupintent = \Stripe\SetupIntent::create($dataforintent, array()); } else { //$setupintent = \Stripe\SetupIntent::create($dataforintent, array("idempotency_key" => "$description", "stripe_account" => $key)); $setupintent = \Stripe\SetupIntent::create($dataforintent, array("stripe_account" => $key)); } //var_dump($setupintent->id); // Store the setup intent /*if (is_object($object)) { $setupintentalreadyexists = 0; // Check that payment intent $setupintent->id is not already recorded. $sql = "SELECT pi.rowid"; $sql.= " FROM " . MAIN_DB_PREFIX . "prelevement_facture_demande as pi"; $sql.= " WHERE pi.entity IN (".getEntity('societe').")"; $sql.= " AND pi.ext_payment_site = '" . $this->db->escape($service) . "'"; $sql.= " AND pi.ext_payment_id = '".$this->db->escape($setupintent->id)."'"; dol_syslog(get_class($this) . "::getPaymentIntent search if payment intent already in prelevement_facture_demande", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $num = $this->db->num_rows($resql); if ($num) { $obj = $this->db->fetch_object($resql); if ($obj) $setupintentalreadyexists++; } } else dol_print_error($this->db); // If not, we create it. if (! $setupintentalreadyexists) { $now=dol_now(); $sql = "INSERT INTO " . MAIN_DB_PREFIX . "prelevement_facture_demande (date_demande, fk_user_demande, ext_payment_id, fk_facture, sourcetype, entity, ext_payment_site)"; $sql .= " VALUES ('".$this->db->idate($now)."', ".((int) $user->id).", '".$this->db->escape($setupintent->id)."', ".((int) $object->id).", '".$this->db->escape($object->element)."', " . ((int) $conf->entity) . ", '" . $this->db->escape($service) . "', ".((float) $amount).")"; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); dol_syslog(get_class($this) . "::PaymentIntent failed to insert paymentintent with id=".$setupintent->id." into database."); } } } else { $_SESSION["stripe_setup_intent"] = $setupintent; }*/ } catch (Exception $e) { //var_dump($dataforintent); //var_dump($description); //var_dump($key); //var_dump($setupintent); //var_dump($e->getMessage()); $error++; $this->error = $e->getMessage(); } } if (!$error) { dol_syslog("getSetupIntent ".(is_object($setupintent) ? $setupintent->id : ''), LOG_INFO, -1); return $setupintent; } else { dol_syslog("getSetupIntent return error=".$error, LOG_INFO, -1); return null; } } /** * Get the Stripe card of a company payment mode (option to create it on Stripe if not linked yet is no more available on new Stripe API) * * @param \Stripe\StripeCustomer $cu Object stripe customer. * @param CompanyPaymentMode $object Object companypaymentmode to check, or create on stripe (create on stripe also update the societe_rib table for current entity) * @param string $stripeacc ''=Use common API. If not '', it is the Stripe connect account 'acc_....' to use Stripe connect * @param int $status Status (0=test, 1=live) * @param int $createifnotlinkedtostripe 1=Create the stripe card and the link if the card is not yet linked to a stripe card. Deprecated with new Stripe API and SCA. * @return \Stripe\StripeCard|\Stripe\PaymentMethod|null Stripe Card or null if not found */ public function cardStripe($cu, CompanyPaymentMode $object, $stripeacc = '', $status = 0, $createifnotlinkedtostripe = 0) { global $conf, $user, $langs; $card = null; $sql = "SELECT sa.stripe_card_ref, sa.proprio, sa.exp_date_month, sa.exp_date_year, sa.number, sa.cvn"; // stripe_card_ref is card_.... $sql .= " FROM ".MAIN_DB_PREFIX."societe_rib as sa"; $sql .= " WHERE sa.rowid = ".((int) $object->id); // We get record from ID, no need for filter on entity $sql .= " AND sa.type = 'card'"; dol_syslog(get_class($this)."::fetch search stripe card id for paymentmode id=".$object->id.", stripeacc=".$stripeacc.", status=".$status.", createifnotlinkedtostripe=".$createifnotlinkedtostripe, LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { $num = $this->db->num_rows($resql); if ($num) { $obj = $this->db->fetch_object($resql); $cardref = $obj->stripe_card_ref; dol_syslog(get_class($this)."::cardStripe cardref=".$cardref); if ($cardref) { try { if (empty($stripeacc)) { // If the Stripe connect account not set, we use common API usage if (!preg_match('/^pm_/', $cardref) && !empty($cu->sources)) { $card = $cu->sources->retrieve($cardref); } else { $card = \Stripe\PaymentMethod::retrieve($cardref); } } else { if (!preg_match('/^pm_/', $cardref) && !empty($cu->sources)) { //$card = $cu->sources->retrieve($cardref, array("stripe_account" => $stripeacc)); // this API fails when array stripe_account is provided $card = $cu->sources->retrieve($cardref); } else { //$card = \Stripe\PaymentMethod::retrieve($cardref, array("stripe_account" => $stripeacc)); // Don't know if this works $card = \Stripe\PaymentMethod::retrieve($cardref); } } } catch (Exception $e) { $this->error = $e->getMessage(); dol_syslog($this->error, LOG_WARNING); } } elseif ($createifnotlinkedtostripe) { $exp_date_month = $obj->exp_date_month; $exp_date_year = $obj->exp_date_year; $number = $obj->number; $cvc = $obj->cvn; // cvn in database, cvc for stripe $cardholdername = $obj->proprio; $ipaddress = getUserRemoteIP(); $dataforcard = array( "source" => array('object'=>'card', 'exp_month'=>$exp_date_month, 'exp_year'=>$exp_date_year, 'number'=>$number, 'cvc'=>$cvc, 'name'=>$cardholdername), "metadata" => array('dol_id'=>$object->id, 'dol_version'=>DOL_VERSION, 'dol_entity'=>$conf->entity, 'ipaddress'=>$ipaddress) ); //$a = \Stripe\Stripe::getApiKey(); //var_dump($a); //var_dump($stripeacc);exit; try { if (empty($stripeacc)) { // If the Stripe connect account not set, we use common API usage if (empty($conf->global->STRIPE_USE_INTENT_WITH_AUTOMATIC_CONFIRMATION)) { dol_syslog("Try to create card with dataforcard = ".json_encode($dataforcard)); $card = $cu->sources->create($dataforcard); if (!$card) { $this->error = 'Creation of card on Stripe has failed'; } } else { $connect = ''; if (!empty($stripeacc)) { $connect = $stripeacc.'/'; } $url = 'https://dashboard.stripe.com/'.$connect.'test/customers/'.$cu->id; if ($status) { $url = 'https://dashboard.stripe.com/'.$connect.'customers/'.$cu->id; } $urtoswitchonstripe = ' '.img_picto($langs->trans('ShowInStripe'), 'globe').''; //dol_syslog("Error: This case is not supported", LOG_ERR); $this->error = $langs->trans('CreationOfPaymentModeMustBeDoneFromStripeInterface', $urtoswitchonstripe); } } else { if (empty($conf->global->STRIPE_USE_INTENT_WITH_AUTOMATIC_CONFIRMATION)) { dol_syslog("Try to create card with dataforcard = ".json_encode($dataforcard)); $card = $cu->sources->create($dataforcard, array("stripe_account" => $stripeacc)); if (!$card) { $this->error = 'Creation of card on Stripe has failed'; } } else { $connect = ''; if (!empty($stripeacc)) { $connect = $stripeacc.'/'; } $url = 'https://dashboard.stripe.com/'.$connect.'test/customers/'.$cu->id; if ($status) { $url = 'https://dashboard.stripe.com/'.$connect.'customers/'.$cu->id; } $urtoswitchonstripe = ' '.img_picto($langs->trans('ShowInStripe'), 'globe').''; //dol_syslog("Error: This case is not supported", LOG_ERR); $this->error = $langs->trans('CreationOfPaymentModeMustBeDoneFromStripeInterface', $urtoswitchonstripe); } } if ($card) { $sql = "UPDATE ".MAIN_DB_PREFIX."societe_rib"; $sql .= " SET stripe_card_ref = '".$this->db->escape($card->id)."', card_type = '".$this->db->escape($card->brand)."',"; $sql .= " country_code = '".$this->db->escape($card->country)."',"; $sql .= " approved = ".($card->cvc_check == 'pass' ? 1 : 0); $sql .= " WHERE rowid = ".((int) $object->id); $sql .= " AND type = 'card'"; $resql = $this->db->query($sql); if (!$resql) { $this->error = $this->db->lasterror(); } } } catch (Exception $e) { $this->error = $e->getMessage(); dol_syslog($this->error, LOG_WARNING); } } } } else { dol_print_error($this->db); } return $card; } /** * Create charge. * This is called by page htdocs/stripe/payment.php and may be deprecated. * * @param int $amount Amount to pay * @param string $currency EUR, GPB... * @param string $origin Object type to pay (order, invoice, contract...) * @param int $item Object id to pay * @param string $source src_xxxxx or card_xxxxx or pm_xxxxx * @param string $customer Stripe customer ref 'cus_xxxxxxxxxxxxx' via customerStripe() * @param string $account Stripe account ref 'acc_xxxxxxxxxxxxx' via getStripeAccount() * @param int $status Status (0=test, 1=live) * @param int $usethirdpartyemailforreceiptemail Use thirdparty email as receipt email * @param boolean $capture Set capture flag to true (take payment) or false (wait) * @return Stripe */ public function createPaymentStripe($amount, $currency, $origin, $item, $source, $customer, $account, $status = 0, $usethirdpartyemailforreceiptemail = 0, $capture = true) { global $conf; $error = 0; if (empty($status)) { $service = 'StripeTest'; } else { $service = 'StripeLive'; } $sql = "SELECT sa.key_account as key_account, sa.fk_soc, sa.entity"; $sql .= " FROM ".MAIN_DB_PREFIX."societe_account as sa"; $sql .= " WHERE sa.key_account = '".$this->db->escape($customer)."'"; //$sql.= " AND sa.entity IN (".getEntity('societe').")"; $sql .= " AND sa.site = 'stripe' AND sa.status = ".((int) $status); dol_syslog(get_class($this)."::fetch", LOG_DEBUG); $result = $this->db->query($sql); if ($result) { if ($this->db->num_rows($result)) { $obj = $this->db->fetch_object($result); $key = $obj->fk_soc; } else { $key = null; } } else { $key = null; } $arrayzerounitcurrency = array('BIF', 'CLP', 'DJF', 'GNF', 'JPY', 'KMF', 'KRW', 'MGA', 'PYG', 'RWF', 'VND', 'VUV', 'XAF', 'XOF', 'XPF'); if (!in_array($currency, $arrayzerounitcurrency)) { $stripeamount = $amount * 100; } else { $stripeamount = $amount; } $societe = new Societe($this->db); if ($key > 0) { $societe->fetch($key); } $description = ""; $ref = ""; if ($origin == 'order') { $order = new Commande($this->db); $order->fetch($item); $ref = $order->ref; $description = "ORD=".$ref.".CUS=".$societe->id.".PM=stripe"; } elseif ($origin == 'invoice') { $invoice = new Facture($this->db); $invoice->fetch($item); $ref = $invoice->ref; $description = "INV=".$ref.".CUS=".$societe->id.".PM=stripe"; } $ipaddress = getUserRemoteIP(); $metadata = array( "dol_id" => "".$item."", "dol_type" => "".$origin."", "dol_thirdparty_id" => "".$societe->id."", 'dol_thirdparty_name' => $societe->name, 'dol_version'=>DOL_VERSION, 'dol_entity'=>$conf->entity, 'ipaddress'=>$ipaddress ); $return = new Stripe($this->db); try { // Force to use the correct API key global $stripearrayofkeysbyenv; \Stripe\Stripe::setApiKey($stripearrayofkeysbyenv[$status]['secret_key']); if (empty($conf->stripeconnect->enabled)) { // With a common Stripe account if (preg_match('/pm_/i', $source)) { $stripecard = $source; $amountstripe = $stripeamount; $FULLTAG = 'PFBO'; // Payment From Back Office $stripe = $return; $amounttopay = $amount; $servicestatus = $status; dol_syslog("* createPaymentStripe get stripeacc", LOG_DEBUG); $stripeacc = $stripe->getStripeAccount($service); // Get Stripe OAuth connect account if it exists (no network access here) dol_syslog("* createPaymentStripe Create payment for customer ".$customer->id." on source card ".$stripecard->id.", amounttopay=".$amounttopay.", amountstripe=".$amountstripe.", FULLTAG=".$FULLTAG, LOG_DEBUG); // Create payment intent and charge payment (confirmnow = true) $paymentintent = $stripe->getPaymentIntent($amounttopay, $currency, $FULLTAG, $description, $invoice, $customer->id, $stripeacc, $servicestatus, 0, 'automatic', true, $stripecard->id, 1); $charge = new stdClass(); if ($paymentintent->status == 'succeeded') { $charge->status = 'ok'; } else { $charge->status = 'failed'; $charge->failure_code = $stripe->code; $charge->failure_message = $stripe->error; $charge->failure_declinecode = $stripe->declinecode; $stripefailurecode = $stripe->code; $stripefailuremessage = $stripe->error; $stripefailuredeclinecode = $stripe->declinecode; } } elseif (preg_match('/acct_/i', $source)) { $charge = \Stripe\Charge::create(array( "amount" => "$stripeamount", "currency" => "$currency", "statement_descriptor_suffix" => dol_trunc($description, 10, 'right', 'UTF-8', 1), // 22 chars that appears on bank receipt (company + description) "description" => "Stripe payment: ".$description, "capture" => $capture, "metadata" => $metadata, "source" => "$source" )); } else { $paymentarray = array( "amount" => "$stripeamount", "currency" => "$currency", "statement_descriptor_suffix" => dol_trunc($description, 10, 'right', 'UTF-8', 1), // 22 chars that appears on bank receipt (company + description) "description" => "Stripe payment: ".$description, "capture" => $capture, "metadata" => $metadata, "source" => "$source", "customer" => "$customer" ); if ($societe->email && $usethirdpartyemailforreceiptemail) { $paymentarray["receipt_email"] = $societe->email; } $charge = \Stripe\Charge::create($paymentarray, array("idempotency_key" => "$description")); } } else { // With Stripe Connect $fee = $amount * ($conf->global->STRIPE_APPLICATION_FEE_PERCENT / 100) + $conf->global->STRIPE_APPLICATION_FEE; if ($fee >= $conf->global->STRIPE_APPLICATION_FEE_MAXIMAL && $conf->global->STRIPE_APPLICATION_FEE_MAXIMAL > $conf->global->STRIPE_APPLICATION_FEE_MINIMAL) { $fee = $conf->global->STRIPE_APPLICATION_FEE_MAXIMAL; } elseif ($fee < $conf->global->STRIPE_APPLICATION_FEE_MINIMAL) { $fee = $conf->global->STRIPE_APPLICATION_FEE_MINIMAL; } if (!in_array($currency, $arrayzerounitcurrency)) { $stripefee = round($fee * 100); } else { $stripefee = round($fee); } $paymentarray = array( "amount" => "$stripeamount", "currency" => "$currency", "statement_descriptor_suffix" => dol_trunc($description, 10, 'right', 'UTF-8', 1), // 22 chars that appears on bank receipt (company + description) "description" => "Stripe payment: ".$description, "capture" => $capture, "metadata" => $metadata, "source" => "$source", "customer" => "$customer" ); if ($conf->entity != $conf->global->STRIPECONNECT_PRINCIPAL && $stripefee > 0) { $paymentarray["application_fee_amount"] = $stripefee; } if ($societe->email && $usethirdpartyemailforreceiptemail) { $paymentarray["receipt_email"] = $societe->email; } if (preg_match('/pm_/i', $source)) { $stripecard = $source; $amountstripe = $stripeamount; $FULLTAG = 'PFBO'; // Payment From Back Office $stripe = $return; $amounttopay = $amount; $servicestatus = $status; dol_syslog("* createPaymentStripe get stripeacc", LOG_DEBUG); $stripeacc = $stripe->getStripeAccount($service); // Get Stripe OAuth connect account if it exists (no network access here) dol_syslog("* createPaymentStripe Create payment on card ".$stripecard->id.", amounttopay=".$amounttopay.", amountstripe=".$amountstripe.", FULLTAG=".$FULLTAG, LOG_DEBUG); // Create payment intent and charge payment (confirmnow = true) $paymentintent = $stripe->getPaymentIntent($amounttopay, $currency, $FULLTAG, $description, $invoice, $customer->id, $stripeacc, $servicestatus, 0, 'automatic', true, $stripecard->id, 1); $charge = new stdClass(); if ($paymentintent->status == 'succeeded') { $charge->status = 'ok'; $charge->id = $paymentintent->id; } else { $charge->status = 'failed'; $charge->failure_code = $stripe->code; $charge->failure_message = $stripe->error; $charge->failure_declinecode = $stripe->declinecode; } } else { $charge = \Stripe\Charge::create($paymentarray, array("idempotency_key" => "$description", "stripe_account" => "$account")); } } if (isset($charge->id)) { } $return->statut = 'success'; $return->id = $charge->id; if (preg_match('/pm_/i', $source)) { $return->message = 'Payment retrieved by card status = '.$charge->status; } else { if ($charge->source->type == 'card') { $return->message = $charge->source->card->brand." ....".$charge->source->card->last4; } elseif ($charge->source->type == 'three_d_secure') { $stripe = new Stripe($this->db); $src = \Stripe\Source::retrieve("".$charge->source->three_d_secure->card."", array( "stripe_account" => $stripe->getStripeAccount($service) )); $return->message = $src->card->brand." ....".$src->card->last4; } else { $return->message = $charge->id; } } } catch (\Stripe\Error\Card $e) { include DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; // Since it's a decline, \Stripe\Error\Card will be caught $body = $e->getJsonBody(); $err = $body['error']; $return->statut = 'error'; $return->id = $err['charge']; $return->type = $err['type']; $return->code = $err['code']; $return->message = $err['message']; $body = "Error:
".$return->id." ".$return->message." "; $subject = '[Alert] Payment error using Stripe'; $cmailfile = new CMailFile($subject, $conf->global->ONLINE_PAYMENT_SENDEMAIL, $conf->global->MAIN_INFO_SOCIETE_MAIL, $body); $cmailfile->sendfile(); $error++; dol_syslog($e->getMessage(), LOG_WARNING, 0, '_stripe'); } catch (\Stripe\Error\RateLimit $e) { // Too many requests made to the API too quickly $error++; dol_syslog($e->getMessage(), LOG_WARNING, 0, '_stripe'); } catch (\Stripe\Error\InvalidRequest $e) { // Invalid parameters were supplied to Stripe's API $error++; dol_syslog($e->getMessage(), LOG_WARNING, 0, '_stripe'); } catch (\Stripe\Error\Authentication $e) { // Authentication with Stripe's API failed // (maybe you changed API keys recently) $error++; dol_syslog($e->getMessage(), LOG_WARNING, 0, '_stripe'); } catch (\Stripe\Error\ApiConnection $e) { // Network communication with Stripe failed $error++; dol_syslog($e->getMessage(), LOG_WARNING, 0, '_stripe'); } catch (\Stripe\Error\Base $e) { // Display a very generic error to the user, and maybe send // yourself an email $error++; dol_syslog($e->getMessage(), LOG_WARNING, 0, '_stripe'); } catch (Exception $e) { // Something else happened, completely unrelated to Stripe $error++; dol_syslog($e->getMessage(), LOG_WARNING, 0, '_stripe'); } return $return; } }