I have an ios/Objective C app. I'm using Parse. It's hosted on Heroku.
I'm attempting to integrate Stripe. I have installed the latest Stripe pod and am trying to follow the basic Standard Integration. https://stripe.com/docs/mobile/ios/standard
I'm getting tripped up by the steps involved with "Prepare Your API" and I'm unsure how to use the code provided "To provide an ephemeral key to the SDK, you'll need to expose a new API endpoint on your backend. This endpoint should create an ephemeral key for the current Stripe customer, and return the key's unmodified response as JSON" ...
All the Q&A I can find on how to use stripe with parse seem to predate the use of the ephemeral key and need to create this endpoint. Could you please provide me with more specific information about where the example code you provide (see below) for this goes? Is this something I need to do within the parse dashboard? Heroku? is this part of parse cloud? I vaguely recall from previous times I've played with parse apps several years ago, that there may be a main.js file (or similar) that can be incorporated into the app, but I don't recall where it goes or how to do it.
# Sinatra
post path do
stripe_version = params['api_version']
customer_id = session['customer_id']
key = Stripe::EphemeralKey.create(
{customer: customer_id},
{stripe_version: stripe_version}
)
key.to_json
end
If anyone has recently integrated stripe with a parse app I'd really appreciate guidance on how to do this.
Thanks!
Related
I am just testing an API that allows me to get the price of some cryptocurrencies, I wrote a express app and put it on Heroku. An API key is used, and I was wondering, if I were to make this link public, can someone easily steal the API key from the source or is that inaccessible?
https://obscure-coast-63470.herokuapp.com/acs
This is the link, I wanted to know if a hacker can get my API key from the source.
Thanks for the help.
My aim is to select some text from a web page, start a google chrome extension and give the text to a google cloud api (Natural Language API) in my case.
I want to do some sentimental analysis and then get back the result to mark/ highlight positive sentences in green and negative ones in red.
I am new to this and do not know how to start.
The extension consists of manifest, popup etc. How should I call an API from there that does Natural Language Processing?
Should I create a Google Cloud Application with an API_KEY to call? In that case I would have to upload my credentials right?
Sorry sounds a bit confusing I know but I just don't know how I can bring this 2 things together an would be more than happy about any help
The best way to authenticate your app will depend on the specific needs and use cases of your application. You can see an overview of all the different methods here.
If you are not planning on identifying users nor on using a back end server that handles authenticating (as I assume to be your case), the best option would indeed be to use API keys. They do not identify the user, but are enough for the Natural Language APIs.
To do this you will need to create an API key for the services you want and add the necessary restrictions to make the key as secure as possible. Detailed instructions on how to do this and how to use the key in a url can be found here.
The API call could be made from within the Chrome extension with any JavaScript method capable of performing POST requests. For example using XMLHttpRequest or the Fetch API. You can find an example of the parameters that need to be included in the request here.
You may run into CORS issues when making the request directly from the extension. I recommend reading this answer, where a couple of workarounds for these issues are suggested.
The use case is a frontend application that does not have any backend so normally I would expect to use an api key ( https://cloud.google.com/docs/authentication/api-keys ) but in the complete text to speech documentation ( https://cloud.google.com/text-to-speech/docs/ ) I can't find any information about if (and how) its possible to use api keys for the Cloud Text-to-Speech API.
I don't think its such an uncommon use case to use the text to speech functionality in a standalone frontend (especially with the new WaveNet voices), so I thought I would ask the question here if anyone has some tips where to look for this information or if it's currently really only ment as an API usable in the backend.
If you have the same problem that I am facing right now then I can help you. I have the same issue asked in this question.
If you are using webpage to translate then you have to send your API key in URL of the request. The one way I tried is,
https://texttospeech.googleapis.com/v1beta1/text:synthesize?fields=audioContent&key={Your key goes here}.
I hope this will solve your problem.
A bit of context: I started implementing payment in my project using Stripe, and I started thinking about how to write the tests. After learning a bit about how it should be done and having into account the "don't mock what you don't own" philosophy, I decided to implement a wrapper for stripe API and I now have two kinds of tests: Tests for my application mocking the API wrapper, and tests for the API wrapper (which I don't run as often as the ones for my app). This second tests call stripe for real, so I need to provide a Stripe API Key. And here's where my question comes in.
Question: Should I use my account's test api key for unit testing, or can I use a generic Stripe API key? Being them unit tests, I don't want them to leave any persistent logs to my account, not even on the test dashboard.
Searching in google I found the following api key: tGN0bIwXnHdwOa85VABjPdSn8nWY7G7I and unlike the test api key from my account, it doesn't follow the pattern "pk_test_*", but it does work with stripe and returns correct responses. If you are wondering where did I get that key (and if I should be publishing it), it has been officially published by stripe in blog posts as well as repositories, but I couldn't find any explanation in the documentation or anywhere else, hence this question.
Old Stripe API keys did not follow the [sk|pk]_[test|live]_... pattern. This is such a key.
Honestly though, I would recommend using either your own test API keys, or creating a different account (you can do so with the same email address: https://stripe.com/blog/manage-multiple-accounts). If a test fails, being able to see the log entry in the dashboard will probably be very helpful.
How to get the API key for the authentication purposes for posting the request to get the email previews using Litmus?
There are actually a few different Litmus Preview APIs to cater to different use cases. We're in the process of simplifying this, partly in the hope of making the experience for a new API user a little more obvious.
If you reach out to hello#litmus.com we'll direct you to the appropriate API version and how to obtain your key.