1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
|
# Used for global variables
from stripe import connect_api_base
from stripe._error import AuthenticationError
from stripe._api_requestor import _APIRequestor
from stripe._encode import _api_encode
from urllib.parse import urlencode
from stripe._request_options import RequestOptions
from stripe._stripe_object import StripeObject
from typing import List, cast, Optional
from typing_extensions import Literal, NotRequired, TypedDict, Unpack
class OAuth(object):
class OAuthToken(StripeObject):
access_token: Optional[str]
"""
The access token you can use to make requests on behalf of this Stripe account. Use it as you would any Stripe secret API key.
This key does not expire, but may be revoked by the user at any time (you'll get a account.application.deauthorized webhook event when this happens).
"""
scope: Optional[str]
"""
The scope granted to the access token, depending on the scope of the authorization code and scope parameter.
"""
livemode: Optional[bool]
"""
The live mode indicator for the token. If true, the access_token can be used as a live secret key. If false, the access_token can be used as a test secret key.
Depends on the mode of the secret API key used to make the request.
"""
token_type: Optional[Literal["bearer"]]
"""
Will always have a value of bearer.
"""
refresh_token: Optional[str]
"""
Can be used to get a new access token of an equal or lesser scope, or of a different live mode (where applicable).
"""
stripe_user_id: Optional[str]
"""
The unique id of the account you have been granted access to, as a string.
"""
stripe_publishable_key: Optional[str]
"""
A publishable key that can be used with this account. Matches the mode—live or test—of the token.
"""
class OAuthDeauthorization(StripeObject):
stripe_user_id: str
"""
The unique id of the account you have revoked access to, as a string.
This is the same as the stripe_user_id you passed in.
If this is returned, the revocation was successful.
"""
class OAuthAuthorizeUrlParams(TypedDict):
client_id: NotRequired[str]
"""
The unique identifier provided to your application, found in your application settings.
"""
response_type: NotRequired[Literal["code"]]
"""
The only option at the moment is `'code'`.
"""
redirect_uri: NotRequired[str]
"""
The URL for the authorize response redirect. If provided, this must exactly match one of the comma-separated redirect_uri values in your application settings.
To protect yourself from certain forms of man-in-the-middle attacks, the live mode redirect_uri must use a secure HTTPS connection.
Defaults to the redirect_uri in your application settings if not provided.
"""
scope: NotRequired[str]
"""
read_write or read_only, depending on the level of access you need.
Defaults to read_only.
"""
state: NotRequired[str]
"""
An arbitrary string value we will pass back to you, useful for CSRF protection.
"""
stripe_landing: NotRequired[str]
"""
login or register, depending on what type of screen you want your users to see. Only override this to be login if you expect all your users to have Stripe accounts already (e.g., most read-only applications, like analytics dashboards or accounting software).
Defaults to login for scope read_only and register for scope read_write.
"""
always_prompt: NotRequired[bool]
"""
Boolean to indicate that the user should always be asked to connect, even if they're already connected.
Defaults to false.
"""
suggested_capabilities: NotRequired[List[str]]
"""
Express only
An array of capabilities to apply to the connected account.
"""
stripe_user: NotRequired["OAuth.OAuthAuthorizeUrlParamsStripeUser"]
"""
Stripe will use these to prefill details in the account form for new users.
Some prefilled fields (e.g., URL or product category) may be automatically hidden from the user's view.
Any parameters with invalid values will be silently ignored.
"""
class OAuthAuthorizeUrlParamsStripeUser(TypedDict):
"""
A more detailed explanation of what it means for a field to be
required or optional can be found in our API documentation.
See `Account Creation (Overview)` and `Account Update`
"""
email: NotRequired[str]
"""
Recommended
The user's email address. Must be a valid email format.
"""
url: NotRequired[str]
"""
Recommended
The URL for the user's business. This may be the user's website, a profile page within your application, or another publicly available profile for the business, such as a LinkedIn or Facebook profile.
Must be URL-encoded and include a scheme (http or https).
If you will be prefilling this field, we highly recommend that the linked page contain a description of the user's products or services and their contact information. If we don't have enough information, we'll have to reach out to the user directly before initiating payouts.
"""
country: NotRequired[str]
"""
Two-letter country code (e.g., US or CA).
Must be a country that Stripe currently supports.
"""
phone_number: NotRequired[str]
"""
The business phone number. Must be 10 digits only.
Must also prefill stripe_user[country] with the corresponding country.
"""
business_name: NotRequired[str]
"""
The legal name of the business, also used for the statement descriptor.
"""
business_type: NotRequired[str]
"""
The type of the business.
Must be one of sole_prop, corporation, non_profit, partnership, or llc.
"""
first_name: NotRequired[str]
"""
First name of the person who will be filling out a Stripe application.
"""
last_name: NotRequired[str]
"""
Last name of the person who will be filling out a Stripe application.
"""
dob_day: NotRequired[str]
"""
Day (0-31), month (1-12), and year (YYYY, greater than 1900) for the birth date of the person who will be filling out a Stripe application.
If you choose to pass these parameters, you must pass all three.
"""
dob_month: NotRequired[str]
"""
Day (0-31), month (1-12), and year (YYYY, greater than 1900) for the birth date of the person who will be filling out a Stripe application.
If you choose to pass these parameters, you must pass all three.
"""
dob_year: NotRequired[str]
"""
Day (0-31), month (1-12), and year (YYYY, greater than 1900) for the birth date of the person who will be filling out a Stripe application.
If you choose to pass these parameters, you must pass all three.
"""
street_address: NotRequired[str]
"""
Standard only
Street address of the business.
"""
city: NotRequired[str]
"""
Address city of the business.
We highly recommend that you also prefill stripe_user[country] with the corresponding country.
"""
state: NotRequired[str]
"""
Standard only
Address state of the business, must be the two-letter state or province code (e.g., NY for a U.S. business or AB for a Canadian one).
Must also prefill stripe_user[country] with the corresponding country.
"""
zip: NotRequired[str]
"""
Standard only
Address ZIP code of the business, must be a string.
We highly recommend that you also prefill stripe_user[country] with the corresponding country.
"""
physical_product: NotRequired[str]
"""
Standard only
A string: true if the user sells a physical product, false otherwise.
"""
product_description: NotRequired[str]
"""
A description of what the business is accepting payments for.
"""
currency: NotRequired[str]
"""
Standard only
Three-letter ISO code representing currency, in lowercase (e.g., usd or cad).
Must be a valid country and currency combination that Stripe supports.
Must prefill stripe_user[country] with the corresponding country.
"""
first_name_kana: NotRequired[str]
"""
The Kana variation of the first name of the person who will be filling out a Stripe application.
Must prefill stripe_user[country] with JP, as this parameter is only relevant for Japan.
"""
first_name_kanji: NotRequired[str]
"""
The Kanji variation of the first name of the person who will be filling out a Stripe application.
Must prefill stripe_user[country] with JP, as this parameter is only relevant for Japan.
"""
last_name_kana: NotRequired[str]
"""
The Kana variation of the last name of the person who will be filling out a Stripe application.
Must prefill stripe_user[country] with JP, as this parameter is only relevant for Japan.
"""
last_name_kanji: NotRequired[str]
"""
The Kanji variation of the last name of the person who will be filling out a Stripe application.
Must prefill stripe_user[country] with JP, as this parameter is only relevant for Japan.
"""
gender: NotRequired[str]
"""
The gender of the person who will be filling out a Stripe application. (International regulations require either male or female.)
Must prefill stripe_user[country] with JP, as this parameter is only relevant for Japan.
"""
block_kana: NotRequired[str]
"""
Standard only
The Kana variation of the address block.
This parameter is only relevant for Japan. You must prefill stripe_user[country] with JP and stripe_user[zip] with a valid Japanese postal code to use this parameter.
"""
block_kanji: NotRequired[str]
"""
Standard only
The Kanji variation of the address block.
This parameter is only relevant for Japan. You must prefill stripe_user[country] with JP and stripe_user[zip] with a valid Japanese postal code to use this parameter.
"""
building_kana: NotRequired[str]
"""
Standard only
The Kana variation of the address building.
This parameter is only relevant for Japan. You must prefill stripe_user[country] with JP and stripe_user[zip] with a valid Japanese postal code to use this parameter.
"""
building_kanji: NotRequired[str]
"""
Standard only
The Kanji variation of the address building.
This parameter is only relevant for Japan. You must prefill stripe_user[country] with JP and stripe_user[zip] with a valid Japanese postal code to use this parameter.
"""
class OAuthTokenParams(TypedDict):
grant_type: Literal["authorization_code", "refresh_token"]
"""
`'authorization_code'` when turning an authorization code into an access token, or `'refresh_token'` when using a refresh token to get a new access token.
"""
code: NotRequired[str]
"""
The value of the code or refresh_token, depending on the grant_type.
"""
refresh_token: NotRequired[str]
"""
The value of the code or refresh_token, depending on the grant_type.
"""
scope: NotRequired[str]
"""
When requesting a new access token from a refresh token, any scope that has an equal or lesser scope as the refresh token. Has no effect when requesting an access token from an authorization code.
Defaults to the scope of the refresh token.
"""
assert_capabilities: NotRequired[List[str]]
"""
Express only
Check whether the suggested_capabilities were applied to the connected account.
"""
class OAuthDeauthorizeParams(TypedDict):
client_id: NotRequired[str]
"""
The client_id of the application that you'd like to disconnect the account from.
The account must be connected to this application.
"""
stripe_user_id: str
"""
The account you'd like to disconnect from.
"""
@staticmethod
def _set_client_id(params):
if "client_id" in params:
return
from stripe import client_id
if client_id:
params["client_id"] = client_id
return
raise AuthenticationError(
"No client_id provided. (HINT: set your client_id using "
'"stripe.client_id = <CLIENT-ID>"). You can find your client_ids '
"in your Stripe dashboard at "
"https://dashboard.stripe.com/account/applications/settings, "
"after registering your account as a platform. See "
"https://stripe.com/docs/connect/standalone-accounts for details, "
"or email support@stripe.com if you have any questions."
)
@staticmethod
def authorize_url(
express: bool = False, **params: Unpack[OAuthAuthorizeUrlParams]
) -> str:
if express is False:
path = "/oauth/authorize"
else:
path = "/express/oauth/authorize"
OAuth._set_client_id(params)
if "response_type" not in params:
params["response_type"] = "code"
query = urlencode(list(_api_encode(params, "V1")))
url = connect_api_base + path + "?" + query
return url
@staticmethod
def token(
api_key: Optional[str] = None, **params: Unpack[OAuthTokenParams]
) -> OAuthToken:
options: RequestOptions = {"api_key": api_key}
requestor = _APIRequestor._global_instance()
return cast(
"OAuth.OAuthToken",
requestor.request(
"post",
"/oauth/token",
params=params,
options=options,
base_address="connect",
),
)
@staticmethod
def deauthorize(
api_key: Optional[str] = None, **params: Unpack[OAuthDeauthorizeParams]
) -> OAuthDeauthorization:
options: RequestOptions = {"api_key": api_key}
requestor = _APIRequestor._global_instance()
OAuth._set_client_id(params)
return cast(
"OAuth.OAuthDeauthorization",
requestor.request(
"post",
"/oauth/deauthorize",
params=params,
options=options,
base_address="connect",
),
)
|
