woocommerce-gateway-stripe
woocommerce-gateway-stripe copied to clipboard
woocommerce
Cannot manually enter account keys on live sites
I was asked to forward a support issue on wordpress.org to this repo.
As WooCommerce addon developers, we have some automated end-to-end tests to run with the Stripe payment gateway.
Since version 8.0.0, it’s not possible to setup account keys manually and we just disabled our tests.
Now we’re back on that as we would like to restore our tests, but it’s becoming a big headache…
First of all, (if I understand correctly, correct me if I am wrong) we need to create a real Stripe account with real information such as personal/company information, valid bank account data, … and we cannot provide that for testing purpose only. We are not Stripe users, we just want to ensure Stripe is compatible with our addon.
Then, even if I hardly manage to create a real Stripe account (with random data), I see captcha when it comes to connect to Stripe from the “Connect or create an account” button. This is one more problem for our automated tests.
Could you re-evaluate the possibility to restore the advanced mode? (as it was in version 7.9.3)
Without that, I am afraid we will not manage to restore our automated tests on Stripe, which in the end could affect Stripe users…
Thanks!
@strategio You are correct that it currently is not possible to connect our Stripe extension to a test mode only Stripe.com account, i.e. an account created with just an email, and where live mode is unavailable.
We are discussing internally what to do about this given our long-term plans for the extension.
Internal link: p1719233249354419-slack-CHG7MTCAF
Thanks for looking into this @aheckler.
If I may suggest one more thing, it would be OK for us if just have to set a constant in wp-config.php. It could be a WC Gateway Stripe constant, or maybe a specific value for the environment type on WordPress.
See also https://developer.wordpress.org/reference/functions/wp_get_environment_type/.
You might be able to use the wc_stripe_settings filter shown here to manually adjust values for the following:
test_publishable_keytest_secret_keytest_webhook_secret
However, that's not something I've tried myself, so I can't guarantee that everything will work 100% seamlessly. You'd need to do a bit of testing.
Thanks @aheckler,
The purpose of our automated end-to-end tests is to have a context very close to what the final user would have. We click on buttons, fill forms, ... like the final user. If we have to set custom filters (through a custom plugin), we are already diverging from what a real user would do.
And beyond that, I am not sure the filter hook you suggested will allow us to override all the needed settings.
In short, we don't want to hack the plugin just to have our test running.
Ideally, we just want to follow a user workflow, even if we end up using a discreet GUI element (like the link "Enter account keys (advanced)" that we used to have before 8.0.0).
@strategio Could you take a look at Step 3 from these instructions? I wasn't aware of this before, but if you start the connection flow then back out back to wp-admin, you can apparently still use the old keys interface. Does that work for you?
https://github.com/woocommerce/woocommerce-gateway-stripe/issues/2936 may be one to follow too. :)
Thanks @aheckler!
I've followed the workflow from https://github.com/woocommerce/woocommerce-gateway-stripe/issues/2936#issuecomment-2048840993: temporarily downgrade to 7.9.3 in order to set the test keys, then update to the latest version to continue our tests.
At least that will allow us to restore our automated test.
However, it would be great if you could offer an alternative with the latest version. I think this ticket still makes sense.
However, it would be great if you could offer an alternative with the latest version.
Did you try the steps explained in Step 3 here? Those should work with the latest version I think.
Hi @aheckler!
Sorry for my late reply, I was away from work for some time...
We ended up using version 7.9.3 to setup our test site and then update the addon to the latest version to continue the execution of the test.
This is far from optimal but good enough for now...
Thanks!
I have this issue, which seems to apply to sites in test mode as well.
I really need to be able to set up account keys manually. I don't have access to the company Stripe account, nor am I ever likely to get that access. This means that whenever I do a data refresh or clear down of our test systems I'm going to have to get the General Manager on the phone and talk him through the connection process. The test site is locked down, so I'm also going to have to sort out access to IP restricted sites for him as well, which means putting him on a VPN.
Manual entry of keys, for test mode at least, is an essential feature, it needs to be retained. If this is being dispensed with then I can never upgrade the live sites because it will cause constant inconvenience for the dev systems. This change has not been thought through!
Has anything been done yet to re-enable manual entry of the Stripe keys? As I commented above this is an essential feature for developers in test mode at least. I'm now seeing warnings about the use of the older plugins on our live site so it looks like we will soon be forced into an upgrade which will effectively disable my ability to perform any testing work with Stripe because I do not have access to the live Stirpe account and it is impossible to register for a test only account.
I need to be able to test with Stripe in order to be able to continue recommending it and am reaching the point where I'm wondering if I'm going to have to start digging into the code to re-enable this capability and create a fork, assuming of course it's still possible to use the keys in this way.
I asked our devs about this, and they said the following:
We agree that forcing Connect OAuth even for test mode makes things a bit harder for E2E tests for example. They have 2 options:
- Do as we do, and set the keys using WP CLI (or a similar tool) for the E2E environment.
- https://github.com/woocommerce/woocommerce-gateway-stripe/blob/3fc2608c27356df0aea685cc94d8ce115377133d/tests/e2e/bin/setup.sh#L134
- https://github.com/woocommerce/woocommerce-gateway-stripe/blob/3fc2608c27356df0aea685cc94d8ce115377133d/tests/e2e/utils/playwright-setup.js#L417-L452
- Use a different Stripe test account that they have credentials for, and use the connect flow during the E2E setup.
Using an alternative Stripe account would be an option if Stripe provided a way to register for a test only account with a simplified form, registering for a full account understandably requires a lot of details. I'm really not prepared to go through all of that just for a test account,
WP CLI is (fortunately) an option for me, but I can conceive of circumstances where testing would need to take place on a system where command line access isn't possible. Is there a way to insert the keys with SQL?
If keys can be inserted via WP CLI, then I can I take it that the oauth method is merely a convenience for transferring the keys and that there are no plans to remove the ability to use manually generated keys inserted using WP CLI? If that is the case then I don't see the point of taking away the ability to simply enter those keys via the UI if the user chooses to do so. Assuming that to be the case I am now seriously considering a fork that will restore this functionality, or a small additional custom plugin that replicates the action of the WP CLI command to achieve the same thing.
I can also foresee organisational complications for live keys as well. There seems to be a basic assumption underlying this that the admin of Woocommerce will always also have Stripe account access, but in my experience that is often not the case, especially in large organisations where the accounts department will control Stripe, while the webteam will control the eCommerce. It is typical in such organisations for finance to simply provide the eCommerce team with keys for manual entry since no one single person would typically have admin access to both systems. Yes you can co-ordinate having two admins login on the same browser, that that is an unnecessary complication.
eg an inexperienced admin clicks the wrong thing and accidentally disconnects Stripe, if the person with Stripe account access is unavailable then payment systems will be down until they can be contacted. With a securely saved set of keys available to the admins of the Woocommerce system, I can simply put them back in and restore payments. That might be an unusual scenario but from a business point of view allowing manual entry of keys means it can be mitigated, taking that away adds a possible failure point.
I've asked around about this internally, and come away with the following info:
- Stripe themselves have asked us to move away from authenticating via manual copying and pasting of API keys and toward a more secure connection method, oAuth. This is what we've done, in partnership with them.
- At this time, we don't plan on re-adding a UI method for merchants to manually specify their live API keys.
- We agree that using the new connection method to connect to a test-mode-only Stripe account (created only by providing an email address) should work, but doesn't right now.
- I'm unsure if manually inserting API keys into the database will let the plugin function as intended. Even if it does work, the only auth method we'll officially support will be oAuth via the UI.
I'll leave this issue open for now since we do need to fix the issue of connecting to test-mode-only Stripe accounts.
@aheckler thanks for the feedback, I appreciate that this is a decision that is out of your hands personally.
As an interim solution I'm going to have to go ahead and either fork this plugin to put the missing capabilities back or build a plugin of my own that makes the necessary inserts into the database, I need these features for my test systems.
I appreciate that Stripe might consider Oauth more secure and can accept that they may want to put in a warning for people who choose to use the manual option, but this is an absolutely essential feature, not just for test keys, but for live ones as well for reasons I have already given. I shall be getting one of my clients to feed this directly back to Stripe and would ask that you communicate this back to Stripe as well. They have gotten this wrong and need to re-think.
Bumping this issue because there is still no resolution and it's causing me a lot of issues, because a shop site I'm responsible is going to have to upgrade to the new auth soon, but I have been unable to test that it works with my plugins because I can't manually enter keys provided to me and I can't easily register for a test account with Stripe without going through a long and complicated registration process. The tests sites are fire-walled off and inaccessible to the people who have the stripe login details, getting them on the test site is a lot of hassle and that would have to be done every time I refresh the data on our test sites. This is just not viable.
If this isn't dealt with I shall be recommending that Stripe be replaced on the grounds that it's not fit for purpose. Ideally the ability to enter test keys needs to come back, I am at a loss to understand why this is a problem.
I think we should add that there are no security benefits to using OAuth over using Restricted API Keys.
The security benefits of using OAuth are scope, but all of those issues can be addressed with Restricted API Keys, which users have asked for here 7 years ago (since May 2018):
- https://github.com/woocommerce/woocommerce-gateway-stripe/issues/634
In fact, OAuth is less secure, depending on how it's implemented. This is certainly the case where it causes high-impact security compromise (availability issues), as many of your users have experienced since you blocked API Key auth.
And the OAuth refresh token implementation further adds security risk by exposing the user's OAuth tokens to a third party server.
- https://github.com/woocommerce/woocommerce-gateway-stripe/issues/4203
