Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Correct Stripe token length and endpoint #47

Merged
merged 2 commits into from
Sep 21, 2019
Merged

Conversation

KevinHock
Copy link
Contributor

34 -> 24

Many secret detection tools can testify to this, like detect-secrets

The existing one gave the following error:
```
{
  "error": {
    "message": "Unrecognized request URL (GET: /v1/). If you are trying to list objects, remove the trailing slash. If you are trying to retrieve an object, make sure you passed a valid (non-empty) identifier in your code. Please see https://stripe.com/docs or we can help at https://support.stripe.com/.",
    "type": "invalid_request_error"
  }
}
```
@@ -424,14 +424,11 @@ curl -v -X GET "https://api.sandbox.paypal.com/v1/identity/oauth2/userinfo?schem
## [Stripe Live Token](https://stripe.com/docs/api/authentication)

```

curl https://api.stripe.com/v1/
Copy link
Contributor Author

@KevinHock KevinHock Sep 21, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While it is true that this doesn't work currently, restricted keys can be restricted to certain endpoints. It would be really nice not to have to loop through their endpoints to tell if there is a valid key. I will investigate if this is possible.

@KevinHock KevinHock changed the title Correct the Stripe token length Correct Stripe token length and endpoint Sep 21, 2019
@codingo
Copy link
Collaborator

codingo commented Sep 21, 2019

Not ignoring this one, but away at BSides. If @streaak and @EdOverflow are unable to get to this by Monday afternoon I'll review and merge it for you.

@streaak
Copy link
Owner

streaak commented Sep 21, 2019

Hey @KevinHock,
Thanks you for this commit. I will merge it now.
Regarding the conversation on restricted keys, shall I proceed with creating a new issue as we can track it there?

@streaak streaak merged commit 7e4f87c into streaak:master Sep 21, 2019
@KevinHock KevinHock deleted the patch-1 branch September 21, 2019 17:51
@KevinHock
Copy link
Contributor Author

Sounds great @streaak, thank you both.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants