Using Stripe with Grails

How do you usually process credit cards in your web applications? There are obviously lots of options available and each has pros and cons. One that I am really starting to like though is Stripe. It has great client libraries, makes PCI compliance really easy and is incredibly easy to use! So, I decided to build a Grails plugin for Stripe! The purpose of this post is to introduce people to the plugin and hopefully get feedback on it before releasing a “1.0 Final” version. I am NOT affiliated with Stripe Inc, I just like it, ha! Let’s dive in!

First, you will need a sample Grails 2.0 application. You could certainly use Grails 1.3.7 too as there’s nothing limiting the plugin to 2.0, but it does require the resources plugin and I just figure most new Grails apps will be 2.0.

grails create-app stripesample cd stripesample grails install-plugin stripe grails create-controller checkout

We will need to set two configuration items in Config.groovy. Before we can add these though, we need to register for a Stripe account. So, head on over to Stripe and create your account. Once you’re logged in, click on the top-right link for Your Account and then Account Settings. This will pop open a box where you can find your API Keys. Stripe provides each account with separate publishable and secret keys for testing and live. We only care about the testing ones for now. Let’s add these two values to our sample application’s config file:

stripesample/grails-app/Config.groovy

grails.plugins.stripe.secretKey = 'YOUR_TEST_SECRET_KEY' grails.plugins.stripe.publishableKey = 'YOUR_TEST_PUBLISHABLE_KEY'

You will obviously want to put these config values in the appropriate environment in Config.groovy. The plugin takes care of setting the secret key for you in the Stripe abstract class and the publishable key will be set from our JavaScript which we’ll cover in a bit.

Next we need to include the JavaScript library provided by Stripe. The plugin exposes this library as a standard resource module called stripe. So, you need to include this in your resource modules declaration. Make sure you use modules (plural) if you have more than one as opposed to module (singular).

<r:require modules="application, stripe"/>

or

<r:require module="stripe"/>

The way Stripe works is that it uses JavaScript to capture the credit card details and creates a token. So, the credit card details never actually hit the server which makes it really easy to be PCI compliant. The JavaScript then creates a hidden field on the form with the token as the value and submits the form to the server. Once on the server, we will use Groovy to capture the amount from the form, the token and create a Stripe Charge. Piece of cake!

Create a new file called index.gsp in stripesample/grails-app/views/checkout and put the following for the contents of the file:

Next we need to modify the CheckoutController we created. Put the following for the contents of this file:

And finally, we need to create a simple confirmation.gsp in stripesample/grails-app/views/checkout and put the following for the contents of the file:

This is obviously a really simple example and can be improved greatly with styling, validation, flash message, etc, but I did this on purpose just to keep it really simple. A couple things to notice in the sample code:

  1. The JavaScript is pulling in your publishable key from Config.groovy
  2. The JavaScript then takes the credit-card details and creates a token and inserts this into a hidden-field on the form
  3. The server never sees the credit-card details, only the token created by the Stripe JavaScript library and the amount to charge

Let’s try it out! Here are some sample values that will work for testing:

  • Credit Card Number: 4242424242424242
  • CVC: 123
  • Expiration Month: 12
  • Expiration Year: 2015

Page 1 of 2 | Next page