Added publishable keys and /config endpoint to get it

Author: rgaudin

donation-api/src/donation_api/constants.py

@@ -7,8 +7,14 @@
 @dataclass
 class Constants:
     stripe_on_prod: bool = bool(os.getenv("STRIPE_USE_LIVE") == "1")
-    stripe_test_key: str = os.getenv("STRIPE_TEST_KEY") or "notset"
-    stripe_live_key: str = os.getenv("STRIPE_LIVE_KEY") or "notset"
+    stripe_test_secret_key: str = os.getenv("STRIPE_TEST_SECRET_KEY") or "notset"
+    stripe_live_secret_key: str = os.getenv("STRIPE_LIVE_SECRET_KEY") or "notset"
+    stripe_test_publishable_key: str = (
+        os.getenv("STRIPE_TEST_PUBLISHABLE_KEY") or "notset"
+    )
+    stripe_live_publishable_key: str = (
+        os.getenv("STRIPE_LIVE_PUBLISHABLE_KEY") or "notset"
+    )
     stripe_webhook_secret: str = os.getenv("STRIPE_WEBHOOK_SECRET") or ""
     stripe_webhook_sender_ips: list[str] = field(default_factory=list)
     stripe_webhook_testing_ips: list[str] = field(default_factory=list)
@@ -36,10 +42,16 @@ def __post_init__(self):
             raise OSError("No Stripe Webhook IPs!")
 
     @property
-    def stripe_api_key(self) -> str:
+    def stripe_secret_api_key(self) -> str:
+        if self.stripe_on_prod:
+            return self.stripe_live_secret_key
+        return self.stripe_test_secret_key
+
+    @property
+    def stripe_publishable_api_key(self) -> str:
         if self.stripe_on_prod:
-            return self.stripe_live_key
-        return self.stripe_test_key
+            return self.stripe_live_publishable_key
+        return self.stripe_test_publishable_key
 
 
 conf = Constants()

donation-api/src/donation_api/stripe.py

@@ -11,7 +11,7 @@
 from donation_api.constants import conf
 
 logger = logging.getLogger("uvicorn.error")
-stripe.api_key = conf.stripe_api_key
+stripe.api_key = conf.stripe_secret_api_key
 
 router = APIRouter(
     prefix="/stripe",
@@ -32,6 +32,10 @@ class PaymentIntent(BaseModel):
     secret: str
 
 
+class PublicConfigResponse(BaseModel):
+    publishable_key: str
+
+
 class StripeWebhookPayload(BaseModel):
     """Stripe-sent payload during the webhook call
     https://stripe.com/docs/webhooks"""
@@ -72,6 +76,20 @@ def can_send_webhook(ip_addr: str) -> bool:
     return ip_addr in conf.stripe_webhook_sender_ips
 
 
+@router.get(
+    "/config",
+    status_code=HTTPStatus.OK,
+    responses={
+        HTTPStatus.OK: {
+            "model": PublicConfigResponse,
+            "description": "Health Check passed",
+        },
+    },
+)
+async def get_config():
+    return {"publishable_key": conf.stripe_publishable_api_key}
+
+
 @router.get(
     "/health-check",
     status_code=HTTPStatus.OK,
@@ -87,12 +105,23 @@ def can_send_webhook(ip_addr: str) -> bool:
 )
 async def check_config():
     errors: list[str] = []
+
     if conf.stripe_on_prod and not str(stripe.api_key).startswith("sk_live_"):
         errors.append("Missing Live API Key")
 
     if not conf.stripe_on_prod and not str(stripe.api_key).startswith("sk_test_"):
         errors.append("Missing Test API Key")
 
+    if conf.stripe_on_prod and not conf.stripe_publishable_api_key.startswith(
+        "pk_live_"
+    ):
+        errors.append("Missing Live Publishable API Key")
+
+    if not conf.stripe_on_prod and not conf.stripe_publishable_api_key.startswith(
+        "pk_test_"
+    ):
+        errors.append("Missing Test Publishable API Key")
+
     if not conf.stripe_webhook_sender_ips:
         errors.append("Missing Stripe IPs")
 

donation-api/tests/test_stripe.py

@@ -12,4 +12,6 @@ def test_default_to_test():
 def test_check_config(client: TestClient):
     resp = client.get("/v1/stripe/health-check")
     assert resp.status_code == HTTPStatus.INTERNAL_SERVER_ERROR
-    assert resp.json().get("detail") == "Missing Test API Key"
+    reason = resp.json().get("detail")
+    assert "Missing Test API Key" in reason
+    assert "Missing Test Publishable API Key" in reason