From 872897eabc7b23f13adefac78a0fd3b38518664d Mon Sep 17 00:00:00 2001 From: John Pinkyfloyd Date: Mon, 9 Feb 2026 13:10:27 -0800 Subject: [PATCH] Add Stripe Checkout Session for web-based payments (iOS app) --- api/stripe/createPaymentIntent.cfm | 35 ++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/api/stripe/createPaymentIntent.cfm b/api/stripe/createPaymentIntent.cfm index f13082a..828a6d9 100644 --- a/api/stripe/createPaymentIntent.cfm +++ b/api/stripe/createPaymentIntent.cfm @@ -184,10 +184,45 @@ try { writeLog(file="stripe_webhooks", text="Ledger link skipped for order #orderID#: #e.message#"); } + // Create Checkout Session for web-based payment (iOS app uses this) + checkoutService = new http(); + checkoutService.setMethod("POST"); + checkoutService.setUrl("https://api.stripe.com/v1/checkout/sessions"); + checkoutService.setUsername(stripeSecretKey); + checkoutService.setPassword(""); + + checkoutService.addParam(type="formfield", name="mode", value="payment"); + checkoutService.addParam(type="formfield", name="line_items[0][price_data][currency]", value="usd"); + checkoutService.addParam(type="formfield", name="line_items[0][price_data][product_data][name]", value="Order ###orderID# at #qBusiness.Name#"); + checkoutService.addParam(type="formfield", name="line_items[0][price_data][unit_amount]", value=totalAmountCents); + checkoutService.addParam(type="formfield", name="line_items[0][quantity]", value="1"); + checkoutService.addParam(type="formfield", name="success_url", value="payfrit://stripe-redirect?success=true&order_id=#orderID#"); + checkoutService.addParam(type="formfield", name="cancel_url", value="payfrit://stripe-redirect?success=false&error=cancelled&order_id=#orderID#"); + checkoutService.addParam(type="formfield", name="metadata[order_id]", value=orderID); + checkoutService.addParam(type="formfield", name="metadata[business_id]", value=businessID); + + if (hasStripeConnect) { + effectivePlatformFeeCents = totalPlatformFeeCents + grantOwnerFeeCents; + checkoutService.addParam(type="formfield", name="payment_intent_data[application_fee_amount]", value=effectivePlatformFeeCents); + checkoutService.addParam(type="formfield", name="payment_intent_data[transfer_data][destination]", value=qBusiness.StripeAccountID); + } + + checkoutResult = checkoutService.send().getPrefix(); + checkoutData = deserializeJSON(checkoutResult.fileContent); + + checkoutUrl = ""; + if (structKeyExists(checkoutData, "url")) { + checkoutUrl = checkoutData.url; + } else if (structKeyExists(checkoutData, "error")) { + // Log checkout error but don't fail - client_secret still works for SDK + writeLog(file="stripe_webhooks", text="Checkout session error: #checkoutData.error.message#"); + } + response["OK"] = true; response["CLIENT_SECRET"] = piData.client_secret; response["PAYMENT_INTENT_ID"] = piData.id; response["PUBLISHABLE_KEY"] = application.stripePublishableKey ?: "pk_test_sPBNzSyJ9HcEPJGC7dSo8NqN"; + response["CHECKOUT_URL"] = checkoutUrl; response["FEE_BREAKDOWN"] = { "SUBTOTAL": subtotal, "TAX": tax,