Setup

First Launch

First, download the plugin .jar and place it in your Spigot server's plugin directory. Run the server once to prepare configuration files for your server.

Upon first run, the server will fail to load. This is expected. Open config.yml from the SpigotShop directory as this is the one we will be working with to set up the server initially.

Default configuration will look a little something like this:

#SpigotShop Configuration
stripe:
  publishable_key: ""
  secret_key: ""
  listen_port: 9926
  success_url: ""
  cancel_url: ""
api_only: false

Make sure to set listen_port to something you have the ability to port forward, and can be accessed from the internet. I chose 9926 as default because it is a port not a lot of services would use.

Continue on to view how to obtain your keys from Stripe's dashboard.

Accessing Stripe

Warning

Do not share your Stripe Secret Key or Webhook Secret with anyone. Ensure that plugins on your server are to be trusted as it is possible to retrieve these from SpigotShop's configuration through another plugin.

This tutorial assumes you have created a Stripe account. If you have not, click here.

First, open your Stripe Dashboard to begin, as we will need to access in order to retrieve your keys. You must have a role in your dashboard that allows you to view your API keys.

Tip

To test functionality without using actual credit card information, you can use your test webhooks and keys. Toggle the "Viewing test data" switch in your dashboard to view these keys. This will help you test any Radar rules you have in place. Use Stripe Test Cards in place of real card info when using test keys.

Getting Publishable and Secret Keys

alt text

Click on Developers to open the Developers panel, and then click API keys to open the API Keys menu.

alt text

Listed below will be your Publishable key and your Secret key. Click "Reveal key" to show your Secret key. You may need to re-enter your password for this to work.

Info

alt text

The Secret key can make all changes to your acount, and therefore it is imperative it is kept secret. If you believe your Secret key has been compromised, you can re-roll your key by clicking on roll key.

Creating a Restricted key

If you wish to keep your applications separate for security reasons, you may create and use a restricted key in place of your Secret key.

From API Keys menu, click "Create restricted key" to be brought to the Restricted key menu.

alt text

This key must have write permissions on the following resources:

  • Charges
  • Customers
  • PaymentIntents
  • Checkout Sessions
  • Webhook Endpoints

Press Create key and reveal the key the same way as above.

Next Run

There are a few more parameters we must fill out before we run the server. These are success_url and cancel_url. These are web links to the pages Stripe should send the customer to when they either finish paying or their PaymentIntent is cancelled.

These can be any webpage, but I recommend they are simple aesthetic pages explaining that their payment was successful or cancelled, respectively, and they can return to game.

Now that we have gotten our keys, paste them into your config file where specified. After this, specify your URLs and the config should look something like this.

#SpigotShop Configuration
stripe:
  publishable_key: "pk_test_aabbcc"
  secret_key: "sk_test_xxyyzz"
  listen_port: 9926
  success_url: "www.example.com/success"
  cancel_url: "www.example.com/cancel"
api_only: false

Running the server now, you will notice a new file created: payment.html. This file must stay unedited for default functioning. This redirects the user to Stripe to complete payment. This file is checksum-validated at startup and console will alert you if something is not as it should be in this file.

Warning

payment.html will not function as required if you are using live keys and are on an HTTPS server. stripe.js requires SSL to function in live to be PCI-compliant. Please make sure your server is SSL-enabled before switching to live mode.

As well as creating this file, the server will also create required webhook in your Stripe account. The server is now fully set up and ready to accept payments! View Shop Layout to view how to configure the shop.