Stripe Payment Integration Setup Guide

Prerequisites

1. ✅ Stripe test account created with the following features enabled:
   • Non-recurring payments
   • Recurring payments
   • Invoices
   • Build a platform or marketplace (Stripe Connect)
   • Tax collection
   • Fraud protection

Step 1: Get Your Stripe API Keys

1. Log into your Stripe Dashboard: https://dashboard.stripe.com/test
2. Go to Developers → API keys
3. Copy your Publishable key (starts with pk_test_...)
4. Copy your Secret key (starts with sk_test_...) - Click "Reveal test key"
5. Copy your Webhook signing secret (you'll get this after setting up webhooks)

Step 2: Install Stripe.NET Package

cd /Users/jager/Personal/FishingLog/FishingLog.Backend
dotnet add FishingLog.API/FishingLog.API.csproj package Stripe.net

Step 3: Configure Stripe Settings

Add Stripe configuration to appsettings.json and appsettings.Development.json:

{
  "Stripe": {
    "PublishableKey": "pk_test_YOUR_PUBLISHABLE_KEY",
    "SecretKey": "sk_test_YOUR_SECRET_KEY",
    "WebhookSecret": "whsec_YOUR_WEBHOOK_SECRET",
    "ApiVersion": "2024-11-20.acacia"
  }
}

Important: Use environment variables for production! Never commit secret keys to git.

Step 4: Set Up Webhook Endpoint in Stripe Dashboard

1. Go to Developers → Webhooks
2. Click Add endpoint
3. Set endpoint URL: https://your-domain.com/api/stripe/webhook (or https://localhost:5001/api/stripe/webhook for local testing with Stripe CLI)
4. Select events to listen to:
   • payment_intent.succeeded
   • payment_intent.payment_failed
   • charge.refunded
   • charge.dispute.created
   • invoice.payment_succeeded
   • invoice.payment_failed
   • customer.subscription.created
   • customer.subscription.updated
   • customer.subscription.deleted
5. Copy the Signing secret (starts with whsec_...)

Step 5: Local Webhook Testing (Optional but Recommended)

Install Stripe CLI for local webhook testing:

# macOS
brew install stripe/stripe-cli/stripe

# Or download from https://stripe.com/docs/stripe-cli

Login to Stripe CLI:

stripe login

Forward webhooks to local endpoint:

stripe listen --forward-to localhost:5001/api/stripe/webhook

This will give you a webhook signing secret for local testing.

Step 6: Environment Variables (Production)

For production, set these as environment variables:

Stripe__SecretKey=sk_live_YOUR_LIVE_SECRET_KEY
Stripe__PublishableKey=pk_live_YOUR_LIVE_PUBLISHABLE_KEY
Stripe__WebhookSecret=whsec_YOUR_LIVE_WEBHOOK_SECRET

Next Steps

After completing these steps, the following will be implemented:

1. ✅ StripeService - Core Stripe API wrapper
2. ✅ StripeWebhookController - Handle Stripe webhooks
3. ✅ Updated AdminPaymentController - Real refund processing
4. ✅ Payment intent creation for tournaments/bookings
5. ✅ Subscription management for users/advertisers
6. ✅ Stripe Connect setup for tournament organizers (future)

Testing Checklist

• Create a test payment intent
• Process a test payment
• Test webhook handling (payment succeeded)
• Test refund processing
• Test failed payment handling
• Test subscription creation
• Test invoice generation

Security Notes

• ⚠️ Never commit API keys to git
• ⚠️ Use environment variables in production
• ⚠️ Always verify webhook signatures
• ⚠️ Use HTTPS for webhook endpoints
• ⚠️ Keep Stripe API version updated

Resources

• Stripe.NET Documentation
• Stripe API Reference
• Stripe Webhooks Guide
• Stripe Connect Documentation