def stripe_connect(): # TODO :: Error responses need to be end user friendly usr = current_user._get_current_object() if not 'state' in request.args: return 'Unauthorized', 401 csrf_token = request.args['state'] if not current_app.csrf._get_token() == csrf_token: return 'Unauthorized', 401 if 'code' in request.args: code = request.args['code'] stripe_secret_key = current_app.config.get('STRIPE_SECRET_KEY') try: user.associate_stripe_authorization_code(usr, code, stripe_secret_key) except PreviousStripeAssociationError: return 'Previous Stripe Connect account association found.', 409 except ExternalAPIUsageError: return 'An internal error prevented your request from being completed.', 500 except (ExternalAPIError, ExternalAPIUnavailableError): return 'An error occoured with an external service preventing your request from being completed.', 500 sess = session._get_current_object() if sess['next']: url = sess['next'] del sess['next'] return redirect(url) return redirect(url_for('account.stripe_connect_success')) elif 'error' in request.args: # Redirect user to account for the connect denial in our analytics return redirect(url_for('account.stripe_connect_denied'))