This document explains how iaptic's Stripe integration is structured and how the components interact.
System Architecture
flowchart TD
subgraph Client
Web[Web App]
Mobile[Mobile App]
end
subgraph Iaptic
API[API Gateway]
Validator[Validator]
Events[Events]
Cache[Redis Cache]
end
subgraph Stripe
Checkout[Checkout]
Portal[Customer Portal]
Webhooks[Webhooks]
end
Web --> API
Mobile --> API
API --> Validator
Validator --> Events
Validator --> Cache
Validator --> Checkout
Validator --> Portal
Webhooks --> Validator
Data Flow
sequenceDiagram
participant Client
participant API
participant Validator
participant Stripe
participant Events
Client->>API: Request
API->>Validator: Validate
Validator->>Stripe: Verify
Stripe-->>Validator: Status
Validator->>Events: Log
Validator-->>API: Result
API-->>Client: Response
Component Roles
Client Application
- Initiates checkout process
- Stores access keys
- Verifies subscription status
- Manages user interface
Iaptic Service
- Generates and validates access keys
- Processes webhook events
- Manages subscription metadata
- Handles user association
Stripe Platform
- Processes payments
- Manages subscriptions
- Sends webhook events
- Stores product data
Data Flow
1. Checkout Flow
sequenceDiagram
Client->>Iaptic: Create checkout session
Iaptic->>Iaptic: Generate access key
Iaptic->>Stripe: Create Stripe session
Iaptic->>Client: Return session + key
Client->>Stripe: Complete checkout
Stripe->>Iaptic: Webhook: checkout.completed
Iaptic->>Iaptic: Process subscription
2. Subscription Verification
sequenceDiagram
Client->>Iaptic: Verify with access key
Iaptic->>Stripe: Check subscription
Stripe->>Iaptic: Return status
Iaptic->>Client: Return purchase info
3. Webhook Processing
sequenceDiagram
Stripe->>Iaptic: Send webhook event
Iaptic->>Iaptic: Verify signature
Iaptic->>Stripe: Fetch full data
Iaptic->>Iaptic: Process event
Iaptic->>Iaptic: Update state
Security Architecture
Authentication Layers
graph TB
subgraph Client Layer
C[Client] -- Access Key --> I[Iaptic API]
end
subgraph Service Layer
I -- API Key --> S[Stripe API]
end
subgraph Webhook Layer
S -- Signing Secret --> I
end
Key Management
- Access keys stored client-side
- API keys stored server-side
- Webhook secrets in configuration
- Automatic key rotation
State Management
Data Storage
graph LR
subgraph Stripe
S1[Products]
S2[Subscriptions]
S3[Customers]
end
subgraph Iaptic
I1[Access Keys]
I2[Metadata]
I3[Events]
end
subgraph Client
C1[Local Storage]
C2[Session Storage]
end
Event Processing
- Webhook reception
- Signature verification
- Event validation
- State update
- Client notification
Integration Points
Required API Version
All components use Stripe API version 2024-11-20.acacia to ensure:
- Consistent behavior
- Webhook compatibility
- Feature availability
API Endpoints
/v3/stripe/checkout: Create sessions/v3/stripe/purchases: Verify status/v3/stripe/portal: Access management/v3/stripe/change-plan: Update plans/v3/webhook/stripe: Process events
Error Handling
Retry Mechanisms
graph TB
E[Error] --> R{Retryable?}
R -- Yes --> B[Backoff]
R -- No --> F[Fail]
B --> A[Retry]
A --> R
Error Categories
-
Validation Errors
- Invalid access keys
- Missing metadata
- Wrong API version
-
Network Errors
- Webhook timeouts
- API unavailability
- Connection issues
-
State Errors
- Invalid transitions
- Race conditions
- Inconsistent data
Scaling Considerations
Rate Limits
- Stripe API limits
- Webhook concurrency
- Client request throttling
Caching Strategy
- Product cache (5 minutes)
- Subscription status (real-time)
- Access key validation (30 seconds)
Performance
- Webhook processing priority
- Asynchronous operations
- Batch processing