Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Neither apiKey nor config.authenticator provided #2207

Open
chaosLegacy opened this issue Oct 9, 2024 · 16 comments
Open

Neither apiKey nor config.authenticator provided #2207

chaosLegacy opened this issue Oct 9, 2024 · 16 comments
Assignees
Labels

Comments

@chaosLegacy
Copy link

Describe the bug

When installing either the version 17.0.0 or 17.1.0
in a brand new next.js 14 from scratch after initializing stripe

import Stripe from 'stripe';

export const stripe = new Stripe(process.env.STRIPE_SECRET_KEY as string, {
    apiVersion: '2024-06-20',
    typescript: true
})

I get the following error: Neither apiKey nor config.authenticator provided
This issue is not seen after downgrading to 16.12.0

To Reproduce

Create a next.js project
adding stripe version 17.1.0
add a lib folder with a new file stripe.ts
with the following:

import Stripe from 'stripe';

export const stripe = new Stripe(process.env.STRIPE_SECRET_KEY as string, {
    apiVersion: '2024-09-30.acacia',
    typescript: true
})

run the project
getting this error: Neither apiKey nor config.authenticator provided

Expected behavior

No error should be seen in either version 17.1.0 and 17.0.0
process.env.STRIPE_SECRET_KEY is well-defined, and I can console.log it value.

Code snippets

No response

OS

macos

Node version

v20.11.0

Library version

v17.1.0

API version

2024-09-30.acacia

Additional context

No response

@chaosLegacy chaosLegacy added the bug label Oct 9, 2024
@prathmesh-stripe
Copy link
Contributor

I could not reproduce this in stripe-node 17.1.0. Stripe-node seems to be working fine with Nextjs. Here is what my code and result looks like.

Console

Logged API Key and stripe object.
Screenshot 2024-10-10 at 9 50 22 AM

Code and file organization

Screenshot 2024-10-10 at 10 01 14 AM Screenshot 2024-10-10 at 10 01 02 AM

We would need more information to reproduce your error.

@yafkari
Copy link

yafkari commented Oct 12, 2024

I have the same error when switching from stripe 16.12.0 to 17.2.0. (I'm also using NextJS 14)

The issue occurs in my case when calling "loadStripe" from a client component with stripe-js (4.8.0)

image
image

My env variables are of course set up, and everything was working before upgrading anyway.

For now it prevents me from upgrading to the newest version since it crashes my page.

CC: @prathmesh-stripe

EDIT: Indeed, the issue was coming from stripe-js 4.8.0. Donwgraded to 4.7.0 fixed the issue

EDIT2: Or not actually

@Brakkar
Copy link

Brakkar commented Oct 14, 2024

I also have this problem. It only happens when getting the key from environement data. When I hardcore the key as string it works ok. I'm NOT using NextJS: it happens when deploying firebase cloud function code.

@spencerlepine
Copy link

spencerlepine commented Oct 16, 2024

✅ I was able to fix by downgrading (Next.js 14 issues)

npm uninstall stripe
npm install stripe@^16.9.0
// lib/stripe.js (WORKING)

import Stripe from 'stripe'; // v16.9.0

const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
  // https://github.com/stripe/stripe-node#configuration
  apiVersion: '2024-06-20',
  appInfo: {
    name: 'store-name',
    url: process.env.PUBLIC_URL as string,
  },
});

Error

When using [email protected] and apiVersion: 2024-09-30.acacia, application gives this error when I import 'stripe.js':

environment: react@v18, Next.js v14.2.11, Node v20.11.1, Chrome, Vercel

error: Neither apiKey nor config.authenticator provided

// lib/stripe.js (FAILING)

import Stripe from 'stripe'; // v17.2.0

const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
  // https://github.com/stripe/stripe-node#configuration
  apiVersion: '2024-09-30.acacia',
  appInfo: {
    name: 'store-name',
    url: process.env.PUBLIC_URL,
  },
});

@Megaemce
Copy link

I managed to fix this issue by moving my Stripe instance initialization from the top of the file to the POST request body, like this:

{35C26C90-6D7A-4451-A536-218FE476CC54}

@yafkari
Copy link

yafkari commented Oct 28, 2024

@shaunsaker
Copy link

@Brakkar I'm experiencing a similar issue to you (ie. when deploying firebase functions) except that the error occurs when building my functions in Github Actions using vite and Node 18.x. Do you have a similar setup?

jordan-dinwiddy added a commit to jordan-dinwiddy/fixitpdf that referenced this issue Nov 18, 2024
@jar-stripe jar-stripe reopened this Nov 18, 2024
@jar-stripe
Copy link
Contributor

Hey everyone, I'm reopening this issue for investigation. Can someone send me a small example project that shows the issue? Something I can set up and run to see the issue quickly, with without stripe-js as a dependency, would be an ideal. Or, steps to create one such project would work too. Thanks!

@yafkari
Copy link

yafkari commented Nov 18, 2024

In my case, I was using nextjs and I fixed the issue by splitting a file containing Stripe types that was import in both server and client code. The initiation of Stripe was in that file.

I now have a separated file for

libs/stripe.ts

import "server-only";

import Stripe from 'stripe';

export const stripe = new Stripe(process.env.STRIPE_SECRET_KEY as string, {
  apiVersion: '2024-10-28.acacia',
  appInfo: {
    name: 'Subtile AI',
    version: '1.0.0',
    url: 'https://www.subtile.ai'
  }
});

@jar-stripe
Copy link
Contributor

@yafkari Thanks for the update! Just to make sure I understand: you had a common file that is included in both client and server code, that also contained this Stripe initialization and that was raising this error; your fix was to refactor the Stripe initialization into a separate lib/stripe.ts file that is server-only, and that has worked for you to avoid this error. Did I get that right?

I did a bit of investigation here and tried to run thru the steps to reproduce, and the only way I could get that error was if my environment variable for key was null. Prior to v17, passing a null key into the Stripe constructor would succeed but would create a Stripe object with invalid auth. After v17, it raises this error (see

if (!key && !authenticator) {
). I suspect what may be going on here for y'all who are running into it is there may be a race condition where the first time new Stripe(...) is called, the key secret key environment variable is not initialized, but it's called again with an initialized variable before you ever make a call to Stripe. Or something to that effect.

For anyone here who is still having trouble here, could you try a quick experiment? Update to v17 and add a line right before the call to new Stripe(...), something like
if (!process.env.STRIPE_SECRET_KEY) throw new Error("no key")
so your code looks like

import Stripe from 'stripe';

if (!process.env.STRIPE_SECRET_KEY) throw new Error("no key")
export const stripe = new Stripe(process.env.STRIPE_SECRET_KEY as string, {
    apiVersion: '2024-06-20',
    typescript: true
})

(replace STRIPE_SECRET_KEY with your secret key variable). Let me know if that error gets hit; I think that will confirm my suspicion or give me a good place to continue investigating.

Thanks all for your patience while we figure this out!

@jar-stripe jar-stripe self-assigned this Nov 20, 2024
@juanpablofernandez
Copy link

@jar-stripe Also running into this issue. I'm running Next.js 14.2.5, this is happening whenever the app is built. I experimented with what you suggested, like so:

import Stripe from 'stripe';

if (!process.env.NEXT_PRIVATE_STRIPE_API_KEY) throw new Error("no key")
export const stripe = new Stripe(process.env.NEXT_PRIVATE_STRIPE_API_KEY as string, {
  apiVersion: '2024-11-20.acacia',
  typescript: true,
});

export { Stripe };

This logs the "no key" error, when building from a Dockerfile. Works fine when building normally through next.js, the error shows up right after the app is compiled successfully and next.js begins "Linting and checking validity of types ..."

Hard-coding the NEXT_PRIVATE_STRIPE_API_KEY env variable fixes the issue. For now I'm going to downgrade the sdk version to what was previously working.

@jar-stripe
Copy link
Contributor

Thanks @juanpablofernandez ! Unfortunately, this doesn't sound like an SDK issue per se; if "no key" is getting logged, that means that your api key is null that first time its being passed into new Stripe(...). That said, can you share your Dockerfile? I'd love to take a closer look.

Thanks again!

@juanpablofernandez
Copy link

@jar-stripe sure I'll share the Dockerfile in a bit. But just a heads up, this only started happening after I updated the sdk to the latest version.

@jar-stripe
Copy link
Contributor

jar-stripe commented Nov 22, 2024

Thanks @juanpablofernandez , I hear ya. In v17 of the SDK, we did add an explicit check for a null key inside the constructor:

if (!key && !authenticator) {

That check did not exist before, but it wasn't really "working" in the old SDK; just not raising the error when a null key is passed in. null is not a valid key to new Stripe(...), so I'm interested in taking a look at your Dockerfile to understand how this happens so maybe we can either advise a pattern for using the new version of the SDK in this way, or by tweaking our initialization to better work in this environment.

@juanpablofernandez
Copy link

juanpablofernandez commented Nov 22, 2024

Yeah, that makes sense @jar-stripe , I was just re-reading your comment for that. I'm guessing that's why on older SDK versions, when building without the .env, it would succeed and cause no further issues since the .env was passed down at runtime (through docker compose in my case).

Based on the above, I was able to fix the issue by passing in an API key placeholder which is only used at build-time, like so:

import Stripe from 'stripe';

export const stripe = new Stripe(process.env.NEXT_PRIVATE_STRIPE_API_KEY || 'api_key_placeholder', {
  apiVersion: '2024-11-20.acacia',
  typescript: true,
});

export { Stripe };

@jar-stripe
Copy link
Contributor

@juanpablofernandez Thanks for the note and the workaround! Your explanation about the .env not being there at build time makes sense, and I can definitely see how that would cause this issue. No rush but whenever you can, please send that Dockerfile and I can add a ticket on our end to look at improving this experience.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

9 participants